meta-google: nftables-systemd: Flush at start

We don't want errors in loading previous rules to affect the state of the ruleset during restart. Change-Id: Ic122e971670d56022029f1155c1accdf129672d0 Signed-off-by: William A. Kennington III <wak@google.com>
author: William A. Kennington III <wak@google.com> 2021-03-13 05:19:01 +0300
committer: William A. Kennington III <wak@google.com> 2021-03-24 23:01:48 +0300
commit: cbb15ab4921045abe0c36de112e719108eb9b294 (patch)
tree: 0463cc76fff8f6b502281f43f5a12d34ff468fa1 /meta-google/recipes-google/nftables/files/nft-configure.sh
parent: 6714373f115a916f5bd61bd96824f06d657f7bb1 (diff)
download: openbmc-cbb15ab4921045abe0c36de112e719108eb9b294.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-google/recipes-google/nftables/files/nft-configure.sh b/meta-google/recipes-google/nftables/files/nft-configure.sh
index a82c2826f..05bb23d8b 100644
--- a/meta-google/recipes-google/nftables/files/nft-configure.sh
+++ b/meta-google/recipes-google/nftables/files/nft-configure.sh
@@ -9,6 +9,7 @@ for dir in /run/nftables /etc/nftables /usr/share/nftables; do
   let i+=1
 done
 rc=0
+nft flush ruleset || rc=$?
 for key in $(printf "%s\n" "${!basemap[@]}" | sort -r); do
   echo "Executing ${basemap[$key]}" >&2
   nft -f "${basemap[$key]}" || rc=$?
author	William A. Kennington III <wak@google.com>	2021-03-13 05:19:01 +0300
committer	William A. Kennington III <wak@google.com>	2021-03-24 23:01:48 +0300
commit	cbb15ab4921045abe0c36de112e719108eb9b294 (patch)
tree	0463cc76fff8f6b502281f43f5a12d34ff468fa1 /meta-google/recipes-google/nftables/files/nft-configure.sh
parent	6714373f115a916f5bd61bd96824f06d657f7bb1 (diff)
download	openbmc-cbb15ab4921045abe0c36de112e719108eb9b294.tar.xz