From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 28 May 2018 18:21:10 +0000 (+0200)
Subject: xtables: initialize basechains for rule flush command too
X-Git-Tag: v1.8.0~35
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4caa559c44cde7af7794937bd5c7e5f704a483ca;p=thirdparty%2Fiptables.git

xtables: initialize basechains for rule flush command too

Otherwise, flush commands on not-yet-initialized basechains hit ENOENT.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/iptables/nft.c b/iptables/nft.c
index 66bd4d42..603ba306 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1465,6 +1465,9 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table)
 	struct nftnl_chain_list_iter *iter;
 	struct nftnl_chain *c;
 
+	if (nft_xtables_config_load(h, XTABLES_CONFIG_DEFAULT, 0) < 0)
+		nft_xt_builtin_init(h, table);
+
 	nft_fn = nft_rule_flush;
 
 	list = nftnl_chain_list_get(h);