diff options
author | Florian Westphal <fw@strlen.de> | 2021-08-14 19:46:43 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2021-09-07 14:16:07 +0200 |
commit | 61e85e3192deaff3b9dd1eb9270863acc7a26311 (patch) | |
tree | 2f5d28c03235d25b2cef5f1e0f64b928ed551c5f /iptables/nft-cmd.h | |
parent | 544e7dc1541e4db3abc9896ff757e7642c97738e (diff) |
iptables-nft: allow removal of empty builtin chains
The only reason why this is prohibited is that you cannot do it
in iptables-legacy.
This removes the artifical limitation.
"iptables-nft -X" will leave the builtin chains alone;
Also, deletion is only permitted if the chain is empty.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/nft-cmd.h')
-rw-r--r-- | iptables/nft-cmd.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/iptables/nft-cmd.h b/iptables/nft-cmd.h index ecf7655a..b5a99ef7 100644 --- a/iptables/nft-cmd.h +++ b/iptables/nft-cmd.h @@ -49,8 +49,8 @@ int nft_cmd_zero_counters(struct nft_handle *h, const char *chain, const char *table, bool verbose); int nft_cmd_chain_user_add(struct nft_handle *h, const char *chain, const char *table); -int nft_cmd_chain_user_del(struct nft_handle *h, const char *chain, - const char *table, bool verbose); +int nft_cmd_chain_del(struct nft_handle *h, const char *chain, + const char *table, bool verbose); int nft_cmd_chain_zero_counters(struct nft_handle *h, const char *chain, const char *table, bool verbose); int nft_cmd_rule_list(struct nft_handle *h, const char *chain, |