diff options
author | Phil Sutter <phil@nwl.cc> | 2020-03-19 18:58:29 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-05-11 14:28:28 +0200 |
commit | f806ee67b5178342d18c8cd3e9201190d8a82c41 (patch) | |
tree | 0637a644191fc0ecc7e99f0ebb794442539cb674 /iptables/nft.c | |
parent | 0e1b72a6d7b6c1c13f5603a916d3847fbe1a3ee3 (diff) |
nft: cache: Fetch cache for specific chains
Iterate over command list and collect chains to cache. Insert them into
a sorted list to pass to __nft_build_cache().
If a command is interested in all chains (e.g., --list), cmd->chain
remains unset. To record this case reliably, use a boolean
('all_chains'). Otherwise, it is hard to distinguish between first call
to nft_cache_level_set() and previous command with NULL cmd->chain
value.
When caching only specific chains, manually add builtin ones for the
given table as well - otherwise nft_xt_builtin_init() will act as if
they don't exist and possibly override non-default chain policies.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft.c')
-rw-r--r-- | iptables/nft.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index daf08604..b807de88 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -805,6 +805,7 @@ int nft_init(struct nft_handle *h, int family, const struct builtin_table *t) INIT_LIST_HEAD(&h->obj_list); INIT_LIST_HEAD(&h->err_list); INIT_LIST_HEAD(&h->cmd_list); + INIT_LIST_HEAD(&h->cache_req.chain_list); return 0; } |