diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-04-30 00:30:05 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-05-02 23:30:35 +0200 |
commit | 56ca2432526ac14cc677b7da1262f027c7cf34be (patch) | |
tree | cd61b62d73e4c8abd3fc5ce1b6b64cd437395319 | |
parent | 8327282de1073fc494f966158c2fbfd7d3fb47e0 (diff) |
src: unbreak deletion by table handle
Use NFTA_TABLE_HANDLE instead of NFTA_TABLE_NAME to refer to the
table 64-bit unique handle.
Fixes: 7840b9224d5b ("evaluate: remove table from cache on delete table")
Fixes: f8aec603aa7e ("src: initial extended netlink error reporting")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/evaluate.c | 3 | ||||
-rw-r--r-- | src/mnl.c | 2 | ||||
-rwxr-xr-x | tests/shell/testcases/cache/0008_delete_by_handle_0 | 20 |
3 files changed, 24 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index a6bb1792..c52309f4 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -4335,6 +4335,9 @@ static void table_del_cache(struct eval_ctx *ctx, struct cmd *cmd) { struct table *table; + if (!cmd->handle.table.name) + return; + table = table_lookup(&cmd->handle, &ctx->nft->cache); if (!table) return; @@ -960,7 +960,7 @@ int mnl_nft_table_del(struct netlink_ctx *ctx, struct cmd *cmd) mnl_attr_put_strz(nlh, NFTA_TABLE_NAME, cmd->handle.table.name); } else if (cmd->handle.handle.id) { cmd_add_loc(cmd, nlh->nlmsg_len, &cmd->handle.handle.location); - mnl_attr_put_u64(nlh, NFTA_TABLE_NAME, + mnl_attr_put_u64(nlh, NFTA_TABLE_HANDLE, htobe64(cmd->handle.handle.id)); } nftnl_table_nlmsg_build_payload(nlh, nlt); diff --git a/tests/shell/testcases/cache/0008_delete_by_handle_0 b/tests/shell/testcases/cache/0008_delete_by_handle_0 new file mode 100755 index 00000000..24b2607b --- /dev/null +++ b/tests/shell/testcases/cache/0008_delete_by_handle_0 @@ -0,0 +1,20 @@ +#!/bin/bash + +set -e + +$NFT add table t +$NFT delete table handle 1 + +$NFT add table t + +$NFT add chain t c +$NFT delete chain t handle 1 + +$NFT add set t s { type ipv4_addr\; } +$NFT delete set t handle 2 + +$NFT add flowtable t f { hook ingress priority 0\; } +$NFT delete flowtable t handle 4 + +$NFT add counter t x +$NFT delete counter t handle 5 |