diff mbox

[iptables-nftables,1/6] xtables: initialize xtables defaults even on listing rules

Message ID 1368528727-10127-2-git-send-email-tomasz.bursztyka@linux.intel.com
State Accepted
Headers show

Commit Message

Tomasz Bursztyka May 14, 2013, 10:52 a.m. UTC 
Output of the tool should be the same as for iptables.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
---
 iptables/nft.c | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Pablo Neira Ayuso May 16, 2013, 5:01 p.m. UTC | #1 
On Tue, May 14, 2013 at 01:52:02PM +0300, Tomasz Bursztyka wrote:
> Output of the tool should be the same as for iptables.

Applied, thanks Tomasz.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/iptables/nft.c b/iptables/nft.c
index e68d112..f5d96bc 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2477,6 +2477,10 @@  int nft_rule_list(struct nft_handle *h, const char *chain, const char *table,
 	struct nft_chain_list_iter *iter;
 	struct nft_chain *c;
 
+	/* If built-in chains don't exist for this table, create them */
+	if (nft_xtables_config_load(h, XTABLES_CONFIG_DEFAULT, 0) < 0)
+		nft_chain_builtin_init(h, table, NULL, NF_ACCEPT);
+
 	list = nft_chain_dump(h);
 
 	iter = nft_chain_list_iter_create(list);