diff options
author | Florian Westphal <fw@strlen.de> | 2019-04-23 15:16:20 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2019-04-27 01:08:08 +0200 |
commit | 0baa08fed43fa318eaa6ffe02673289343ac9cc0 (patch) | |
tree | 3060ebde032b213641fe62211ae9bf4f02d91785 /iptables/nft.h | |
parent | 31dd3780a64935e3bcf83efb1a4354eed41f59ee (diff) |
xtables: unify user chain add/flush for restore case
The idea here is to move the 'flush' decision into the core, rather than
have the decision in the frontend.
This will be required later when "generation id" is passed to kernel.
In this case, we might have to add the flush when re-trying the
transaction.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r-- | iptables/nft.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/iptables/nft.h b/iptables/nft.h index 56dc2076..d428287b 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -45,6 +45,7 @@ struct nft_handle { } table[NFT_TABLE_MAX]; bool have_cache; bool restore; + bool noflush; int8_t config_done; /* meta data, for error reporting */ @@ -87,8 +88,7 @@ struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h, int nft_chain_save(struct nft_handle *h, struct nftnl_chain_list *list); int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *table); int nft_chain_user_del(struct nft_handle *h, const char *chain, const char *table, bool verbose); -int nft_chain_user_flush(struct nft_handle *h, struct nftnl_chain_list *list, - const char *chain, const char *table); +int nft_chain_restore(struct nft_handle *h, const char *chain, const char *table); int nft_chain_user_rename(struct nft_handle *h, const char *chain, const char *table, const char *newname); int nft_chain_zero_counters(struct nft_handle *h, const char *chain, const char *table, bool verbose); const struct builtin_chain *nft_chain_builtin_find(const struct builtin_table *t, const char *chain); |