diff options
author | Phil Sutter <phil@nwl.cc> | 2018-08-16 18:07:07 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-08-16 19:43:47 +0200 |
commit | 6f29aa8e3486e2c12ab48425a7e9b01dd6417665 (patch) | |
tree | 9c418bb7565c400c1e3155ccd2d745c89c81128a /iptables/xtables.c | |
parent | 7bccf30750cb7ad7d56921c220a95a7781316a7b (diff) |
xtables: Make 'iptables -S nonexisting' return non-zero
To be consistent with legacy iptables, calling -S with a non-existing
chain should lead to an error message. This is how some scripts find out
whether a user-defined chain exists or not.
Make sure doing the same for an existing chain does succeed, even if an
invalid rule number was given.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/xtables.c')
-rw-r--r-- | iptables/xtables.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/iptables/xtables.c b/iptables/xtables.c index 64081758..d9050b45 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -599,10 +599,7 @@ list_rules(struct nft_handle *h, const char *chain, const char *table, if (counters) counters = -1; /* iptables -c format */ - nft_rule_list_save(h, chain, table, rulenum, counters); - - /* iptables does not return error if rule number not found */ - return 1; + return nft_rule_list_save(h, chain, table, rulenum, counters); } static void command_jump(struct iptables_command_state *cs) |