diff options
author | Phil Sutter <phil@nwl.cc> | 2020-07-07 11:43:26 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-12-21 18:33:21 +0100 |
commit | 176c92c26bfc9b4a36b99c58b66e117fbe5ae706 (patch) | |
tree | 63a08f3f5c830959f7a71aa9e1e5af7b41671294 /iptables/nft.c | |
parent | 87cce1cc4e1edfa03e56a2f9c72ee3cb3485f52b (diff) |
nft: Introduce a dedicated base chain array
Preparing for sorted chain output, introduce a per-table array holding
base chains indexed by nf_inet_hooks value. Since the latter is ordered
correctly, iterating over the array will return base chains in expected
order.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft.c')
-rw-r--r-- | iptables/nft.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index 1b740005..4187e691 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -2396,12 +2396,22 @@ int nft_chain_foreach(struct nft_handle *h, const char *table, const struct builtin_table *t; struct nft_chain_list *list; struct nft_chain *c, *c_bak; - int ret; + int i, ret; t = nft_table_builtin_find(h, table); if (!t) return -1; + for (i = 0; i < NF_INET_NUMHOOKS; i++) { + c = h->cache->table[t->type].base_chains[i]; + if (!c) + continue; + + ret = cb(c, data); + if (ret < 0) + return ret; + } + list = h->cache->table[t->type].chains; if (!list) return -1; |