diff options
| author | Alvaro Neira <alvaroneay@gmail.com> | 2014-10-03 20:02:40 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-10-09 18:50:41 +0200 |
| commit | c04175e392335fb22b52f234171b5042e0b8f6bd (patch) | |
| tree | 63f6fb4885a8d841b0b396c56d7574ffb27e8fc1 /src/mxml.c | |
| parent | 96b8b69b9ad943b4b7147aa3a9b63d4974cdfb73 (diff) | |
src: internal set id allocation from nft_ruleset_parse*()
Extends this function to attach the set to the rule through the set_idi.
If it doesn't exist in the list, maybe the set already exists in the
kernel. In that case, we don't set any id.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/mxml.c')
| -rw-r--r-- | src/mxml.c | 11 |
1 files changed, 9 insertions, 2 deletions
@@ -58,13 +58,15 @@ err: } struct nft_rule_expr *nft_mxml_expr_parse(mxml_node_t *node, - struct nft_parse_err *err) + struct nft_parse_err *err, + struct nft_set_list *set_list) { mxml_node_t *tree; struct nft_rule_expr *e; const char *expr_name; char *xml_text; - int ret; + struct nft_set *set_cur = NULL; + int ret, set_id; expr_name = mxmlElementGetAttr(node, "type"); if (expr_name == NULL) { @@ -90,6 +92,11 @@ struct nft_rule_expr *nft_mxml_expr_parse(mxml_node_t *node, ret = e->ops->xml_parse(e, tree, err); mxmlDelete(tree); + if (set_list != NULL && + strcmp(expr_name, "lookup") == 0 && + nft_set_lookup_id(e, set_list, &set_id)) + nft_rule_expr_set_u32(e, NFT_EXPR_LOOKUP_SET_ID, set_id); + return ret < 0 ? NULL : e; err_expr: nft_rule_expr_free(e); |