From f77e1aca9aa8851b469f79c2db80ddb6f49253b2 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 16 Jul 2013 22:43:06 +0200
Subject: src: use nft_*_list_add_tail

Adapt it to the semantic fix that has been applied to libnftable
nft_*_list_add now inserts nodes, instead of appending them.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft.c                   | 6 +++---
 iptables/xtables-config-parser.y | 6 ++++++
 2 files changed, 9 insertions(+), 3 deletions(-)

(limited to 'iptables')

diff --git a/iptables/nft.c b/iptables/nft.c
index b9820f12..e6702ff4 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1065,7 +1065,7 @@ static int nft_chain_list_cb(const struct nlmsghdr *nlh, void *data)
 		goto out;
 	}
 
-	nft_chain_list_add(c, list);
+	nft_chain_list_add_tail(c, list);
 
 	return MNL_CB_OK;
 out:
@@ -1174,7 +1174,7 @@ static int nft_rule_list_cb(const struct nlmsghdr *nlh, void *data)
 		goto out;
 	}
 
-	nft_rule_list_add(r, list);
+	nft_rule_list_add_tail(r, list);
 
 	return MNL_CB_OK;
 out:
@@ -1537,7 +1537,7 @@ static int nft_table_list_cb(const struct nlmsghdr *nlh, void *data)
 		goto out;
 	}
 
-	nft_table_list_add(t, list);
+	nft_table_list_add_tail(t, list);
 
 	return MNL_CB_OK;
 out:
diff --git a/iptables/xtables-config-parser.y b/iptables/xtables-config-parser.y
index 1d78c43c..e7a8a07e 100644
--- a/iptables/xtables-config-parser.y
+++ b/iptables/xtables-config-parser.y
@@ -210,6 +210,11 @@ int xtables_config_parse(char *filename, struct nft_table_list *table_list,
 			}
 			nft_table_attr_set_u32(table, NFT_TABLE_ATTR_FAMILY, family);
 			nft_table_attr_set(table, NFT_TABLE_ATTR_NAME, e->data);
+			/* This is intentionally prepending, instead of
+			 * appending, since the elements in the stack are in
+			 * the reverse order that chains appear in the
+			 * configuration file.
+			 */
 			nft_table_list_add(table, table_list);
 			break;
 		case T_PRIO:
@@ -226,6 +231,7 @@ int xtables_config_parse(char *filename, struct nft_table_list *table_list,
 			nft_table_attr_set_u32(table, NFT_CHAIN_ATTR_FAMILY, family);
 			nft_chain_attr_set_s32(chain, NFT_CHAIN_ATTR_PRIO, prio);
 			nft_chain_attr_set(chain, NFT_CHAIN_ATTR_NAME, e->data);
+			/* Intentionally prepending, instead of appending */
 			nft_chain_list_add(chain, chain_list);
 			break;
 		case T_HOOK:
-- 
cgit v1.2.3