summaryrefslogtreecommitdiffstats
path: root/iptables/nft.h
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2013-09-18 17:00:18 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2013-12-30 23:50:49 +0100
commitd6a127cd5710f8c60e95bfd0378ca352c07140a9 (patch)
tree47f7dd7ac799ae19005a599c6d4dae4208306553 /iptables/nft.h
parentdbc05560e73d6df7f7013fa892810b9b8329aa1d (diff)
xtables: batch rule-set updates into one single netlink message
With this patch, all rule-set updates are put in one single batch of netlink messages that is sent to user-space using the new nfnetlink batch infrastructure. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r--iptables/nft.h5
1 files changed, 4 insertions, 1 deletions
diff --git a/iptables/nft.h b/iptables/nft.h
index 50971e86..26b60b99 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -3,6 +3,7 @@
#include "xshared.h"
#include "nft-shared.h"
+#include <libiptc/linux_list.h>
#define FILTER 0
#define MANGLE 1
@@ -28,7 +29,9 @@ struct nft_handle {
struct mnl_socket *nl;
uint32_t portid;
uint32_t seq;
- bool commit;
+ struct list_head rule_list;
+ int rule_list_num;
+ struct mnl_nlmsg_batch *batch;
struct nft_family_ops *ops;
struct builtin_table *tables;
};