netfilter buglog - May 2023 - [Bug 1678] New: conntrack -D exits with nonzero status if it didn’t find any flows to delete

https://bugzilla.netfilter.org/show_bug.cgi?id=1678

            Bug ID: 1678
           Summary: conntrack -D exits with nonzero status if it didn?t
                    find any flows to delete
           Product: conntrack-tools
           Version: unspecified
          Hardware: All
                OS: Fedora
            Status: NEW
          Severity: normal
          Priority: P5
         Component: conntrack
          Assignee: netfilter-buglog at lists.netfilter.org
          Reporter: demiobenour at gmail.com

conntrack -D exits with nonzero status if it didn?t find any flows to delete. 
This is annoying for scripts that just want to delete all flows that match
certain criteria and are perfectly fine if no such flows exist.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230515/a83d07ea/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=1678

Phil Sutter <phil at nwl.cc> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |phil at nwl.cc
         Resolution|---                         |WONTFIX

--- Comment #1 from Phil Sutter <phil at nwl.cc> ---
I guess it's a matter of defining what a "successful operation" is
in this
regard and for conntrack, it seems to involve finding at least a single flow to
delete.

If we change this, it may break others' scripts.

If you have to distinguish between errors and "nothing to do", you
could grep
for the '0 flow entries have been deleted.' message - it is not printed
in
error case. Or just check if there's output on stderr.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230523/1d4a335c/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=1678

--- Comment #2 from Phil Sutter <phil at nwl.cc> ---
*** Bug 1679 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230523/dfde0567/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=1678

Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pablo at netfilter.org

--- Comment #3 from Pablo Neira Ayuso <pablo at netfilter.org> ---
I digged into the git history. This has been the behaviour since the beginning
(2007), $? is set conditionally based on the counter for deletions. If counter
is zero, then it reports failure.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230523/4e58dde5/attachment.html>