nft: Include sets in debug output

Rules referencing them are incomplete without, so add debug output on the same level as for rules. Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2023-07-15 14:13:28 +0200
committer: Phil Sutter <phil@nwl.cc> 2023-07-28 11:35:17 +0200
commit: a2532c966659f386781a5757e0a1f42cb1d81573 (patch)
tree: ede221eb507cdbebb923e583825b3d0809afef5b /iptables/nft-cache.c
parent: bd71c11a95ab2b44794843fd8a3698039a7db211 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c
index 76e99adc..fabb5779 100644
--- a/iptables/nft-cache.c
+++ b/iptables/nft-cache.c
@@ -417,6 +417,7 @@ static int set_fetch_elem_cb(struct nftnl_set *s, void *data)
 	char buf[MNL_SOCKET_BUFFER_SIZE];
 	struct nft_handle *h = data;
 	struct nlmsghdr *nlh;
+	int ret;
 
 	if (set_has_elements(s))
 		return 0;
@@ -425,7 +426,14 @@ static int set_fetch_elem_cb(struct nftnl_set *s, void *data)
 				    NLM_F_DUMP, h->seq);
 	nftnl_set_elems_nlmsg_build_payload(nlh, s);
 
-	return mnl_talk(h, nlh, set_elem_cb, s);
+	ret = mnl_talk(h, nlh, set_elem_cb, s);
+
+	if (!ret && h->verbose > 1) {
+		fprintf(stdout, "set ");
+		nftnl_set_fprintf(stdout, s, 0, 0);
+		fprintf(stdout, "\n");
+	}
+	return ret;
 }
 
 static int fetch_set_cache(struct nft_handle *h,
author	Phil Sutter <phil@nwl.cc>	2023-07-15 14:13:28 +0200
committer	Phil Sutter <phil@nwl.cc>	2023-07-28 11:35:17 +0200
commit	a2532c966659f386781a5757e0a1f42cb1d81573 (patch)
tree	ede221eb507cdbebb923e583825b3d0809afef5b /iptables/nft-cache.c
parent	bd71c11a95ab2b44794843fd8a3698039a7db211 (diff)