forked from Minki/linux
netfilter: nft_ct: do cleanup work when NFTA_CT_DIRECTION is invalid
We should jump to invoke __nft_ct_set_destroy() instead of just
return error.
Fixes: edee4f1e92
("netfilter: nft_ct: add zone id set support")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
04166f48d9
commit
4494dbc6de
@ -544,7 +544,8 @@ static int nft_ct_set_init(const struct nft_ctx *ctx,
|
||||
case IP_CT_DIR_REPLY:
|
||||
break;
|
||||
default:
|
||||
return -EINVAL;
|
||||
err = -EINVAL;
|
||||
goto err1;
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user