diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-02-06 15:28:40 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-11-02 11:56:19 +0100 |
commit | bc4927558de07188eb25aa63466b5c380e7ced29 (patch) | |
tree | 8c94fdb37fff13f0b5cd780cb356e6680360f8ec /src | |
parent | bcfadb5c7446c38d196c611f1e1ac5564f5f922e (diff) |
rule: add helper function to expand chain rules into commands
commit 784597a4ed63b9decb10d74fdb49a1b021e22728 upstream.
This patch adds a helper function to expand chain rules into commands.
This comes in preparation for the follow up patch.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/rule.c | 39 |
1 files changed, 22 insertions, 17 deletions
@@ -1310,13 +1310,31 @@ void cmd_add_loc(struct cmd *cmd, uint16_t offset, const struct location *loc) cmd->num_attrs++; } +static void nft_cmd_expand_chain(struct chain *chain, struct list_head *new_cmds) +{ + struct rule *rule; + struct handle h; + struct cmd *new; + + list_for_each_entry(rule, &chain->rules, list) { + memset(&h, 0, sizeof(h)); + handle_merge(&h, &rule->handle); + if (chain->flags & CHAIN_F_BINDING) { + rule->handle.chain_id = chain->handle.chain_id; + rule->handle.chain.location = chain->location; + } + new = cmd_alloc(CMD_ADD, CMD_OBJ_RULE, &h, + &rule->location, rule_get(rule)); + list_add_tail(&new->list, new_cmds); + } +} + void nft_cmd_expand(struct cmd *cmd) { struct list_head new_cmds; struct flowtable *ft; struct table *table; struct chain *chain; - struct rule *rule; struct set *set; struct obj *obj; struct cmd *new; @@ -1362,22 +1380,9 @@ void nft_cmd_expand(struct cmd *cmd) &ft->location, flowtable_get(ft)); list_add_tail(&new->list, &new_cmds); } - list_for_each_entry(chain, &table->chains, list) { - list_for_each_entry(rule, &chain->rules, list) { - memset(&h, 0, sizeof(h)); - handle_merge(&h, &rule->handle); - if (chain->flags & CHAIN_F_BINDING) { - rule->handle.chain_id = - chain->handle.chain_id; - rule->handle.chain.location = - chain->location; - } - new = cmd_alloc(CMD_ADD, CMD_OBJ_RULE, &h, - &rule->location, - rule_get(rule)); - list_add_tail(&new->list, &new_cmds); - } - } + list_for_each_entry(chain, &table->chains, list) + nft_cmd_expand_chain(chain, &new_cmds); + list_splice(&new_cmds, &cmd->list); break; case CMD_OBJ_SET: |