[pkg-netfilter-team] Bug#947689: iptables -Z invalid argument workaround
Andreas Schamanek
as2013+dbts at fam.tuwien.ac.at
Tue Mar 23 21:30:00 GMT 2021
A workaround that avoids deleting rules is providing rules.
# chain=OUTPUT
# iptables -Z $chain
iptables v1.8.2 (nf_tables): RULE_REPLACE failed (Invalid argument):
rule in chain OUTPUT
# iptables -Z $chain 1
#
So, instead of `iptables -Z $chain` we could iterate over all
existing rules and use e.g.
# iptables -L $chain -n --line-numbers | awk '$1+0>0 {print $1}' \
| xargs -rL1 iptables -Z $chain
--
-- Andreas
:-)
More information about the pkg-netfilter-team
mailing list