From 01d9357f684e4af8142b77f52529e2e6a5ce159b Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 20 Aug 2019 18:20:53 +0200 Subject: nft: family_ops: Pass nft_handle to 'rule_find' callback In order to prepare for rules containing set references, nft handle has to be passed to nft_rule_to_iptables_command_state() in order to let it access the set in cache. Signed-off-by: Phil Sutter Acked-by: Pablo Neira Ayuso --- iptables/nft-shared.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'iptables/nft-shared.c') diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index 6fd8ade5..b6d85f1a 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -982,8 +982,7 @@ void nft_ipv46_parse_target(struct xtables_target *t, void *data) cs->target = t; } -bool nft_ipv46_rule_find(struct nft_family_ops *ops, - struct nftnl_rule *r, void *data) +bool nft_ipv46_rule_find(struct nft_handle *h, struct nftnl_rule *r, void *data) { struct iptables_command_state *cs = data, this = {}; bool ret = false; @@ -994,7 +993,7 @@ bool nft_ipv46_rule_find(struct nft_family_ops *ops, #ifdef DEBUG_DEL nft_rule_print_save(r, NFT_RULE_APPEND, 0); #endif - if (!ops->is_same(cs, &this)) + if (!h->ops->is_same(cs, &this)) goto out; if (!compare_matches(cs->matches, this.matches)) { @@ -1014,7 +1013,7 @@ bool nft_ipv46_rule_find(struct nft_family_ops *ops, ret = true; out: - ops->clear_cs(&this); + h->ops->clear_cs(&this); return ret; } -- cgit v1.2.3