diff options
| author | Phil Sutter <phil@nwl.cc> | 2018-12-30 20:06:09 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-01-09 17:22:11 +0100 |
| commit | 4441b7da7995ed87741164ef39e99f1065eb9637 (patch) | |
| tree | 4fe70678fe4621dd92310c31105ac7703ed766d6 /iptables | |
| parent | fae77a24634365b18687a5f09357dbf4aaee2bc0 (diff) | |
nft: Simplify flush_chain_cache()
With all the checks for 'tablename' being non-NULL, this code was rather
stupid and really hard to read. And the fix is indeed quite simple: If a
table name was given, use nft_table_builtin_find() and just flush its
chain cache. Otherwise iterate over all builtin tables without any
conditionals for 'tablename'.
Fixes: d4b0d248cc057 ("nft: Reduce indenting level in flush_chain_cache()")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/nft.c | 24 |
1 files changed, 11 insertions, 13 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index 25e538b7..dafb879e 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -793,27 +793,25 @@ static int __flush_chain_cache(struct nftnl_chain *c, void *data) static void flush_chain_cache(struct nft_handle *h, const char *tablename) { + const struct builtin_table *table; int i; + if (tablename) { + table = nft_table_builtin_find(h, tablename); + if (!table || !h->table[table->type].chain_cache) + return; + nftnl_chain_list_foreach(h->table[table->type].chain_cache, + __flush_chain_cache, NULL); + return; + } + for (i = 0; i < NFT_TABLE_MAX; i++) { if (h->tables[i].name == NULL) continue; - if (tablename && strcmp(h->tables[i].name, tablename)) + if (!h->table[i].chain_cache) continue; - if (!h->table[i].chain_cache) { - if (tablename) - return; - continue; - } - - if (tablename) { - nftnl_chain_list_foreach(h->table[i].chain_cache, - __flush_chain_cache, NULL); - return; - } - nftnl_chain_list_free(h->table[i].chain_cache); h->table[i].chain_cache = NULL; } |