From: Topi Miettinen <toiwoton@gmail.com>
Date: Mon, 4 Dec 2023 19:49:12 +0000 (+0200)
Subject: network/networkd-address: don't set up firewall rules here
X-Git-Tag: v256-rc1~1589
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=58c6e75f263a1562f5550221af1ec1a9b6046143;p=thirdparty%2Fsystemd.git

network/networkd-address: don't set up firewall rules here

Don't set up firewall rules when we're just initializing the firewall context
for NFT sets.

Fixes: #30257
---

diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index c1a8cd884a8..70711376767 100644
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -645,7 +645,7 @@ static void address_modify_nft_set_context(Address *address, bool add, NFTSetCon
         assert(nft_set_context);
 
         if (!address->link->manager->fw_ctx) {
-                r = fw_ctx_new(&address->link->manager->fw_ctx);
+                r = fw_ctx_new_full(&address->link->manager->fw_ctx, /* init_tables= */ false);
                 if (r < 0)
                         return;
         }