diff options
author | Phil Sutter <phil@nwl.cc> | 2022-03-01 18:59:31 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2022-03-10 17:38:15 +0100 |
commit | b5f2faea325a315bfb932ebc634f3298d4824cae (patch) | |
tree | 62ae892c17a740836aa89cd99fac7ea0688be030 /iptables/nft-shared.c | |
parent | 17534cb18ed0a5052dc45c117401251359dba6aa (diff) |
nft: Simplify immediate parsing
Implementations of parse_immediate callback are mostly trivial, the only
relevant part is access to family-specific parts of struct
iptables_command_state when setting goto flag for iptables and
ip6tables. Refactor them into simple set_goto_flag callbacks.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/nft-shared.c')
-rw-r--r-- | iptables/nft-shared.c | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index 746a948c..daa251ae 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -906,9 +906,7 @@ static void nft_parse_counter(struct nftnl_expr *e, struct xt_counters *counters static void nft_parse_immediate(struct nft_xt_ctx *ctx, struct nftnl_expr *e) { const char *chain = nftnl_expr_get_str(e, NFTNL_EXPR_IMM_CHAIN); - const char *jumpto = NULL; - bool nft_goto = false; - void *data = ctx->cs; + struct iptables_command_state *cs = ctx->cs; int verdict; if (nftnl_expr_is_set(e, NFTNL_EXPR_IMM_DATA)) { @@ -931,23 +929,22 @@ static void nft_parse_immediate(struct nft_xt_ctx *ctx, struct nftnl_expr *e) /* Standard target? */ switch(verdict) { case NF_ACCEPT: - jumpto = "ACCEPT"; + cs->jumpto = "ACCEPT"; break; case NF_DROP: - jumpto = "DROP"; + cs->jumpto = "DROP"; break; case NFT_RETURN: - jumpto = "RETURN"; + cs->jumpto = "RETURN"; break;; case NFT_GOTO: - nft_goto = true; + if (ctx->h->ops->set_goto_flag) + ctx->h->ops->set_goto_flag(cs); /* fall through */ case NFT_JUMP: - jumpto = chain; + cs->jumpto = chain; break; } - - ctx->h->ops->parse_immediate(jumpto, nft_goto, data); } static void nft_parse_limit(struct nft_xt_ctx *ctx, struct nftnl_expr *e) |