From d6a127cd5710f8c60e95bfd0378ca352c07140a9 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 18 Sep 2013 17:00:18 +0200
Subject: xtables: batch rule-set updates into one single netlink message

With this patch, all rule-set updates are put in one single batch
of netlink messages that is sent to user-space using the new
nfnetlink batch infrastructure.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/xtables-standalone.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'iptables/xtables-standalone.c')

diff --git a/iptables/xtables-standalone.c b/iptables/xtables-standalone.c
index 9d5a6675..cb685d64 100644
--- a/iptables/xtables-standalone.c
+++ b/iptables/xtables-standalone.c
@@ -70,6 +70,9 @@ xtables_main(int argc, char *argv[])
 	}
 
 	ret = do_commandx(&h, argc, argv, &table);
+	if (ret)
+		ret = nft_commit(&h);
+
 	if (!ret) {
 		if (errno == EINVAL) {
 			fprintf(stderr, "iptables: %s. "
-- 
cgit v1.2.3