diff options
author | Phil Sutter <phil@nwl.cc> | 2018-12-20 16:09:07 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-27 19:19:07 +0100 |
commit | d4b0d248cc057e39608c7c1c1203dd3f1ea96645 (patch) | |
tree | eb314c412937bce083efd2daefd72d59515f482d /iptables/nft.c | |
parent | 9975b6da9f926994bcea8ae788e47aab4b5b235e (diff) |
nft: Reduce indenting level in flush_chain_cache()
Instead of doing all in one go, make two separate decisions:
1) If table has no chain cache, either continue or return depending on
whether we're flushing for a specific table.
2) With chain cache present, flushing strategy once more depends on
whether we're flushing for a specific table: If given, just remove
all rules and return. If not, free the cache and set to NULL (so that
it will be repopulated later), then continue the loop.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.c')
-rw-r--r-- | iptables/nft.c | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index befd9f4d..997d7bc5 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -815,16 +815,20 @@ static void flush_chain_cache(struct nft_handle *h, const char *tablename) if (tablename && strcmp(h->tables[i].name, tablename)) continue; - if (h->table[i].chain_cache) { - if (tablename) { - nftnl_chain_list_foreach(h->table[i].chain_cache, - __flush_chain_cache, NULL); - break; - } else { - nftnl_chain_list_free(h->table[i].chain_cache); - h->table[i].chain_cache = NULL; - } + if (!h->table[i].chain_cache) { + if (tablename) + return; + continue; } + + if (tablename) { + nftnl_chain_list_foreach(h->table[i].chain_cache, + __flush_chain_cache, NULL); + return; + } + + nftnl_chain_list_free(h->table[i].chain_cache); + h->table[i].chain_cache = NULL; } } |