diff options
| author | Phil Sutter <phil@nwl.cc> | 2019-08-20 11:21:42 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2019-11-25 23:31:02 +0100 |
| commit | caaba4ed83300450136405706162eeedc43c6417 (patch) | |
| tree | c5259c7ecd2be44e90f2a8aae496bb7a13ecba60 /iptables/nft.h | |
| parent | a5877a214b6bb2e16ffbbcfd7512ff5cdbf03906 (diff) | |
nft: Introduce NFT_CL_SETS cache level
In order to support anonymous sets, introduce an intermediate cache
level between NFT_CL_CHAINS and NFT_CL_RULES. Actually chains are not
needed to fetch sets, but given that sets are only needed for rules, put
it late to not slow down fetching chains.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.h')
| -rw-r--r-- | iptables/nft.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/iptables/nft.h b/iptables/nft.h index e157b525..51b56603 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -31,6 +31,7 @@ enum nft_cache_level { NFT_CL_NONE, NFT_CL_TABLES, NFT_CL_CHAINS, + NFT_CL_SETS, NFT_CL_RULES }; @@ -38,6 +39,7 @@ struct nft_cache { struct nftnl_table_list *tables; struct { struct nftnl_chain_list *chains; + struct nftnl_set_list *sets; bool initialized; } table[NFT_TABLE_MAX]; }; |