path: root/iptables/nft-shared.h
diff options
authorPhil Sutter <>2019-08-20 15:15:19 +0200
committerPhil Sutter <>2019-11-25 23:30:40 +0100
commitd4d319cb0afdce06fb5e3fad5fe1cff4232bdbd6 (patch)
treede2b9f6d91675fd18b2b5c0d8d821a1e7f5a62ca /iptables/nft-shared.h
parent7a373f6683afb799c8387bdec1da6a07e9e55b33 (diff)
nft: family_ops: Pass nft_handle to 'add' callback
In order for add_match() to create anonymous sets when converting xtables matches it needs access to nft handle. So pass it along from callers of family ops' add callback. Signed-off-by: Phil Sutter <> Acked-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/nft-shared.h')
1 files changed, 2 insertions, 2 deletions
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 4ca551bd..1cb2ea70 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -35,6 +35,7 @@
#define FMT(tab,notab) ((format) & FMT_NOTABLE ? (notab) : (tab))
struct xtables_args;
+struct nft_handle;
struct xt_xlate;
enum {
@@ -69,7 +70,7 @@ struct nft_xt_ctx {
struct nft_family_ops {
- int (*add)(struct nftnl_rule *r, void *data);
+ int (*add)(struct nft_handle *h, struct nftnl_rule *r, void *data);
bool (*is_same)(const void *data_a,
const void *data_b);
void (*print_payload)(struct nftnl_expr *e,
@@ -163,7 +164,6 @@ void save_matches_and_target(const struct iptables_command_state *cs,
struct nft_family_ops *nft_family_ops_lookup(int family);
-struct nft_handle;
void nft_ipv46_parse_target(struct xtables_target *t, void *data);
bool nft_ipv46_rule_find(struct nft_family_ops *ops, struct nftnl_rule *r,
void *data);