Google Git
Sign in
googlers / maze / iptables / c74f398c58e7b77ca1c82a15d0b2e9eed4fb82ad
commitc74f398c58e7b77ca1c82a15d0b2e9eed4fb82ad[log] [tgz]
authorPablo Neira Ayuso <pablo@netfilter.org>Wed Oct 24 13:40:12 2012 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>Mon Dec 30 23:50:17 2013 +0100
tree265f83030b75fa1614ef938ff60bcfe17b31ab83
parent384958620abab397062b67fb2763e813b63f74f0 [diff]
automatic creation of built-in table and chains

In order to emulate the iptables behaviour, this patch changes
the current behaviour to:

1st) check if the table and chains are built-in.
2nd) If they don't exists, create them. If they exists, don't touch
     them.

The automatic creation happens in the -I and -P paths.

We should provide a new command to allow to delete (unregister)
built-in tables and chains. It would be similar to unloading
the iptable_X module that registers the custom table.

This is not done for other commands like -C or -D since they
will fail while trying to find the rule in the kernel if such
combination of chain and table does not exists.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 file changed
tree: 265f83030b75fa1614ef938ff60bcfe17b31ab83
  1. etc/
  2. extensions/
  3. include/
  4. iptables/
  5. libipq/
  6. libiptc/
  7. libxtables/
  8. m4/
  9. tests/
  10. utils/
  11. .gitignore
  12. autogen.sh
  13. COMMIT_NOTES
  14. configure.ac
  15. COPYING
  16. INCOMPATIBILITIES
  17. INSTALL
  18. Makefile.am
  19. release.sh