netfilter: nf_tables: fix wrong type in transaction when replacing rules

In b380e5c7 ("netfilter: nf_tables: add message type to transactions"), I used the wrong message type in the rule replacement case. The rule that is replaced needs to be handled as a deleted rule. Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>

netfilter: nf_tables: fix wrong type in transaction when replacing rules
In b380e5c7 ("netfilter: nf_tables: add message type to transactions"), I used the wrong message type in the rule replacement case. The rule that is replaced needs to be handled as a deleted rule. Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>
ac904ac8 · Pablo Neira Ayuso · ac34b861 · ac904ac8
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

net/netfilter/nf_tables_api.c net/netfilter/nf_tables_api.c +1 -1

未找到文件。
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1792,7 +1792,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,

 	if (nlh->nlmsg_flags & NLM_F_REPLACE) {
 		if (nft_rule_is_active_next(net, old_rule)) {
-			trans = nft_trans_rule_add(&ctx, NFT_MSG_NEWRULE,
+			trans = nft_trans_rule_add(&ctx, NFT_MSG_DELRULE,
 						   old_rule);
 			if (trans == NULL) {
 				err = -ENOMEM;