cache: do not populate cache if it is going to be flushed

Skip set element netlink dump if set is flushed, this speeds up set flush + add element operation in a batch file for an existing set. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2021-11-09 10:44:46 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2021-11-11 10:55:29 +0100
commit: dffc0e109ed4780c6d79c52fb5be8cda2d63fc6b (patch)
tree: 6e70f590d1b7d6b4606e9b11e0254743a0c0235e /src/libnftables.c
parent: 88e53b5dac2b55905dbf86d7def2fee51bf2a8dd (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/src/libnftables.c b/src/libnftables.c
index 2b2ed1a4..7b9d7efa 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -459,13 +459,18 @@ static int nft_parse_bison_filename(struct nft_ctx *nft, const char *filename,
 static int nft_evaluate(struct nft_ctx *nft, struct list_head *msgs,
 			struct list_head *cmds)
 {
-	struct nft_cache_filter filter = {};
+	struct nft_cache_filter *filter;
 	unsigned int flags;
 	struct cmd *cmd;
 
-	flags = nft_cache_evaluate(nft, cmds, &filter);
-	if (nft_cache_update(nft, flags, msgs, &filter) < 0)
+	filter = nft_cache_filter_init();
+	flags = nft_cache_evaluate(nft, cmds, filter);
+	if (nft_cache_update(nft, flags, msgs, filter) < 0) {
+		nft_cache_filter_fini(filter);
 		return -1;
+	}
+
+	nft_cache_filter_fini(filter);
 
 	list_for_each_entry(cmd, cmds, list) {
 		struct eval_ctx ectx = {
author	Pablo Neira Ayuso <pablo@netfilter.org>	2021-11-09 10:44:46 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2021-11-11 10:55:29 +0100
commit	dffc0e109ed4780c6d79c52fb5be8cda2d63fc6b (patch)
tree	6e70f590d1b7d6b4606e9b11e0254743a0c0235e /src/libnftables.c
parent	88e53b5dac2b55905dbf86d7def2fee51bf2a8dd (diff)