diff options
| author | Phil Sutter <phil@nwl.cc> | 2019-08-20 22:16:41 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2019-11-25 23:31:10 +0100 |
| commit | 6f873ed5dc5c4deb0cf9a6d6876a04e610d735f9 (patch) | |
| tree | ef87a3dd706af4544d7e915d30fa6085c2d6b5cd /iptables | |
| parent | b34bfe69c670d648cfc3d0c00ef1567894894df5 (diff) | |
nft: Embed rule's table name in nft_xt_ctx
Down to the point where expression parsing happens, the rule's table is
not known anymore but relevant if set lookups are required.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/nft-shared.c | 1 | ||||
| -rw-r--r-- | iptables/nft-shared.h | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index a67302ee..19630c1e 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -597,6 +597,7 @@ void nft_rule_to_iptables_command_state(struct nft_handle *h, struct nft_xt_ctx ctx = { .cs = cs, .h = h, + .table = nftnl_rule_get_str(r, NFTNL_RULE_TABLE), }; iter = nftnl_expr_iter_create(r); diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index 4dc44b84..91762d2e 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -51,6 +51,7 @@ struct nft_xt_ctx { struct nftnl_expr_iter *iter; struct nft_handle *h; uint32_t flags; + const char *table; uint32_t reg; struct { |