xtables-restore: Make COMMIT support configurable
Legacy ebtables-restore does not support COMMIT directive, so allow for callers of xtables_restore_parse() to toggle whether it is required or not. In iptables, omitting COMMIT may be used for syntax checking, so we must not add an implicit commit at EOF. Although ebtables/arptables legacy does not support COMMIT lines at all, this patch allows them in nft variants. If omitted, an implicit commit happens for them at EOF. Signed-off-by: Phil Sutter <> Signed-off-by: Florian Westphal <>
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -245,6 +245,7 @@ struct nft_xt_restore_parse {
FILE *in;
int testing;
const char *tablename;
+ bool commit;
struct nftnl_chain_list;