summaryrefslogtreecommitdiffstats
path: root/src/rule.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2018-10-24 19:18:50 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-10-24 19:26:34 +0200
commit6dc1c3d8bb64077da7f3f28c7368fb087d10a492 (patch)
tree880fe8bacaaf4b72035a9c430f86e6e5a15ba9bf /src/rule.c
parentdc240913458d591f59b52b3899d3fc3c5d6ec6ce (diff)
src: remove nftnl_rule_cmp() and nftnl_expr_cmp()
These functions are not very useful, rule comparison from this layer does not work well with implicit set definitions. This infrastructure was added as an attempt to support for deletion by name from this layer, which should be done from higher level libnftables library. Finally, we never had a client for this code in git.netfilter.org. Let's remove it and bump libversion for safety reasons. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/rule.c')
-rw-r--r--src/rule.c31
1 files changed, 0 insertions, 31 deletions
diff --git a/src/rule.c b/src/rule.c
index c3c8a8b..9af8fae 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -740,37 +740,6 @@ void nftnl_expr_iter_destroy(struct nftnl_expr_iter *iter)
xfree(iter);
}
-EXPORT_SYMBOL(nftnl_rule_cmp);
-bool nftnl_rule_cmp(const struct nftnl_rule *r1, const struct nftnl_rule *r2)
-{
- struct nftnl_expr_iter it1, it2;
- struct nftnl_expr *e1, *e2;
- unsigned int eq = 1;
-
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_TABLE))
- eq &= !strcmp(r1->table, r2->table);
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_CHAIN))
- eq &= !strcmp(r1->chain, r2->chain);
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_COMPAT_FLAGS))
- eq &= (r1->compat.flags == r2->compat.flags);
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_COMPAT_PROTO))
- eq &= (r1->compat.proto == r2->compat.proto);
-
- nftnl_expr_iter_init(r1, &it1);
- nftnl_expr_iter_init(r2, &it2);
- e1 = nftnl_expr_iter_next(&it1);
- e2 = nftnl_expr_iter_next(&it2);
- while (eq && e1 && e2) {
- eq = nftnl_expr_cmp(e1, e2);
-
- e1 = nftnl_expr_iter_next(&it1);
- e2 = nftnl_expr_iter_next(&it2);
- }
- eq &= (!e1 && !e2);
-
- return eq;
-}
-
struct nftnl_rule_list {
struct list_head list;
};