diff options
author | Phil Sutter <phil@nwl.cc> | 2019-10-01 16:23:24 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2019-10-17 19:02:18 +0200 |
commit | 5b5c998da4bdb9e4f1d023e06c983b07c3703af0 (patch) | |
tree | 0c0f0c09b738d40efc50ba56f58b3216e1caf93b /iptables/nft.h | |
parent | 124587ad42cd7b83e3204b49f1f1e2a0b782c320 (diff) |
nft-cache: Introduce cache levels
Replace the simple have_cache boolean by a cache level indicator
defining how complete the cache is. Since have_cache indicated full
cache (including rules), make code depending on it check for cache level
NFT_CL_RULES.
Core cache fetching routine __nft_build_cache() accepts a new level via
parameter and raises cache completeness to that level.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r-- | iptables/nft.h | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/iptables/nft.h b/iptables/nft.h index 451c2660..9ae3122a 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -27,6 +27,13 @@ struct builtin_table { struct builtin_chain chains[NF_INET_NUMHOOKS]; }; +enum nft_cache_level { + NFT_CL_NONE, + NFT_CL_TABLES, + NFT_CL_CHAINS, + NFT_CL_RULES +}; + struct nft_cache { struct nftnl_table_list *tables; struct { @@ -53,7 +60,7 @@ struct nft_handle { unsigned int cache_index; struct nft_cache __cache[2]; struct nft_cache *cache; - bool have_cache; + enum nft_cache_level cache_level; bool restore; bool noflush; int8_t config_done; |