diff options
| author | Florian Westphal <fw@strlen.de> | 2020-12-17 12:52:53 +0100 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2021-01-19 16:38:56 +0100 |
| commit | f4fca22ad45e1bf6a5cd5cc8dd32bf9366960954 (patch) | |
| tree | ee83310abaf8f466e84e84fc4cb4b969cc3979ae /src | |
| parent | networkd: extend IPMasquerade to cover ipv6 (diff) | |
| download | systemd-f4fca22ad45e1bf6a5cd5cc8dd32bf9366960954.tar.xz systemd-f4fca22ad45e1bf6a5cd5cc8dd32bf9366960954.zip | |
firewall-util-nft: clear previous address on replay
In case external entity wiped the ruleset, we need to clear the
'previous' address -- its already gone.
This prevents the transaction from succeeding: the delete operation fails.
Diffstat (limited to 'src')
| -rw-r--r-- | src/shared/firewall-util-nft.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/shared/firewall-util-nft.c b/src/shared/firewall-util-nft.c index 2e5ba97259..22c0dc0980 100644 --- a/src/shared/firewall-util-nft.c +++ b/src/shared/firewall-util-nft.c @@ -1062,6 +1062,8 @@ again: int tmp = fw_nftables_recreate_table(ctx->nfnl, af, transaction, tsize); if (tmp == 0) { + /* table created anew; previous address already gone */ + previous_remote = NULL; retry = false; goto again; } |