Just like with check command, change counters command creates a
temporary rule from rulespec on command line for a search by spec in
rule cache. It is not used anymore afterwards, so nft_cmd_free() should
free it.
Fixes: f340b7b6816be ("ebtables: Implement --change-counters command")
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft-cmd.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c
index 8372d171b00c4..b38da9bdc1c0b 100644
--- a/iptables/nft-cmd.c
+++ b/iptables/nft-cmd.c
@@ -65,6 +65,7 @@ void nft_cmd_free(struct nft_cmd *cmd)
switch (cmd->command) {
case NFT_COMPAT_RULE_CHECK:
case NFT_COMPAT_RULE_DELETE:
+ case NFT_COMPAT_RULE_CHANGE_COUNTERS:
if (cmd->obj.rule)
nftnl_rule_free(cmd->obj.rule);
break;
--
2.43.0
