src: don't return error in netlink_linearize_rule()

This function converts the rule from the list of statements to the netlink message format. The only two possible errors that can make this function to fail are memory exhaustion and malformed statements which inmediately stop the execution of nft. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2014-08-18 17:43:28 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-08-19 21:37:40 +0200
commit: 838915373efe11e388e57703e9733e42f42bd5da (patch)
tree: bfceea443c8bd3b8c4352c2ed3379db0a485c51a /src/netlink.c
parent: 17ab8231cf9ff2a64c186a8104138688291c0760 (diff)
1 files changed, 7 insertions, 9 deletions
diff --git a/src/netlink.c b/src/netlink.c
index dc7a7c4b..102f799a 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -354,16 +354,14 @@ int netlink_add_rule_batch(struct netlink_ctx *ctx,
 	int err;
 
 	nlr = alloc_nft_rule(&rule->handle);
-	err = netlink_linearize_rule(ctx, nlr, rule);
-	if (err == 0) {
-		err = mnl_nft_rule_batch_add(nlr, flags | NLM_F_EXCL,
-					     ctx->seqnum);
-		if (err < 0)
-			netlink_io_error(ctx, &rule->location,
-					 "Could not add rule to batch: %s",
-					 strerror(errno));
-	}
+	netlink_linearize_rule(ctx, nlr, rule);
+	err = mnl_nft_rule_batch_add(nlr, flags | NLM_F_EXCL, ctx->seqnum);
 	nft_rule_free(nlr);
+	if (err < 0) {
+		netlink_io_error(ctx, &rule->location,
+				 "Could not add rule to batch: %s",
+				 strerror(errno));
+	}
 	return err;
 }
author	Pablo Neira Ayuso <pablo@netfilter.org>	2014-08-18 17:43:28 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-08-19 21:37:40 +0200
commit	838915373efe11e388e57703e9733e42f42bd5da (patch)
tree	bfceea443c8bd3b8c4352c2ed3379db0a485c51a /src/netlink.c
parent	17ab8231cf9ff2a64c186a8104138688291c0760 (diff)