iptables: nft: Fix -D chain rulenum option

author Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>

Tue, 30 Oct 2012 23:31:06 +0000 (23:31 +0000)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Mon, 30 Dec 2013 22:50:18 +0000 (23:50 +0100)
author Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tue, 30 Oct 2012 23:31:06 +0000 (23:31 +0000)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Mon, 30 Dec 2013 22:50:18 +0000 (23:50 +0100)
diff --git a/iptables/nft.c b/iptables/nft.c

index 5764ec87897a4cd0d26985691e1f36450de41960..dcc9ec4b49934d9b81ebee0604c0c1b9d5db689c 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2237,10 +2237,10 @@ __nft_rule_check(struct nft_handle *h, const char *chain, const char *table,
  
                 if (rulenum >= 0) {
                         /* Delete by rule number case */
-                       if (rule_ctr != rulenum) {
-                               rule_ctr++;
+                       if (rule_ctr != rulenum)
                                 goto next;
-                       }
+                       found = true;
+                       break;
                 } else {
                         /* Delete by matching rule case */
                         DEBUGP("comparing with... ");
@@ -2272,6 +2272,7 @@ __nft_rule_check(struct nft_handle *h, const char *chain, const char *table,
                         break;
                 }
  next:
+               rule_ctr++;
                 r = nft_rule_list_iter_next(iter);
         }
author	Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
	Tue, 30 Oct 2012 23:31:06 +0000 (23:31 +0000)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 30 Dec 2013 22:50:18 +0000 (23:50 +0100)