mnl: don't set NLM_F_ACK flag in mnl_nft_rule_batch_[add|del]

If the NLM_F_ACK flag is unset, the kernel still explicitly reports errors. Thus, we can save the handling of many explicit (useless) ack messages that indicate success. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2013-12-07 20:06:30 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-12-07 20:18:57 +0100
commit: 330666048d97ed8fbb7fd1f80c5a04fb6649b594 (patch)
tree: 10fdc04565cd4f1b87bf2a4debc93a668469820c /src/mnl.c
parent: 2eb1c30d55f1433e11275f85a97d3694188ecc40 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/mnl.c b/src/mnl.c
index 4f515e14..fe218fcc 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -273,7 +273,7 @@ int mnl_nft_rule_batch_add(struct nft_rule *nlr, unsigned int flags,
 	nlh = nft_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch),
 			NFT_MSG_NEWRULE,
 			nft_rule_attr_get_u32(nlr, NFT_RULE_ATTR_FAMILY),
-			flags|NLM_F_ACK|NLM_F_CREATE, seqnum);
+			flags|NLM_F_CREATE, seqnum);
 
 	nft_rule_nlmsg_build_payload(nlh, nlr);
 	if (!mnl_nlmsg_batch_next(batch))
@@ -290,7 +290,7 @@ int mnl_nft_rule_batch_del(struct nft_rule *nlr, unsigned int flags,
 	nlh = nft_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch),
 			NFT_MSG_DELRULE,
 			nft_rule_attr_get_u32(nlr, NFT_RULE_ATTR_FAMILY),
-			NLM_F_ACK, seqnum);
+			0, seqnum);
 
 	nft_rule_nlmsg_build_payload(nlh, nlr);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2013-12-07 20:06:30 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-12-07 20:18:57 +0100
commit	330666048d97ed8fbb7fd1f80c5a04fb6649b594 (patch)
tree	10fdc04565cd4f1b87bf2a4debc93a668469820c /src/mnl.c
parent	2eb1c30d55f1433e11275f85a97d3694188ecc40 (diff)