diff options
| author | Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> | 2012-10-30 23:31:06 +0000 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-12-30 23:50:18 +0100 |
| commit | 4acee778f5712c4cc574e328183a3252ad81a802 (patch) | |
| tree | b30194803a027ee627066719c399bec5dee3a223 | |
| parent | 4493582ccb60a443fc7efeca78edafbefc689aa3 (diff) | |
iptables: nft: Fix -D chain rulenum option
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
| -rw-r--r-- | iptables/nft.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index 5764ec87..dcc9ec4b 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -2237,10 +2237,10 @@ __nft_rule_check(struct nft_handle *h, const char *chain, const char *table, if (rulenum >= 0) { /* Delete by rule number case */ - if (rule_ctr != rulenum) { - rule_ctr++; + if (rule_ctr != rulenum) goto next; - } + found = true; + break; } else { /* Delete by matching rule case */ DEBUGP("comparing with... "); @@ -2272,6 +2272,7 @@ __nft_rule_check(struct nft_handle *h, const char *chain, const char *table, break; } next: + rule_ctr++; r = nft_rule_list_iter_next(iter); } |