diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-10 10:53:03 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-16 13:07:58 +0200 |
commit | ac904ac835ac7879a9374dc3ef1e5cb75d9c7ceb (patch) | |
tree | 3f6b6d001eaa9e8aeac84b7075513bfaa54f181b /net | |
parent | netfilter: nf_tables: decrement chain use counter when replacing rules (diff) | |
download | linux-ac904ac835ac7879a9374dc3ef1e5cb75d9c7ceb.tar.xz linux-ac904ac835ac7879a9374dc3ef1e5cb75d9c7ceb.zip |
netfilter: nf_tables: fix wrong type in transaction when replacing rules
In b380e5c ("netfilter: nf_tables: add message type to transactions"),
I used the wrong message type in the rule replacement case. The rule
that is replaced needs to be handled as a deleted rule.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nf_tables_api.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 19f438deeab8..39369ea2df0c 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1792,7 +1792,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb, if (nlh->nlmsg_flags & NLM_F_REPLACE) { if (nft_rule_is_active_next(net, old_rule)) { - trans = nft_trans_rule_add(&ctx, NFT_MSG_NEWRULE, + trans = nft_trans_rule_add(&ctx, NFT_MSG_DELRULE, old_rule); if (trans == NULL) { err = -ENOMEM; |