From: Phil Sutter <phil@nwl.cc>
Date: Thu, 2 Aug 2018 15:05:13 +0000 (+0200)
Subject: xtables: Use correct built-in chain count
X-Git-Tag: v1.8.1~109
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f7bbdb0091f2c2baf43bb1c14715bc850181a021;p=thirdparty%2Fiptables.git

xtables: Use correct built-in chain count

In nft_chain_builtin_init(), The wrong macro was used for iterating over
the built-in chains of a given table. That array's length is defined
using NF_INET_NUMHOOKS, not NF_IP_NUMHOOKS. Though this change is rather
cosmetic since both macros resolve into the same value.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/iptables/nft.c b/iptables/nft.c
index 05cd1564..f483eb6f 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -675,7 +675,7 @@ static void nft_chain_builtin_init(struct nft_handle *h,
 	struct nftnl_chain *c;
 
 	/* Initialize built-in chains if they don't exist yet */
-	for (i=0; i<NF_IP_NUMHOOKS && table->chains[i].name != NULL; i++) {
+	for (i=0; i < NF_INET_NUMHOOKS && table->chains[i].name != NULL; i++) {
 
 		c = nft_chain_list_find(list, table->name,
 					table->chains[i].name);