Patchwork [iptables-nftables,v2] src: display rule by number

login
register
mail settings
Submitter Giuseppe Longo
Date July 12, 2013, 11:27 a.m.
Message ID <20130712112649.7295.62611.stgit@localhost>
Download mbox | patch
Permalink /patch/258741/
State Accepted
Headers show

Comments

Giuseppe Longo - July 12, 2013, 11:27 a.m.
This patch fixes the display of rule by number.

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
---
 iptables/nft.c               |   22 +++++++++++-----------
 1 files changed, 11 insertions(+), 11 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Tomasz Bursztyka - July 12, 2013, 11:50 a.m.
Hi Giuseppe,

Sounds fine to me.

Tomasz
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Pablo Neira - July 15, 2013, 11:12 a.m.
On Fri, Jul 12, 2013 at 01:27:33PM +0200, Giuseppe Longo wrote:
> This patch fixes the display of rule by number.

Applied, thanks Giuseppe and Tomasz.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/iptables/nft.c b/iptables/nft.c
index 98d602c..7ff9c70 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2450,19 +2450,19 @@  __nft_rule_list(struct nft_handle *h, struct nft_chain *c, const char *table,
 		    strcmp(chain, rule_chain) != 0)
 			goto next;
 
-		if (rulenum > 0) {
+		if (rulenum > 0 && rule_ctr != rulenum) {
 			/* List by rule number case */
-			if (rule_ctr != rulenum) {
-				rule_ctr++;
-				goto next;
-			}
-		} else {
-			struct iptables_command_state cs = {};
-			/* Show all rules case */
-			nft_rule_to_iptables_command_state(r, &cs);
-
-			cb(&cs, r, rule_ctr, format);
+			goto next;
 		}
+		
+		struct iptables_command_state cs = {};
+		/* Show all rules case */
+		nft_rule_to_iptables_command_state(r, &cs);
+
+		cb(&cs, r, rule_ctr, format);
+		if (rulenum > 0 && rule_ctr == rulenum)
+			break; 
+
 next:
 		r = nft_rule_list_iter_next(iter);
 	}