diff options
| author | Elise Lennion <elise.lennion@gmail.com> | 2017-01-26 15:09:44 -0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-27 13:33:20 +0100 |
| commit | d545778d5933ab20c1d9d34a44ae93b2668c60d2 (patch) | |
| tree | 0682f07a04c864d14a355f344e661121624c89d4 /src/rule.c | |
| parent | 0011985554e269e1cc8f8e5b41eb9dcd795ebe8c (diff) | |
src: Allow reset single stateful object
Currently the stateful objects can only be reseted in groups. With this
patch reseting a single object is allowed:
$ nft reset counter filter https-traffic
table ip filter {
counter https-traffic {
packets 8774 bytes 542668
}
}
$ nft list counter filter https-traffic
table ip filter {
counter https-traffic {
packets 0 bytes 0
}
}
Heavily based on work from Pablo Neira Ayuso <pablo@netfilter.org>.
Signed-off-by: Elise Lennion <elise.lennion@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/rule.c')
| -rw-r--r-- | src/rule.c | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -1435,21 +1435,26 @@ static int do_command_reset(struct netlink_ctx *ctx, struct cmd *cmd) { struct obj *obj, *next; struct table *table; + bool dump = false; uint32_t type; int ret; switch (cmd->obj) { case CMD_OBJ_COUNTERS: + dump = true; + case CMD_OBJ_COUNTER: type = NFT_OBJECT_COUNTER; break; case CMD_OBJ_QUOTAS: + dump = true; + case CMD_OBJ_QUOTA: type = NFT_OBJECT_QUOTA; break; default: BUG("invalid command object type %u\n", cmd->obj); } - ret = netlink_reset_objs(ctx, &cmd->handle, &cmd->location, type); + ret = netlink_reset_objs(ctx, &cmd->handle, &cmd->location, type, dump); list_for_each_entry_safe(obj, next, &ctx->list, list) { table = table_lookup(&obj->handle); list_move(&obj->list, &table->objs); |