]> git.ipfire.org Git - thirdparty/iptables.git/commit
projects / thirdparty / iptables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 544e7dc) | patch
iptables-nft: allow removal of empty builtin chains
authorFlorian Westphal <fw@strlen.de>
Sat, 14 Aug 2021 17:46:43 +0000 (19:46 +0200)
committerFlorian Westphal <fw@strlen.de>
Tue, 7 Sep 2021 12:16:07 +0000 (14:16 +0200)
commit61e85e3192deaff3b9dd1eb9270863acc7a26311
tree2f5d28c03235d25b2cef5f1e0f64b928ed551c5ftree
parent544e7dc1541e4db3abc9896ff757e7642c97738ecommit | diff
iptables-nft: allow removal of empty builtin chains

The only reason why this is prohibited is that you cannot do it
in iptables-legacy.

This removes the artifical limitation.

"iptables-nft -X" will leave the builtin chains alone;
Also, deletion is only permitted if the chain is empty.

Signed-off-by: Florian Westphal <fw@strlen.de>
iptables/iptables.8.in diff | blob | blame | history
iptables/nft-cmd.c diff | blob | blame | history
iptables/nft-cmd.h diff | blob | blame | history
iptables/nft.c diff | blob | blame | history
iptables/nft.h diff | blob | blame | history
iptables/xtables-arp.c diff | blob | blame | history
iptables/xtables-eb.c diff | blob | blame | history
iptables/xtables.c diff | blob | blame | history
Mirror of git://git.netfilter.org/iptables