From 6dc1c3d8bb64077da7f3f28c7368fb087d10a492 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 24 Oct 2018 19:18:50 +0200 Subject: src: remove nftnl_rule_cmp() and nftnl_expr_cmp() These functions are not very useful, rule comparison from this layer does not work well with implicit set definitions. This infrastructure was added as an attempt to support for deletion by name from this layer, which should be done from higher level libnftables library. Finally, we never had a client for this code in git.netfilter.org. Let's remove it and bump libversion for safety reasons. Signed-off-by: Pablo Neira Ayuso --- src/expr/cmp.c | 18 ------------------ 1 file changed, 18 deletions(-) (limited to 'src/expr/cmp.c') diff --git a/src/expr/cmp.c b/src/expr/cmp.c index e39a943..86d7842 100644 --- a/src/expr/cmp.c +++ b/src/expr/cmp.c @@ -208,28 +208,10 @@ nftnl_expr_cmp_snprintf(char *buf, size_t size, uint32_t type, return -1; } -static bool nftnl_expr_cmp_cmp(const struct nftnl_expr *e1, - const struct nftnl_expr *e2) -{ - struct nftnl_expr_cmp *c1 = nftnl_expr_data(e1); - struct nftnl_expr_cmp *c2 = nftnl_expr_data(e2); - bool eq = true; - - if (e1->flags & (1 << NFTNL_EXPR_CMP_DATA)) - eq &= nftnl_data_reg_cmp(&c1->data, &c2->data, DATA_VALUE); - if (e1->flags & (1 << NFTNL_EXPR_CMP_SREG)) - eq &= (c1->sreg == c2->sreg); - if (e1->flags & (1 << NFTNL_EXPR_CMP_OP)) - eq &= (c1->op == c2->op); - - return eq; -} - struct expr_ops expr_ops_cmp = { .name = "cmp", .alloc_len = sizeof(struct nftnl_expr_cmp), .max_attr = NFTA_CMP_MAX, - .cmp = nftnl_expr_cmp_cmp, .set = nftnl_expr_cmp_set, .get = nftnl_expr_cmp_get, .parse = nftnl_expr_cmp_parse, -- cgit v1.2.3