|
|
@@ -2589,17 +2589,14 @@ static int nf_tables_newrule(struct net *net, struct sock *nlsk,
|
|
|
|
|
|
if (chain->use == UINT_MAX)
|
|
|
return -EOVERFLOW;
|
|
|
- }
|
|
|
-
|
|
|
- if (nla[NFTA_RULE_POSITION]) {
|
|
|
- if (!(nlh->nlmsg_flags & NLM_F_CREATE))
|
|
|
- return -EOPNOTSUPP;
|
|
|
|
|
|
- pos_handle = be64_to_cpu(nla_get_be64(nla[NFTA_RULE_POSITION]));
|
|
|
- old_rule = __nft_rule_lookup(chain, pos_handle);
|
|
|
- if (IS_ERR(old_rule)) {
|
|
|
- NL_SET_BAD_ATTR(extack, nla[NFTA_RULE_POSITION]);
|
|
|
- return PTR_ERR(old_rule);
|
|
|
+ if (nla[NFTA_RULE_POSITION]) {
|
|
|
+ pos_handle = be64_to_cpu(nla_get_be64(nla[NFTA_RULE_POSITION]));
|
|
|
+ old_rule = __nft_rule_lookup(chain, pos_handle);
|
|
|
+ if (IS_ERR(old_rule)) {
|
|
|
+ NL_SET_BAD_ATTR(extack, nla[NFTA_RULE_POSITION]);
|
|
|
+ return PTR_ERR(old_rule);
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
|
Florian Westphal