path: root/include/mnl.h
diff options
authorPablo Neira Ayuso <>2016-12-20 01:14:10 +0100
committerPablo Neira Ayuso <>2016-12-20 20:24:27 +0100
commit7c568680e2d904b5332e398a2a329ecdb94f897e (patch)
tree7276de2d45e7fb6dc0f5bedea2de116977e5ccc1 /include/mnl.h
parent0e1824475e2e7aee09dd2d5c38fc4ebd4b7ab8bb (diff)
mnl: add mnl_nft_setelem_batch_flush() and use it from netlink_flush_setelems()
Commit 8bd99f2fca7e ("mnl: don't send empty set elements netlink message to kernel") broke set flush because we still need to send the netlink message with no elements to flush sets. To avoid more whack-a-mole games, add a new explicit function mnl_nft_setelem_batch_flush() that is used to request a set flush, instead of reusing the one that allows us to explicitly delete given set elements. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'include/mnl.h')
1 files changed, 2 insertions, 0 deletions
diff --git a/include/mnl.h b/include/mnl.h
index f74dfee5..87db96af 100644
--- a/include/mnl.h
+++ b/include/mnl.h
@@ -82,6 +82,8 @@ int mnl_nft_setelem_delete(struct mnl_socket *nf_sock, struct nftnl_set *nls,
unsigned int flags);
int mnl_nft_setelem_batch_del(struct nftnl_set *nls,
unsigned int flags, uint32_t seq);
+int mnl_nft_setelem_batch_flush(struct nftnl_set *nls, unsigned int flags,
+ uint32_t seqnum);
int mnl_nft_setelem_get(struct mnl_socket *nf_sock, struct nftnl_set *nls);
struct nftnl_ruleset *mnl_nft_ruleset_dump(struct mnl_socket *nf_sock,