nft: Initialize a table only once

This helps to remove some runtime overhead, especially when running xtables-restore. Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> 2014-02-11 18:36:44 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-02-12 10:10:10 +0100
commit: e6b8e172fca48f5d80699afe80947b0fc1f23fd6 (patch)
tree: 7464bcc9cec4fdee20bec33923ddefd6f7abb8ab /iptables/nft.c
parent: 690ea18fdd6f8bc12322a729a2f7c97d8e731c43 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/iptables/nft.c b/iptables/nft.c
index 501c6d86..49322bdd 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -436,6 +436,9 @@ nft_table_builtin_add(struct nft_handle *h, struct builtin_table *_t,
 	struct nft_table *t;
 	int ret;
 
+	if (_t->initialized)
+		return 0;
+
 	t = nft_table_alloc();
 	if (t == NULL)
 		return -1;
@@ -464,6 +467,10 @@ nft_table_builtin_add(struct nft_handle *h, struct builtin_table *_t,
 		if (errno != EEXIST)
 			perror("mnl-talk:nft_table_init_one");
 	}
+
+	if (ret == 0 || errno == EEXIST)
+		_t->initialized = true;
+
 	return ret;
 }
 
@@ -2414,6 +2421,9 @@ int nft_xtables_config_load(struct nft_handle *h, const char *filename,
 	uint32_t table_family, chain_family;
 	bool found = false;
 
+	if (h->restore)
+		return 0;
+
 	if (xtables_config_parse(filename, table_list, chain_list) < 0) {
 		if (errno == ENOENT) {
 			xtables_config_perror(flags,
author	Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>	2014-02-11 18:36:44 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-02-12 10:10:10 +0100
commit	e6b8e172fca48f5d80699afe80947b0fc1f23fd6 (patch)
tree	7464bcc9cec4fdee20bec33923ddefd6f7abb8ab /iptables/nft.c
parent	690ea18fdd6f8bc12322a729a2f7c97d8e731c43 (diff)