cache: set on cache flags for nested notation

Set on the cache flags for the nested notation too, this is fixing nft -f
with two files, one that contains the set declaration and another that
adds a rule that refers to such set.

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1474
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

2 files changed, 35 insertions, 0 deletions

diff --git a/src/cache.c b/src/cache.c
index 42e6b65c..544f64a2 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -20,6 +20,16 @@
 static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
 {
 	switch (cmd->obj) {
+	case CMD_OBJ_TABLE:
+		if (!cmd->table)
+			break;
+
+		flags |= NFT_CACHE_TABLE |
+			 NFT_CACHE_CHAIN |
+			 NFT_CACHE_SET |
+			 NFT_CACHE_OBJECT |
+			 NFT_CACHE_FLOWTABLE;
+		break;
 	case CMD_OBJ_CHAIN:
 	case CMD_OBJ_SET:
 	case CMD_OBJ_COUNTER:
diff --git a/tests/shell/testcases/nft-f/0029split_file_0 b/tests/shell/testcases/nft-f/0029split_file_0
new file mode 100755
index 00000000..0cc547ab
--- /dev/null
+++ b/tests/shell/testcases/nft-f/0029split_file_0
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+set -e
+
+RULESET="table inet filter {
+	set whitelist_v4 {
+		type ipv4_addr;
+	}
+
+	chain prerouting {
+		type filter hook prerouting priority filter;
+	}
+}
+"
+
+$NFT -f - <<< "$RULESET"
+
+RULESET="table inet filter {
+	chain prerouting {
+		ip daddr @whitelist_v4
+	}
+}
+"
+
+$NFT -f - <<< "$RULESET"