From 8ec2e8438a7c4c48c8005a5f352c8ea6cd40d2fe Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sun, 27 Nov 2016 23:42:54 +0100
Subject: src: reset internal stateful objects

This patch allows you to atomically dump and reset stateful objects, eg.

 # nft list counters
 table ip filter {
        counter test {
              packets 1024 bytes 100000
        }
 }
 # nft reset quotas table filter
 counter test {
        packets 1024 bytes 100000
 }
 # nft reset quotas table filter
 counter test {
        packets 0 bytes 0
 }

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/netlink.c | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

(limited to 'src/netlink.c')

diff --git a/src/netlink.c b/src/netlink.c
index d11b3c01..68bed201 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1755,7 +1755,29 @@ int netlink_list_objs(struct netlink_ctx *ctx, const struct handle *h,
 	struct nftnl_obj_list *obj_cache;
 	int err;
 
-	obj_cache = mnl_nft_obj_dump(nf_sock, h->family, h->table);
+	obj_cache = mnl_nft_obj_dump(nf_sock, h->family, h->table,
+				     NFT_OBJECT_UNSPEC, false);
+	if (obj_cache == NULL) {
+		if (errno == EINTR)
+			return -1;
+
+		return netlink_io_error(ctx, loc,
+					"Could not receive stateful objects from kernel: %s",
+					strerror(errno));
+	}
+
+	err = nftnl_obj_list_foreach(obj_cache, list_obj_cb, ctx);
+	nftnl_obj_list_free(obj_cache);
+	return err;
+}
+
+int netlink_reset_objs(struct netlink_ctx *ctx, const struct handle *h,
+		       const struct location *loc, uint32_t type)
+{
+	struct nftnl_obj_list *obj_cache;
+	int err;
+
+	obj_cache = mnl_nft_obj_dump(nf_sock, h->family, h->table, type, true);
 	if (obj_cache == NULL) {
 		if (errno == EINTR)
 			return -1;
-- 
cgit v1.2.3