nft: Be lazy when flushing

If neither chain nor verbose flag was specified and the table to flush
doesn't exist yet, no action is needed (as there is nothing to flush
anyway).

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/nft.c b/iptables/nft.c
index c5ab0dbe8d6e74f17d9c616e87d10f88d3ffeab1..52ee809b6bc079137bc3a22c7855d0ba10682a98 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1699,16 +1699,18 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table,
        struct nftnl_chain *c = NULL;
        int ret = 0;
 
-       nft_xt_builtin_init(h, table);
-
        nft_fn = nft_rule_flush;
 
        if (chain || verbose) {
+               nft_xt_builtin_init(h, table);
+
                list = nft_chain_list_get(h, table, chain);
                if (list == NULL) {
                        ret = 1;
                        goto err;
                }
+       } else if (!nft_table_find(h, table)) {
+               return 1;
        }
 
        if (chain) {