path: root/include
diff options
authorPhil Sutter <>2017-10-23 17:33:18 +0200
committerPablo Neira Ayuso <>2017-10-24 15:23:55 +0200
commit4c15b4008c249b768ca1ec958747a9033f8235b9 (patch)
tree5e62190b7a72d995e7a0607d246c978b4a253a02 /include
parent2a3f699d99898c50c51987f8fb64cd5b11ad0dd6 (diff)
cli: Use nft_run_cmd_from_buffer()
Make CLI code adhere to intended libnftables API by not open coding what nft_run_cmd_from_buffer() does. This way, nft_run() has no users outside of src/libnftables.c anymore and therefore can become static. Since nft_run_cmd_from_buffer() takes care of scanner initialization and libmnl socket passed to cli_init() is present as nft_ctx field as well, signature of cli_init() can be reduced to just take nft_ctx pointer as single argument. Note that this change introduces two (possibly unwanted) side-effects: * Input descriptor passed to scanner_push_buffer() is changed from the CLI-specific one to the one used by nft_run_cmd_from_buffer(). In practice though, this doesn't make a difference: input descriptor types INDESC_CLI and INDESC_BUFFER are treated equally by erec_print(). Also, scanner_push_buffer() NULLs input descriptor name, so that is not used at all in latter code. * Error messages are printed to stderr instead of cli_nft->output. This could be fixed by introducing an 'error_output' field in nft_ctx for nft_run_cmd_from_buffer() to use when printing error messages. Signed-off-by: Phil Sutter <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'include')
2 files changed, 2 insertions, 11 deletions
diff --git a/include/cli.h b/include/cli.h
index 3ae1c459..3780e091 100644
--- a/include/cli.h
+++ b/include/cli.h
@@ -5,11 +5,9 @@
struct parser_state;
-extern int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
- struct parser_state *state);
+extern int cli_init(struct nft_ctx *nft);
-static inline int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
- struct parser_state *state)
+static inline int cli_init(struct nft_ctx *nft)
return -1;
diff --git a/include/nftables.h b/include/nftables.h
index eb39dbd1..98d619a3 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -103,13 +103,6 @@ struct input_descriptor {
off_t line_offset;
-struct parser_state;
-struct mnl_socket;
-int nft_run(struct nft_ctx *nft, struct mnl_socket *nf_sock,
- void *scanner, struct parser_state *state,
- struct list_head *msgs);
void ct_label_table_init(void);
void mark_table_init(void);
void gmp_init(void);