From 3897b008281888f7905cc1857ccb316cdf686061 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Fri, 30 Aug 2019 11:47:42 +0200 Subject: nft: Introduce nft_bridge_commit() No need to check family value from nft_commit() if we can have a dedicated callback for bridge family. Signed-off-by: Phil Sutter Acked-by: Pablo Neira Ayuso --- iptables/nft.c | 8 ++++++-- iptables/nft.h | 1 + iptables/xtables-eb-standalone.c | 2 +- iptables/xtables-restore.c | 2 +- 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/iptables/nft.c b/iptables/nft.c index 81d01310..77ebc4f6 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -3069,11 +3069,15 @@ static void nft_bridge_commit_prepare(struct nft_handle *h) int nft_commit(struct nft_handle *h) { - if (h->family == NFPROTO_BRIDGE) - nft_bridge_commit_prepare(h); return nft_action(h, NFT_COMPAT_COMMIT); } +int nft_bridge_commit(struct nft_handle *h) +{ + nft_bridge_commit_prepare(h); + return nft_commit(h); +} + int nft_abort(struct nft_handle *h) { return nft_action(h, NFT_COMPAT_ABORT); diff --git a/iptables/nft.h b/iptables/nft.h index 5e5e765b..43463d7f 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -147,6 +147,7 @@ uint32_t nft_invflags2cmp(uint32_t invflags, uint32_t flag); * global commit and abort */ int nft_commit(struct nft_handle *h); +int nft_bridge_commit(struct nft_handle *h); int nft_abort(struct nft_handle *h); int nft_abort_policy_rule(struct nft_handle *h, const char *table); diff --git a/iptables/xtables-eb-standalone.c b/iptables/xtables-eb-standalone.c index fb3daba0..a9081c78 100644 --- a/iptables/xtables-eb-standalone.c +++ b/iptables/xtables-eb-standalone.c @@ -51,7 +51,7 @@ int xtables_eb_main(int argc, char *argv[]) ret = do_commandeb(&h, argc, argv, &table, false); if (ret) - ret = nft_commit(&h); + ret = nft_bridge_commit(&h); if (!ret) fprintf(stderr, "ebtables: %s\n", nft_strerror(errno)); diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index 601c842f..f930f5ba 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -463,7 +463,7 @@ static int ebt_table_flush(struct nft_handle *h, const char *table) struct nft_xt_restore_cb ebt_restore_cb = { .chain_list = get_chain_list, - .commit = nft_commit, + .commit = nft_bridge_commit, .table_new = nft_table_new, .table_flush = ebt_table_flush, .do_command = do_commandeb, -- cgit v1.2.3