summaryrefslogtreecommitdiff
path: root/lib/net_utils.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2014-09-02 18:04:53 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2014-09-03 16:56:23 +0200
commitcbb8125eb40b05f96d557b2705ee641873eb30b0 (patch)
treeab18d56e7da752577e572a6e26db01e9e7f355aa /lib/net_utils.c
parentae82ddcf8e8239bdd06e6830d450cf9e785b8024 (diff)
netfilter: nfnetlink: deliver netlink errors on batch completion
We have to wait until the full batch has been processed to deliver the netlink error messages to userspace. Otherwise, we may deliver duplicated errors to userspace in case that we need to abort and replay the transaction if any of the required modules needs to be autoloaded. A simple way to reproduce this (assumming nft_meta is not loaded) with the following test file: add table filter add chain filter test add chain bad test # intentional wrong unexistent table add rule filter test meta mark 0 Then, when trying to load the batch: # nft -f test test:4:1-19: Error: Could not process rule: No such file or directory add chain bad test ^^^^^^^^^^^^^^^^^^^ test:4:1-19: Error: Could not process rule: No such file or directory add chain bad test ^^^^^^^^^^^^^^^^^^^ The error is reported twice, once when the batch is aborted due to missing nft_meta and another when it is fully processed. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'lib/net_utils.c')
0 files changed, 0 insertions, 0 deletions