summaryrefslogtreecommitdiffstats
path: root/iptables
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2018-12-20 16:09:09 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2018-12-27 19:30:05 +0100
commit88bd4f28878bc7d41daa23098d68bf1bf6f5cea2 (patch)
tree3f5e722556618cd0dee1950baaddb1c0d15c4c85 /iptables
parent402dac2190e6011d4f4ad81c2992b7126b3d79d9 (diff)
nft: Simplify nft_rule_insert() a bit
Fetch rule list right on top instead of in each branch separately. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
-rw-r--r--iptables/nft.c5
1 files changed, 1 insertions, 4 deletions
diff --git a/iptables/nft.c b/iptables/nft.c
index 7d08a088..469448f4 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2091,8 +2091,8 @@ nft_rule_add(struct nft_handle *h, const char *chain,
int nft_rule_insert(struct nft_handle *h, const char *chain,
const char *table, void *data, int rulenum, bool verbose)
{
+ struct nftnl_rule_list *list = nft_rule_list_get(h);
struct nftnl_rule *r, *new_rule;
- struct nftnl_rule_list *list;
uint64_t handle = 0;
/* If built-in chains don't exist for this table, create them */
@@ -2102,7 +2102,6 @@ int nft_rule_insert(struct nft_handle *h, const char *chain,
nft_fn = nft_rule_insert;
if (rulenum > 0) {
- list = nft_rule_list_get(h);
if (list == NULL)
goto err;
@@ -2123,8 +2122,6 @@ int nft_rule_insert(struct nft_handle *h, const char *chain,
handle = nftnl_rule_get_u64(r, NFTNL_RULE_HANDLE);
DEBUGP("adding after rule handle %"PRIu64"\n", handle);
- } else {
- nft_rule_list_get(h);
}
new_rule = nft_rule_add(h, chain, table, data, handle, verbose);