Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | cache: Fix evaluation for rules with index reference | Phil Sutter | 2019-06-07 | 1 | -7/+1 |
| | | | | | | | | | After parsing input, rule location data (index or handle) is contained in cmd->handle, not yet in cmd->rule->handle. Fixes: 7df42800cf89e ("src: single cache_update() call to build cache before evaluation") Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | src: single cache_update() call to build cache before evaluation | Pablo Neira Ayuso | 2019-06-06 | 1 | -0/+133 |
This patch allows us to make one single cache_update() call. Thus, there is not need to rebuild an incomplete cache from the middle of the batch processing. Note that nft_run_cmd_from_filename() does not need a full netlink dump to build the cache anymore, this should speed nft -f with incremental updates and very large rulesets. cache_evaluate() calculates the netlink dump to populate the cache that this batch needs. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |