From dde20393f929f22636dcedd82e5a2fe81394139e Mon Sep 17 00:00:00 2001
From: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Date: Fri, 7 Jun 2013 00:52:17 +0000
Subject: src: add nft_*_unset functions

These functions unset the given attribute in each object and
release the data if needed.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/chain.c         | 28 ++++++++++++++++++++++++++++
 src/libnftables.map |  5 +++++
 src/rule.c          | 25 +++++++++++++++++++++++++
 src/set.c           | 25 +++++++++++++++++++++++++
 src/set_elem.c      | 19 +++++++++++++++++++
 src/table.c         | 20 +++++++++++++++++++-
 6 files changed, 121 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/chain.c b/src/chain.c
index 093e3ea..530e045 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -59,6 +59,34 @@ void nft_chain_free(struct nft_chain *c)
 }
 EXPORT_SYMBOL(nft_chain_free);
 
+void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr)
+{
+	switch (attr) {
+	case NFT_CHAIN_ATTR_TABLE:
+		if (c->flags & (1 << NFT_CHAIN_ATTR_TABLE))
+			if (c->table) {
+				free(c->table);
+				c->table = NULL;
+			}
+		break;
+	case NFT_CHAIN_ATTR_USE:
+		/* cannot be unset?, ignore it */
+		return;
+	case NFT_CHAIN_ATTR_TYPE:
+		if (c->flags & (1 << NFT_CHAIN_ATTR_TYPE))
+			if (c->type) {
+				free(c->type);
+				c->type = NULL;
+			}
+		break;
+	default:
+		return;
+	}
+
+	c->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_chain_attr_unset);
+
 void nft_chain_attr_set(struct nft_chain *c, uint16_t attr, const void *data)
 {
 	switch(attr) {
diff --git a/src/libnftables.map b/src/libnftables.map
index 8bae60c..2b31d55 100644
--- a/src/libnftables.map
+++ b/src/libnftables.map
@@ -2,6 +2,7 @@ LIBNFTABLES_1.0 {
 global:
   nft_table_alloc;
   nft_table_free;
+  nft_table_attr_unset;
   nft_table_attr_set;
   nft_table_attr_get;
   nft_table_attr_set_u32;
@@ -22,6 +23,7 @@ global:
 
   nft_chain_alloc;
   nft_chain_free;
+  nft_chain_attr_unset;
   nft_chain_attr_set;
   nft_chain_attr_set_u32;
   nft_chain_attr_set_s32;
@@ -47,6 +49,7 @@ global:
 
   nft_rule_alloc;
   nft_rule_free;
+  nft_rule_attr_unset;
   nft_rule_attr_set;
   nft_rule_attr_set_u32;
   nft_rule_attr_set_u64;
@@ -91,6 +94,7 @@ global:
 
   nft_set_alloc;
   nft_set_free;
+  nft_set_attr_unset;
   nft_set_attr_set;
   nft_set_attr_set_u32;
   nft_set_attr_set_str;
@@ -114,6 +118,7 @@ global:
   nft_set_elem_alloc;
   nft_set_elem_free;
   nft_set_elem_add;
+  nft_set_elem_attr_unset;
   nft_set_elem_attr_set;
   nft_set_elem_attr_set_u32;
   nft_set_elem_attr_set_str;
diff --git a/src/rule.c b/src/rule.c
index 698bf89..b3e21d8 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -71,6 +71,31 @@ void nft_rule_free(struct nft_rule *r)
 }
 EXPORT_SYMBOL(nft_rule_free);
 
+void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr)
+{
+	switch (attr) {
+	case NFT_RULE_ATTR_TABLE:
+		if (r->flags & (1 << NFT_RULE_ATTR_TABLE))
+			if (r->table) {
+				free(r->table);
+				r->table = NULL;
+			}
+		break;
+	case NFT_RULE_ATTR_CHAIN:
+		if (r->flags & (1 << NFT_RULE_ATTR_CHAIN))
+			if (r->chain) {
+				free(r->chain);
+				r->chain = NULL;
+			}
+		break;
+	default:
+		return;
+	}
+
+	r->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_rule_attr_unset);
+
 void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data)
 {
 	switch(attr) {
diff --git a/src/set.c b/src/set.c
index ef2d11d..029e2f2 100644
--- a/src/set.c
+++ b/src/set.c
@@ -56,6 +56,31 @@ void nft_set_free(struct nft_set *s)
 }
 EXPORT_SYMBOL(nft_set_free);
 
+void nft_set_attr_unset(struct nft_set *s, uint16_t attr)
+{
+	switch (attr) {
+	case NFT_SET_ATTR_TABLE:
+		if (s->flags & (1 << NFT_SET_ATTR_TABLE))
+			if (s->table) {
+				free(s->table);
+				s->table = NULL;
+			}
+		break;
+	case NFT_SET_ATTR_NAME:
+		if (s->flags & (1 << NFT_SET_ATTR_NAME))
+			if (s->name) {
+				free(s->name);
+				s->name = NULL;
+			}
+		break;
+	default:
+		return;
+	}
+
+	s->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_set_attr_unset);
+
 void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data)
 {
 	switch(attr) {
diff --git a/src/set_elem.c b/src/set_elem.c
index a2669ad..13047ae 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -44,6 +44,25 @@ void nft_set_elem_free(struct nft_set_elem *s)
 }
 EXPORT_SYMBOL(nft_set_elem_free);
 
+void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr)
+{
+	switch (attr) {
+	case NFT_SET_ELEM_ATTR_CHAIN:
+		if (s->flags & (1 << NFT_SET_ELEM_ATTR_CHAIN)) {
+			if (s->data.chain) {
+				free(s->data.chain);
+				s->data.chain = NULL;
+			}
+		}
+		break;
+	default:
+		return;
+	}
+
+	s->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_set_elem_attr_unset);
+
 void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr,
 			   const void *data, size_t data_len)
 {
diff --git a/src/table.c b/src/table.c
index de106bb..937f9b5 100644
--- a/src/table.c
+++ b/src/table.c
@@ -49,9 +49,27 @@ void nft_table_free(struct nft_table *t)
 }
 EXPORT_SYMBOL(nft_table_free);
 
+void nft_table_attr_unset(struct nft_table *t, uint16_t attr)
+{
+	switch (attr) {
+	case NFT_TABLE_ATTR_NAME:
+		if (t->flags & (1 << NFT_TABLE_ATTR_NAME)) {
+			if (t->name) {
+				free(t->name);
+				t->name = NULL;
+			}
+		}
+		break;
+	default:
+		return;
+	}
+	t->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_table_attr_unset);
+
 void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data)
 {
-	switch(attr) {
+	switch (attr) {
 	case NFT_TABLE_ATTR_NAME:
 		if (t->name)
 			free(t->name);
-- 
cgit v1.2.3