summaryrefslogtreecommitdiffstats
path: root/iptables
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2013-01-20 20:18:02 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2013-12-30 23:50:22 +0100
commit3bbe7c1a0a2a3bab261aeb00cf4c5adcc96bf109 (patch)
treea0d739d69380a2d7dbb1b65d2d17f363318be1fe /iptables
parent0391677c1a0b28c14d01febd9628a543e8e5fd62 (diff)
xtables-restore: fix custom user chain restoration
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
-rw-r--r--iptables/xtables-restore.c31
1 files changed, 20 insertions, 11 deletions
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index e83eacc3..f6009776 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -331,20 +331,29 @@ xtables_restore_main(int argc, char *argv[])
"for chain '%s'\n", chain);
}
-
+ if (nft_chain_set(&h, curtable, chain, policy, &count) < 0) {
+ xtables_error(OTHER_PROBLEM,
+ "Can't set policy `%s'"
+ " on `%s' line %u: %s\n",
+ policy, chain, line,
+ ops->strerror(errno));
+ }
DEBUGP("Setting policy of chain %s to %s\n",
- chain, policy);
- }
+ chain, policy);
+ ret = 1;
- if (nft_chain_set(&h, curtable, chain, policy, &count) < 0) {
- xtables_error(OTHER_PROBLEM,
- "Can't set policy `%s'"
- " on `%s' line %u: %s\n",
- policy, chain, line,
- ops->strerror(errno));
- }
+ } else {
+ if (nft_chain_user_add(&h, chain, curtable) < 0) {
+ if (errno == EEXIST)
+ continue;
- ret = 1;
+ xtables_error(PARAMETER_PROBLEM,
+ "cannot create chain "
+ "'%s' (%s)\n", chain,
+ strerror(errno));
+ }
+ continue;
+ }
} else if (in_table) {
int a;