| Message ID | 1374046455-19234-2-git-send-email-tomasz.bursztyka@linux.intel.com |
|---|---|
| State | Superseded |
| Headers | show |
Hi Tomasz, On Wed, Jul 17, 2013 at 10:34:14AM +0300, Tomasz Bursztyka wrote: > Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> > --- > iptables/nft.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/iptables/nft.c b/iptables/nft.c > index f9a88c9..f33faa5 100644 > --- a/iptables/nft.c > +++ b/iptables/nft.c > @@ -2495,6 +2495,9 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, > } > __nft_rule_list(h, c, table, rulenum, format, print_firewall); > > + if (chain && strcmp(chain, chain_name) == 0) > + break; > + > found = true; > > next: > @@ -2593,6 +2596,9 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain, > > ret = __nft_rule_list(h, c, table, rulenum, > counters ? 0 : FMT_NOCOUNTS, list_save); > + > + if (chain && strcmp(chain, chain_name) != 0) This should be == 0. There's the same checking above __nft_rule_list. I noticed that we don't need to strcmp(chain, chain_name) again, checking for chain is sufficient. Pushed this patch, is based on yours: http://git.netfilter.org/iptables-nftables/commit/?id=db6d43c979954b1a0e2a3d2d1fa4494c43d921c1 While at it, I also noticed that selective listing per chain with -S was also broken, fixed here: http://git.netfilter.org/iptables-nftables/commit/?id=eaa70f580a3e3b7675d75005ab71c00494a3ee6e Regards. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Hi Pablo, >> + if (chain && strcmp(chain, chain_name) != 0) > This should be == 0. There's the same checking above __nft_rule_list. > > I noticed that we don't need to strcmp(chain, chain_name) again, > checking for chain is sufficient. Indeed, was not really awaken. Thanks for fixing further. Tomasz -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/iptables/nft.c b/iptables/nft.c index f9a88c9..f33faa5 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -2495,6 +2495,9 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, } __nft_rule_list(h, c, table, rulenum, format, print_firewall); + if (chain && strcmp(chain, chain_name) == 0) + break; + found = true; next: @@ -2593,6 +2596,9 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain, ret = __nft_rule_list(h, c, table, rulenum, counters ? 0 : FMT_NOCOUNTS, list_save); + + if (chain && strcmp(chain, chain_name) != 0) + break; next: c = nft_chain_list_iter_next(iter); }
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> --- iptables/nft.c | 6 ++++++ 1 file changed, 6 insertions(+)