nft: Avoid pointless table/chain creation

Accept a chain name in nft_xt_builtin_init() to limit the base chain creation to that specific chain only. Introduce nft_xt_builtin_table_init() to create just the table for situations where no builtin chains are needed but the command may still succeed in an empty ruleset, particularly when creating a custom chain, restoring base chains or adding a set for ebtables among match. Introduce nft_xt_fake_builtin_chains(), a function to call after cache has been populated to fill empty base chain slots. This keeps ruleset listing output intact if some base chains do not exist (or even the whole ruleset is completely empty). Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2020-07-10 18:23:50 +0200
committer: Phil Sutter <phil@nwl.cc> 2020-12-21 18:33:21 +0100
commit: fd4b9bf08b9eb4994bbba426426a978c5b9af590 (patch)
tree: 5e4242fa03bda4186ccf1e3a49b30e58dec90ac3 /iptables/xtables-save.c
parent: e28cf12cf50b9e2e0114f04331635fc122cb8aef (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c
index bf00b032..d7901c65 100644
--- a/iptables/xtables-save.c
+++ b/iptables/xtables-save.c
@@ -236,6 +236,7 @@ xtables_save_main(int family, int argc, char *argv[],
 
 	nft_cache_level_set(&h, NFT_CL_RULES, NULL);
 	nft_cache_build(&h);
+	nft_xt_fake_builtin_chains(&h, tablename, NULL);
 
 	ret = do_output(&h, tablename, &d);
 	nft_fini(&h);
author	Phil Sutter <phil@nwl.cc>	2020-07-10 18:23:50 +0200
committer	Phil Sutter <phil@nwl.cc>	2020-12-21 18:33:21 +0100
commit	fd4b9bf08b9eb4994bbba426426a978c5b9af590 (patch)
tree	5e4242fa03bda4186ccf1e3a49b30e58dec90ac3 /iptables/xtables-save.c
parent	e28cf12cf50b9e2e0114f04331635fc122cb8aef (diff)