xtables-restore: Fix verbose mode table flushing

When called with --verbose mode, iptables-nft-restore did not print anything when flushing the table. Fix this by adding a "manual" mode to nft_cmd_table_flush(), turning it into a wrapper around '-F' and '-X' commands, which is exactly what iptables-legacy-restore does to flush a table. This though requires a real cache, so don't set NFT_CL_FAKE then. Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2020-05-12 12:59:42 +0200
committer: Phil Sutter <phil@nwl.cc> 2020-06-09 00:16:34 +0200
commit: b40b7d976fe144d14421bb441f55ffdc11a4b442 (patch)
tree: 732401c5353525c314512c0d1ff608b7d168c7a3 /iptables/nft-cmd.c
parent: d4ed0c741fc789bb09d977d74d30875fdd50d08b (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c
index 9c0901e7..51cdfed4 100644
--- a/iptables/nft-cmd.c
+++ b/iptables/nft-cmd.c
@@ -311,10 +311,15 @@ int nft_cmd_chain_set(struct nft_handle *h, const char *table,
 	return 1;
 }
 
-int nft_cmd_table_flush(struct nft_handle *h, const char *table)
+int nft_cmd_table_flush(struct nft_handle *h, const char *table, bool verbose)
 {
 	struct nft_cmd *cmd;
 
+	if (verbose) {
+		return nft_cmd_rule_flush(h, NULL, table, verbose) &&
+		       nft_cmd_chain_user_del(h, NULL, table, verbose);
+	}
+
 	cmd = nft_cmd_new(h, NFT_COMPAT_TABLE_FLUSH, table, NULL, NULL, -1,
 			  false);
 	if (!cmd)
author	Phil Sutter <phil@nwl.cc>	2020-05-12 12:59:42 +0200
committer	Phil Sutter <phil@nwl.cc>	2020-06-09 00:16:34 +0200
commit	b40b7d976fe144d14421bb441f55ffdc11a4b442 (patch)
tree	732401c5353525c314512c0d1ff608b7d168c7a3 /iptables/nft-cmd.c
parent	d4ed0c741fc789bb09d977d74d30875fdd50d08b (diff)