diff options
author | Phil Sutter <phil@nwl.cc> | 2018-08-06 17:21:53 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2018-08-06 18:17:39 +0200 |
commit | 1679b2cb2cae2bb3ce8eff5444ba858a51310d4c (patch) | |
tree | 9097c7bd5db202d9418d2c99f7dd156a2d11b7b3 /iptables/nft.h | |
parent | 2ce9f65a374bad212899bc584d3e5f4698df6fc6 (diff) |
xtables-restore: Improve user-defined chain detection
Legacy ebtables-save does not use a policy string of '-' to denote
user-defined chains but instead lists them with a policy of ACCEPT.
In order to use ebtables_restore_parse() for ebtables-save
implementation, make use of builtin table definitions to decide whether
a given chain is a builtin one or not.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r-- | iptables/nft.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/iptables/nft.h b/iptables/nft.h index 5febb9f9..942cb6a0 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -68,6 +68,7 @@ bool nft_table_find(struct nft_handle *h, const char *tablename); int nft_table_purge_chains(struct nft_handle *h, const char *table, struct nftnl_chain_list *list); int nft_table_flush(struct nft_handle *h, const char *table); void nft_table_new(struct nft_handle *h, const char *table); +struct builtin_table *nft_table_builtin_find(struct nft_handle *h, const char *table); /* * Operations with chains. @@ -84,6 +85,7 @@ int nft_chain_user_flush(struct nft_handle *h, struct nftnl_chain_list *list, const char *chain, const char *table); int nft_chain_user_rename(struct nft_handle *h, const char *chain, const char *table, const char *newname); int nft_chain_zero_counters(struct nft_handle *h, const char *chain, const char *table, bool verbose); +struct builtin_chain *nft_chain_builtin_find(struct builtin_table *t, const char *chain); /* * Operations with rule-set. |