From b1c7948fc1b46147871b7c0ae6dedbfabd5e44a1 Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@netfilter.org>
Date: Sun, 20 Sep 2020 10:21:15 +0200
Subject: Revert "Introduce --update-counters-first flag for the set target"

This reverts commit c2dfb6432aea5bb0a3522901b0c44f42d8adbd49.
---
 kernel/net/netfilter/ipset/ip_set_core.c | 13 ++++---------
 kernel/net/netfilter/xt_set.c            | 21 ---------------------
 2 files changed, 4 insertions(+), 30 deletions(-)

(limited to 'kernel/net')

diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c
index 906d01a..c6799af 100644
--- a/kernel/net/netfilter/ipset/ip_set_core.c
+++ b/kernel/net/netfilter/ipset/ip_set_core.c
@@ -622,9 +622,10 @@ ip_set_add_packets(u64 packets, struct ip_set_counter *counter)
 
 static void
 ip_set_update_counter(struct ip_set_counter *counter,
-		      const struct ip_set_ext *ext)
+		      const struct ip_set_ext *ext, u32 flags)
 {
-	if (ext->packets != ULLONG_MAX) {
+	if (ext->packets != ULLONG_MAX &&
+	    !(flags & IPSET_FLAG_SKIP_COUNTER_UPDATE)) {
 		ip_set_add_bytes(ext->bytes, counter);
 		ip_set_add_packets(ext->packets, counter);
 	}
@@ -648,19 +649,13 @@ ip_set_match_extensions(struct ip_set *set, const struct ip_set_ext *ext,
 	if (SET_WITH_COUNTER(set)) {
 		struct ip_set_counter *counter = ext_counter(data, set);
 
-		if (flags & IPSET_FLAG_UPDATE_COUNTERS_FIRST)
-			ip_set_update_counter(counter, ext);
-
 		if (flags & IPSET_FLAG_MATCH_COUNTERS &&
 		    !(ip_set_match_counter(ip_set_get_packets(counter),
 				mext->packets, mext->packets_op) &&
 		      ip_set_match_counter(ip_set_get_bytes(counter),
 				mext->bytes, mext->bytes_op)))
 			return false;
-
-		if (!(flags & (IPSET_FLAG_UPDATE_COUNTERS_FIRST |
-			       IPSET_FLAG_SKIP_COUNTER_UPDATE)))
-			ip_set_update_counter(counter, ext);
+		ip_set_update_counter(counter, ext, flags);
 	}
 	if (SET_WITH_SKBINFO(set))
 		ip_set_get_skbinfo(ext_skbinfo(data, set),
diff --git a/kernel/net/netfilter/xt_set.c b/kernel/net/netfilter/xt_set.c
index 7639522..95efb3a 100644
--- a/kernel/net/netfilter/xt_set.c
+++ b/kernel/net/netfilter/xt_set.c
@@ -646,27 +646,6 @@ static struct xt_match set_matches[] __read_mostly = {
 		.destroy	= set_match_v4_destroy,
 		.me		= THIS_MODULE
 	},
-	/* --update-counters-first flag support */
-	{
-		.name		= "set",
-		.family		= NFPROTO_IPV4,
-		.revision	= 5,
-		.match		= set_match_v4,
-		.matchsize	= sizeof(struct xt_set_info_match_v4),
-		.checkentry	= set_match_v4_checkentry,
-		.destroy	= set_match_v4_destroy,
-		.me		= THIS_MODULE
-	},
-	{
-		.name		= "set",
-		.family		= NFPROTO_IPV6,
-		.revision	= 5,
-		.match		= set_match_v4,
-		.matchsize	= sizeof(struct xt_set_info_match_v4),
-		.checkentry	= set_match_v4_checkentry,
-		.destroy	= set_match_v4_destroy,
-		.me		= THIS_MODULE
-	},
 };
 
 static struct xt_target set_targets[] __read_mostly = {
-- 
cgit v1.2.3