diff options
author | Phil Sutter <phil@nwl.cc> | 2020-02-29 02:08:26 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-03-06 16:56:00 +0100 |
commit | 40ad7793d1884f28767cf58c96e9d76ae0a18db1 (patch) | |
tree | 9cac4b039a9bffdd3f5acd1af61665edc5c07020 /iptables/nft.h | |
parent | c550c81fd373e5753103d20f7902171f0fa79807 (diff) |
nft: cache: Make nft_rebuild_cache() respect fake cache
If transaction needed a refresh in nft_action(), restore with flush
would fetch a full cache instead of merely refreshing table list
contained in "fake" cache.
To fix this, nft_rebuild_cache() must distinguish between fake cache and
full rule cache. Therefore introduce NFT_CL_FAKE to be distinguished
from NFT_CL_RULES.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r-- | iptables/nft.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/iptables/nft.h b/iptables/nft.h index 5cf260a6..2094b014 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -32,7 +32,8 @@ enum nft_cache_level { NFT_CL_TABLES, NFT_CL_CHAINS, NFT_CL_SETS, - NFT_CL_RULES + NFT_CL_RULES, + NFT_CL_FAKE /* must be last entry */ }; struct nft_cache { |