diff options
-rw-r--r-- | include/rule.h | 11 | ||||
-rw-r--r-- | src/netlink.c | 2 | ||||
-rw-r--r-- | src/parser.y | 2 |
3 files changed, 14 insertions, 1 deletions
diff --git a/include/rule.h b/include/rule.h index 97543072..23171ffb 100644 --- a/include/rule.h +++ b/include/rule.h @@ -79,10 +79,20 @@ extern void table_add_hash(struct table *table); extern struct table *table_lookup(const struct handle *h); /** + * enum chain_flags - chain flags + * + * @CHAIN_F_BASECHAIN: chain is a base chain + */ +enum chain_flags { + CHAIN_F_BASECHAIN = 0x1, +}; + +/** * struct chain - nftables chain * * @list: list node in table list * @handle: chain handle + * @flags: chain flags * @hooknum: hook number (base chains) * @priority: hook priority (base chains) * @rules: rules contained in the chain @@ -90,6 +100,7 @@ extern struct table *table_lookup(const struct handle *h); struct chain { struct list_head list; struct handle handle; + uint32_t flags; unsigned int hooknum; unsigned int priority; struct scope scope; diff --git a/src/netlink.c b/src/netlink.c index 54d92c42..0427f4ac 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -422,7 +422,7 @@ int netlink_add_chain(struct netlink_ctx *ctx, const struct handle *h, int err; nlc = alloc_nft_chain(h); - if (chain != NULL && (chain->hooknum || chain->priority)) { + if (chain != NULL && chain->flags & CHAIN_F_BASECHAIN) { nfnl_nft_chain_set_hooknum(nlc, chain->hooknum); nfnl_nft_chain_set_priority(nlc, chain->priority); } diff --git a/src/parser.y b/src/parser.y index f70b505d..8e3d3639 100644 --- a/src/parser.y +++ b/src/parser.y @@ -740,11 +740,13 @@ hook_spec : HOOK HOOKNUM NUM { $<chain>0->hooknum = $2; $<chain>0->priority = $3; + $<chain>0->flags |= CHAIN_F_BASECHAIN; } | HOOK HOOKNUM DASH NUM { $<chain>0->hooknum = $2; $<chain>0->priority = -$4; + $<chain>0->flags |= CHAIN_F_BASECHAIN; } ; |