On Tue, Jan 05, 2016 at 12:35:44PM +0100, Pablo Neira Ayuso wrote:
> On Mon, Jan 04, 2016 at 01:18:31PM +0100, Arturo Borrero Gonzalez wrote:
> > diff --git a/src/rule.c b/src/rule.c
> > index 18ff592..c0e45aa 100644
> > --- a/src/rule.c
> > +++ b/src/rule.c
> > @@ -1009,12 +1009,24 @@ static int do_list_sets(struct netlink_ctx *ctx, struct cmd *cmd)
> > };
> > struct table *table;
> > struct set *set;
> > + bool printable_sets = false;
> >
> > list_for_each_entry(table, &table_list, list) {
> > if (cmd->handle.family != NFPROTO_UNSPEC &&
> > cmd->handle.family != table->handle.family)
> > continue;
> >
> > + /* if there are no printable sets, don't print empty table */
> > + list_for_each_entry(set, &table->sets, list) {
> > + if (!set->flags & SET_F_ANONYMOUS) {
>
> Wait, this should be:
>
> if (!(set->flags & SET_F_ANONYMOUS))
>
> instead.
>
> I'm fixing this here.
I'm going to keep this back.
We have to provide a consistent behaviour wrt. nft list chains, and
that is listing empty tables when it contains no chains.
I'm unsure here, I considering printing the table with no content
makes sense since the user knows no sets or chains are available
there. If we skip this, it looks like the table doesn't exists. Other
than that, the user is fully aware of having a table with no content.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
