nft: break chain listing if only one if looked for

Break looping on the chain list if it finds the chain
that the user requested.

Based on patch from Tomasz Bursztyka.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/iptables/nft.c b/iptables/nft.c
index e6702ff4581d746d76eb746e7d6bdef16218568d..2b9598b969b8772b325b9e4a712781a179f659d9 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2501,6 +2501,10 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table,
                }
                __nft_rule_list(h, c, table, rulenum, format, print_firewall);
 
+               /* we printed the chain we wanted, stop processing. */
+               if (chain)
+                       break;
+
                found = true;
 
 next:
@@ -2599,6 +2603,10 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain,
 
                ret = __nft_rule_list(h, c, table, rulenum,
                                      counters ? 0 : FMT_NOCOUNTS, list_save);
+
+               /* we printed the chain we wanted, stop processing. */
+               if (chain)
+                       break;
 next:
                c = nft_chain_list_iter_next(iter);
        }