<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - flush and delete nft commands need an option to ignore non-existant objects"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1759">1759</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>flush and delete nft commands need an option to ignore non-existant objects
</td>
</tr>
<tr>
<th>Product</th>
<td>nftables
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>x86_64
</td>
</tr>
<tr>
<th>OS</th>
<td>Ubuntu
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P5
</td>
</tr>
<tr>
<th>Component</th>
<td>nft
</td>
</tr>
<tr>
<th>Assignee</th>
<td>pablo@netfilter.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>hadmut@danisch.de
</td>
</tr></table>
<p>
<div>
<pre>Hi,
I found that it is impossible to make sure in a ruleset to just ensure that a
particular table/chain/whatever does not exist or is flushed, since the nft
delete and flush commands fail if the object does not exist.
e.g.
nft delete table sometests
works if the table sometests existed, but aborts (and thus does not execute
other commands in a script like /etc/nfstables.conf) with an error if it does
not exist.
Therefore, it is more or less useless, since it cannot be used in a script
because of the risk to break the script.
It should be default or at least an option to have it succeed if the object
does not exist, i.e.
nft delete table sometests
should ensure that the table sometests does not exist afterwards, no matter
whether it existed before.
regards</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>