diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-07-23 15:03:23 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-07-23 20:47:19 +0200 |
commit | 3ab02db5f836ae0cf9fe7fba616d7eb52139d537 (patch) | |
tree | 38004431535ef5da7de95a31e2b0783ba2e5d8c8 /include/cache.h | |
parent | f4d0f16834f62e7e895f05f2e961d62487327f4b (diff) |
cache: add NFT_CACHE_UPDATE and NFT_CACHE_FLUSHED flags
NFT_CACHE_FLUSHED tells cache_update() to skip the netlink dump to
populate the cache, since the existing ruleset is going to flushed by
this batch.
NFT_CACHE_UPDATE tells rule_evaluate() to perform incremental updates to
the cache based on the existing batch, this is required by the rule
commands that use the index and the position selectors.
This patch removes cache_flush() which is not required anymore. This
cache removal is coming too late, in the evaluation phase, after the
initial cache_update() invocation.
Be careful with NFT_CACHE_UPDATE, this flag needs to be left in place if
NFT_CACHE_FLUSHED is set on.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/cache.h')
-rw-r--r-- | include/cache.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/cache.h b/include/cache.h index d3502a8a..86a7eff7 100644 --- a/include/cache.h +++ b/include/cache.h @@ -30,6 +30,8 @@ enum cache_level_flags { NFT_CACHE_CHAIN_BIT | NFT_CACHE_RULE_BIT, NFT_CACHE_FULL = __NFT_CACHE_MAX_BIT - 1, + NFT_CACHE_UPDATE = (1 << 30), + NFT_CACHE_FLUSHED = (1 << 31), }; #endif /* _NFT_CACHE_H_ */ |