summaryrefslogtreecommitdiffstats
path: root/iptables/xtables.c
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2018-06-19 12:02:24 +0200
committerFlorian Westphal <fw@strlen.de>2018-06-25 11:50:51 +0200
commit20eac2ad174e43a3d4a4275c3d44f99c12bd04b9 (patch)
treef6f38ec4b33f55394d7930532bdcde7feb3cbed8 /iptables/xtables.c
parentc9f5e18d72d3a010e9a53024290f9f4802ada9fd (diff)
xtables: warn in case old-style (set/getsockopt) tables exist
Provide a hint that iptables isn't showing all rules because its using nfnetlink rather than old set/getsockopt. Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/xtables.c')
-rw-r--r--iptables/xtables.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/iptables/xtables.c b/iptables/xtables.c
index e03e8f31..53f94b6f 100644
--- a/iptables/xtables.c
+++ b/iptables/xtables.c
@@ -1238,6 +1238,7 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table,
ret = nft_rule_zero_counters(h, p.chain, p.table,
p.rulenum - 1);
}
+ nft_check_xt_legacy(h->family, false);
break;
case CMD_LIST_RULES:
case CMD_LIST_RULES|CMD_ZERO:
@@ -1252,6 +1253,7 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table,
ret = nft_rule_zero_counters(h, p.chain, p.table,
p.rulenum - 1);
}
+ nft_check_xt_legacy(h->family, false);
break;
case CMD_NEW_CHAIN:
ret = nft_chain_user_add(h, p.chain, p.table);