netfilter: nf_tables: decrement chain use counter when replacing rules

Thus, the chain use counter remains with the same value after the
rule replacement.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2014-06-10 10:53:02 +02:00
parent a0a7379e16
commit ac34b86197
1 changed files with 2 additions and 0 deletions

View File

@ -1799,6 +1799,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
goto err2;
}
nft_rule_disactivate_next(net, old_rule);
chain->use--;
list_add_tail_rcu(&rule->list, &old_rule->list);
} else {
err = -ENOENT;
@ -1829,6 +1830,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
list_del_rcu(&nft_trans_rule(trans)->list);
nft_rule_clear(net, nft_trans_rule(trans));
nft_trans_destroy(trans);
chain->use++;
}
err2:
nf_tables_rule_destroy(&ctx, rule);