From b40b7d976fe144d14421bb441f55ffdc11a4b442 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 12 May 2020 12:59:42 +0200 Subject: xtables-restore: Fix verbose mode table flushing When called with --verbose mode, iptables-nft-restore did not print anything when flushing the table. Fix this by adding a "manual" mode to nft_cmd_table_flush(), turning it into a wrapper around '-F' and '-X' commands, which is exactly what iptables-legacy-restore does to flush a table. This though requires a real cache, so don't set NFT_CL_FAKE then. Signed-off-by: Phil Sutter --- iptables/xtables-restore.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'iptables/xtables-restore.c') diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index a3bb4f00..eb25ec3d 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -135,7 +135,7 @@ static void xtables_restore_parse_line(struct nft_handle *h, if (h->noflush == 0) { DEBUGP("Cleaning all chains of table '%s'\n", table); if (cb->table_flush) - cb->table_flush(h, table); + cb->table_flush(h, table, verbose); } ret = 1; @@ -260,7 +260,7 @@ void xtables_restore_parse(struct nft_handle *h, struct nft_xt_restore_state state = {}; char buffer[10240] = {}; - if (!h->noflush) + if (!verbose && !h->noflush) nft_cache_level_set(h, NFT_CL_FAKE, NULL); line = 0; -- cgit v1.2.3