The command is supposed to fail if no rule at given index is found.
While at it, drop the goto and label which are unused since commit
9b896224e0bfc ("xtables: rework rule cache logic").
Fixes: a69cc575295ee ("xtables: allow to reset the counters of an existing rule")
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index d563a011bec5d..908f544319b74 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2994,7 +2994,6 @@ int nft_rule_zero_counters(struct nft_handle *h, const char *chain,
.command = NFT_COMPAT_RULE_APPEND,
};
struct nft_chain *c;
- int ret = 0;
nft_fn = nft_rule_delete;
@@ -3007,8 +3006,7 @@ int nft_rule_zero_counters(struct nft_handle *h, const char *chain,
r = nft_rule_find(h, c, NULL, rulenum);
if (r == NULL) {
errno = ENOENT;
- ret = 1;
- goto error;
+ return 0;
}
if (h->ops->init_cs)
@@ -3021,10 +3019,7 @@ int nft_rule_zero_counters(struct nft_handle *h, const char *chain,
if (!new_rule)
return 1;
- ret = nft_rule_append(h, chain, table, new_rule, r, false);
-
-error:
- return ret;
+ return nft_rule_append(h, chain, table, new_rule, r, false);
}
static void nft_table_print_debug(struct nft_handle *h,
--
2.43.0
