path: root/iptables/nft.h
diff options
authorPhil Sutter <>2020-07-30 11:54:36 +0200
committerPhil Sutter <>2020-07-31 13:37:20 +0200
commit27d01216cf05eb0b49b6456137e01a44d4547796 (patch)
tree045bc6ac1f7ed2a7990863d59e4daf2b2821b347 /iptables/nft.h
parentcf3e9100eedce518e42dfb6933c7871d041a7d18 (diff)
nft: Eliminate table list from cache
The full list of tables in kernel is not relevant, only those used by iptables-nft and for those, knowing if they exist or not is sufficient. For holding that information, the already existing 'table' array in nft_cache suits well. Consequently, nft_table_find() merely checks if the new 'exists' boolean is true or not and nft_for_each_table() iterates over the builtin_table array in nft_handle, additionally checking the boolean in cache for whether to skip the entry or not. Signed-off-by: Phil Sutter <>
Diffstat (limited to 'iptables/nft.h')
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables/nft.h b/iptables/nft.h
index b2175958..f38f5812 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -38,11 +38,11 @@ enum nft_cache_level {
struct nft_cache {
- struct list_head tables;
struct {
struct nftnl_chain_list *chains;
struct nftnl_set_list *sets;
bool initialized;
+ bool exists;
} table[NFT_TABLE_MAX];