From: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Date: Tue, 30 Oct 2012 23:31:06 +0000 (+0000)
Subject: iptables: nft: Fix -D chain rulenum option
X-Git-Tag: v1.6.0~111^2~146
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4acee778f5712c4cc574e328183a3252ad81a802;p=thirdparty%2Fiptables.git

iptables: nft: Fix -D chain rulenum option

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
---

diff --git a/iptables/nft.c b/iptables/nft.c
index 5764ec87..dcc9ec4b 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2237,10 +2237,10 @@ __nft_rule_check(struct nft_handle *h, const char *chain, const char *table,
 
 		if (rulenum >= 0) {
 			/* Delete by rule number case */
-			if (rule_ctr != rulenum) {
-				rule_ctr++;
+			if (rule_ctr != rulenum)
 				goto next;
-			}
+			found = true;
+			break;
 		} else {
 			/* Delete by matching rule case */
 			DEBUGP("comparing with... ");
@@ -2272,6 +2272,7 @@ __nft_rule_check(struct nft_handle *h, const char *chain, const char *table,
 			break;
 		}
 next:
+		rule_ctr++;
 		r = nft_rule_list_iter_next(iter);
 	}