Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 7084d0b6c95b11f03b3ae979fe30b6918cb26542
commit7084d0b6c95b11f03b3ae979fe30b6918cb26542[log] [tgz]
authorPhil Sutter <phil@nwl.cc>Fri Nov 15 10:47:24 2019 +0100
committerPhil Sutter <phil@nwl.cc>Fri Nov 15 15:45:13 2019 +0100
treed9371aa2bfbb26f013c374d3fea95b822a143900
parentbd2dc3e730669cc813cedfd0876f22f5083cae9a [diff]
nft: CMD_ZERO needs a rule cache

In order to zero rule counters, they have to be fetched from kernel. Fix
this for both standalone calls as well as xtables-restore --noflush.

Fixes: b5cb6e631c828 ("nft-cache: Fetch only chains in nft_chain_list_get()")
Fixes: 09cb517949e69 ("xtables-restore: Improve performance of --noflush operation")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
2 files changed
tree: d9371aa2bfbb26f013c374d3fea95b822a143900
  1. etc/
  2. extensions/
  3. include/
  4. iptables/
  5. libipq/
  6. libiptc/
  7. libxtables/
  8. m4/
  9. utils/
  10. .gitignore
  11. autogen.sh
  12. COMMIT_NOTES
  13. configure.ac
  14. COPYING
  15. INCOMPATIBILITIES
  16. INSTALL
  17. iptables-test.py
  18. Makefile.am
  19. xlate-test.py