git.ipfire.org Git - thirdparty/iptables.git/commit

]> git.ipfire.org Git - thirdparty/iptables.git/commit

projects / thirdparty / iptables.git / commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 28 May 2018 15:33:02 +0000 (17:33 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 28 May 2018 21:51:06 +0000 (23:51 +0200)
commit	8d190e98564f0ed119f14444367970b7a4ecd7d2
tree	0fa60adb291bfb0cd0d242eb190a2e9f4b6c39b4	tree
parent	0a8635183edd097916937cc7de5a29fbea9b8d2a	commit \| diff

xtables: initialize basechains only once on ruleset restore

We cannot assume iptables-restore files always come with explicit
basechain definition, eg.

:PREROUTING ACCEPT

incremental ruleset updates may deliberately skip this.

But loading basechains over and over again can take time, so do it just
once per batch.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

iptables/nft.c		diff \| blob \| blame \| history
iptables/nft.h		diff \| blob \| blame \| history

Mirror of git://git.netfilter.org/iptables

RSS Atom