From e6723abac82460b73979ebe08d5b3e1baf50b927 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Mon, 12 Nov 2018 12:44:56 +0100 Subject: nft: add NFT_TABLE_* enumeration Signed-off-by: Pablo Neira Ayuso --- iptables/nft.c | 26 +++++++++++++------------- iptables/nft.h | 20 +++++++++++--------- 2 files changed, 24 insertions(+), 22 deletions(-) diff --git a/iptables/nft.c b/iptables/nft.c index b75277aa..5967b652 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -376,8 +376,8 @@ static int batch_rule_add(struct nft_handle *h, enum obj_update_type type, return batch_add(h, type, r); } -struct builtin_table xtables_ipv4[TABLES_MAX] = { - [RAW] = { +struct builtin_table xtables_ipv4[NFT_TABLE_MAX] = { + [NFT_TABLE_RAW] = { .name = "raw", .chains = { { @@ -394,7 +394,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = { }, }, }, - [MANGLE] = { + [NFT_TABLE_MANGLE] = { .name = "mangle", .chains = { { @@ -429,7 +429,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = { }, }, }, - [FILTER] = { + [NFT_TABLE_FILTER] = { .name = "filter", .chains = { { @@ -452,7 +452,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = { }, }, }, - [SECURITY] = { + [NFT_TABLE_SECURITY] = { .name = "security", .chains = { { @@ -475,7 +475,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = { }, }, }, - [NAT] = { + [NFT_TABLE_NAT] = { .name = "nat", .chains = { { @@ -508,8 +508,8 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = { #include -struct builtin_table xtables_arp[TABLES_MAX] = { - [FILTER] = { +struct builtin_table xtables_arp[NFT_TABLE_MAX] = { + [NFT_TABLE_FILTER] = { .name = "filter", .chains = { { @@ -530,8 +530,8 @@ struct builtin_table xtables_arp[TABLES_MAX] = { #include -struct builtin_table xtables_bridge[TABLES_MAX] = { - [FILTER] = { +struct builtin_table xtables_bridge[NFT_TABLE_MAX] = { + [NFT_TABLE_FILTER] = { .name = "filter", .chains = { { @@ -554,7 +554,7 @@ struct builtin_table xtables_bridge[TABLES_MAX] = { }, }, }, - [NAT] = { + [NFT_TABLE_NAT] = { .name = "nat", .chains = { { @@ -639,7 +639,7 @@ nft_table_builtin_find(struct nft_handle *h, const char *table) int i; bool found = false; - for (i=0; itables[i].name == NULL) continue; @@ -3200,7 +3200,7 @@ static int nft_is_chain_compatible(const struct nft_handle *h, prio = nftnl_chain_get_u32(chain, NFTNL_CHAIN_PRIO); hook = nftnl_chain_get_u32(chain, NFTNL_CHAIN_HOOKNUM); - for (i = 0; i < TABLES_MAX; i++) { + for (i = 0; i < NFT_TABLE_MAX; i++) { cur_table = h->tables[i].name; chains = h->tables[i].chains; diff --git a/iptables/nft.h b/iptables/nft.h index bb5f03b4..9b4ba5f9 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -5,12 +5,14 @@ #include "nft-shared.h" #include -#define FILTER 0 -#define MANGLE 1 -#define RAW 2 -#define SECURITY 3 -#define NAT 4 -#define TABLES_MAX 5 +enum nft_table_type { + NFT_TABLE_FILTER = 0, + NFT_TABLE_MANGLE, + NFT_TABLE_RAW, + NFT_TABLE_SECURITY, + NFT_TABLE_NAT, +}; +#define NFT_TABLE_MAX (NFT_TABLE_NAT + 1) struct builtin_chain { const char *name; @@ -47,9 +49,9 @@ struct nft_handle { } error; }; -extern struct builtin_table xtables_ipv4[TABLES_MAX]; -extern struct builtin_table xtables_arp[TABLES_MAX]; -extern struct builtin_table xtables_bridge[TABLES_MAX]; +extern struct builtin_table xtables_ipv4[NFT_TABLE_MAX]; +extern struct builtin_table xtables_arp[NFT_TABLE_MAX]; +extern struct builtin_table xtables_bridge[NFT_TABLE_MAX]; int mnl_talk(struct nft_handle *h, struct nlmsghdr *nlh, int (*cb)(const struct nlmsghdr *nlh, void *data), -- cgit v1.2.3