[Devel] [PATCH RH7 1/2] ms/netfilter: nf_tables: fix update chain error
Vasily Averin
vvs at virtuozzo.com
Fri Feb 5 14:18:35 MSK 2021
From: JingPiao Chen <chenjingpiao at gmail.com>
# nft add table filter
# nft add chain filter c1
# nft rename chain filter c1 c2
Error: Could not process rule: No such file or directory
rename chain filter c1 c2
^^^^^^^^^^^^^^^^^^^^^^^^^^
# nft add chain filter c2
# nft rename chain filter c1 c2
# nft list table filter
table ip filter {
chain c2 {
}
chain c2 {
}
}
Fixes: 664b0f8cd8 ("netfilter: nf_tables: add generation mask to chains")
Signed-off-by: JingPiao Chen <chenjingpiao at gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
(cherry picked from commit 0d18779be13766b33c69cbc26df38383598da373)
https://bugs.openvz.org/browse/OVZ-7223
Signed-off-by: Vasily Averin <vvs at virtuozzo.com>
---
net/netfilter/nf_tables_api.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 1cea127..d6dff4a 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1369,8 +1369,8 @@ static int nf_tables_newchain(struct net *net, struct sock *nlsk,
chain2 = nf_tables_chain_lookup(table,
nla[NFTA_CHAIN_NAME],
genmask);
- if (IS_ERR(chain2))
- return PTR_ERR(chain2);
+ if (!IS_ERR(chain2))
+ return -EEXIST;
}
if (nla[NFTA_CHAIN_COUNTERS]) {
--
1.8.3.1
More information about the Devel
mailing list