Printing a policy for user-defined chains is pointless. Signed-off-by: Phil Sutter <phil@xxxxxx> --- iptables/nft-arp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index 328c791db42a8..5cabb93e4a9bc 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -421,7 +421,7 @@ static void nft_arp_print_header(unsigned int format, const char *chain, bool basechain, uint32_t refs) { printf("Chain %s", chain); - if (pol) { + if (basechain && pol) { printf(" (policy %s", pol); if (!(format & FMT_NOCOUNTS)) { fputc(' ', stdout); -- 2.18.0 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html