summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/mnl.h69
-rw-r--r--include/netlink.h4
-rw-r--r--include/nftables.h1
-rw-r--r--include/rule.h2
4 files changed, 41 insertions, 35 deletions
diff --git a/include/mnl.h b/include/mnl.h
index 31dff2c2..7df08236 100644
--- a/include/mnl.h
+++ b/include/mnl.h
@@ -9,8 +9,8 @@ struct mnl_socket;
struct mnl_socket *netlink_open_sock(void);
void netlink_close_sock(struct mnl_socket *nf_sock);
-uint32_t mnl_seqnum_alloc(void);
-void mnl_genid_get(struct mnl_socket *nf_sock);
+uint32_t mnl_seqnum_alloc(uint32_t *seqnum);
+void mnl_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum);
struct mnl_err {
struct list_head head;
@@ -23,8 +23,8 @@ void mnl_err_list_free(struct mnl_err *err);
struct nftnl_batch *mnl_batch_init(void);
bool mnl_batch_ready(struct nftnl_batch *batch);
void mnl_batch_reset(struct nftnl_batch *batch);
-uint32_t mnl_batch_begin(struct nftnl_batch *batch);
-void mnl_batch_end(struct nftnl_batch *batch);
+uint32_t mnl_batch_begin(struct nftnl_batch *batch, uint32_t seqnum);
+void mnl_batch_end(struct nftnl_batch *batch, uint32_t seqnum);
int mnl_batch_talk(struct netlink_ctx *ctx, struct list_head *err_list);
int mnl_nft_rule_batch_add(struct nftnl_rule *nlr, struct nftnl_batch *batch,
unsigned int flags, uint32_t seqnum);
@@ -34,76 +34,79 @@ int mnl_nft_rule_batch_replace(struct nftnl_rule *nlr, struct nftnl_batch *batch
unsigned int flags, uint32_t seqnum);
int mnl_nft_rule_add(struct mnl_socket *nf_sock, struct nftnl_rule *r,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_rule_delete(struct mnl_socket *nf_sock, struct nftnl_rule *r,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
struct nftnl_rule_list *mnl_nft_rule_dump(struct mnl_socket *nf_sock,
- int family);
+ int family, uint32_t seqnum);
int mnl_nft_chain_add(struct mnl_socket *nf_sock, struct nftnl_chain *nlc,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_chain_batch_add(struct nftnl_chain *nlc, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seq);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_chain_delete(struct mnl_socket *nf_sock, struct nftnl_chain *nlc,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_chain_batch_del(struct nftnl_chain *nlc, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seq);
+ unsigned int flags, uint32_t seqnum);
struct nftnl_chain_list *mnl_nft_chain_dump(struct mnl_socket *nf_sock,
- int family);
+ int family, uint32_t seqnum);
int mnl_nft_chain_get(struct mnl_socket *nf_sock, struct nftnl_chain *nlc,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_table_add(struct mnl_socket *nf_sock, struct nftnl_table *nlt,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_table_batch_add(struct nftnl_table *nlt, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seq);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_table_delete(struct mnl_socket *nf_sock, struct nftnl_table *nlt,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_table_batch_del(struct nftnl_table *nlt, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seq);
+ unsigned int flags, uint32_t seqnum);
struct nftnl_table_list *mnl_nft_table_dump(struct mnl_socket *nf_sock,
- int family);
+ int family, uint32_t seqnum);
int mnl_nft_table_get(struct mnl_socket *nf_sock, struct nftnl_table *nlt,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_set_add(struct mnl_socket *nf_sock, struct nftnl_set *nls,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_set_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seq);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_set_delete(struct mnl_socket *nf_sock, struct nftnl_set *nls,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_set_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seq);
+ unsigned int flags, uint32_t seqnum);
struct nftnl_set_list *mnl_nft_set_dump(struct mnl_socket *nf_sock, int family,
- const char *table);
-int mnl_nft_set_get(struct mnl_socket *nf_sock, struct nftnl_set *nls);
+ const char *table, uint32_t seqnum);
+int mnl_nft_set_get(struct mnl_socket *nf_sock, struct nftnl_set *nls,
+ uint32_t seqnum);
int mnl_nft_setelem_add(struct mnl_socket *nf_sock, struct nftnl_set *nls,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_setelem_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seq);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_setelem_delete(struct mnl_socket *nf_sock, struct nftnl_set *nls,
- unsigned int flags);
+ unsigned int flags, uint32_t seqnum);
int mnl_nft_setelem_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch,
unsigned int flags, uint32_t seq);
int mnl_nft_setelem_batch_flush(struct nftnl_set *nls, struct nftnl_batch *batch,
unsigned int flags, uint32_t seqnum);
-int mnl_nft_setelem_get(struct mnl_socket *nf_sock, struct nftnl_set *nls);
+int mnl_nft_setelem_get(struct mnl_socket *nf_sock, struct nftnl_set *nls,
+ uint32_t seqnum);
struct nftnl_obj_list *mnl_nft_obj_dump(struct mnl_socket *nf_sock, int family,
- const char *table, const char *name,
- uint32_t type, bool dump, bool reset);
+ uint32_t seqnum, const char *table,
+ const char *name, uint32_t type,
+ bool dump, bool reset);
int mnl_nft_obj_batch_add(struct nftnl_obj *nln, struct nftnl_batch *batch,
unsigned int flags, uint32_t seqnum);
int mnl_nft_obj_batch_del(struct nftnl_obj *nln, struct nftnl_batch *batch,
unsigned int flags, uint32_t seqnum);
struct nftnl_ruleset *mnl_nft_ruleset_dump(struct mnl_socket *nf_sock,
- uint32_t family);
+ uint32_t family, uint32_t seqnum);
int mnl_nft_event_listener(struct mnl_socket *nf_sock,
int (*cb)(const struct nlmsghdr *nlh, void *data),
void *cb_data);
-bool mnl_batch_supported(struct mnl_socket *nf_sock);
+bool mnl_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum);
#endif /* _NFTABLES_MNL_H_ */
diff --git a/include/netlink.h b/include/netlink.h
index 37261714..0e1d26b6 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -195,7 +195,7 @@ extern void netlink_dump_obj(struct nftnl_obj *nlo);
extern int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list);
-extern void netlink_genid_get(struct mnl_socket *nf_sock);
+extern void netlink_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum);
extern void netlink_restart(struct mnl_socket *nf_sock);
#define netlink_abi_error() \
__netlink_abi_error(__FILE__, __LINE__, strerror(errno));
@@ -224,7 +224,7 @@ struct netlink_mon_handler {
extern int netlink_monitor(struct netlink_mon_handler *monhandler,
struct mnl_socket *nf_sock);
-bool netlink_batch_supported(struct mnl_socket *nf_sock);
+bool netlink_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum);
int netlink_echo_callback(const struct nlmsghdr *nlh, void *data);
diff --git a/include/nftables.h b/include/nftables.h
index a88c86d1..a457aba6 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -40,6 +40,7 @@ struct nft_ctx {
struct nft_cache {
bool initialized;
struct list_head list;
+ uint32_t seqnum;
};
extern unsigned int max_errors;
diff --git a/include/rule.h b/include/rule.h
index 10ac0e26..f9de8367 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -470,6 +470,7 @@ extern void cmd_free(struct cmd *cmd);
* @set: current set
* @stmt: current statement
* @cache: cache context
+ * @seqnum: netlink sequence number
* @ectx: expression context
* @pctx: payload context
*/
@@ -482,6 +483,7 @@ struct eval_ctx {
struct set *set;
struct stmt *stmt;
struct nft_cache *cache;
+ uint32_t seqnum;
struct expr_ctx ectx;
struct proto_ctx pctx;
};