From b756cf08d6eff885d808504c674bd7eb5ebabfbb Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 18 Sep 2013 16:54:15 +0200 Subject: nft: consolidate nft_rule_* functions to support ARP This should help to avoid code duplication to support ARP. As a result, we have a common generic infrastructure for IPv4, IPv6 and ARP. This patch removes nft_arp_rule_append and nft_arp_rule_insert, which were very similar to their original nft_rule_append and nft_rule_insert. Signed-off-by: Pablo Neira Ayuso --- iptables/nft.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'iptables/nft.h') diff --git a/iptables/nft.h b/iptables/nft.h index 8ddde48d..50971e86 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -81,17 +81,18 @@ int nft_chain_zero_counters(struct nft_handle *h, const char *chain, const char */ struct nft_rule; -int nft_rule_append(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, uint64_t handle, bool verbose); -int nft_rule_insert(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, int rulenum, bool verbose); -int nft_rule_check(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose); -int nft_rule_delete(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose); +int nft_rule_append(struct nft_handle *h, const char *chain, const char *table, void *data, uint64_t handle, bool verbose); +int nft_rule_insert(struct nft_handle *h, const char *chain, const char *table, void *data, int rulenum, bool verbose); +int nft_rule_check(struct nft_handle *h, const char *chain, const char *table, void *data, bool verbose); +int nft_rule_delete(struct nft_handle *h, const char *chain, const char *table, void *data, bool verbose); int nft_rule_delete_num(struct nft_handle *h, const char *chain, const char *table, int rulenum, bool verbose); -int nft_rule_replace(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, int rulenum, bool verbose); +int nft_rule_replace(struct nft_handle *h, const char *chain, const char *table, void *data, int rulenum, bool verbose); int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, int rulenum, unsigned int format); int nft_rule_list_save(struct nft_handle *h, const char *chain, const char *table, int rulenum, int counters); int nft_rule_save(struct nft_handle *h, const char *table, bool counters); int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table); int nft_rule_zero_counters(struct nft_handle *h, const char *chain, const char *table, int rulenum); + struct nft_rule_list *nft_rule_list_create(struct nft_handle *h); void nft_rule_list_destroy(struct nft_rule_list *list); -- cgit v1.2.3