From 9701574d40fe25cadffce5cb02d2377a96ec4b46 Mon Sep 17 00:00:00 2001
From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter
 Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org"
 </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org>
Date: Sun, 12 Jun 2005 15:54:15 +0000
Subject: Flush chain with noflush when it is redefined (Charlie Brady
 <charlieb-netfilter-devel@budge.apana.org.au>)

---
 iptables-restore.c | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

(limited to 'iptables-restore.c')

diff --git a/iptables-restore.c b/iptables-restore.c
index 42aa2a2..e2872cd 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -236,12 +236,21 @@ main(int argc, char *argv[])
 			}
 
 			if (iptc_builtin(chain, handle) <= 0) {
-				DEBUGP("Creating new chain '%s'\n", chain);
-				if (!iptc_create_chain(chain, &handle)) 
-					exit_error(PARAMETER_PROBLEM, 
-						   "error creating chain "
-						   "'%s':%s\n", chain, 
-						   strerror(errno));
+				if (noflush && iptc_is_chain(chain, handle)) {
+					DEBUGP("Flushing existing user defined chain '%s'\n", chain);
+					if (!iptc_flush_entries(chain, &handle))
+						exit_error(PARAMETER_PROBLEM,
+							   "error flushing chain "
+							   "'%s':%s\n", chain,
+							   strerror(errno));
+				} else {
+					DEBUGP("Creating new chain '%s'\n", chain);
+					if (!iptc_create_chain(chain, &handle))
+						exit_error(PARAMETER_PROBLEM,
+							   "error creating chain "
+							   "'%s':%s\n", chain,
+							   strerror(errno));
+				}
 			}
 
 			policy = strtok(NULL, " \t\n");
-- 
cgit v1.2.3