diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-11-27 23:42:54 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-03 14:21:53 +0100 |
| commit | 8ec2e8438a7c4c48c8005a5f352c8ea6cd40d2fe (patch) | |
| tree | 19ba8713e768dcc95d6ca5b65a097f6184e8e069 /src/netlink.c | |
| parent | 4d38878b39be44ea3d6a146a7dd678c269a9804a (diff) | |
src: reset internal stateful objects
This patch allows you to atomically dump and reset stateful objects, eg.
# nft list counters
table ip filter {
counter test {
packets 1024 bytes 100000
}
}
# nft reset quotas table filter
counter test {
packets 1024 bytes 100000
}
# nft reset quotas table filter
counter test {
packets 0 bytes 0
}
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink.c')
| -rw-r--r-- | src/netlink.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/src/netlink.c b/src/netlink.c index d11b3c01..68bed201 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -1755,7 +1755,29 @@ int netlink_list_objs(struct netlink_ctx *ctx, const struct handle *h, struct nftnl_obj_list *obj_cache; int err; - obj_cache = mnl_nft_obj_dump(nf_sock, h->family, h->table); + obj_cache = mnl_nft_obj_dump(nf_sock, h->family, h->table, + NFT_OBJECT_UNSPEC, false); + if (obj_cache == NULL) { + if (errno == EINTR) + return -1; + + return netlink_io_error(ctx, loc, + "Could not receive stateful objects from kernel: %s", + strerror(errno)); + } + + err = nftnl_obj_list_foreach(obj_cache, list_obj_cb, ctx); + nftnl_obj_list_free(obj_cache); + return err; +} + +int netlink_reset_objs(struct netlink_ctx *ctx, const struct handle *h, + const struct location *loc, uint32_t type) +{ + struct nftnl_obj_list *obj_cache; + int err; + + obj_cache = mnl_nft_obj_dump(nf_sock, h->family, h->table, type, true); if (obj_cache == NULL) { if (errno == EINTR) return -1; |