summaryrefslogtreecommitdiffstats
path: root/iptables
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2020-07-10 20:42:11 +0200
committerPhil Sutter <phil@nwl.cc>2020-07-24 19:15:56 +0200
commitf1f241db42f92474cdc41e25de310493b554154c (patch)
tree2c21a99eca1a26ce7eb408a6de74b32c821c39d7 /iptables
parent0b7c22e00622db468846f11809ca0cecc6c7cd97 (diff)
nft: Be lazy when flushing
If neither chain nor verbose flag was specified and the table to flush doesn't exist yet, no action is needed (as there is nothing to flush anyway). Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables')
-rw-r--r--iptables/nft.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/iptables/nft.c b/iptables/nft.c
index c5ab0dbe..52ee809b 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1699,16 +1699,18 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table,
struct nftnl_chain *c = NULL;
int ret = 0;
- nft_xt_builtin_init(h, table);
-
nft_fn = nft_rule_flush;
if (chain || verbose) {
+ nft_xt_builtin_init(h, table);
+
list = nft_chain_list_get(h, table, chain);
if (list == NULL) {
ret = 1;
goto err;
}
+ } else if (!nft_table_find(h, table)) {
+ return 1;
}
if (chain) {