When specifying a chain to list, all created chains were displayed
with a void content:
# nft list chain filter
table ip filter {
chain input {
}
chain new {
counter packets 17971 bytes 2380637 accept
counter packets 0 bytes 0 accept
}
}
With the attached patch, only the asked chain is displayed:
# nft list chain filter
table ip filter {
chain new {
counter packets 17971 bytes 2380637 accept # handle 36
counter packets 0 bytes 0 accept # handle 40
}
}
Signed-off-by: Eric Leblond <eric@xxxxxxxxx>
---
src/netlink.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/netlink.c b/src/netlink.c
index a62c357..15cba79 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -544,6 +544,10 @@ static int list_chain_cb(struct nft_chain *nlc, void *arg)
strcmp(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_TABLE), h->table) != 0)
return 0;
+ if (h->chain &&
+ strcmp(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_NAME), h->chain) != 0)
+ return 0;
+
chain = chain_alloc(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_NAME));
chain->handle.family =
nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_FAMILY);
--
1.8.4.3
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
