diff options
author | Phil Sutter <phil@nwl.cc> | 2020-07-08 16:09:52 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-12-21 18:33:21 +0100 |
commit | 09af1117340cfd1885eb2f0a7b522f2d85f66185 (patch) | |
tree | ee70d2ccf353dda4fcfe27e8c14dddee41272c0a /iptables/xtables-save.c | |
parent | e8d48d7b41ec09eb67f69a2bed04628870ec85c3 (diff) |
nft: Implement nft_chain_foreach()
This is just a fancy wrapper around nftnl_chain_list_foreach() with the
added benefit of detecting invalid table names or uninitialized chain
lists. This in turn allows to drop the checks in flush_rule_cache() and
ignore the return code of nft_chain_foreach() as it fails only if the
dropped checks had failed, too.
Since this wrapper does the chain list lookup by itself, use of
nft_chain_list_get() shrinks down to a single place, namely inside
nft_chain_find(). Therefore fold it into the latter.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/xtables-save.c')
-rw-r--r-- | iptables/xtables-save.c | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c index 92b0c911..bf00b032 100644 --- a/iptables/xtables-save.c +++ b/iptables/xtables-save.c @@ -68,7 +68,6 @@ struct do_output_data { static int __do_output(struct nft_handle *h, const char *tablename, void *data) { - struct nftnl_chain_list *chain_list; struct do_output_data *d = data; time_t now; @@ -81,10 +80,6 @@ __do_output(struct nft_handle *h, const char *tablename, void *data) return 0; } - chain_list = nft_chain_list_get(h, tablename, NULL); - if (!chain_list) - return 0; - now = time(NULL); printf("# Generated by %s v%s on %s", prog_name, prog_vers, ctime(&now)); @@ -92,7 +87,7 @@ __do_output(struct nft_handle *h, const char *tablename, void *data) printf("*%s\n", tablename); /* Dump out chain names first, * thereby preventing dependency conflicts */ - nftnl_chain_list_foreach(chain_list, nft_chain_save, h); + nft_chain_foreach(h, tablename, nft_chain_save, h); nft_rule_save(h, tablename, d->format); if (d->commit) printf("COMMIT\n"); |