netfilter: nft_ct: do cleanup work when NFTA_CT_DIRECTION is invalid
We should jump to invoke __nft_ct_set_destroy() instead of just
return error.
Fixes: edee4f1e92
("netfilter: nft_ct: add zone id set support")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
04166f48d9
commit
4494dbc6de
@ -544,7 +544,8 @@ static int nft_ct_set_init(const struct nft_ctx *ctx,
|
|||||||
case IP_CT_DIR_REPLY:
|
case IP_CT_DIR_REPLY:
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
return -EINVAL;
|
err = -EINVAL;
|
||||||
|
goto err1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user