diff options
| author | Phil Sutter <phil@nwl.cc> | 2020-07-10 20:42:11 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2020-07-24 19:15:56 +0200 |
| commit | f1f241db42f92474cdc41e25de310493b554154c (patch) | |
| tree | 2c21a99eca1a26ce7eb408a6de74b32c821c39d7 | |
| parent | 0b7c22e00622db468846f11809ca0cecc6c7cd97 (diff) | |
nft: Be lazy when flushing
If neither chain nor verbose flag was specified and the table to flush
doesn't exist yet, no action is needed (as there is nothing to flush
anyway).
Signed-off-by: Phil Sutter <phil@nwl.cc>
| -rw-r--r-- | iptables/nft.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index c5ab0dbe..52ee809b 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -1699,16 +1699,18 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table, struct nftnl_chain *c = NULL; int ret = 0; - nft_xt_builtin_init(h, table); - nft_fn = nft_rule_flush; if (chain || verbose) { + nft_xt_builtin_init(h, table); + list = nft_chain_list_get(h, table, chain); if (list == NULL) { ret = 1; goto err; } + } else if (!nft_table_find(h, table)) { + return 1; } if (chain) { |