diff options
-rw-r--r-- | include/osf.h | 1 | ||||
-rw-r--r-- | src/evaluate.c | 11 | ||||
-rw-r--r-- | src/nfnl_osf.c | 2 | ||||
-rw-r--r-- | src/osf.c | 1 | ||||
-rw-r--r-- | src/rule.c | 6 |
5 files changed, 12 insertions, 9 deletions
diff --git a/include/osf.h b/include/osf.h index 074ba9a3..54cdd4af 100644 --- a/include/osf.h +++ b/include/osf.h @@ -3,7 +3,6 @@ struct expr *osf_expr_alloc(const struct location *loc); -extern bool osf_init; extern int nfnl_osf_load_fingerprints(struct netlink_ctx *ctx, int del); #endif /* NFTABLES_OSF_H */ diff --git a/src/evaluate.c b/src/evaluate.c index 9a7118ec..19550823 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -26,6 +26,8 @@ #include <expression.h> #include <statement.h> +#include <netlink.h> +#include <time.h> #include <rule.h> #include <erec.h> #include <gmputil.h> @@ -1727,6 +1729,15 @@ static int expr_evaluate_socket(struct eval_ctx *ctx, struct expr **expr) static int expr_evaluate_osf(struct eval_ctx *ctx, struct expr **expr) { + struct netlink_ctx nl_ctx = { + .nf_sock = ctx->nf_sock, + .debug_mask = ctx->debug_mask, + .octx = ctx->octx, + .seqnum = time(NULL), + }; + + nfnl_osf_load_fingerprints(&nl_ctx, 0); + return expr_evaluate_primary(ctx, expr); } diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c index e37510bd..fb76fb0e 100644 --- a/src/nfnl_osf.c +++ b/src/nfnl_osf.c @@ -43,8 +43,6 @@ #define OSFPDEL ':' #define MAXOPTSTRLEN 128 -bool osf_init; - static struct nf_osf_opt IANA_opts[] = { { .kind = 0, .length = 1,}, { .kind=1, .length=1,}, @@ -28,7 +28,6 @@ struct expr *osf_expr_alloc(const struct location *loc) const struct datatype *type = &string_type; struct expr *expr; - osf_init = true; expr = expr_alloc(loc, &osf_expr_ops, type, BYTEORDER_HOST_ENDIAN, len); @@ -1394,7 +1394,6 @@ static int do_add_set(struct netlink_ctx *ctx, const struct cmd *cmd, static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl) { uint32_t flags = excl ? NLM_F_EXCL : 0; - int err; if (ctx->octx->echo) { int ret; @@ -1413,10 +1412,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl) case CMD_OBJ_CHAIN: return netlink_add_chain_batch(ctx, cmd, flags); case CMD_OBJ_RULE: - err = netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND); - if (osf_init) - nfnl_osf_load_fingerprints(ctx, 0); - return err; + return netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND); case CMD_OBJ_SET: return do_add_set(ctx, cmd, flags); case CMD_OBJ_SETELEM: |