firewall-util-nft: clear previous address on replay

In case external entity wiped the ruleset, we need to clear the
'previous' address -- its already gone.

This prevents the transaction from succeeding: the delete operation fails.

diff --git a/src/shared/firewall-util-nft.c b/src/shared/firewall-util-nft.c
index 2e5ba97259e9c729aa35951c1693c7a7d7955395..22c0dc0980c7737c1b9f0dd545dd5200d3a4b8bf 100644 (file)
--- a/src/shared/firewall-util-nft.c
+++ b/src/shared/firewall-util-nft.c
@@ -1062,6 +1062,8 @@ again:
                 int tmp = fw_nftables_recreate_table(ctx->nfnl, af, transaction, tsize);
 
                 if (tmp == 0) {
+                        /* table created anew; previous address already gone */
+                        previous_remote = NULL;
                         retry = false;
                         goto again;
                 }