This effectively flushes all built-in chains and removes user-defined ones. Since compat layer takes care of built-in table/chain creation, it is sufficient to just drop the relevant table.
Signed-off-by: Phil Sutter <[email protected]> --- iptables/xtables-eb.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c index 8fd3b740d5140..219dfe35ec40b 100644 --- a/iptables/xtables-eb.c +++ b/iptables/xtables-eb.c @@ -1147,7 +1147,9 @@ print_zero: break;*/ /*case 7 :*/ /* atomic-init */ /*case 10:*/ /* atomic-save */ - /*case 11:*/ /* init-table */ + case 11: /* init-table */ + nft_table_flush(h, *table); + return 1; /* replace->command = c; if (OPT_COMMANDS) -- 2.18.0 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
