From 36ca9bdb288f7ba528307b7695ab94f7fa8e9a2d Mon Sep 17 00:00:00 2001
From: Giuseppe Longo <giuseppelng@gmail.com>
Date: Wed, 19 Jun 2013 13:14:23 +0200
Subject: nft: break loop after found matching chain

This patch breaks looping in nft_chain_user_del, nft_chain_zero_counters
and nft_rule_flush after the chain is found.

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'iptables')

diff --git a/iptables/nft.c b/iptables/nft.c
index 3aac420c..8be960fb 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1271,6 +1271,8 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table)
 
 		__nft_rule_flush(h, table_name, chain_name);
 
+		if (chain != NULL)
+			break;
 next:
 		c = nft_chain_list_iter_next(iter);
 	}
@@ -1381,6 +1383,9 @@ int nft_chain_user_del(struct nft_handle *h, const char *chain, const char *tabl
 			break;
 
 		deleted_ctr++;
+
+		if (chain != NULL)
+			break;
 next:
 		c = nft_chain_list_iter_next(iter);
 	}
@@ -2841,6 +2846,8 @@ int nft_chain_zero_counters(struct nft_handle *h, const char *chain,
 		if (ret < 0)
 			perror("mnl_talk:nft_chain_zero_counters");
 
+		if (chain != NULL)
+			break;
 next:
 		c = nft_chain_list_iter_next(iter);
 	}
-- 
cgit v1.2.3