main: return error to shell on evaluation problems

 # nft add chain filter input { type filter hook inputt priority 0\; }
 <cmdline>:1:43-48: Error: unknown chain hook inputt
 add chain filter input { type filter hook inputt priority 0; }
                                           ^^^^^^

Before:

 # echo $?
 0

After:

 # echo $?
 1

Note that nft_parse() returns 1 on parsing errors and 0 + state->errs on
evaluation problems, so return -1 as other functions do here to pass up the
error to the main routine.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/main.c b/src/main.c
index bfe589a03b1ed1b53c05f05c4484397b1f7cada3..a2c4f87d28525f0bca98eaf6718a7108b7bde003 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -230,15 +230,17 @@ int nft_run(void *scanner, struct parser_state *state, struct list_head *msgs)
        int ret;
 
        ret = nft_parse(scanner, state);
-       if (ret != 0 || state->nerrs > 0)
-               return -1;
+       if (ret != 0 || state->nerrs > 0) {
+               ret = -1;
+               goto err1;
+       }
 retry:
        ret = nft_netlink(state, msgs);
        if (ret < 0 && errno == EINTR) {
                netlink_restart();
                goto retry;
        }
-
+err1:
        list_for_each_entry_safe(cmd, next, &state->cmds, list) {
                list_del(&cmd->list);
                cmd_free(cmd);