summaryrefslogtreecommitdiffstats
path: root/iptables/xtables-config-parser.y
diff options
context:
space:
mode:
Diffstat (limited to 'iptables/xtables-config-parser.y')
-rw-r--r--iptables/xtables-config-parser.y6
1 files changed, 6 insertions, 0 deletions
diff --git a/iptables/xtables-config-parser.y b/iptables/xtables-config-parser.y
index 1d78c43c..e7a8a07e 100644
--- a/iptables/xtables-config-parser.y
+++ b/iptables/xtables-config-parser.y
@@ -210,6 +210,11 @@ int xtables_config_parse(char *filename, struct nft_table_list *table_list,
}
nft_table_attr_set_u32(table, NFT_TABLE_ATTR_FAMILY, family);
nft_table_attr_set(table, NFT_TABLE_ATTR_NAME, e->data);
+ /* This is intentionally prepending, instead of
+ * appending, since the elements in the stack are in
+ * the reverse order that chains appear in the
+ * configuration file.
+ */
nft_table_list_add(table, table_list);
break;
case T_PRIO:
@@ -226,6 +231,7 @@ int xtables_config_parse(char *filename, struct nft_table_list *table_list,
nft_table_attr_set_u32(table, NFT_CHAIN_ATTR_FAMILY, family);
nft_chain_attr_set_s32(chain, NFT_CHAIN_ATTR_PRIO, prio);
nft_chain_attr_set(chain, NFT_CHAIN_ATTR_NAME, e->data);
+ /* Intentionally prepending, instead of appending */
nft_chain_list_add(chain, chain_list);
break;
case T_HOOK: