summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--iptables/nft.c5
-rw-r--r--iptables/xtables.c3
2 files changed, 5 insertions, 3 deletions
diff --git a/iptables/nft.c b/iptables/nft.c
index 60b0531f..c1b8ba3a 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1726,6 +1726,11 @@ int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *tabl
if (nft_xtables_config_load(h, XTABLES_CONFIG_DEFAULT, 0) < 0)
nft_xt_builtin_init(h, table);
+ if (nft_chain_exists(h, table, chain)) {
+ errno = EEXIST;
+ return 0;
+ }
+
c = nftnl_chain_alloc();
if (c == NULL)
return 0;
diff --git a/iptables/xtables.c b/iptables/xtables.c
index 1d777554..44986a37 100644
--- a/iptables/xtables.c
+++ b/iptables/xtables.c
@@ -1069,9 +1069,6 @@ void do_parse(struct nft_handle *h, int argc, char *argv[],
xtables_error(PARAMETER_PROBLEM,
"Chain '%s' does not exist", cs->jumpto);
}
- if (!p->xlate && p->command == CMD_NEW_CHAIN &&
- nft_chain_exists(h, p->table, p->chain))
- xtables_error(OTHER_PROBLEM, "Chain already exists");
}
int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table,