44 lines
1.2 KiB
Diff
44 lines
1.2 KiB
Diff
|
From 34a7632a4d72c16d2a087fcc6450d1a783858124 Mon Sep 17 00:00:00 2001
|
||
|
From: Phil Sutter <psutter@redhat.com>
|
||
|
Date: Thu, 28 Apr 2022 14:14:39 +0200
|
||
|
Subject: [PATCH] libnftables: call nft_cmd_expand() only with CMD_ADD
|
||
|
|
||
|
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2073287
|
||
|
Upstream Status: nftables commit b81519f1641b5
|
||
|
|
||
|
commit b81519f1641b508c289ddfefc800b2c20ab243e6
|
||
|
Author: Pablo Neira Ayuso <pablo@netfilter.org>
|
||
|
Date: Fri May 8 14:44:02 2020 +0200
|
||
|
|
||
|
libnftables: call nft_cmd_expand() only with CMD_ADD
|
||
|
|
||
|
Restrict the expansion logic to the CMD_ADD command which is where this
|
||
|
is only required.
|
||
|
|
||
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
||
|
---
|
||
|
src/libnftables.c | 6 +++++-
|
||
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
||
|
|
||
|
diff --git a/src/libnftables.c b/src/libnftables.c
|
||
|
index cd2fcf2..ab01909 100644
|
||
|
--- a/src/libnftables.c
|
||
|
+++ b/src/libnftables.c
|
||
|
@@ -421,8 +421,12 @@ static int nft_evaluate(struct nft_ctx *nft, struct list_head *msgs,
|
||
|
if (nft->state->nerrs)
|
||
|
return -1;
|
||
|
|
||
|
- list_for_each_entry(cmd, cmds, list)
|
||
|
+ list_for_each_entry(cmd, cmds, list) {
|
||
|
+ if (cmd->op != CMD_ADD)
|
||
|
+ continue;
|
||
|
+
|
||
|
nft_cmd_expand(cmd);
|
||
|
+ }
|
||
|
|
||
|
return 0;
|
||
|
}
|
||
|
--
|
||
|
2.34.1
|
||
|
|