Finish parsing the rule, thereby printing all potential problems and
abort the program.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft-shared.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index c13fc307e7a89..4a7b5406892c4 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -1362,7 +1362,7 @@ bool nft_rule_to_iptables_command_state(struct nft_handle *h,
nft_parse_range(&ctx, expr);
if (ctx.errmsg) {
- fprintf(stderr, "%s", ctx.errmsg);
+ fprintf(stderr, "Error: %s\n", ctx.errmsg);
ctx.errmsg = NULL;
ret = false;
}
@@ -1404,6 +1404,8 @@ bool nft_rule_to_iptables_command_state(struct nft_handle *h,
if (!cs->jumpto)
cs->jumpto = "";
+ if (!ret)
+ xtables_error(VERSION_PROBLEM, "Parsing nftables rule failed");
return ret;
}
--
2.38.0
