diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-05-18 14:31:58 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-05-18 16:16:41 +0200 |
commit | ed4882794e0f9153423dd933da8ec15bba734933 (patch) | |
tree | 8f4d4a7e74e73446c92e0c1365a2a22b6a28e84c | |
parent | 31773f27ab7e854fe9a780601110affe739fa8c9 (diff) |
datatype: skip cgroupv2 rootfs in listing
cgroupv2 path is expressed from the /sys/fs/cgroup folder, update
listing to skip it.
# nft add rule x y socket cgroupv2 level 1 "user.slice" counter
# nft list ruleset
table ip x {
chain y {
type filter hook input priority filter; policy accept;
socket cgroupv2 level 1 "user.slice" counter
}
}
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/datatype.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/datatype.c b/src/datatype.c index 743505de..7267d608 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -1382,7 +1382,8 @@ static void cgroupv2_type_print(const struct expr *expr, cgroup_path = cgroupv2_get_path(SYSFS_CGROUPSV2_PATH, id); if (cgroup_path) - nft_print(octx, "\"%s\"", cgroup_path); + nft_print(octx, "\"%s\"", + &cgroup_path[strlen(SYSFS_CGROUPSV2_PATH) + 1]); else nft_print(octx, "%" PRIu64, id); |