netfilter: nf_tables: decrement chain use counter when replacing rules

Thus, the chain use counter remains with the same value after the rule replacement. Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>

netfilter: nf_tables: decrement chain use counter when replacing rules
Thus, the chain use counter remains with the same value after the rule replacement. Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>
ac34b861 · Pablo Neira Ayuso · a0a7379e · ac34b861
隐藏空白更改
内联并排

Showing with 2 addition and 0 deletion

net/netfilter/nf_tables_api.c net/netfilter/nf_tables_api.c +2 -0

未找到文件。
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1799,6 +1799,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
 				goto err2;
 			}
 			nft_rule_disactivate_next(net, old_rule);
+			chain->use--;
 			list_add_tail_rcu(&rule->list, &old_rule->list);
 		} else {
 			err = -ENOENT;
@@ -1829,6 +1830,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
 		list_del_rcu(&nft_trans_rule(trans)->list);
 		nft_rule_clear(net, nft_trans_rule(trans));
 		nft_trans_destroy(trans);
+		chain->use++;
 	}
 err2:
 	nf_tables_rule_destroy(&ctx, rule);