diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-11-17 18:16:45 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-11-19 14:05:49 +0100 |
| commit | 1847d9db753825b0bd1cd450b549f4e39f7bcc31 (patch) | |
| tree | f872c49f83e10704fca9d28cf281c4c0d3f04c0e /iptables | |
| parent | 9847abe6fbb91621f6494df8243ff96f04efdc4a (diff) | |
nft: move chain_cache back to struct nft_handle
Place this back into the structure that stores the state information.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/nft.c | 26 | ||||
| -rw-r--r-- | iptables/nft.h | 4 |
2 files changed, 16 insertions, 14 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index db86f97c..6852def3 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -809,14 +809,14 @@ static void flush_chain_cache(struct nft_handle *h, const char *tablename) if (tablename && strcmp(h->tables[i].name, tablename)) continue; - if (h->tables[i].chain_cache) { + if (h->table[i].chain_cache) { if (tablename) { - nftnl_chain_list_foreach(h->tables[i].chain_cache, + nftnl_chain_list_foreach(h->table[i].chain_cache, __flush_chain_cache, NULL); break; } else { - nftnl_chain_list_free(h->tables[i].chain_cache); - h->tables[i].chain_cache = NULL; + nftnl_chain_list_free(h->table[i].chain_cache); + h->table[i].chain_cache = NULL; } } } @@ -1303,13 +1303,13 @@ static int nftnl_chain_list_cb(const struct nlmsghdr *nlh, void *data) if (!t) goto out; - if (!t->chain_cache) { - t->chain_cache = nftnl_chain_list_alloc(); - if (!t->chain_cache) + if (!h->table[t->type].chain_cache) { + h->table[t->type].chain_cache = nftnl_chain_list_alloc(); + if (!h->table[t->type].chain_cache) goto out; } - nftnl_chain_list_add_tail(c, t->chain_cache); + nftnl_chain_list_add_tail(c, h->table[t->type].chain_cache); return MNL_CB_OK; out: @@ -1330,8 +1330,8 @@ struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h, if (!t) return NULL; - if (t->chain_cache) - return t->chain_cache; + if (h->table[t->type].chain_cache) + return h->table[t->type].chain_cache; retry: nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, h->family, NLM_F_DUMP, h->seq); @@ -1342,10 +1342,10 @@ retry: goto retry; } - if (!t->chain_cache) - t->chain_cache = nftnl_chain_list_alloc(); + if (!h->table[t->type].chain_cache) + h->table[t->type].chain_cache = nftnl_chain_list_alloc(); - return t->chain_cache; + return h->table[t->type].chain_cache; } static const char *policy_name[NF_ACCEPT+1] = { diff --git a/iptables/nft.h b/iptables/nft.h index e582a6af..8cacae73 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -26,7 +26,6 @@ struct builtin_table { enum nft_table_type type; struct builtin_chain chains[NF_INET_NUMHOOKS]; bool initialized; - struct nftnl_chain_list *chain_cache; }; struct nft_handle { @@ -40,6 +39,9 @@ struct nft_handle { struct list_head err_list; struct nft_family_ops *ops; struct builtin_table *tables; + struct { + struct nftnl_chain_list *chain_cache; + } table[NFT_TABLE_MAX]; struct nftnl_rule_list *rule_cache; bool restore; int8_t config_done; |