git.ipfire.org Git - thirdparty/iptables.git/commit

author	Phil Sutter <phil@nwl.cc>
	Sat, 27 Jul 2024 17:13:40 +0000 (19:13 +0200)
committer	Phil Sutter <phil@nwl.cc>
	Sat, 27 Jul 2024 17:28:52 +0000 (19:28 +0200)
commit	f65d1e9a216468d5287fa05894a08e29c0fc8278
tree	bcbabf65580e4c61f7e7b51c22e723fb297f02b5	tree \| snapshot
parent	d859b91e6f3ed055c22ee7b984b481c5b518d9e1	commit \| diff

nft: cache: Annotate faked base chains as such

To avoid pointless kernel ruleset modifications without too many
workarounds in user space, code sometimes adds "fake" base chains to
cache. Yet these fake entries happen to prevent base chain creation for
a following command which actually requires them. Fix this by annotating
the fake entries as such so *_builtin_init() functions may convert them
into real ones.

Fixes: fd4b9bf08b9eb ("nft: Avoid pointless table/chain creation")
Signed-off-by: Phil Sutter <phil@nwl.cc>

iptables/nft-cache.c		diff \| blob \| blame \| history
iptables/nft-cache.h		diff \| blob \| blame \| history
iptables/nft-chain.c		diff \| blob \| blame \| history
iptables/nft-chain.h		diff \| blob \| blame \| history
iptables/nft.c		diff \| blob \| blame \| history