src: internal set id allocation from nft_ruleset_parse*()

Extends this function to attach the set to the rule through the set_idi.
If it doesn't exist in the list, maybe the set already exists in the
kernel. In that case, we don't set any id.

Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

1 files changed, 5 insertions, 4 deletions

diff --git a/src/ruleset.c b/src/ruleset.c
index 8cc0c40..4cfeee6 100644
--- a/src/ruleset.c
+++ b/src/ruleset.c
@@ -311,7 +311,7 @@ static int nft_ruleset_json_parse_rules(struct nft_ruleset *rs, json_t *array,
 			goto err;
 		}
 
-		if (nft_jansson_parse_rule(o, node, err) < 0) {
+		if (nft_jansson_parse_rule(o, node, err, rs->set_list) < 0) {
 			nft_rule_free(o);
 			goto err;
 		}
@@ -499,7 +499,8 @@ err_free:
 
 static int
 nft_ruleset_xml_parse_rules(struct nft_ruleset *rs, mxml_node_t *tree,
-			    struct nft_parse_err *err)
+			    struct nft_parse_err *err,
+			    struct nft_set_list *set_list)
 {
 	mxml_node_t *node;
 	struct nft_rule *r;
@@ -518,7 +519,7 @@ nft_ruleset_xml_parse_rules(struct nft_ruleset *rs, mxml_node_t *tree,
 		if (r == NULL)
 			goto err_free;
 
-		if (nft_mxml_rule_parse(node, r, err) != 0) {
+		if (nft_mxml_rule_parse(node, r, err, set_list) != 0) {
 			nft_rule_free(r);
 			goto err_free;
 		}
@@ -557,7 +558,7 @@ static int nft_ruleset_xml_parse(struct nft_ruleset *rs, const void *xml,
 	if (nft_ruleset_xml_parse_sets(rs, tree, err) != 0)
 		goto err;
 
-	if (nft_ruleset_xml_parse_rules(rs, tree, err) != 0)
+	if (nft_ruleset_xml_parse_rules(rs, tree, err, rs->set_list) != 0)
 		goto err;
 
 	mxmlDelete(tree);