[iptables PATCH] nft: don't print rule counters unless verbose

Eric Garver Wed, 01 Aug 2018 12:36:44 -0700

Currently rule counters are always printed, but that's not the desired
behavior. We should only print them with the verbose flag. This broke
when the arguments of nft_rule_print_save() were changed to accept the
format instead of a counters flag.


Fixes: cdc78b1d6bd7 ("nft: convert rule into a command state structure")
Signed-off-by: Eric Garver <[email protected]>
---
 iptables/nft.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iptables/nft.c b/iptables/nft.c
index 347a4438e7bc..a9cb92edbf11 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2270,7 +2270,7 @@ err:
 static void
 list_save(struct nftnl_rule *r, unsigned int num, unsigned int format)
 {
-       nft_rule_print_save(r, NFT_RULE_APPEND, !(format & FMT_NOCOUNTS));
+       nft_rule_print_save(r, NFT_RULE_APPEND, format);
 }
 
 static int
-- 
2.18.0

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[iptables PATCH] nft: don't print rule counters unless verbose

Reply via email to