Merge pull request #52 from dcbw/nft-non-existent-chains

iptables in nft mode now prints an error for non-existent chains
coreos · Jul 24, 2019 · 0c43e9f · 0c43e9f
2 parents f1d0510 + 410bbf1
commit 0c43e9f
Showing 1 changed file with 0 additions and 12 deletions.
diff --git a/iptables/iptables.go b/iptables/iptables.go
@@ -348,18 +348,6 @@ func (ipt *IPTables) executeList(args []string) ([]string, error) {
 		rules = rules[:len(rules)-1]
 	}
 
-	// nftables mode doesn't return an error code when listing a non-existent
-	// chain. Patch that up.
-	if len(rules) == 0 && ipt.mode == "nf_tables" {
-		v := 1
-		return nil, &Error{
-			cmd:        exec.Cmd{Args: args},
-			msg:        fmt.Sprintf("%s: No chain/target/match by that name.\n", getIptablesCommand(ipt.proto)),
-			proto:      ipt.proto,
-			exitStatus: &v,
-		}
-	}
-
 	for i, rule := range rules {
 		rules[i] = filterRuleOutput(rule)
 	}