iptables: Update the hook entries correctly in iptables_delete_rule()

The builtin value is only valid in the chain head entry and not
in any other entry. That means we need to lookup the head entry
and use that builtin value (== hook id) and then update all
references which follow that chain.

diff --git a/src/iptables.c b/src/iptables.c
index 97b9539..83612b9 100644 (file)
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -970,11 +970,15 @@ static int iptables_delete_rule(struct connman_iptables *table,
                                struct xtables_rule_match *xt_rm)
 {
        struct connman_iptables_entry *entry;
-       GList *chain_tail, *list;
+       GList *chain_head, *chain_tail, *list;
        int builtin, removed;
 
        removed = 0;
 
+       chain_head = find_chain_head(table, chain_name);
+       if (chain_head == NULL)
+               return -EINVAL;
+
        chain_tail = find_chain_tail(table, chain_name);
        if (chain_tail == NULL)
                return -EINVAL;
@@ -984,12 +988,13 @@ static int iptables_delete_rule(struct connman_iptables *table,
        if (list == NULL)
                return -EINVAL;
 
+       entry = chain_head->data;
+       builtin = entry->builtin;
+
        entry = list->data;
        if (entry == NULL)
                return -EINVAL;
 
-       builtin = entry->builtin;
-
        /* We have deleted a rule,
         * all references should be bumped accordingly */
        if (list->next != NULL)