nft: cache: Make nft_rebuild_cache() respect fake cache

If transaction needed a refresh in nft_action(), restore with flush would fetch a full cache instead of merely refreshing table list contained in "fake" cache. To fix this, nft_rebuild_cache() must distinguish between fake cache and full rule cache. Therefore introduce NFT_CL_FAKE to be distinguished from NFT_CL_RULES. Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2020-02-29 02:08:26 +0100
committer: Phil Sutter <phil@nwl.cc> 2020-03-06 16:56:00 +0100
commit: 40ad7793d1884f28767cf58c96e9d76ae0a18db1 (patch)
tree: 9cac4b039a9bffdd3f5acd1af61665edc5c07020 /iptables/nft.h
parent: c550c81fd373e5753103d20f7902171f0fa79807 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/iptables/nft.h b/iptables/nft.h
index 5cf260a6..2094b014 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -32,7 +32,8 @@ enum nft_cache_level {
 	NFT_CL_TABLES,
 	NFT_CL_CHAINS,
 	NFT_CL_SETS,
-	NFT_CL_RULES
+	NFT_CL_RULES,
+	NFT_CL_FAKE	/* must be last entry */
 };
 
 struct nft_cache {
author	Phil Sutter <phil@nwl.cc>	2020-02-29 02:08:26 +0100
committer	Phil Sutter <phil@nwl.cc>	2020-03-06 16:56:00 +0100
commit	40ad7793d1884f28767cf58c96e9d76ae0a18db1 (patch)
tree	9cac4b039a9bffdd3f5acd1af61665edc5c07020 /iptables/nft.h
parent	c550c81fd373e5753103d20f7902171f0fa79807 (diff)