diff options
author | Florian Westphal <fw@strlen.de> | 2018-04-07 00:44:49 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2018-04-09 22:53:09 +0200 |
commit | 9d9b724cab2276a1ffa43e8376f2ed10282d07da (patch) | |
tree | 331175080abfab6cdbdecd23f3484620e75577f0 /iptables/xtables.c | |
parent | 59d15cfb8998074b2f6077fb5a4a5aea6a002bc7 (diff) |
xtables-compat: skip unsupported tables
Instead of not listing anything at all if an unknown table name
exists, just skip them. Output a small comment that the listing
doesn't include the (unrecognized, nft-created) tables.
Next patch will restrict 'is this table printable in
xtables syntax' check to the "builtin" tables.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/xtables.c')
-rw-r--r-- | iptables/xtables.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/iptables/xtables.c b/iptables/xtables.c index ac113254..5410952a 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -1225,7 +1225,8 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table, case CMD_LIST: case CMD_LIST|CMD_ZERO: case CMD_LIST|CMD_ZERO_NUM: - if (nft_is_ruleset_compatible(h) == 1) { + ret = nft_is_ruleset_compatible(h); + if (ret) { printf("ERROR: You're using nft features that cannot be mapped to iptables, please keep using nft.\n"); exit(EXIT_FAILURE); } |