path: root/include
diff options
authorPablo Neira Ayuso <>2019-06-04 12:02:18 +0200
committerPablo Neira Ayuso <>2019-06-06 11:16:25 +0200
commit7df42800cf89e994b5179200825592d9b95c5fab (patch)
tree7e43c4623433a7b4ce1ca80da7d0d204ceca31e9 /include
parent89bae935180a50f4ea827f5facc41459557380ef (diff)
src: single cache_update() call to build cache before evaluation
This patch allows us to make one single cache_update() call. Thus, there is not need to rebuild an incomplete cache from the middle of the batch processing. Note that nft_run_cmd_from_filename() does not need a full netlink dump to build the cache anymore, this should speed nft -f with incremental updates and very large rulesets. cache_evaluate() calculates the netlink dump to populate the cache that this batch needs. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'include')
1 files changed, 1 insertions, 0 deletions
diff --git a/include/rule.h b/include/rule.h
index 8e70c129..bf3f3963 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -631,6 +631,7 @@ extern struct error_record *rule_postprocess(struct rule *rule);
struct netlink_ctx;
extern int do_command(struct netlink_ctx *ctx, struct cmd *cmd);
+extern int cache_evaluate(struct nft_ctx *nft, struct list_head *cmds);
extern int cache_update(struct nft_ctx *ctx, enum cmd_ops cmd,
struct list_head *msgs);
extern void cache_flush(struct nft_ctx *ctx, enum cmd_ops cmd,