From 27d01216cf05eb0b49b6456137e01a44d4547796 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Thu, 30 Jul 2020 11:54:36 +0200 Subject: nft: Eliminate table list from cache The full list of tables in kernel is not relevant, only those used by iptables-nft and for those, knowing if they exist or not is sufficient. For holding that information, the already existing 'table' array in nft_cache suits well. Consequently, nft_table_find() merely checks if the new 'exists' boolean is true or not and nft_for_each_table() iterates over the builtin_table array in nft_handle, additionally checking the boolean in cache for whether to skip the entry or not. Signed-off-by: Phil Sutter --- iptables/nft.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'iptables/nft.h') diff --git a/iptables/nft.h b/iptables/nft.h index b2175958..f38f5812 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -38,11 +38,11 @@ enum nft_cache_level { }; struct nft_cache { - struct list_head tables; struct { struct nftnl_chain_list *chains; struct nftnl_set_list *sets; bool initialized; + bool exists; } table[NFT_TABLE_MAX]; }; -- cgit v1.2.3