diff mbox series

[v2,xtables,4/4] xtables: initialize basechains for rule flush command too

Message ID 20180528212104.8431-5-pablo@netfilter.org
State Accepted
Delegated to: Pablo Neira
Headers show
Series [xtables,1/4] xtables: always initialize basechains on ruleset restore | expand

Commit Message

Pablo Neira Ayuso May 28, 2018, 9:21 p.m. UTC 
Otherwise, flush commands on not-yet-initialized basechains hit ENOENT.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
v2: no changes.

 iptables/nft.c | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/iptables/nft.c b/iptables/nft.c
index 03a9f29df0ee..ec9dd13b4031 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1395,6 +1395,9 @@  int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table)
 	struct nftnl_chain_list_iter *iter;
 	struct nftnl_chain *c;
 
+	if (nft_xtables_config_load(h, XTABLES_CONFIG_DEFAULT, 0) < 0)
+		nft_xt_builtin_init(h, table);
+
 	nft_fn = nft_rule_flush;
 
 	list = nftnl_chain_list_get(h);