diff options
-rw-r--r-- | include/mnl.h | 2 | ||||
-rw-r--r-- | include/netlink.h | 2 | ||||
-rw-r--r-- | include/nftables.h | 2 | ||||
-rw-r--r-- | include/nftables/nftables.h | 2 | ||||
-rw-r--r-- | src/cli.c | 1 | ||||
-rw-r--r-- | src/libnftables.c | 9 | ||||
-rw-r--r-- | src/mnl.c | 4 | ||||
-rw-r--r-- | src/netlink.c | 4 | ||||
-rw-r--r-- | src/rule.c | 12 |
9 files changed, 17 insertions, 21 deletions
diff --git a/include/mnl.h b/include/mnl.h index 3df71467..84c362a2 100644 --- a/include/mnl.h +++ b/include/mnl.h @@ -15,7 +15,7 @@ struct mnl_socket *netlink_open_sock(void); void netlink_close_sock(struct mnl_socket *nf_sock); uint32_t mnl_seqnum_alloc(uint32_t *seqnum); -void mnl_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum); +uint16_t mnl_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum); struct mnl_err { struct list_head head; diff --git a/include/netlink.h b/include/netlink.h index 2ca6f345..b30c05f8 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -191,7 +191,7 @@ extern void netlink_dump_obj(struct nftnl_obj *nlo, struct netlink_ctx *ctx); extern int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list); -extern void netlink_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum); +extern uint16_t netlink_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum); extern void netlink_restart(struct mnl_socket *nf_sock); #define netlink_abi_error() \ __netlink_abi_error(__FILE__, __LINE__, strerror(errno)); diff --git a/include/nftables.h b/include/nftables.h index 97a04366..d69079fe 100644 --- a/include/nftables.h +++ b/include/nftables.h @@ -16,7 +16,7 @@ struct output_ctx { }; struct nft_cache { - bool initialized; + uint16_t genid; struct list_head list; uint32_t seqnum; }; diff --git a/include/nftables/nftables.h b/include/nftables/nftables.h index 449f9e4e..4211be76 100644 --- a/include/nftables/nftables.h +++ b/include/nftables/nftables.h @@ -70,8 +70,6 @@ FILE *nft_ctx_set_output(struct nft_ctx *ctx, FILE *fp); int nft_ctx_add_include_path(struct nft_ctx *ctx, const char *path); void nft_ctx_clear_include_paths(struct nft_ctx *ctx); -void nft_ctx_flush_cache(struct nft_ctx *ctx); - int nft_run_cmd_from_buffer(struct nft_ctx *nft, char *buf, size_t buflen); int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename); @@ -128,7 +128,6 @@ static void cli_complete(char *line) nft_run_cmd_from_buffer(cli_nft, line, len + 2); xfree(line); - nft_ctx_flush_cache(cli_nft); } static char **cli_completion(const char *text, int start, int end) diff --git a/src/libnftables.c b/src/libnftables.c index 5ef5532c..0d04ec21 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -174,18 +174,13 @@ struct nft_ctx *nft_ctx_new(uint32_t flags) return ctx; } -void nft_ctx_flush_cache(struct nft_ctx *ctx) -{ - iface_cache_release(); - cache_release(&ctx->cache); -} - void nft_ctx_free(struct nft_ctx *ctx) { if (ctx->nf_sock) netlink_close_sock(ctx->nf_sock); - nft_ctx_flush_cache(ctx); + iface_cache_release(); + cache_release(&ctx->cache); nft_ctx_clear_include_paths(ctx); xfree(ctx); nft_exit(); @@ -94,7 +94,7 @@ static int genid_cb(const struct nlmsghdr *nlh, void *data) return MNL_CB_OK; } -void mnl_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum) +uint16_t mnl_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum) { char buf[MNL_SOCKET_BUFFER_SIZE]; struct mnl_ctx ctx = { @@ -106,6 +106,8 @@ void mnl_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum) nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETGEN, AF_UNSPEC, 0, seqnum); /* Skip error checking, old kernels sets res_id field to zero. */ nft_mnl_talk(&ctx, nlh, nlh->nlmsg_len, genid_cb, NULL); + + return nft_genid; } static int check_genid(const struct nlmsghdr *nlh) diff --git a/src/netlink.c b/src/netlink.c index abc22504..845eeeff 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -75,9 +75,9 @@ void netlink_restart(struct mnl_socket *nf_sock) nf_sock = netlink_open_sock(); } -void netlink_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum) +uint16_t netlink_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum) { - mnl_genid_get(nf_sock, seqnum); + return mnl_genid_get(nf_sock, seqnum); } void __noreturn __netlink_abi_error(const char *file, int line, @@ -153,12 +153,14 @@ int cache_update(struct mnl_socket *nf_sock, struct nft_cache *cache, enum cmd_ops cmd, struct list_head *msgs, bool debug, struct output_ctx *octx) { + uint16_t genid; int ret; - if (cache->initialized) - return 0; replay: - netlink_genid_get(nf_sock, cache->seqnum++); + genid = netlink_genid_get(nf_sock, cache->seqnum++); + if (genid && genid == cache->genid) + return 0; + cache_release(cache); ret = cache_init(nf_sock, cache, cmd, msgs, debug, octx); if (ret < 0) { cache_release(cache); @@ -168,7 +170,7 @@ replay: } return -1; } - cache->initialized = true; + cache->genid = genid; return 0; } @@ -185,7 +187,7 @@ void cache_flush(struct list_head *table_list) void cache_release(struct nft_cache *cache) { cache_flush(&cache->list); - cache->initialized = false; + cache->genid = 0; } /* internal ID to uniquely identify a set in the batch */ |