[Bug 1759] New: flush and delete nft commands need an option to ignore non-existant objects
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Jul 13 14:27:50 CEST 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1759
Bug ID: 1759
Summary: flush and delete nft commands need an option to ignore
non-existant objects
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: hadmut at danisch.de
Hi,
I found that it is impossible to make sure in a ruleset to just ensure that a
particular table/chain/whatever does not exist or is flushed, since the nft
delete and flush commands fail if the object does not exist.
e.g.
nft delete table sometests
works if the table sometests existed, but aborts (and thus does not execute
other commands in a script like /etc/nfstables.conf) with an error if it does
not exist.
Therefore, it is more or less useless, since it cannot be used in a script
because of the risk to break the script.
It should be default or at least an option to have it succeed if the object
does not exist, i.e.
nft delete table sometests
should ensure that the table sometests does not exist afterwards, no matter
whether it existed before.
regards
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240713/ec83ea2e/attachment.html>
More information about the netfilter-buglog
mailing list