evaluate: Return ENOENT if rule index is too large

Since EINVAL usually indicates errors from kernel, avoid using it here
too. Instead return ENOENT to indicate there's no entry to append or
prepend the rule to.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/evaluate.c b/src/evaluate.c
index cb27f7c2690496605a6065d04ac7d969b862b1d1..4eb36e2d387924afe3b8a31422459217347bc622 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2888,7 +2888,7 @@ static int rule_translate_index(struct eval_ctx *ctx, struct rule *rule)
        if (!rule->handle.position.id)
                return cmd_error(ctx, &rule->handle.index.location,
                                "Could not process rule: %s",
-                               strerror(EINVAL));
+                               strerror(ENOENT));
        return 0;
 }