diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-24 16:45:06 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-25 14:21:56 +0200 |
commit | fd33d964a94063d7af6f1713350df980cf440503 (patch) | |
tree | 6421d4b11926d51f0cc91ad26d17f4faabb3f3a1 /include/netlink.h | |
parent | e0f8c894982a57cb1772640715737c7477e7ef8d (diff) |
src: create element command
This patch adds the create command, that send the NLM_F_EXCL flag so
nf_tables bails out if the element already exists, eg.
# nft add element x y { 1.1.1.1 }
# nft create element x y { 1.1.1.1 }
<cmdline>:1:1-31: Error: Could not process rule: File exists
create element x y { 1.1.1.1 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This update requires nf_tables kernel patches to honor the NLM_F_EXCL.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/netlink.h')
-rw-r--r-- | include/netlink.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/netlink.h b/include/netlink.h index 5f487074..28c11f60 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -160,7 +160,7 @@ extern struct stmt *netlink_parse_set_expr(const struct set *set, const struct nftnl_expr *nle); extern int netlink_add_setelems(struct netlink_ctx *ctx, const struct handle *h, - const struct expr *expr); + const struct expr *expr, bool excl); extern int netlink_delete_setelems(struct netlink_ctx *ctx, const struct handle *h, const struct expr *expr); extern int netlink_get_setelems(struct netlink_ctx *ctx, const struct handle *h, |