From d6a127cd5710f8c60e95bfd0378ca352c07140a9 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 18 Sep 2013 17:00:18 +0200
Subject: xtables: batch rule-set updates into one single netlink message

With this patch, all rule-set updates are put in one single batch
of netlink messages that is sent to user-space using the new
nfnetlink batch infrastructure.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'iptables/nft.h')

diff --git a/iptables/nft.h b/iptables/nft.h
index 50971e86..26b60b99 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -3,6 +3,7 @@
 
 #include "xshared.h"
 #include "nft-shared.h"
+#include <libiptc/linux_list.h>
 
 #define FILTER         0
 #define MANGLE         1
@@ -28,7 +29,9 @@ struct nft_handle {
 	struct mnl_socket	*nl;
 	uint32_t		portid;
 	uint32_t		seq;
-	bool			commit;
+	struct list_head	rule_list;
+	int			rule_list_num;
+	struct mnl_nlmsg_batch	*batch;
 	struct nft_family_ops	*ops;
 	struct builtin_table	*tables;
 };
-- 
cgit v1.2.3