From 82998a7dcabc6434ab38914904ce78f31ceadc6a Mon Sep 17 00:00:00 2001
From: Samuel Ortiz <sameo@linux.intel.com>
Date: Sat, 30 Oct 2010 00:21:24 +0200
Subject: [PATCH] iptables-test: Support for chain deletion

---
 tools/iptables-test.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 56 insertions(+), 3 deletions(-)

diff --git a/tools/iptables-test.c b/tools/iptables-test.c
index a979cba..60313af 100644
--- a/tools/iptables-test.c
+++ b/tools/iptables-test.c
@@ -345,6 +345,39 @@ static int connman_add_entry(struct connman_iptables *table,
 	return 0;
 }
 
+static int connman_iptables_delete_chain(struct connman_iptables *table,
+						char *name)
+{
+	GList *chain_head, *chain_tail, *list, *next;
+	struct connman_iptables_entry *entry;
+
+	chain_head = find_chain_head(table, name);
+	if (chain_head == NULL)
+		return -EINVAL;
+
+	chain_tail = find_chain_tail(table, name);
+	if (chain_head == NULL)
+		return -EINVAL;
+
+	list = chain_head;
+
+	while (list != chain_tail) {
+		entry = list->data;
+		next = g_list_next(list);
+
+		table->num_entries--;
+		table->size -= entry->entry->next_offset;
+
+		table->entries = g_list_remove(table->entries, list->data);
+
+		list = next;
+	}
+
+	update_offsets(table);
+
+	return 0;
+}
+
 static int connman_iptables_add_chain(struct connman_iptables *table,
 					char *name)
 {
@@ -819,6 +852,7 @@ static struct option connman_iptables_opts[] = {
 	{.name = "append",        .has_arg = 1, .val = 'A'},
 	{.name = "list",          .has_arg = 2, .val = 'L'},
 	{.name = "new-chain",     .has_arg = 1, .val = 'N'},
+	{.name = "delete-chain",  .has_arg = 1, .val = 'X'},
 	{.name = "in-interface",  .has_arg = 1, .val = 'i'},
 	{.name = "jump",          .has_arg = 1, .val = 'j'},
 	{.name = "match",         .has_arg = 1, .val = 'm'},
@@ -839,34 +873,42 @@ int main(int argc, char *argv[])
 	struct xtables_match *xt_m;
 	struct xtables_target *xt_t;
 	char *table_name, *chain, *new_chain, *match_name, *target_name;
+	char *delete_chain;
 	int c;
 	size_t size;
-	gboolean dump, invert;
+	gboolean dump, invert, delete;
 
 	xtables_init_all(&connman_iptables_globals, NFPROTO_IPV4);
 
 	dump = FALSE;
 	invert = FALSE;
+	delete = FALSE;
 	table_name = chain = new_chain = match_name = target_name = NULL;
+	delete_chain = NULL;
 	table = NULL;
 	xt_m = NULL;
 	xt_t = NULL;
 
 	while ((c = getopt_long(argc, argv,
-	   "-A:L::N:j:i:m:o:t:", connman_iptables_globals.opts, NULL)) != -1) {
+	   "-A:L::N:X:j:i:m:o:t:", connman_iptables_globals.opts, NULL)) != -1) {
 		switch (c) {
 		case 'A':
 			chain = optarg;
 			break;
 
 		case 'L':
-			dump = TRUE;
+			dump = true;
 			break;
 
 		case 'N':
 			new_chain = optarg;
 			break;
 
+		case 'X':
+			delete = true;
+			delete_chain = optarg;
+			break;
+
 		case 'j':
 			target_name = optarg;
 			xt_t = xtables_find_target(target_name, XTF_TRY_LOAD);
@@ -963,6 +1005,17 @@ int main(int argc, char *argv[])
 	if (table == NULL)
 		return -1;
 
+	if (delete) {
+		if (delete_chain == NULL)
+			goto out;
+
+		printf("Delete chain %s\n", delete_chain);
+
+		connman_iptables_delete_chain(table, delete_chain);
+
+		goto commit;
+	}
+
 	if (dump) {
 		connman_iptables_dump(table);
 
-- 
2.7.4