From f5799cf6d44394aaecadea8da12c622dd917b60d Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 8 Jun 2007 00:27:43 +0000
Subject: [PATCH] Make iptables_restore input dependent on available tables

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6485 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Chains.pm | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index bf69fbe73..4f1353851 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -1850,7 +1850,14 @@ sub create_netfilter_load() {
     #
     emit 'exec 3>${VARDIR}/.iptables-restore-input';
 
-    for my $table ( qw/raw nat mangle filter/  ) {
+    my @table_list;
+
+    push @table_list, 'raw'    if $capabilities{RAW_TABLE};
+    push @table_list, 'nat'    if $capabilities{NAT_ENABLED};
+    push @table_list, 'mangle' if $capabilities{MANGLE_ENABLED};
+    push @table_list, 'filter';
+
+    for my $table ( @table_list ) {
 	emitr "*$table";
 
 	my @chains;