diff options
| author | Giuseppe Longo <giuseppelng@gmail.com> | 2013-07-12 13:27:33 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-12-30 23:50:35 +0100 |
| commit | 0b3bafcedff19b69ff5a51855da28e8e83c05b71 (patch) | |
| tree | 666629bcf92441c5ab92a721f24cfbedec687e41 | |
| parent | 457819b952418501918b6e906bf5e21e3b4f9af8 (diff) | |
xtables: nft: display rule by number via -L
This patch fixes the display of rule by number.
[ Mangled this patch not to display the header, to mimic iptables
--pablo ]
Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | iptables/nft.c | 29 | ||||
| -rw-r--r-- | iptables/xtables.c | 1 |
2 files changed, 16 insertions, 14 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index e660878c..a9a391df 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -2394,19 +2394,21 @@ __nft_rule_list(struct nft_handle *h, struct nft_chain *c, const char *table, strcmp(chain, rule_chain) != 0) goto next; - if (rulenum > 0) { + if (rulenum > 0 && rule_ctr != rulenum) { /* List by rule number case */ - if (rule_ctr != rulenum) { - rule_ctr++; - goto next; - } - } else { - struct iptables_command_state cs = {}; - /* Show all rules case */ - nft_rule_to_iptables_command_state(r, &cs); + goto next; + } - cb(&cs, r, rule_ctr, format); + struct iptables_command_state cs = {}; + /* Show all rules case */ + nft_rule_to_iptables_command_state(r, &cs); + + cb(&cs, r, rule_ctr, format); + if (rulenum > 0 && rule_ctr == rulenum) { + ret = 1; + break; } + next: r = nft_rule_list_iter_next(iter); } @@ -2466,9 +2468,10 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, if (found) printf("\n"); - print_header(format, chain_name, policy_name[policy], &ctrs, - basechain, refs); - + if (!rulenum) { + print_header(format, chain_name, policy_name[policy], + &ctrs, basechain, refs); + } __nft_rule_list(h, c, table, rulenum, format, print_firewall); found = true; diff --git a/iptables/xtables.c b/iptables/xtables.c index 4e8d3621..c712aaf4 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -570,7 +570,6 @@ list_entries(struct nft_handle *h, const char *chain, const char *table, if (linenumbers) format |= FMT_LINENUMBERS; - /* FIXME should return found or not, and errno = ENOENT in such case */ return nft_rule_list(h, chain, table, rulenum, format); } |