diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-28 20:21:10 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-28 23:55:42 +0200 |
| commit | 4caa559c44cde7af7794937bd5c7e5f704a483ca (patch) | |
| tree | b4c58bd2c940f4cf9c94d01dd2629d97a2cbbac5 /iptables | |
| parent | 9b896224e0bfc2c68c0c4b8b11f6ef650d0655ff (diff) | |
xtables: initialize basechains for rule flush command too
Otherwise, flush commands on not-yet-initialized basechains hit ENOENT.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/nft.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index 66bd4d42..603ba306 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -1465,6 +1465,9 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table) struct nftnl_chain_list_iter *iter; struct nftnl_chain *c; + if (nft_xtables_config_load(h, XTABLES_CONFIG_DEFAULT, 0) < 0) + nft_xt_builtin_init(h, table); + nft_fn = nft_rule_flush; list = nftnl_chain_list_get(h); |