From patchwork Thu Oct 23 11:36:10 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 402454 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 9178B140082 for ; Thu, 23 Oct 2014 22:34:44 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754624AbaJWLen (ORCPT ); Thu, 23 Oct 2014 07:34:43 -0400 Received: from mail.us.es ([193.147.175.20]:37109 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754156AbaJWLen (ORCPT ); Thu, 23 Oct 2014 07:34:43 -0400 Received: (qmail 10091 invoked from network); 23 Oct 2014 13:34:41 +0200 Received: from unknown (HELO us.es) (192.168.2.13) by us.es with SMTP; 23 Oct 2014 13:34:41 +0200 Received: (qmail 17420 invoked by uid 507); 23 Oct 2014 11:34:41 -0000 X-Qmail-Scanner-Diagnostics: from 127.0.0.1 by antivirus3 (envelope-from , uid 501) with qmail-scanner-2.10 (clamdscan: 0.98.4/19527. spamassassin: 3.3.2. Clear:RC:1(127.0.0.1):SA:0(-103.2/7.5):. Processed in 3.258734 secs); 23 Oct 2014 11:34:41 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on antivirus3 X-Spam-Level: X-Spam-Status: No, score=-103.2 required=7.5 tests=BAYES_50,SMTPAUTH_US, USER_IN_WHITELIST autolearn=disabled version=3.3.2 X-Spam-ASN: AS12715 87.216.0.0/16 X-Envelope-From: pablo@netfilter.org Received: from unknown (HELO antivirus3) (127.0.0.1) by us.es with SMTP; 23 Oct 2014 11:34:37 -0000 Received: from 192.168.1.13 (192.168.1.13) by antivirus3 (F-Secure/fsigk_smtp/412/antivirus3); Thu, 23 Oct 2014 13:34:37 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/412/antivirus3) Received: (qmail 5215 invoked from network); 23 Oct 2014 13:34:37 +0200 Received: from 129.166.216.87.static.jazztel.es (HELO salvia.here) (pneira@us.es@87.216.166.129) by mail.us.es with SMTP; 23 Oct 2014 13:34:37 +0200 From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH] iptables-compat: fix empty chains after first invocation of iptables-compat -L Date: Thu, 23 Oct 2014 13:36:10 +0200 Message-Id: <1414064170-14712-1-git-send-email-pablo@netfilter.org> X-Mailer: git-send-email 1.7.10.4 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org # iptables-compat -L # iptables-compat -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Note that the second (and follow up) invocations after the first one display the chains. Signed-off-by: Pablo Neira Ayuso --- iptables/nft.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/iptables/nft.c b/iptables/nft.c index 52c89b9..5492a8f 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -1937,8 +1937,14 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, bool found = false; /* If built-in chains don't exist for this table, create them */ - if (nft_xtables_config_load(h, XTABLES_CONFIG_DEFAULT, 0) < 0) + if (nft_xtables_config_load(h, XTABLES_CONFIG_DEFAULT, 0) < 0) { nft_xt_builtin_init(h, table); + /* Force table and chain creation, otherwise first iptables -L + * lists no table/chains. + */ + if (!list_empty(&h->obj_list)) + nft_commit(h); + } ops = nft_family_ops_lookup(h->family);