From 5c9dec8654d3ae1ffa5f92247052f119fdfafa67 Mon Sep 17 00:00:00 2001
From: Brian Goff <cpuguy83@gmail.com>
Date: Sat, 7 Oct 2017 09:06:06 -0400
Subject: [PATCH] Disable hostname lookup on chain exists check

Without `-n`, iptables will attempt to lookup hostnames for IP
addresses, which can slow down the call dramatically.
Since we don't need this, and generally don't even care about the
output, use the `-n` flag to disable this.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 8dce207dddc3f805b852088a60cc27bfe54b065e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 iptables/iptables.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iptables/iptables.go b/iptables/iptables.go
index 3e120059de..5518fcb278 100644
--- a/iptables/iptables.go
+++ b/iptables/iptables.go
@@ -456,7 +456,7 @@ func RawCombinedOutputNative(args ...string) error {
 
 // ExistChain checks if a chain exists
 func ExistChain(chain string, table Table) bool {
-	if _, err := Raw("-t", string(table), "-L", chain); err == nil {
+	if _, err := Raw("-t", string(table), "-nL", chain); err == nil {
 		return true
 	}
 	return false