From 8cabd12d31c1f02ab67bd6e2ecf32f005b2a6f87 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 17 Sep 2013 18:24:30 +0200
Subject: rule: don't put NFTA_RULE_EXPRESSION into messages

If there are no expressions in this rule, skip the
NFTA_RULE_EXPRESSION attribute, otherwise it will be
empty.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/rule.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'src/rule.c')

diff --git a/src/rule.c b/src/rule.c
index 2e7be6f..3fac5c2 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -264,11 +264,13 @@ void nft_rule_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_rule *r)
 	if (r->flags & (1 << NFT_RULE_ATTR_FLAGS))
 		mnl_attr_put_u32(nlh, NFTA_RULE_FLAGS, htonl(r->rule_flags));
 
-	nest = mnl_attr_nest_start(nlh, NFTA_RULE_EXPRESSIONS);
-	list_for_each_entry(expr, &r->expr_list, head) {
-		nft_rule_expr_build_payload(nlh, expr);
+	if (!list_empty(&r->expr_list)) {
+		nest = mnl_attr_nest_start(nlh, NFTA_RULE_EXPRESSIONS);
+		list_for_each_entry(expr, &r->expr_list, head) {
+			nft_rule_expr_build_payload(nlh, expr);
+		}
+		mnl_attr_nest_end(nlh, nest);
 	}
-	mnl_attr_nest_end(nlh, nest);
 
 	if (r->flags & (1 << NFT_RULE_ATTR_COMPAT_PROTO) &&
 	    r->flags & (1 << NFT_RULE_ATTR_COMPAT_FLAGS)) {
-- 
cgit v1.2.3