From 1e8ef6a5847549af6fa2edc4fd642cf259ef2ba1 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 20 Aug 2019 21:41:12 +0200 Subject: nft: family_ops: Pass nft_handle to 'rule_to_cs' callback This is the actual callback used to parse nftables rules. Pass nft_handle to it so it can access the cache (and possible sets therein). Having to pass nft_handle to nft_rule_print_save() allows to simplify it a bit since no family ops lookup has to be done anymore. Signed-off-by: Phil Sutter Acked-by: Pablo Neira Ayuso --- iptables/nft-bridge.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'iptables/nft-bridge.c') diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c index b0c6c5a4..20ce92a6 100644 --- a/iptables/nft-bridge.c +++ b/iptables/nft-bridge.c @@ -333,11 +333,12 @@ static void nft_bridge_parse_target(struct xtables_target *t, void *data) cs->target = t; } -static void nft_rule_to_ebtables_command_state(const struct nftnl_rule *r, +static void nft_rule_to_ebtables_command_state(struct nft_handle *h, + const struct nftnl_rule *r, struct iptables_command_state *cs) { cs->eb.bitmask = EBT_NOPROTO; - nft_rule_to_iptables_command_state(r, cs); + nft_rule_to_iptables_command_state(h, r, cs); } static void print_iface(const char *option, const char *name, bool invert) @@ -480,7 +481,7 @@ static void nft_bridge_print_rule(struct nft_handle *h, struct nftnl_rule *r, if (format & FMT_LINENUMBERS) printf("%d ", num); - nft_rule_to_ebtables_command_state(r, &cs); + nft_rule_to_ebtables_command_state(h, r, &cs); nft_bridge_save_rule(&cs, format); ebt_cs_clean(&cs); } @@ -544,7 +545,7 @@ static bool nft_bridge_rule_find(struct nft_handle *h, struct nftnl_rule *r, struct iptables_command_state this = {}; bool ret = false; - nft_rule_to_ebtables_command_state(r, &this); + nft_rule_to_ebtables_command_state(h, r, &this); DEBUGP("comparing with... "); -- cgit v1.2.3