diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-09-17 18:24:30 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-09-17 18:25:17 +0200 |
commit | 8cabd12d31c1f02ab67bd6e2ecf32f005b2a6f87 (patch) | |
tree | 0d59bd7e502981aaa12c8b0a8c2cde690a2c7df2 | |
parent | a0274efd21f022d4416da03a5a19be5b61f225c1 (diff) |
rule: don't put NFTA_RULE_EXPRESSION into messages
If there are no expressions in this rule, skip the
NFTA_RULE_EXPRESSION attribute, otherwise it will be
empty.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/rule.c | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -264,11 +264,13 @@ void nft_rule_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_rule *r) if (r->flags & (1 << NFT_RULE_ATTR_FLAGS)) mnl_attr_put_u32(nlh, NFTA_RULE_FLAGS, htonl(r->rule_flags)); - nest = mnl_attr_nest_start(nlh, NFTA_RULE_EXPRESSIONS); - list_for_each_entry(expr, &r->expr_list, head) { - nft_rule_expr_build_payload(nlh, expr); + if (!list_empty(&r->expr_list)) { + nest = mnl_attr_nest_start(nlh, NFTA_RULE_EXPRESSIONS); + list_for_each_entry(expr, &r->expr_list, head) { + nft_rule_expr_build_payload(nlh, expr); + } + mnl_attr_nest_end(nlh, nest); } - mnl_attr_nest_end(nlh, nest); if (r->flags & (1 << NFT_RULE_ATTR_COMPAT_PROTO) && r->flags & (1 << NFT_RULE_ATTR_COMPAT_FLAGS)) { |