summaryrefslogtreecommitdiffstats
path: root/iptables/xtables-restore.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2020-01-06 13:20:13 +0100
committerPhil Sutter <phil@nwl.cc>2020-05-11 14:28:28 +0200
commita7f1e208cdf9c6392c99d3c52764701d004bdde7 (patch)
treea479e3469ac3b1ec03b867acfdcd3912891162fd /iptables/xtables-restore.c
parent70a3c1a07585de64b5780a415dc157079c34911b (diff)
nft: split parsing from netlink commands
This patch updates the parser to generate a list of command objects. This list of commands is then transformed to a list of netlink jobs. This new command object stores the rule using the nftnl representation via nft_rule_new(). To reduce the number of updates in this patch, the nft_*_rule_find() functions have been updated to restore the native representation to skip the update of the rule comparison code. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/xtables-restore.c')
-rw-r--r--iptables/xtables-restore.c26
1 files changed, 13 insertions, 13 deletions
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index 136bff8e..55547e3a 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -61,11 +61,11 @@ static void print_usage(const char *name, const char *version)
static const struct nft_xt_restore_cb restore_cb = {
.commit = nft_commit,
.abort = nft_abort,
- .table_new = nft_table_new,
- .table_flush = nft_table_flush,
+ .table_new = nft_cmd_table_new,
+ .table_flush = nft_cmd_table_flush,
.do_command = do_commandx,
- .chain_set = nft_chain_set,
- .chain_restore = nft_chain_restore,
+ .chain_set = nft_cmd_chain_set,
+ .chain_restore = nft_cmd_chain_restore,
};
struct nft_xt_restore_state {
@@ -195,7 +195,7 @@ static void xtables_restore_parse_line(struct nft_handle *h,
"cannot create chain '%s' (%s)\n",
chain, strerror(errno));
} else if (h->family == NFPROTO_BRIDGE &&
- !ebt_set_user_chain_policy(h, state->curtable->name,
+ !ebt_cmd_user_chain_policy(h, state->curtable->name,
chain, policy)) {
xtables_error(OTHER_PROBLEM,
"Can't set policy `%s' on `%s' line %u: %s\n",
@@ -492,11 +492,11 @@ int xtables_ip6_restore_main(int argc, char *argv[])
static const struct nft_xt_restore_cb ebt_restore_cb = {
.commit = nft_bridge_commit,
- .table_new = nft_table_new,
- .table_flush = nft_table_flush,
+ .table_new = nft_cmd_table_new,
+ .table_flush = nft_cmd_table_flush,
.do_command = do_commandeb,
- .chain_set = nft_chain_set,
- .chain_restore = nft_chain_restore,
+ .chain_set = nft_cmd_chain_set,
+ .chain_restore = nft_cmd_chain_restore,
};
static const struct option ebt_restore_options[] = {
@@ -538,11 +538,11 @@ int xtables_eb_restore_main(int argc, char *argv[])
static const struct nft_xt_restore_cb arp_restore_cb = {
.commit = nft_commit,
- .table_new = nft_table_new,
- .table_flush = nft_table_flush,
+ .table_new = nft_cmd_table_new,
+ .table_flush = nft_cmd_table_flush,
.do_command = do_commandarp,
- .chain_set = nft_chain_set,
- .chain_restore = nft_chain_restore,
+ .chain_set = nft_cmd_chain_set,
+ .chain_restore = nft_cmd_chain_restore,
};
int xtables_arp_restore_main(int argc, char *argv[])