Commit b53c1166 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso
Browse files

netfilter: nf_tables: set element extended ACK reporting support 



Report the element that causes problems via netlink extended ACK for set
element commands.

Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent aeed55a0

net/netfilter/nf_tables_api.c

+9 −3
Original line number Diff line number Diff line
@@ -5348,9 +5348,11 @@ static int nf_tables_getsetelem(struct sk_buff *skb, 


	nla_for_each_nested(attr, nla[NFTA_SET_ELEM_LIST_ELEMENTS], rem) {

		err = nft_get_set_elem(&ctx, set, attr);

		if (err < 0)

		if (err < 0) {

			NL_SET_BAD_ATTR(extack, attr);

			break;

		}

	}



	return err;

}
@@ -6126,9 +6128,11 @@ static int nf_tables_newsetelem(struct sk_buff *skb, 


	nla_for_each_nested(attr, nla[NFTA_SET_ELEM_LIST_ELEMENTS], rem) {

		err = nft_add_set_elem(&ctx, set, attr, info->nlh->nlmsg_flags);

		if (err < 0)

		if (err < 0) {

			NL_SET_BAD_ATTR(extack, attr);

			return err;

		}

	}



	if (nft_net->validate_state == NFT_VALIDATE_DO)

		return nft_table_validate(net, table);
@@ -6397,9 +6401,11 @@ static int nf_tables_delsetelem(struct sk_buff *skb, 


	nla_for_each_nested(attr, nla[NFTA_SET_ELEM_LIST_ELEMENTS], rem) {

		err = nft_del_setelem(&ctx, set, attr);

		if (err < 0)

		if (err < 0) {

			NL_SET_BAD_ATTR(extack, attr);

			break;

		}

	}

	return err;

}