summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
author/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org>2005-06-12 15:54:15 +0000
committer/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org>2005-06-12 15:54:15 +0000
commit9701574d40fe25cadffce5cb02d2377a96ec4b46 (patch)
tree9c683bc27b90eecb4ef6e1ed05c4369e0768cad7
parentde3893ecb065f5e70c4babf470cc52b1789f20b8 (diff)
Flush chain with noflush when it is redefined (Charlie Brady <charlieb-netfilter-devel@budge.apana.org.au>)
-rw-r--r--ip6tables-restore.c21
-rw-r--r--iptables-restore.c21
2 files changed, 30 insertions, 12 deletions
diff --git a/ip6tables-restore.c b/ip6tables-restore.c
index 6909c8d..cf69a6c 100644
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -233,12 +233,21 @@ int main(int argc, char *argv[])
}
if (ip6tc_builtin(chain, handle) <= 0) {
- DEBUGP("Creating new chain '%s'\n", chain);
- if (!ip6tc_create_chain(chain, &handle))
- exit_error(PARAMETER_PROBLEM,
- "error creating chain "
- "'%s':%s\n", chain,
- strerror(errno));
+ if (noflush && ip6tc_is_chain(chain, handle)) {
+ DEBUGP("Flushing existing user defined chain '%s'\n", chain);
+ if (!ip6tc_flush_entries(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error flushing chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ } else {
+ DEBUGP("Creating new chain '%s'\n", chain);
+ if (!ip6tc_create_chain(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error creating chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ }
}
policy = strtok(NULL, " \t\n");
diff --git a/iptables-restore.c b/iptables-restore.c
index 42aa2a2..e2872cd 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -236,12 +236,21 @@ main(int argc, char *argv[])
}
if (iptc_builtin(chain, handle) <= 0) {
- DEBUGP("Creating new chain '%s'\n", chain);
- if (!iptc_create_chain(chain, &handle))
- exit_error(PARAMETER_PROBLEM,
- "error creating chain "
- "'%s':%s\n", chain,
- strerror(errno));
+ if (noflush && iptc_is_chain(chain, handle)) {
+ DEBUGP("Flushing existing user defined chain '%s'\n", chain);
+ if (!iptc_flush_entries(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error flushing chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ } else {
+ DEBUGP("Creating new chain '%s'\n", chain);
+ if (!iptc_create_chain(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error creating chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ }
}
policy = strtok(NULL, " \t\n");