On Friday 2018-07-27 00:22, Phil Sutter wrote:
>In nft_chain_builtin_init(), The wrong macro was used for iterating over
>the built-in chains of a given table. That array's length is defined
>using NF_INET_NUMHOOKS, not NF_IP_NUMHOOKS. Though this change is rather
>cosmetic since both macros resolve into the same value.
>
>Signed-off-by: Phil Sutter <phil@xxxxxx>
>---
> iptables/nft.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/iptables/nft.c b/iptables/nft.c
>index ce27a7cf7c573..898548a9054f1 100644
>--- a/iptables/nft.c
>+++ b/iptables/nft.c
>@@ -674,7 +674,7 @@ static void nft_chain_builtin_init(struct nft_handle *h,
> struct nftnl_chain *c;
>
> /* Initialize built-in chains if they don't exist yet */
>- for (i=0; i<NF_IP_NUMHOOKS && table->chains[i].name != NULL; i++) {
>+ for (i=0; i<NF_INET_NUMHOOKS && table->chains[i].name != NULL; i++) {
Hm could have added the operator spacing around '=' and '<' while at it.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
