diff --git a/SOURCES/0024-nft-Fix-for-F-in-iptables-dumps.patch b/SOURCES/0024-nft-Fix-for-F-in-iptables-dumps.patch
new file mode 100644
index 0000000..cf2c571
--- /dev/null
+++ b/SOURCES/0024-nft-Fix-for-F-in-iptables-dumps.patch
@@ -0,0 +1,81 @@
+From 8ae56bbaa4119bdcf1d6abc8b78f21490657983c Mon Sep 17 00:00:00 2001
+From: Phil Sutter <phil@nwl.cc>
+Date: Fri, 24 Apr 2020 11:32:08 +0200
+Subject: [PATCH] nft: Fix for '-F' in iptables dumps
+
+When restoring a dump which contains an explicit flush command,
+previously added rules are removed from cache and the following commit
+will try to create netlink messages based on freed memory.
+
+Fix this by weeding any rule-based commands from obj_list if they
+address the same chain.
+
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+(cherry picked from commit 5bd3ab5c778033877d44a0c619ef6f98f34516af)
+Signed-off-by: Phil Sutter <psutter@redhat.com>
+---
+ iptables/nft.c | 34 ++++++++++++++++++++++++++++++++++
+ 1 file changed, 34 insertions(+)
+
+diff --git a/iptables/nft.c b/iptables/nft.c
+index 4930b6de534d8..e95e99f1d8d71 100644
+--- a/iptables/nft.c
++++ b/iptables/nft.c
+@@ -411,6 +411,38 @@ batch_rule_add(struct nft_handle *h, enum obj_update_type type,
+ 	return batch_add(h, type, r);
+ }
+ 
++static void batch_obj_del(struct nft_handle *h, struct obj_update *o);
++
++static void batch_chain_flush(struct nft_handle *h,
++			      const char *table, const char *chain)
++{
++	struct obj_update *obj, *tmp;
++
++	list_for_each_entry_safe(obj, tmp, &h->obj_list, head) {
++		struct nftnl_rule *r = obj->ptr;
++
++		switch (obj->type) {
++		case NFT_COMPAT_RULE_APPEND:
++		case NFT_COMPAT_RULE_INSERT:
++		case NFT_COMPAT_RULE_REPLACE:
++		case NFT_COMPAT_RULE_DELETE:
++			break;
++		default:
++			continue;
++		}
++
++		if (table &&
++		    strcmp(table, nftnl_rule_get_str(r, NFTNL_RULE_TABLE)))
++			continue;
++
++		if (chain &&
++		    strcmp(chain, nftnl_rule_get_str(r, NFTNL_RULE_CHAIN)))
++			continue;
++
++		batch_obj_del(h, obj);
++	}
++}
++
+ const struct builtin_table xtables_ipv4[NFT_TABLE_MAX] = {
+ 	[NFT_TABLE_RAW] = {
+ 		.name	= "raw",
+@@ -1671,6 +1703,7 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table,
+ 	}
+ 
+ 	if (chain || !verbose) {
++		batch_chain_flush(h, table, chain);
+ 		__nft_rule_flush(h, table, chain, verbose, false);
+ 		flush_rule_cache(h, table, c);
+ 		return 1;
+@@ -1686,6 +1719,7 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table,
+ 	while (c != NULL) {
+ 		chain = nftnl_chain_get_str(c, NFTNL_CHAIN_NAME);
+ 
++		batch_chain_flush(h, table, chain);
+ 		__nft_rule_flush(h, table, chain, verbose, false);
+ 		flush_rule_cache(h, table, c);
+ 		c = nftnl_chain_list_iter_next(iter);
+-- 
+2.27.0
+
diff --git a/SOURCES/0025-tests-shell-Test-F-in-dump-files.patch b/SOURCES/0025-tests-shell-Test-F-in-dump-files.patch
new file mode 100644
index 0000000..628a565
--- /dev/null
+++ b/SOURCES/0025-tests-shell-Test-F-in-dump-files.patch
@@ -0,0 +1,37 @@
+From dd98af599516806e2eb3e1186d0ad52ce7c6b4b5 Mon Sep 17 00:00:00 2001
+From: Phil Sutter <phil@nwl.cc>
+Date: Tue, 21 Apr 2020 14:10:53 +0200
+Subject: [PATCH] tests: shell: Test -F in dump files
+
+While not really useful, iptables-nft-restore shouldn't segfault either.
+This tests the problem described in nfbz#1407.
+
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+(cherry picked from commit f2ace0cdf25a5911ac84015829d65d6050a5e82d)
+Signed-off-by: Phil Sutter <psutter@redhat.com>
+---
+ .../tests/shell/testcases/ipt-restore/0012-dash-F_0  | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+ create mode 100755 iptables/tests/shell/testcases/ipt-restore/0012-dash-F_0
+
+diff --git a/iptables/tests/shell/testcases/ipt-restore/0012-dash-F_0 b/iptables/tests/shell/testcases/ipt-restore/0012-dash-F_0
+new file mode 100755
+index 0000000000000..fd82afa1bc8ce
+--- /dev/null
++++ b/iptables/tests/shell/testcases/ipt-restore/0012-dash-F_0
+@@ -0,0 +1,12 @@
++#!/bin/bash -e
++
++# make sure -F lines don't cause segfaults
++
++RULESET='*nat
++-F PREROUTING
++-A PREROUTING -j ACCEPT
++-F PREROUTING
++COMMIT'
++
++echo -e "$RULESET" | $XT_MULTI iptables-restore
++echo -e "$RULESET" | $XT_MULTI iptables-restore -n
+-- 
+2.27.0
+
diff --git a/SPECS/iptables.spec b/SPECS/iptables.spec
index 36daf0c..4a37e0a 100644
--- a/SPECS/iptables.spec
+++ b/SPECS/iptables.spec
@@ -17,7 +17,7 @@ Name: iptables
 Summary: Tools for managing Linux kernel packet filtering capabilities
 URL: http://www.netfilter.org/projects/iptables
 Version: 1.8.4
-Release: 13%{?dist}
+Release: 14%{?dist}
 Source: %{url}/files/%{name}-%{version}.tar.bz2
 Source1: iptables.init
 Source2: iptables-config
@@ -57,6 +57,8 @@ Patch20: 0020-xtables-Drop-4-and-6-support-from-xtables-save-resto.patch
 Patch21: 0021-nfnl_osf-Fix-broken-conversion-to-nfnl_query.patch
 Patch22: 0022-nfnl_osf-Improve-error-handling.patch
 Patch23: 0023-nft-cache-Reset-genid-when-rebuilding-cache.patch
+Patch24: 0024-nft-Fix-for-F-in-iptables-dumps.patch
+Patch25: 0025-tests-shell-Test-F-in-dump-files.patch
 
 # pf.os: ISC license
 # iptables-apply: Artistic Licence 2.0
@@ -465,6 +467,10 @@ done
 %doc %{_mandir}/man8/ebtables*.8*
 
 %changelog
+* Wed Jun 24 2020 Phil Sutter <psutter@redhat.com> - 1.8.4-14
+- nft: Fix for '-F' in iptables dumps
+- tests: shell: Test -F in dump files
+
 * Fri May 29 2020 Phil Sutter <psutter@redhat.com> - 1.8.4-13
 - Fix for endless loop in iptables-restore --test