If neither chain nor verbose flag was specified and the table to flush
doesn't exist yet, no action is needed (as there is nothing to flush
anyway).
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index c5ab0dbe8d6e7..52ee809b6bc07 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1699,16 +1699,18 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table,
struct nftnl_chain *c = NULL;
int ret = 0;
- nft_xt_builtin_init(h, table);
-
nft_fn = nft_rule_flush;
if (chain || verbose) {
+ nft_xt_builtin_init(h, table);
+
list = nft_chain_list_get(h, table, chain);
if (list == NULL) {
ret = 1;
goto err;
}
+ } else if (!nft_table_find(h, table)) {
+ return 1;
}
if (chain) {
--
2.27.0
