path: root/include/libnftnl
diff options
authorPablo Neira Ayuso <>2015-02-25 00:53:51 +0100
committerPablo Neira Ayuso <>2015-04-27 13:30:05 +0200
commit1c9b43818b9c7bd48b36626d04c9cea94c52fd87 (patch)
tree708c2bf365e8efc6783ab0244804224113c2a182 /include/libnftnl
parent259c0e74e97b4d769044a399992802c50ff43ce2 (diff)
src: add batch abstraction
This patch adds a new batch class to libnftnl, it basically generalizes what we already have. A batch is composed of one or more page objects. Every page may contain one or more netlink messages. batch * .------. .------. .------. | | | | | | | `----> | page |-->| page |-->...-->| page | | | | | | | `------' `------' `------' You can create a batch via: batch = nft_batch_alloc(...); This batch initially comes with one initial page. You can fetch a pointer to the next spare area in the current page to add a new netlink message to the batch. void *nft_batch_buffer(struct nft_batch *batch); Once you have added a netlink message, you have to call: nft_batch_update(batch); this internally updates the pointer to the next spare data area in the page. Every page has a limit threshold after which you start using the overrun area. page .------. | | | | . . page area | | | | |------|<--- limit | | | | overrun area | | '______'<--- real page size If we write over the limit, then the next call to nft_batch_update() results in a new empty page added to the batch. With careful page size and limit selection, we ensure that a netlink message always fit into the page, so we avoid the overhead of canceling the netlink message that doesn't fit in. Once your batch is complete, if you want to send it out to kernel-space, you can convert them to iovec via: nft_batch_iovec(batch, iov, iov_len); Then, after having sent the batch, you can release it via: nft_batch_free(batch); This class relies on the libmnl batching infrastructure. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'include/libnftnl')
2 files changed, 20 insertions, 1 deletions
diff --git a/include/libnftnl/ b/include/libnftnl/
index 010c01f..a20aaee 100644
--- a/include/libnftnl/
+++ b/include/libnftnl/
@@ -1,4 +1,5 @@
-pkginclude_HEADERS = table.h \
+pkginclude_HEADERS = batch.h \
+ table.h \
chain.h \
rule.h \
expr.h \
diff --git a/include/libnftnl/batch.h b/include/libnftnl/batch.h
new file mode 100644
index 0000000..40416e6
--- /dev/null
+++ b/include/libnftnl/batch.h
@@ -0,0 +1,18 @@
+#include <stdint.h>
+struct nft_batch;
+struct nft_batch *nft_batch_alloc(uint32_t pg_size, uint32_t pg_overrun_size);
+int nft_batch_update(struct nft_batch *batch);
+void nft_batch_free(struct nft_batch *batch);
+void *nft_batch_buffer(struct nft_batch *batch);
+uint32_t nft_batch_buffer_len(struct nft_batch *batch);
+int nft_batch_iovec_len(struct nft_batch *batch);
+void nft_batch_iovec(struct nft_batch *batch, struct iovec *iov, uint32_t iovlen);