path: root/iptables
diff options
authorPhil Sutter <>2020-07-10 21:53:08 +0200
committerPhil Sutter <>2020-07-24 19:16:00 +0200
commitf63ce59726919147b62d0bcaa1a5c20291ab39a6 (patch)
tree6036586924795061e2ae4b7cede266fb6781e23c /iptables
parentf1f241db42f92474cdc41e25de310493b554154c (diff)
nft: cache: Drop duplicate chain check
When fetching chains from kernel, checking for duplicate chain names is not needed: Nftables doesn't support them in the first place. This is merely a leftover from when multiple cache fetches could happen and so a bit of sanity checking was in order. Signed-off-by: Phil Sutter <>
Diffstat (limited to 'iptables')
1 files changed, 1 insertions, 6 deletions
diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c
index 638b18bc..059f0a7f 100644
--- a/iptables/nft-cache.c
+++ b/iptables/nft-cache.c
@@ -180,8 +180,8 @@ static int nftnl_chain_list_cb(const struct nlmsghdr *nlh, void *data)
const struct builtin_table *t = d->t;
struct nftnl_chain_list *list;
struct nft_handle *h = d->h;
- const char *tname, *cname;
struct nftnl_chain *c;
+ const char *tname;
c = nftnl_chain_alloc();
if (c == NULL)
@@ -201,11 +201,6 @@ static int nftnl_chain_list_cb(const struct nlmsghdr *nlh, void *data)
list = h->cache->table[t->type].chains;
- cname = nftnl_chain_get_str(c, NFTNL_CHAIN_NAME);
- if (nftnl_chain_list_lookup_byname(list, cname))
- goto out;
nftnl_chain_list_add_tail(c, list);
return MNL_CB_OK;