Before this patch, rule deleting with -D produces segfault in rules with no target. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx> --- iptables/nft-bridge.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c index e3ab667..084dd58 100644 --- a/iptables/nft-bridge.c +++ b/iptables/nft-bridge.c @@ -619,7 +619,7 @@ static bool nft_bridge_rule_find(struct nft_family_ops *ops, struct nft_rule *r, return false; } - if (strcmp(cs->jumpto, this.jumpto) != 0) { + if (cs->jumpto != NULL && strcmp(cs->jumpto, this.jumpto) != 0) { DEBUGP("Different verdict\n"); return false; } -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html