diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-01-06 13:20:13 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-05-11 14:28:28 +0200 |
commit | a7f1e208cdf9c6392c99d3c52764701d004bdde7 (patch) | |
tree | a479e3469ac3b1ec03b867acfdcd3912891162fd /iptables/nft-shared.h | |
parent | 70a3c1a07585de64b5780a415dc157079c34911b (diff) |
nft: split parsing from netlink commands
This patch updates the parser to generate a list of command objects.
This list of commands is then transformed to a list of netlink jobs.
This new command object stores the rule using the nftnl representation
via nft_rule_new().
To reduce the number of updates in this patch, the nft_*_rule_find()
functions have been updated to restore the native representation to
skip the update of the rule comparison code.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft-shared.h')
-rw-r--r-- | iptables/nft-shared.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index bee99a7d..89e9d0b9 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -110,7 +110,7 @@ struct nft_family_ops { struct iptables_command_state *cs); void (*clear_cs)(struct iptables_command_state *cs); bool (*rule_find)(struct nft_handle *h, struct nftnl_rule *r, - void *data); + struct nftnl_rule *rule); int (*xlate)(const void *data, struct xt_xlate *xl); }; @@ -172,7 +172,7 @@ struct nft_family_ops *nft_family_ops_lookup(int family); void nft_ipv46_parse_target(struct xtables_target *t, void *data); bool nft_ipv46_rule_find(struct nft_handle *h, struct nftnl_rule *r, - void *data); + struct nftnl_rule *rule); bool compare_matches(struct xtables_rule_match *mt1, struct xtables_rule_match *mt2); bool compare_targets(struct xtables_target *tg1, struct xtables_target *tg2); |