Base chains with both a hook number and priority of zero are created
as regular chains. Fix by adding a BASECHAIN flag indicating that the
chain should be created as a base chain.
Signed-off-by: Patrick McHardy <kaber@trash.net>
extern void table_add_hash(struct table *table);
extern struct table *table_lookup(const struct handle *h);
+/**
+ * enum chain_flags - chain flags
+ *
+ * @CHAIN_F_BASECHAIN: chain is a base chain
+ */
+enum chain_flags {
+ CHAIN_F_BASECHAIN = 0x1,
+};
+
/**
* struct chain - nftables chain
*
* @list: list node in table list
* @handle: chain handle
+ * @flags: chain flags
* @hooknum: hook number (base chains)
* @priority: hook priority (base chains)
* @rules: rules contained in the chain
struct chain {
struct list_head list;
struct handle handle;
+ uint32_t flags;
unsigned int hooknum;
unsigned int priority;
struct scope scope;
int err;
nlc = alloc_nft_chain(h);
- if (chain != NULL && (chain->hooknum || chain->priority)) {
+ if (chain != NULL && chain->flags & CHAIN_F_BASECHAIN) {
nfnl_nft_chain_set_hooknum(nlc, chain->hooknum);
nfnl_nft_chain_set_priority(nlc, chain->priority);
}
{
$<chain>0->hooknum = $2;
$<chain>0->priority = $3;
+ $<chain>0->flags |= CHAIN_F_BASECHAIN;
}
| HOOK HOOKNUM DASH NUM
{
$<chain>0->hooknum = $2;
$<chain>0->priority = -$4;
+ $<chain>0->flags |= CHAIN_F_BASECHAIN;
}
;
projects / thirdparty / nftables.git / commitdiff
