diff options
| author | Phil Sutter <phil@nwl.cc> | 2024-07-27 15:08:08 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2024-07-31 23:13:55 +0200 |
| commit | 0b2e2f38d6c5c373373ab35157b406280b86b503 (patch) | |
| tree | 56ee7dc72607500291cdda1cff0afba3a19376e5 | |
| parent | db7fc1862b8bd5e2eea83ed4089fcf35fc01c032 (diff) | |
nft: Add potentially missing init_cs calls
The callback is there for arptables only, so other family specific code
does not need it. Not calling it from family-agnostic code is wrong
though, as is ignoring it in arptables-specific code.
Fixes: cfdda18044d81 ("nft-shared: Introduce init_cs family ops callback")
Signed-off-by: Phil Sutter <phil@nwl.cc>
| -rw-r--r-- | iptables/nft-arp.c | 3 | ||||
| -rw-r--r-- | iptables/nft.c | 11 |
2 files changed, 14 insertions, 0 deletions
diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index 5d66e271..2784f12a 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -356,6 +356,8 @@ nft_arp_save_rule(const struct iptables_command_state *cs, unsigned int format) printf("\n"); } +static void nft_arp_init_cs(struct iptables_command_state *cs); + static void nft_arp_print_rule(struct nft_handle *h, struct nftnl_rule *r, unsigned int num, unsigned int format) @@ -365,6 +367,7 @@ nft_arp_print_rule(struct nft_handle *h, struct nftnl_rule *r, if (format & FMT_LINENUMBERS) printf("%u ", num); + nft_arp_init_cs(&cs); nft_rule_to_iptables_command_state(h, r, &cs); nft_arp_print_rule_details(&cs, format); diff --git a/iptables/nft.c b/iptables/nft.c index 243b794f..8b180318 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -1797,6 +1797,8 @@ nft_rule_print_save(struct nft_handle *h, const struct nftnl_rule *r, struct nft_family_ops *ops = h->ops; bool ret; + if (ops->init_cs) + ops->init_cs(&cs); ret = ops->rule_to_cs(h, r, &cs); if (!(format & (FMT_NOCOUNTS | FMT_C_COUNTS))) @@ -2395,6 +2397,11 @@ static bool nft_rule_cmp(struct nft_handle *h, struct nftnl_rule *r, struct iptables_command_state _cs = {}, this = {}, *cs = &_cs; bool ret = false, ret_this, ret_that; + if (h->ops->init_cs) { + h->ops->init_cs(&this); + h->ops->init_cs(cs); + } + ret_this = h->ops->rule_to_cs(h, r, &this); ret_that = h->ops->rule_to_cs(h, rule, cs); @@ -2679,6 +2686,8 @@ static int nft_rule_change_counters(struct nft_handle *h, const char *table, (unsigned long long) nftnl_rule_get_u64(r, NFTNL_RULE_HANDLE)); + if (h->ops->init_cs) + h->ops->init_cs(&cs); h->ops->rule_to_cs(h, r, &cs); if (counter_op & CTR_OP_INC_PKTS) @@ -2976,6 +2985,8 @@ int nft_rule_zero_counters(struct nft_handle *h, const char *chain, goto error; } + if (h->ops->init_cs) + h->ops->init_cs(&cs); h->ops->rule_to_cs(h, r, &cs); cs.counters.pcnt = cs.counters.bcnt = 0; new_rule = nft_rule_new(h, &ctx, chain, table, &cs); |