From: Phil Sutter <phil@nwl.cc>
Date: Fri, 10 Jul 2020 18:42:11 +0000 (+0200)
Subject: nft: Be lazy when flushing
X-Git-Tag: v1.8.6~28
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f1f241db42f92474cdc41e25de310493b554154c;p=thirdparty%2Fiptables.git

nft: Be lazy when flushing

If neither chain nor verbose flag was specified and the table to flush
doesn't exist yet, no action is needed (as there is nothing to flush
anyway).

Signed-off-by: Phil Sutter <phil@nwl.cc>
---

diff --git a/iptables/nft.c b/iptables/nft.c
index c5ab0dbe..52ee809b 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1699,16 +1699,18 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table,
 	struct nftnl_chain *c = NULL;
 	int ret = 0;
 
-	nft_xt_builtin_init(h, table);
-
 	nft_fn = nft_rule_flush;
 
 	if (chain || verbose) {
+		nft_xt_builtin_init(h, table);
+
 		list = nft_chain_list_get(h, table, chain);
 		if (list == NULL) {
 			ret = 1;
 			goto err;
 		}
+	} else if (!nft_table_find(h, table)) {
+		return 1;
 	}
 
 	if (chain) {