In nft_chain_builtin_init(), The wrong macro was used for iterating over
the built-in chains of a given table. That array's length is defined
using NF_INET_NUMHOOKS, not NF_IP_NUMHOOKS. Though this change is rather
cosmetic since both macros resolve into the same value.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index ce27a7cf7c573..898548a9054f1 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -674,7 +674,7 @@ static void nft_chain_builtin_init(struct nft_handle *h,
struct nftnl_chain *c;
/* Initialize built-in chains if they don't exist yet */
- for (i=0; i<NF_IP_NUMHOOKS && table->chains[i].name != NULL; i++) {
+ for (i=0; i<NF_INET_NUMHOOKS && table->chains[i].name != NULL; i++) {
c = nft_chain_list_find(list, table->name,
table->chains[i].name);
--
2.18.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
