On Thu, Dec 20, 2018 at 04:09:07PM +0100, Phil Sutter wrote:
[...]
> diff --git a/iptables/nft.c b/iptables/nft.c
> index 8f030afa81246..a4a3d11ff5f35 100644
> --- a/iptables/nft.c
> +++ b/iptables/nft.c
> @@ -815,16 +815,20 @@ static void flush_chain_cache(struct nft_handle *h, const char *tablename)
> if (tablename && strcmp(h->tables[i].name, tablename))
> continue;
>
> - if (h->table[i].chain_cache) {
> - if (tablename) {
> - nftnl_chain_list_foreach(h->table[i].chain_cache,
> - __flush_chain_cache, NULL);
> - break;
> - } else {
> - nftnl_chain_list_free(h->table[i].chain_cache);
> - h->table[i].chain_cache = NULL;
> - }
> + if (!h->table[i].chain_cache) {
> + if (tablename)
> + return;
> + continue;
> }
> +
> + if (tablename) {
> + nftnl_chain_list_foreach(h->table[i].chain_cache,
> + __flush_chain_cache, NULL);
> + return;
> + }
> +
> + nftnl_chain_list_free(h->table[i].chain_cache);
> + h->table[i].chain_cache = NULL;
Thanks.
Probably better if we have two functions flush_table_cache() and
flush_chain_cache(), so we don't need that many branches to test for
'tablename'.
