diff options
author | Florian Westphal <fw@strlen.de> | 2021-08-14 19:46:43 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2021-09-07 14:16:07 +0200 |
commit | 61e85e3192deaff3b9dd1eb9270863acc7a26311 (patch) | |
tree | 2f5d28c03235d25b2cef5f1e0f64b928ed551c5f /iptables/nft.h | |
parent | 544e7dc1541e4db3abc9896ff757e7642c97738e (diff) |
iptables-nft: allow removal of empty builtin chains
The only reason why this is prohibited is that you cannot do it
in iptables-legacy.
This removes the artifical limitation.
"iptables-nft -X" will leave the builtin chains alone;
Also, deletion is only permitted if the chain is empty.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r-- | iptables/nft.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/iptables/nft.h b/iptables/nft.h index 4ac7e009..a7b652ff 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -53,7 +53,7 @@ enum obj_update_type { NFT_COMPAT_TABLE_FLUSH, NFT_COMPAT_CHAIN_ADD, NFT_COMPAT_CHAIN_USER_ADD, - NFT_COMPAT_CHAIN_USER_DEL, + NFT_COMPAT_CHAIN_DEL, NFT_COMPAT_CHAIN_USER_FLUSH, NFT_COMPAT_CHAIN_UPDATE, NFT_COMPAT_CHAIN_RENAME, @@ -147,7 +147,7 @@ struct nftnl_chain; int nft_chain_set(struct nft_handle *h, const char *table, const char *chain, const char *policy, const struct xt_counters *counters); int nft_chain_save(struct nft_chain *c, void *data); int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *table); -int nft_chain_user_del(struct nft_handle *h, const char *chain, const char *table, bool verbose); +int nft_chain_del(struct nft_handle *h, const char *chain, const char *table, bool verbose); int nft_chain_restore(struct nft_handle *h, const char *chain, const char *table); int nft_chain_user_rename(struct nft_handle *h, const char *chain, const char *table, const char *newname); int nft_chain_zero_counters(struct nft_handle *h, const char *chain, const char *table, bool verbose); |