leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity

netfilter: nf_tables: do not dump chain counters if not enabled

Browse Source 
Chain counters are only enabled on demand since 9f08ea8481, skip them
when dumping them via netlink.

Fixes: 9f08ea8481 ("netfilter: nf_tables: keep chain counters away from hot path")
Reported-by: Johny Mattsson <johny.mattsson+kernel@gmail.com>
Tested-by: Johny Mattsson <johny.mattsson+kernel@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2017-10-04 17:18:27 +02:00
parent e63aaaa6be
commit 5f9bfe0ef6
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
net/netfilter/nf_tables_api.c
View File

@ -1048,7 +1048,7 @@ static int nf_tables_fill_chain_info(struct sk_buff *skb, struct net *net,
if (nla_put_string(skb, NFTA_CHAIN_TYPE, basechain->type->name))
goto nla_put_failure;
if (nft_dump_stats(skb, nft_base_chain(chain)->stats))
if (basechain->stats && nft_dump_stats(skb, basechain->stats))
goto nla_put_failure;
}