diff options
| author | Samuel Ortiz <sameo@linux.intel.com> | 2010-11-12 00:20:22 +0100 |
|---|---|---|
| committer | Samuel Ortiz <sameo@linux.intel.com> | 2010-11-12 00:25:36 +0100 |
| commit | 05ae1fe8a02326a7cdae03fe73dc5936bc114dda (patch) | |
| tree | aa2ac1c9f6e35158168e5e2a2d5588293e936d94 /tools | |
| parent | bc485900223d7b6de699da2e17e262ec84a8d0a2 (diff) | |
| download | connman-05ae1fe8a02326a7cdae03fe73dc5936bc114dda.tar.gz connman-05ae1fe8a02326a7cdae03fe73dc5936bc114dda.tar.bz2 connman-05ae1fe8a02326a7cdae03fe73dc5936bc114dda.zip | |
iptables-test: Fix builtin chain rule addition
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/iptables-test.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/tools/iptables-test.c b/tools/iptables-test.c index ef5f9a4a..5634eaef 100644 --- a/tools/iptables-test.c +++ b/tools/iptables-test.c @@ -553,6 +553,7 @@ static void update_hooks(struct connman_iptables *table, GList *chain_head, stru continue; table->hook_entry[builtin] += entry->next_offset; + table->underflow[builtin] += entry->next_offset; } } @@ -563,6 +564,8 @@ connman_iptables_add_rule(struct connman_iptables *table, char *chain_name, { GList *chain_tail, *chain_head; struct ipt_entry *new_entry; + struct connman_iptables_entry *head; + int builtin = -1; chain_head = find_chain_head(table, chain_name); if (chain_head == NULL) @@ -580,7 +583,20 @@ connman_iptables_add_rule(struct connman_iptables *table, char *chain_name, update_hooks(table, chain_head, new_entry); - return connman_add_entry(table, new_entry, chain_tail, -1); + /* + * If the chain is builtin, and does not have any rule, + * then the one that we're inserting is becoming the head + * and thus needs the builtin flag. + */ + head = chain_head->data; + if (head->builtin < 0) + builtin = -1; + else if (chain_head == chain_tail->prev) { + head->builtin = -1; + builtin = head->builtin; + } + + return connman_add_entry(table, new_entry, chain_tail->prev, builtin); } static struct ipt_replace * |