path: root/include/rule.h
diff options
authorPablo Neira Ayuso <>2014-05-19 12:18:04 +0200
committerPablo Neira Ayuso <>2014-05-19 12:18:06 +0200
commit337636fc670eaed5c7146f99af8719018f63fe3b (patch)
tree7ddacf7ef5052951706748180432e6c0605319b7 /include/rule.h
parentef184c4e844eac8c3eda0c8c6fc1370078a9d66a (diff)
src: add set netlink message to the batch
This patch moves the netlink set messages to the batch that contains the rules. This helps to speed up rule-set restoration time by changing the operational. To achieve this, an internal set ID which is unique to the batch is allocated as suggested by Patrick. To retain backward compatibility, nft initially guesses if the kernel supports set in batches. Otherwise, it falls back to the previous (slowier) operational. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'include/rule.h')
1 files changed, 2 insertions, 0 deletions
diff --git a/include/rule.h b/include/rule.h
index da604a54..ebdafe8a 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -14,6 +14,7 @@
* @set: set name (sets only)
* @handle: rule handle (rules only)
* @position: rule position (rules only)
+ * @set_id: set ID (sets only)
* @comment: human-readable comment (rules only)
struct handle {
@@ -23,6 +24,7 @@ struct handle {
const char *set;
uint64_t handle;
uint64_t position;
+ uint32_t set_id;
const char *comment;