diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-10 10:53:02 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-16 13:07:50 +0200 |
commit | ac34b861979ec5057d686c890b1b8f8661e9b99f (patch) | |
tree | ac1e232726c9689e14c1175790fb5e549cbeab4f | |
parent | a0a7379e16b6e4c229d082f24c7e3ef9e812ed46 (diff) |
netfilter: nf_tables: decrement chain use counter when replacing rules
Thus, the chain use counter remains with the same value after the
rule replacement.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | net/netfilter/nf_tables_api.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 5586426a6169..19f438deeab8 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1799,6 +1799,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb, goto err2; } nft_rule_disactivate_next(net, old_rule); + chain->use--; list_add_tail_rcu(&rule->list, &old_rule->list); } else { err = -ENOENT; @@ -1829,6 +1830,7 @@ err3: list_del_rcu(&nft_trans_rule(trans)->list); nft_rule_clear(net, nft_trans_rule(trans)); nft_trans_destroy(trans); + chain->use++; } err2: nf_tables_rule_destroy(&ctx, rule); |