summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2018-04-25 18:51:08 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-04-26 17:56:06 +0200
commita7f39a9c4c87c86daa3668fe0ea1a6e6c5099e23 (patch)
tree31d21c5012fa842fc84c96cf96e557e7bb5d50a6
parent8810a28d381580b8f9cce393481e83faf4f43f6e (diff)
evaluate: missing flowtable evaluation from nested notation
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--src/evaluate.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index e6978ea4..4384e271 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2956,6 +2956,7 @@ static int chain_evaluate(struct eval_ctx *ctx, struct chain *chain)
static int table_evaluate(struct eval_ctx *ctx, struct table *table)
{
+ struct flowtable *ft;
struct chain *chain;
struct set *set;
@@ -2984,6 +2985,12 @@ static int table_evaluate(struct eval_ctx *ctx, struct table *table)
if (chain_evaluate(ctx, chain) < 0)
return -1;
}
+ list_for_each_entry(ft, &table->flowtables, list) {
+ handle_merge(&ft->handle, &table->handle);
+ if (flowtable_evaluate(ctx, ft) < 0)
+ return -1;
+ }
+
ctx->table = NULL;
return 0;
}