path: root/iptables/xtables-save.c
diff options
authorPhil Sutter <>2019-10-02 21:13:47 +0200
committerPhil Sutter <>2019-10-17 19:02:46 +0200
commit026109dbece39ad27c43ebc31a17a22e5b581987 (patch)
tree88545600249bdf767776aced847e30359b0b5d29 /iptables/xtables-save.c
parente2883c5531e6ee269845a8a11e09dd07efa2088f (diff)
nft-cache: Support partial rule cache per chain
Accept an additional chain name pointer in __nft_build_cache() and pass it along to fetch only that specific chain and its rules. Enhance nft_build_cache() to take an optional nftnl_chain pointer to fetch rules for. Enhance nft_chain_list_get() to take an optional chain name. If cache level doesn't include chains already, it will fetch only the specified chain from kernel (if existing) and add that to table's chain list which is returned. This keeps operations for all chains of a table or a specific one within the same code path in nft.c. Signed-off-by: Phil Sutter <> Acked-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/xtables-save.c')
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c
index 3741888f..e234425d 100644
--- a/iptables/xtables-save.c
+++ b/iptables/xtables-save.c
@@ -83,7 +83,7 @@ __do_output(struct nft_handle *h, const char *tablename, void *data)
return 0;
- chain_list = nft_chain_list_get(h, tablename);
+ chain_list = nft_chain_list_get(h, tablename, NULL);
if (!chain_list)
return 0;