Otherwise, mnl_set_sndbuffer() skips the buffer update after socket restart. Then, sendmsg() fails with EMSGSIZE later on when sending the batch to the kernel. Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- iptables/nft.c | 1 + 1 file changed, 1 insertion(+) diff --git a/iptables/nft.c b/iptables/nft.c index 9a3e9fdf4f12..2c61521455de 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -794,6 +794,7 @@ static int nft_restart(struct nft_handle *h) return -1; h->portid = mnl_socket_get_portid(h->nl); + nlbuffsiz = 0; return 0; } -- 2.11.0
