cache: populate flowtables on demand from error path

Flowtables are only required for error reporting hints if kernel reports ENOENT. Populate the cache from this error path only. Tested-by: Eric Garver <eric@garver.life> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2024-08-15 12:34:17 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2024-08-19 17:30:22 +0200
commit: 52d99078521f0ae245ad0145348bebdba9f665ab (patch)
tree: 14ff61fc40f8d02680746365c5745a792a958464 /src/cmd.c
parent: aab2fe87a665c0cba2676096b49b5c8ea21910f8 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/cmd.c b/src/cmd.c
index 507796bd..e64171e7 100644
--- a/src/cmd.c
+++ b/src/cmd.c
@@ -201,6 +201,10 @@ static int nft_cmd_enoent_flowtable(struct netlink_ctx *ctx,
 	if (!cmd->handle.flowtable.name)
 		return 0;
 
+	if (nft_cache_update(ctx->nft, NFT_CACHE_TABLE | NFT_CACHE_FLOWTABLE,
+			     ctx->msgs, NULL) < 0)
+		return 0;
+
 	ft = flowtable_lookup_fuzzy(cmd->handle.flowtable.name,
 				    &ctx->nft->cache, &table);
 	/* check table first. */
author	Pablo Neira Ayuso <pablo@netfilter.org>	2024-08-15 12:34:17 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2024-08-19 17:30:22 +0200
commit	52d99078521f0ae245ad0145348bebdba9f665ab (patch)
tree	14ff61fc40f8d02680746365c5745a792a958464 /src/cmd.c
parent	aab2fe87a665c0cba2676096b49b5c8ea21910f8 (diff)