path: root/include
diff options
authorVarsha Rao <>2017-08-13 10:00:18 +0530
committerPablo Neira Ayuso <>2017-08-14 11:32:21 +0200
commit07b45939972eb81c3c3db21c8589b51a62f4843a (patch)
treeb50dfd024653fd11f63821e2e7e4805dbb16036b /include
parentbb8e9e84a1b537ccf1b7abbc9d11af0383801a0d (diff)
src: introduce struct nft_cache
Pass variable cache_initialized and structure list_head as members of structure nft_cache. Joint work with Pablo Neira. Signed-off-by: Varsha Rao <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'include')
5 files changed, 26 insertions, 13 deletions
diff --git a/include/cli.h b/include/cli.h
index 21052e32..e5774008 100644
--- a/include/cli.h
+++ b/include/cli.h
@@ -6,10 +6,10 @@
struct parser_state;
extern int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
- struct parser_state *state);
+ struct nft_cache *cache, struct parser_state *state);
static inline int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
- struct parser_state *state)
+ struct nft_cache *cache, struct parser_state *state)
return -1;
diff --git a/include/netlink.h b/include/netlink.h
index 47ecef38..37261714 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -39,6 +39,7 @@ extern const struct location netlink_location;
* @data: pointer to pass data to callback
* @seqnum: sequence number
* @octx: output context
+ * @cache: cache context
struct netlink_ctx {
struct mnl_socket *nf_sock;
@@ -50,6 +51,7 @@ struct netlink_ctx {
struct nftnl_batch *batch;
bool batch_supported;
struct output_ctx *octx;
+ struct nft_cache *cache;
extern struct nftnl_table *alloc_nftnl_table(const struct handle *h);
@@ -162,6 +164,7 @@ extern int netlink_get_set(struct netlink_ctx *ctx, const struct handle *h,
const struct location *loc);
extern struct stmt *netlink_parse_set_expr(const struct set *set,
+ const struct nft_cache *cache,
const struct nftnl_expr *nle);
extern int netlink_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
@@ -216,6 +219,7 @@ struct netlink_mon_handler {
struct netlink_ctx *ctx;
const struct location *loc;
bool cache_needed;
+ struct nft_cache *cache;
extern int netlink_monitor(struct netlink_mon_handler *monhandler,
diff --git a/include/nftables.h b/include/nftables.h
index ca609015..a88c86d1 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -37,6 +37,11 @@ struct nft_ctx {
bool check;
+struct nft_cache {
+ bool initialized;
+ struct list_head list;
extern unsigned int max_errors;
extern unsigned int debug_level;
extern const char *include_paths[INCLUDE_PATHS_MAX];
@@ -117,8 +122,9 @@ struct input_descriptor {
struct parser_state;
struct mnl_socket;
-int nft_run(struct nft_ctx *nft, struct mnl_socket *nf_sock, void *scanner,
- struct parser_state *state, struct list_head *msgs);
+int nft_run(struct nft_ctx *nft, struct mnl_socket *nf_sock,
+ struct nft_cache *cache, void *scanner, struct parser_state *state,
+ struct list_head *msgs);
void ct_label_table_init(void);
void mark_table_init(void);
diff --git a/include/parser.h b/include/parser.h
index 1815ea1b..5a452f77 100644
--- a/include/parser.h
+++ b/include/parser.h
@@ -31,8 +31,8 @@ struct parser_state {
struct mnl_socket;
-extern void parser_init(struct mnl_socket *nf_sock, struct parser_state *state,
- struct list_head *msgs);
+extern void parser_init(struct mnl_socket *nf_sock, struct nft_cache *cache,
+ struct parser_state *state, struct list_head *msgs);
extern int nft_parse(void *, struct parser_state *state);
extern void *scanner_init(struct parser_state *state);
diff --git a/include/rule.h b/include/rule.h
index a0edda2f..10ac0e26 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -116,8 +116,9 @@ struct table {
extern struct table *table_alloc(void);
extern struct table *table_get(struct table *table);
extern void table_free(struct table *table);
-extern void table_add_hash(struct table *table);
-extern struct table *table_lookup(const struct handle *h);
+extern void table_add_hash(struct table *table, struct nft_cache *cache);
+extern struct table *table_lookup(const struct handle *h,
+ const struct nft_cache *cache);
* enum chain_flags - chain flags
@@ -248,7 +249,7 @@ extern void set_free(struct set *set);
extern void set_add_hash(struct set *set, struct table *table);
extern struct set *set_lookup(const struct table *table, const char *name);
extern struct set *set_lookup_global(uint32_t family, const char *table,
- const char *name);
+ const char *name, struct nft_cache *cache);
extern void set_print(const struct set *set, struct output_ctx *octx);
extern void set_print_plain(const struct set *s, struct output_ctx *octx);
@@ -468,6 +469,7 @@ extern void cmd_free(struct cmd *cmd);
* @rule: current rule
* @set: current set
* @stmt: current statement
+ * @cache: cache context
* @ectx: expression context
* @pctx: payload context
@@ -479,6 +481,7 @@ struct eval_ctx {
struct rule *rule;
struct set *set;
struct stmt *stmt;
+ struct nft_cache *cache;
struct expr_ctx ectx;
struct proto_ctx pctx;
@@ -490,10 +493,10 @@ extern struct error_record *rule_postprocess(struct rule *rule);
struct netlink_ctx;
extern int do_command(struct netlink_ctx *ctx, struct cmd *cmd);
-extern int cache_update(struct mnl_socket *nf_sock, enum cmd_ops cmd,
- struct list_head *msgs);
-extern void cache_flush(void);
-extern void cache_release(void);
+extern int cache_update(struct mnl_socket *nf_sock, struct nft_cache *cache,
+ enum cmd_ops cmd, struct list_head *msgs);
+extern void cache_flush(struct list_head *table_list);
+extern void cache_release(struct nft_cache *cache);
enum udata_type {