From d4aea11c6a7674e4290dc71a4ac93c1d5be7240d Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Tue, 6 Jul 2010 05:57:22 +0200
Subject: netlink: fix creation of base chains with hooknum and priority 0

Base chains with both a hook number and priority of zero are created
as regular chains. Fix by adding a BASECHAIN flag indicating that the
chain should be created as a base chain.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 include/rule.h | 11 +++++++++++
 src/netlink.c  |  2 +-
 src/parser.y   |  2 ++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/include/rule.h b/include/rule.h
index 97543072..23171ffb 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -78,11 +78,21 @@ extern void table_free(struct table *table);
 extern void table_add_hash(struct table *table);
 extern struct table *table_lookup(const struct handle *h);
 
+/**
+ * enum chain_flags - chain flags
+ *
+ * @CHAIN_F_BASECHAIN:	chain is a base chain
+ */
+enum chain_flags {
+	CHAIN_F_BASECHAIN	= 0x1,
+};
+
 /**
  * struct chain - nftables chain
  *
  * @list:	list node in table list
  * @handle:	chain handle
+ * @flags:	chain flags
  * @hooknum:	hook number (base chains)
  * @priority:	hook priority (base chains)
  * @rules:	rules contained in the chain
@@ -90,6 +100,7 @@ extern struct table *table_lookup(const struct handle *h);
 struct chain {
 	struct list_head	list;
 	struct handle		handle;
+	uint32_t		flags;
 	unsigned int		hooknum;
 	unsigned int		priority;
 	struct scope		scope;
diff --git a/src/netlink.c b/src/netlink.c
index 54d92c42..0427f4ac 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -422,7 +422,7 @@ int netlink_add_chain(struct netlink_ctx *ctx, const struct handle *h,
 	int err;
 
 	nlc = alloc_nft_chain(h);
-	if (chain != NULL && (chain->hooknum || chain->priority)) {
+	if (chain != NULL && chain->flags & CHAIN_F_BASECHAIN) {
 		nfnl_nft_chain_set_hooknum(nlc, chain->hooknum);
 		nfnl_nft_chain_set_priority(nlc, chain->priority);
 	}
diff --git a/src/parser.y b/src/parser.y
index f70b505d..8e3d3639 100644
--- a/src/parser.y
+++ b/src/parser.y
@@ -740,11 +740,13 @@ hook_spec		:	HOOK		HOOKNUM		NUM
 			{
 				$<chain>0->hooknum	= $2;
 				$<chain>0->priority	= $3;
+				$<chain>0->flags	|= CHAIN_F_BASECHAIN;
 			}
 			|	HOOK		HOOKNUM		DASH	NUM
 			{
 				$<chain>0->hooknum	= $2;
 				$<chain>0->priority	= -$4;
+				$<chain>0->flags	|= CHAIN_F_BASECHAIN;
 			}
 			;
 
-- 
cgit v1.2.3