diff options
author | Phil Sutter <phil@nwl.cc> | 2018-08-16 18:14:36 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-08-16 19:43:47 +0200 |
commit | 294f9ef5ee354ff902dfdc091a604f93083c248d (patch) | |
tree | 8bf3106f6f2e57625141c25bdc9ea16e27ecfee9 /iptables/nft.c | |
parent | 6f29aa8e3486e2c12ab48425a7e9b01dd6417665 (diff) |
ebtables: Fix entries count in chain listing
The previous fix for reference counts in iptables-nft output wasn't
complete: While iptables lists the number of references for each custom
chain (i.e., the number of jumps to it), ebtables lists number of
entries (i.e., the number of rules contained) for each chain. Both used
the same value for it, although they are different metrics.
Fix this by passing both numbers separately to the 'print_header'
callback so that each tool may print the desired value.
Fixes: a0698de9866d2 ("xtables: Do not count rules as chain references")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.c')
-rw-r--r-- | iptables/nft.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index 54755fcd..0b29caeb 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -2335,6 +2335,7 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, .bcnt = nftnl_chain_get_u64(c, NFTNL_CHAIN_BYTES), }; bool basechain = false; + uint32_t entries; if (nftnl_chain_get(c, NFTNL_CHAIN_HOOKNUM)) basechain = true; @@ -2348,13 +2349,12 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, ops->print_table_header(table); } - refs -= nft_rule_count(h, chain_name, table); - if (found) printf("\n"); + entries = nft_rule_count(h, chain_name, table); ops->print_header(format, chain_name, policy_name[policy], - &ctrs, basechain, refs); + &ctrs, basechain, refs - entries, entries); __nft_rule_list(h, chain_name, table, rulenum, format, ops->print_rule); |