nft: cache: Fetch cache for specific chains

Iterate over command list and collect chains to cache. Insert them into a sorted list to pass to __nft_build_cache(). If a command is interested in all chains (e.g., --list), cmd->chain remains unset. To record this case reliably, use a boolean ('all_chains'). Otherwise, it is hard to distinguish between first call to nft_cache_level_set() and previous command with NULL cmd->chain value. When caching only specific chains, manually add builtin ones for the given table as well - otherwise nft_xt_builtin_init() will act as if they don't exist and possibly override non-default chain policies. Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2020-03-19 18:58:29 +0100
committer: Phil Sutter <phil@nwl.cc> 2020-05-11 14:28:28 +0200
commit: f806ee67b5178342d18c8cd3e9201190d8a82c41 (patch)
tree: 0637a644191fc0ecc7e99f0ebb794442539cb674 /iptables/nft.h
parent: 0e1b72a6d7b6c1c13f5603a916d3847fbe1a3ee3 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/iptables/nft.h b/iptables/nft.h
index 4eaaa77f..aeacc608 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -71,9 +71,16 @@ enum obj_update_type {
 	NFT_COMPAT_TABLE_NEW,
 };
 
+struct cache_chain {
+	struct list_head head;
+	char *name;
+};
+
 struct nft_cache_req {
 	enum nft_cache_level	level;
 	char			*table;
+	bool			all_chains;
+	struct list_head	chain_list;
 };
 
 struct nft_handle {
author	Phil Sutter <phil@nwl.cc>	2020-03-19 18:58:29 +0100
committer	Phil Sutter <phil@nwl.cc>	2020-05-11 14:28:28 +0200
commit	f806ee67b5178342d18c8cd3e9201190d8a82c41 (patch)
tree	0637a644191fc0ecc7e99f0ebb794442539cb674 /iptables/nft.h
parent	0e1b72a6d7b6c1c13f5603a916d3847fbe1a3ee3 (diff)