diff options
author | Elise Lennion <elise.lennion@gmail.com> | 2017-01-26 15:09:44 -0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-27 13:33:20 +0100 |
commit | d545778d5933ab20c1d9d34a44ae93b2668c60d2 (patch) | |
tree | 0682f07a04c864d14a355f344e661121624c89d4 /src/mnl.c | |
parent | 0011985554e269e1cc8f8e5b41eb9dcd795ebe8c (diff) |
src: Allow reset single stateful object
Currently the stateful objects can only be reseted in groups. With this
patch reseting a single object is allowed:
$ nft reset counter filter https-traffic
table ip filter {
counter https-traffic {
packets 8774 bytes 542668
}
}
$ nft list counter filter https-traffic
table ip filter {
counter https-traffic {
packets 0 bytes 0
}
}
Heavily based on work from Pablo Neira Ayuso <pablo@netfilter.org>.
Signed-off-by: Elise Lennion <elise.lennion@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/mnl.c')
-rw-r--r-- | src/mnl.c | 9 |
1 files changed, 6 insertions, 3 deletions
@@ -849,8 +849,9 @@ err_free: struct nftnl_obj_list * mnl_nft_obj_dump(struct mnl_socket *nf_sock, int family, const char *table, - uint32_t type, bool reset) + const char *name, uint32_t type, bool dump, bool reset) { + uint16_t nl_flags = dump ? NLM_F_DUMP : 0; struct nftnl_obj_list *nln_list; char buf[MNL_SOCKET_BUFFER_SIZE]; struct nftnl_obj *n; @@ -867,9 +868,11 @@ mnl_nft_obj_dump(struct mnl_socket *nf_sock, int family, const char *table, memory_allocation_error(); nlh = nftnl_nlmsg_build_hdr(buf, msg_type, family, - NLM_F_DUMP | NLM_F_ACK, seq); + nl_flags | NLM_F_ACK, seq); if (table != NULL) - nftnl_obj_set(n, NFTNL_OBJ_TABLE, table); + nftnl_obj_set_str(n, NFTNL_OBJ_TABLE, table); + if (name != NULL) + nftnl_obj_set_str(n, NFTNL_OBJ_NAME, name); if (type != NFT_OBJECT_UNSPEC) nftnl_obj_set_u32(n, NFTNL_OBJ_TYPE, type); nftnl_obj_nlmsg_build_payload(nlh, n); |