summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/netlink.h9
-rw-r--r--include/rule.h10
-rw-r--r--src/evaluate.c55
-rw-r--r--src/libnftables.c8
-rw-r--r--src/mnl.c28
-rw-r--r--src/monitor.c52
-rw-r--r--src/netlink.c41
-rw-r--r--src/netlink_delinearize.c4
-rw-r--r--src/nfnl_osf.c16
-rw-r--r--src/rule.c128
10 files changed, 156 insertions, 195 deletions
diff --git a/include/netlink.h b/include/netlink.h
index b7e2232f..b26ef459 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -35,26 +35,21 @@ extern const struct location netlink_location;
/**
* struct netlink_ctx
*
+ * @nft: nftables context
* @msgs: message queue
* @list: list of parsed rules/chains/tables
* @set: current set
* @data: pointer to pass data to callback
* @seqnum: sequence number
- * @octx: output context
- * @debug_mask: display debugging information
- * @cache: cache context
*/
struct netlink_ctx {
- struct mnl_socket *nf_sock;
+ struct nft_ctx *nft;
struct list_head *msgs;
struct list_head list;
struct set *set;
const void *data;
uint32_t seqnum;
struct nftnl_batch *batch;
- unsigned int debug_mask;
- struct output_ctx *octx;
- struct nft_cache *cache;
};
extern struct nftnl_expr *alloc_nft_expr(const char *name);
diff --git a/include/rule.h b/include/rule.h
index c6c5ca98..977f2748 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -618,12 +618,10 @@ extern struct error_record *rule_postprocess(struct rule *rule);
struct netlink_ctx;
extern int do_command(struct netlink_ctx *ctx, struct cmd *cmd);
-extern int cache_update(struct mnl_socket *nf_sock, struct nft_cache *cache,
- enum cmd_ops cmd, struct list_head *msgs, unsigned int debug_flag,
- struct output_ctx *octx);
-extern void cache_flush(struct mnl_socket *nf_sock, struct nft_cache *cache,
- enum cmd_ops cmd, struct list_head *msgs,
- unsigned int debug_mask, struct output_ctx *octx);
+extern int cache_update(struct nft_ctx *ctx, enum cmd_ops cmd,
+ struct list_head *msgs);
+extern void cache_flush(struct nft_ctx *ctx, enum cmd_ops cmd,
+ struct list_head *msgs);
extern void cache_release(struct nft_cache *cache);
enum udata_type {
diff --git a/src/evaluate.c b/src/evaluate.c
index 15aa5980..66e9293f 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -187,8 +187,7 @@ static int expr_evaluate_symbol(struct eval_ctx *ctx, struct expr **expr)
}
break;
case SYMBOL_SET:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, ctx->cmd->op,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, ctx->cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -1730,9 +1729,7 @@ static int expr_evaluate_socket(struct eval_ctx *ctx, struct expr **expr)
static int expr_evaluate_osf(struct eval_ctx *ctx, struct expr **expr)
{
struct netlink_ctx nl_ctx = {
- .nf_sock = ctx->nft->nf_sock,
- .debug_mask = ctx->nft->debug_mask,
- .octx = &ctx->nft->output,
+ .nft = ctx->nft,
.seqnum = time(NULL),
};
@@ -3086,8 +3083,7 @@ static int rule_translate_index(struct eval_ctx *ctx, struct rule *rule)
int ret;
/* update cache with CMD_LIST so that rules are fetched, too */
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, CMD_LIST,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, CMD_LIST, ctx->msgs);
if (ret < 0)
return ret;
@@ -3315,15 +3311,13 @@ static int cmd_evaluate_add(struct eval_ctx *ctx, struct cmd *cmd)
switch (cmd->obj) {
case CMD_OBJ_SETELEM:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
return setelem_evaluate(ctx, &cmd->expr);
case CMD_OBJ_SET:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3333,8 +3327,7 @@ static int cmd_evaluate_add(struct eval_ctx *ctx, struct cmd *cmd)
handle_merge(&cmd->rule->handle, &cmd->handle);
return rule_evaluate(ctx, cmd->rule);
case CMD_OBJ_CHAIN:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3342,8 +3335,7 @@ static int cmd_evaluate_add(struct eval_ctx *ctx, struct cmd *cmd)
case CMD_OBJ_TABLE:
return table_evaluate(ctx, cmd->table);
case CMD_OBJ_FLOWTABLE:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3367,8 +3359,7 @@ static int cmd_evaluate_delete(struct eval_ctx *ctx, struct cmd *cmd)
switch (cmd->obj) {
case CMD_OBJ_SETELEM:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3396,8 +3387,7 @@ static int cmd_evaluate_get(struct eval_ctx *ctx, struct cmd *cmd)
struct set *set;
int ret;
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3446,8 +3436,7 @@ static int cmd_evaluate_list(struct eval_ctx *ctx, struct cmd *cmd)
struct set *set;
int ret;
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3549,8 +3538,7 @@ static int cmd_evaluate_reset(struct eval_ctx *ctx, struct cmd *cmd)
{
int ret;
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3579,8 +3567,7 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
switch (cmd->obj) {
case CMD_OBJ_RULESET:
- cache_flush(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ cache_flush(ctx->nft, cmd->op, ctx->msgs);
break;
case CMD_OBJ_TABLE:
/* Flushing a table does not empty the sets in the table nor remove
@@ -3590,8 +3577,7 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
/* Chains don't hold sets */
break;
case CMD_OBJ_SET:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3607,8 +3593,7 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
strerror(ENOENT));
return 0;
case CMD_OBJ_MAP:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3624,8 +3609,7 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
strerror(ENOENT));
return 0;
case CMD_OBJ_METER:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3653,8 +3637,7 @@ static int cmd_evaluate_rename(struct eval_ctx *ctx, struct cmd *cmd)
switch (cmd->obj) {
case CMD_OBJ_CHAIN:
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
- ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3753,8 +3736,7 @@ static int cmd_evaluate_monitor(struct eval_ctx *ctx, struct cmd *cmd)
uint32_t event;
int ret;
- ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ ret = cache_update(ctx->nft, cmd->op, ctx->msgs);
if (ret < 0)
return ret;
@@ -3779,8 +3761,7 @@ static int cmd_evaluate_export(struct eval_ctx *ctx, struct cmd *cmd)
return cmd_error(ctx, &cmd->location,
"this output type is not supported");
- return cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
- ctx->nft->debug_mask, &ctx->nft->output);
+ return cache_update(ctx->nft, cmd->op, ctx->msgs);
}
static int cmd_evaluate_import(struct eval_ctx *ctx, struct cmd *cmd)
diff --git a/src/libnftables.c b/src/libnftables.c
index 97776379..44869602 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -40,10 +40,7 @@ static int nft_netlink(struct nft_ctx *nft,
ctx.msgs = msgs;
ctx.seqnum = cmd->seqnum = mnl_seqnum_alloc(&seqnum);
ctx.batch = batch;
- ctx.octx = &nft->output;
- ctx.nf_sock = nf_sock;
- ctx.cache = &nft->cache;
- ctx.debug_mask = nft->debug_mask;
+ ctx.nft = nft;
init_list_head(&ctx.list);
ret = do_command(&ctx, cmd);
if (ret < 0) {
@@ -480,8 +477,7 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename)
LIST_HEAD(cmds);
int rc;
- rc = cache_update(nft->nf_sock, &nft->cache, CMD_INVALID, &msgs,
- nft->debug_mask, &nft->output);
+ rc = cache_update(nft, CMD_INVALID, &msgs);
if (rc < 0)
return -1;
diff --git a/src/mnl.c b/src/mnl.c
index 48637e27..9a6248aa 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -52,13 +52,13 @@ nft_mnl_recv(struct netlink_ctx *ctx, uint32_t portid,
char buf[NFT_NLMSG_MAXSIZE];
int ret;
- ret = mnl_socket_recvfrom(ctx->nf_sock, buf, sizeof(buf));
+ ret = mnl_socket_recvfrom(ctx->nft->nf_sock, buf, sizeof(buf));
while (ret > 0) {
ret = mnl_cb_run(buf, ret, ctx->seqnum, portid, cb, cb_data);
if (ret <= 0)
goto out;
- ret = mnl_socket_recvfrom(ctx->nf_sock, buf, sizeof(buf));
+ ret = mnl_socket_recvfrom(ctx->nft->nf_sock, buf, sizeof(buf));
}
out:
if (ret < 0 && errno == EAGAIN)
@@ -71,13 +71,13 @@ int
nft_mnl_talk(struct netlink_ctx *ctx, const void *data, unsigned int len,
int (*cb)(const struct nlmsghdr *nlh, void *data), void *cb_data)
{
- uint32_t portid = mnl_socket_get_portid(ctx->nf_sock);
+ uint32_t portid = mnl_socket_get_portid(ctx->nft->nf_sock);
- if (ctx->debug_mask & NFT_DEBUG_MNL)
- mnl_nlmsg_fprintf(ctx->octx->output_fp, data, len,
+ if (ctx->nft->debug_mask & NFT_DEBUG_MNL)
+ mnl_nlmsg_fprintf(ctx->nft->output.output_fp, data, len,
sizeof(struct nfgenmsg));
- if (mnl_socket_sendto(ctx->nf_sock, data, len) < 0)
+ if (mnl_socket_sendto(ctx->nft->nf_sock, data, len) < 0)
return -1;
return nft_mnl_recv(ctx, portid, cb, cb_data);
@@ -226,23 +226,23 @@ static ssize_t mnl_nft_socket_sendmsg(const struct netlink_ctx *ctx)
};
uint32_t i;
- mnl_set_sndbuffer(ctx->nf_sock, ctx->batch);
+ mnl_set_sndbuffer(ctx->nft->nf_sock, ctx->batch);
nftnl_batch_iovec(ctx->batch, iov, iov_len);
for (i = 0; i < iov_len; i++) {
- if (ctx->debug_mask & NFT_DEBUG_MNL) {
- mnl_nlmsg_fprintf(ctx->octx->output_fp,
+ if (ctx->nft->debug_mask & NFT_DEBUG_MNL) {
+ mnl_nlmsg_fprintf(ctx->nft->output.output_fp,
iov[i].iov_base, iov[i].iov_len,
sizeof(struct nfgenmsg));
}
}
- return sendmsg(mnl_socket_get_fd(ctx->nf_sock), &msg, 0);
+ return sendmsg(mnl_socket_get_fd(ctx->nft->nf_sock), &msg, 0);
}
int mnl_batch_talk(struct netlink_ctx *ctx, struct list_head *err_list)
{
- struct mnl_socket *nl = ctx->nf_sock;
+ struct mnl_socket *nl = ctx->nft->nf_sock;
int ret, fd = mnl_socket_get_fd(nl), portid = mnl_socket_get_portid(nl);
char rcv_buf[MNL_SOCKET_BUFFER_SIZE];
fd_set readfds;
@@ -328,10 +328,8 @@ int mnl_nft_rule_replace(struct netlink_ctx *ctx, const struct cmd *cmd)
struct nlmsghdr *nlh;
int err;
- if (ctx->octx->echo) {
- err = cache_update(ctx->nf_sock, ctx->cache,
- CMD_INVALID, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ if (ctx->nft->output.echo) {
+ err = cache_update(ctx->nft, CMD_INVALID, ctx->msgs);
if (err < 0)
return err;
diff --git a/src/monitor.c b/src/monitor.c
index 213c40d1..14ccbc5f 100644
--- a/src/monitor.c
+++ b/src/monitor.c
@@ -40,7 +40,7 @@
#include <iface.h>
#include <json.h>
-#define nft_mon_print(monh, ...) nft_print(monh->ctx->octx, __VA_ARGS__)
+#define nft_mon_print(monh, ...) nft_print(&monh->ctx->nft->output, __VA_ARGS__)
static struct nftnl_table *netlink_table_alloc(const struct nlmsghdr *nlh)
{
@@ -214,7 +214,7 @@ static int netlink_events_table_cb(const struct nlmsghdr *nlh, int type,
nft_mon_print(monh, "%s %s", family2str(t->handle.family),
t->handle.table.name);
- if (monh->ctx->octx->handle > 0)
+ if (monh->ctx->nft->output.handle > 0)
nft_mon_print(monh, " # handle %" PRIu64 "",
t->handle.handle.id);
break;
@@ -245,7 +245,7 @@ static int netlink_events_chain_cb(const struct nlmsghdr *nlh, int type,
switch (type) {
case NFT_MSG_NEWCHAIN:
- chain_print_plain(c, monh->ctx->octx);
+ chain_print_plain(c, &monh->ctx->nft->output);
break;
case NFT_MSG_DELCHAIN:
nft_mon_print(monh, "chain %s %s %s",
@@ -292,7 +292,7 @@ static int netlink_events_set_cb(const struct nlmsghdr *nlh, int type,
switch (type) {
case NFT_MSG_NEWSET:
- set_print_plain(set, monh->ctx->octx);
+ set_print_plain(set, &monh->ctx->nft->output);
break;
case NFT_MSG_DELSET:
nft_mon_print(monh, "set %s %s %s", family,
@@ -386,7 +386,7 @@ static int netlink_events_setelem_cb(const struct nlmsghdr *nlh, int type,
family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY);
cmd = netlink_msg2cmd(type);
- set = set_lookup_global(family, table, setname, monh->cache);
+ set = set_lookup_global(family, table, setname, &monh->ctx->nft->cache);
if (set == NULL) {
fprintf(stderr, "W: Received event for an unknown set.");
goto out;
@@ -417,7 +417,7 @@ static int netlink_events_setelem_cb(const struct nlmsghdr *nlh, int type,
goto out;
}
if (netlink_delinearize_setelem(nlse, dummyset,
- monh->cache) < 0) {
+ &monh->ctx->nft->cache) < 0) {
set_free(dummyset);
nftnl_set_elems_iter_destroy(nlsei);
goto out;
@@ -435,7 +435,7 @@ static int netlink_events_setelem_cb(const struct nlmsghdr *nlh, int type,
case NFTNL_OUTPUT_DEFAULT:
nft_mon_print(monh, "%s element %s %s %s ",
cmd, family2str(family), table, setname);
- expr_print(dummyset->init, monh->ctx->octx);
+ expr_print(dummyset->init, &monh->ctx->nft->output);
break;
case NFTNL_OUTPUT_JSON:
dummyset->handle.family = family;
@@ -477,7 +477,7 @@ static int netlink_events_obj_cb(const struct nlmsghdr *nlh, int type,
switch (type) {
case NFT_MSG_NEWOBJ:
- obj_print_plain(obj, monh->ctx->octx);
+ obj_print_plain(obj, &monh->ctx->nft->output);
break;
case NFT_MSG_DELOBJ:
nft_mon_print(monh, "%s %s %s %s",
@@ -513,7 +513,8 @@ static int netlink_events_rule_cb(const struct nlmsghdr *nlh, int type,
nlr = netlink_rule_alloc(nlh);
r = netlink_delinearize_rule(monh->ctx, nlr);
- nlr_for_each_set(nlr, rule_map_decompose_cb, NULL, monh->cache);
+ nlr_for_each_set(nlr, rule_map_decompose_cb, NULL,
+ &monh->ctx->nft->cache);
cmd = netlink_msg2cmd(type);
switch (monh->format) {
@@ -528,7 +529,7 @@ static int netlink_events_rule_cb(const struct nlmsghdr *nlh, int type,
switch (type) {
case NFT_MSG_NEWRULE:
- rule_print(r, monh->ctx->octx);
+ rule_print(r, &monh->ctx->nft->output);
break;
case NFT_MSG_DELRULE:
@@ -557,7 +558,7 @@ static void netlink_events_cache_addtable(struct netlink_mon_handler *monh,
t = netlink_delinearize_table(monh->ctx, nlt);
nftnl_table_free(nlt);
- table_add_hash(t, monh->cache);
+ table_add_hash(t, &monh->ctx->nft->cache);
}
static void netlink_events_cache_deltable(struct netlink_mon_handler *monh,
@@ -571,7 +572,7 @@ static void netlink_events_cache_deltable(struct netlink_mon_handler *monh,
h.family = nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY);
h.table.name = nftnl_table_get_str(nlt, NFTNL_TABLE_NAME);
- t = table_lookup(&h, monh->cache);
+ t = table_lookup(&h, &monh->ctx->nft->cache);
if (t == NULL)
goto out;
@@ -601,7 +602,7 @@ static void netlink_events_cache_addset(struct netlink_mon_handler *monh,
goto out;
s->init = set_expr_alloc(monh->loc, s);
- t = table_lookup(&s->handle, monh->cache);
+ t = table_lookup(&s->handle, &monh->ctx->nft->cache);
if (t == NULL) {
fprintf(stderr, "W: Unable to cache set: table not found.\n");
set_free(s);
@@ -628,7 +629,7 @@ static void netlink_events_cache_addsetelem(struct netlink_mon_handler *monh,
table = nftnl_set_get_str(nls, NFTNL_SET_TABLE);
setname = nftnl_set_get_str(nls, NFTNL_SET_NAME);
- set = set_lookup_global(family, table, setname, monh->cache);
+ set = set_lookup_global(family, table, setname, &monh->ctx->nft->cache);
if (set == NULL) {
fprintf(stderr,
"W: Unable to cache set_elem. Set not found.\n");
@@ -641,7 +642,8 @@ static void netlink_events_cache_addsetelem(struct netlink_mon_handler *monh,
nlse = nftnl_set_elems_iter_next(nlsei);
while (nlse != NULL) {
- if (netlink_delinearize_setelem(nlse, set, monh->cache) < 0) {
+ if (netlink_delinearize_setelem(nlse, set,
+ &monh->ctx->nft->cache) < 0) {
fprintf(stderr,
"W: Unable to cache set_elem. "
"Delinearize failed.\n");
@@ -668,7 +670,7 @@ static void netlink_events_cache_delsets(struct netlink_mon_handler *monh,
struct nftnl_rule *nlr = netlink_rule_alloc(nlh);
nlr_for_each_set(nlr, netlink_events_cache_delset_cb, NULL,
- monh->cache);
+ &monh->ctx->nft->cache);
nftnl_rule_free(nlr);
}
@@ -691,7 +693,7 @@ static void netlink_events_cache_addobj(struct netlink_mon_handler *monh,
if (obj == NULL)
goto out;
- t = table_lookup(&obj->handle, monh->cache);
+ t = table_lookup(&obj->handle, &monh->ctx->nft->cache);
if (t == NULL) {
fprintf(stderr, "W: Unable to cache object: table not found.\n");
obj_free(obj);
@@ -721,7 +723,7 @@ static void netlink_events_cache_delobj(struct netlink_mon_handler *monh,
type = nftnl_obj_get_u32(nlo, NFTNL_OBJ_TYPE);
h.handle.id = nftnl_obj_get_u64(nlo, NFTNL_OBJ_HANDLE);
- t = table_lookup(&h, monh->cache);
+ t = table_lookup(&h, &monh->ctx->nft->cache);
if (t == NULL) {
fprintf(stderr, "W: Unable to cache object: table not found.\n");
goto out;
@@ -835,7 +837,7 @@ static int netlink_events_newgen_cb(const struct nlmsghdr *nlh, int type,
nft_mon_print(monh, "# new generation %d", genid);
if (pid >= 0) {
nft_mon_print(monh, " by process %d", pid);
- if (!monh->ctx->octx->numeric)
+ if (!monh->ctx->nft->output.numeric)
nft_mon_print(monh, " (%s)", name);
}
nft_mon_print(monh, "\n");
@@ -850,7 +852,7 @@ static int netlink_events_cb(const struct nlmsghdr *nlh, void *data)
uint16_t type = NFNL_MSG_TYPE(nlh->nlmsg_type);
struct netlink_mon_handler *monh = (struct netlink_mon_handler *)data;
- netlink_events_debug(type, monh->debug_mask);
+ netlink_events_debug(type, monh->ctx->nft->debug_mask);
netlink_events_cache_update(monh, nlh, type);
if (!(monh->monitor_flags & (1 << type)))
@@ -901,11 +903,9 @@ int netlink_echo_callback(const struct nlmsghdr *nlh, void *data)
.loc = &netlink_location,
.monitor_flags = 0xffffffff,
.cache_needed = true,
- .cache = ctx->cache,
- .debug_mask = ctx->debug_mask,
};
- if (!echo_monh.ctx->octx->echo)
+ if (!echo_monh.ctx->nft->output.echo)
return MNL_CB_OK;
return netlink_events_cb(nlh, &echo_monh);
@@ -929,7 +929,7 @@ int netlink_monitor(struct netlink_mon_handler *monhandler,
return -1;
}
- return mnl_nft_event_listener(nf_sock, monhandler->debug_mask,
- monhandler->ctx->octx, netlink_events_cb,
- monhandler);
+ return mnl_nft_event_listener(nf_sock, monhandler->ctx->nft->debug_mask,
+ &monhandler->ctx->nft->output,
+ netlink_events_cb, monhandler);
}
diff --git a/src/netlink.c b/src/netlink.c
index 42d3506d..755949c9 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -42,7 +42,7 @@
#include <erec.h>
#include <iface.h>
-#define nft_mon_print(monh, ...) nft_print(monh->ctx->octx, __VA_ARGS__)
+#define nft_mon_print(monh, ...) nft_print(&monh->ctx->nft->output, __VA_ARGS__)
const struct input_descriptor indesc_netlink = {
.name = "netlink",
@@ -387,9 +387,9 @@ struct expr *netlink_alloc_data(const struct location *loc,
void netlink_dump_rule(const struct nftnl_rule *nlr, struct netlink_ctx *ctx)
{
- FILE *fp = ctx->octx->output_fp;
+ FILE *fp = ctx->nft->output.output_fp;
- if (!(ctx->debug_mask & NFT_DEBUG_NETLINK) || !fp)
+ if (!(ctx->nft->debug_mask & NFT_DEBUG_NETLINK) || !fp)
return;
nftnl_rule_fprintf(fp, nlr, 0, 0);
@@ -450,9 +450,9 @@ static int netlink_list_rules(struct netlink_ctx *ctx, const struct handle *h)
void netlink_dump_chain(const struct nftnl_chain *nlc, struct netlink_ctx *ctx)
{
- FILE *fp = ctx->octx->output_fp;
+ FILE *fp = ctx->nft->output.output_fp;
- if (!(ctx->debug_mask & NFT_DEBUG_NETLINK) || !fp)
+ if (!(ctx->nft->debug_mask & NFT_DEBUG_NETLINK) || !fp)
return;
nftnl_chain_fprintf(fp, nlc, 0, 0);
@@ -611,9 +611,9 @@ const struct datatype *dtype_map_from_kernel(enum nft_data_types type)
void netlink_dump_set(const struct nftnl_set *nls, struct netlink_ctx *ctx)
{
- FILE *fp = ctx->octx->output_fp;
+ FILE *fp = ctx->nft->output.output_fp;
- if (!(ctx->debug_mask & NFT_DEBUG_NETLINK) || !fp)
+ if (!(ctx->nft->debug_mask & NFT_DEBUG_NETLINK) || !fp)
return;
nftnl_set_fprintf(fp, nls, 0, 0);
@@ -936,7 +936,7 @@ out:
static int list_setelem_cb(struct nftnl_set_elem *nlse, void *arg)
{
struct netlink_ctx *ctx = arg;
- return netlink_delinearize_setelem(nlse, ctx->set, ctx->cache);
+ return netlink_delinearize_setelem(nlse, ctx->set, &ctx->nft->cache);
}
int netlink_list_setelems(struct netlink_ctx *ctx, const struct handle *h,
@@ -1024,9 +1024,9 @@ int netlink_get_setelem(struct netlink_ctx *ctx, const struct handle *h,
void netlink_dump_obj(struct nftnl_obj *nln, struct netlink_ctx *ctx)
{
- FILE *fp = ctx->octx->output_fp;
+ FILE *fp = ctx->nft->output.output_fp;
- if (!(ctx->debug_mask & NFT_DEBUG_NETLINK) || !fp)
+ if (!(ctx->nft->debug_mask & NFT_DEBUG_NETLINK) || !fp)
return;
nftnl_obj_fprintf(fp, nln, 0, 0);
@@ -1149,9 +1149,9 @@ static struct nftnl_flowtable *alloc_nftnl_flowtable(const struct handle *h,
static void netlink_dump_flowtable(struct nftnl_flowtable *flo,
struct netlink_ctx *ctx)
{
- FILE *fp = ctx->octx->output_fp;
+ FILE *fp = ctx->nft->output.output_fp;
- if (!(ctx->debug_mask & NFT_DEBUG_NETLINK) || !fp)
+ if (!(ctx->nft->debug_mask & NFT_DEBUG_NETLINK) || !fp)
return;
nftnl_flowtable_fprintf(fp, flo, 0, 0);
@@ -1591,16 +1591,17 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type,
case NFT_TRACETYPE_RULE:
if (nftnl_trace_is_set(nlt, NFTNL_TRACE_LL_HEADER) ||
nftnl_trace_is_set(nlt, NFTNL_TRACE_NETWORK_HEADER))
- trace_print_packet(nlt, monh->ctx->octx);
+ trace_print_packet(nlt, &monh->ctx->nft->output);
if (nftnl_trace_is_set(nlt, NFTNL_TRACE_RULE_HANDLE))
- trace_print_rule(nlt, monh->ctx->octx, monh->cache);
+ trace_print_rule(nlt, &monh->ctx->nft->output,
+ &monh->ctx->nft->cache);
break;
case NFT_TRACETYPE_POLICY:
- trace_print_hdr(nlt, monh->ctx->octx);
+ trace_print_hdr(nlt, &monh->ctx->nft->output);
if (nftnl_trace_is_set(nlt, NFTNL_TRACE_POLICY)) {
- trace_print_policy(nlt, monh->ctx->octx);
+ trace_print_policy(nlt, &monh->ctx->nft->output);
nft_mon_print(monh, " ");
}
@@ -1608,14 +1609,14 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type,
trace_print_expr(nlt, NFTNL_TRACE_MARK,
meta_expr_alloc(&netlink_location,
NFT_META_MARK),
- monh->ctx->octx);
+ &monh->ctx->nft->output);
nft_mon_print(monh, "\n");
break;
case NFT_TRACETYPE_RETURN:
- trace_print_hdr(nlt, monh->ctx->octx);
+ trace_print_hdr(nlt, &monh->ctx->nft->output);
if (nftnl_trace_is_set(nlt, NFTNL_TRACE_VERDICT)) {
- trace_print_verdict(nlt, monh->ctx->octx);
+ trace_print_verdict(nlt, &monh->ctx->nft->output);
nft_mon_print(monh, " ");
}
@@ -1623,7 +1624,7 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type,
trace_print_expr(nlt, NFTNL_TRACE_MARK,
meta_expr_alloc(&netlink_location,
NFT_META_MARK),
- monh->ctx->octx);
+ &monh->ctx->nft->output);
nft_mon_print(monh, "\n");
break;
}
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index cd058850..3931127f 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -2608,7 +2608,7 @@ struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx,
memset(&_ctx, 0, sizeof(_ctx));
_ctx.msgs = ctx->msgs;
- _ctx.debug_mask = ctx->debug_mask;
+ _ctx.debug_mask = ctx->nft->debug_mask;
memset(&h, 0, sizeof(h));
h.family = nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY);
@@ -2620,7 +2620,7 @@ struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx,
h.position.id = nftnl_rule_get_u64(nlr, NFTNL_RULE_POSITION);
pctx->rule = rule_alloc(&netlink_location, &h);
- pctx->table = table_lookup(&h, ctx->cache);
+ pctx->table = table_lookup(&h, &ctx->nft->cache);
assert(pctx->table != NULL);
if (nftnl_rule_is_set(nlr, NFTNL_RULE_USERDATA)) {
diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c
index e9a7f1d1..be3fd810 100644
--- a/src/nfnl_osf.c
+++ b/src/nfnl_osf.c
@@ -221,8 +221,8 @@ static int osf_load_line(char *buffer, int len, int del,
memset(&f, 0, sizeof(struct nf_osf_user_finger));
- if (ctx->debug_mask & NFT_DEBUG_MNL)
- nft_print(ctx->octx, "Loading '%s'.\n", buffer);
+ if (ctx->nft->debug_mask & NFT_DEBUG_MNL)
+ nft_print(&ctx->nft->output, "Loading '%s'.\n", buffer);
for (i = 0; i < len && buffer[i] != '\0'; ++i) {
if (buffer[i] == ':')
@@ -230,8 +230,8 @@ static int osf_load_line(char *buffer, int len, int del,
}
if (cnt != 8) {
- if (ctx->debug_mask & NFT_DEBUG_MNL)
- nft_print(ctx->octx, "Wrong input line '%s': cnt: %d, must be 8, i: %d, must be %d.\n", buffer, cnt, i, len);
+ if (ctx->nft->debug_mask & NFT_DEBUG_MNL)
+ nft_print(&ctx->nft->output, "Wrong input line '%s': cnt: %d, must be 8, i: %d, must be %d.\n", buffer, cnt, i, len);
return -EINVAL;
}
@@ -357,14 +357,14 @@ int nfnl_osf_load_fingerprints(struct netlink_ctx *ctx, int del)
int err = 0;
char buf[1024];
- if (ctx->debug_mask & NFT_DEBUG_MNL)
- nft_print(ctx->octx, "Opening OS signature file '%s'\n",
+ if (ctx->nft->debug_mask & NFT_DEBUG_MNL)
+ nft_print(&ctx->nft->output, "Opening OS signature file '%s'\n",
OS_SIGNATURES);
inf = fopen(OS_SIGNATURES, "r");
if (!inf) {
- if (ctx->debug_mask & NFT_DEBUG_MNL)
- nft_print(ctx->octx, "Failed to open file '%s'\n",
+ if (ctx->nft->debug_mask & NFT_DEBUG_MNL)
+ nft_print(&ctx->nft->output, "Failed to open file '%s'\n",
OS_SIGNATURES);
return -1;
diff --git a/src/rule.c b/src/rule.c
index 8f78a36c..9e24c35c 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -154,7 +154,7 @@ static int cache_init_objects(struct netlink_ctx *ctx, enum cmd_ops cmd)
struct set *set;
int ret;
- list_for_each_entry(table, &ctx->cache->list, list) {
+ list_for_each_entry(table, &ctx->nft->cache.list, list) {
ret = netlink_list_sets(ctx, &table->handle);
list_splice_tail_init(&ctx->list, &table->sets);
@@ -209,7 +209,7 @@ static int cache_init(struct netlink_ctx *ctx, enum cmd_ops cmd)
};
int ret;
- ret = cache_init_tables(ctx, &handle, ctx->cache);
+ ret = cache_init_tables(ctx, &handle, &ctx->nft->cache);
if (ret < 0)
return ret;
ret = cache_init_objects(ctx, cmd);
@@ -219,20 +219,18 @@ static int cache_init(struct netlink_ctx *ctx, enum cmd_ops cmd)
return 0;
}
-int cache_update(struct mnl_socket *nf_sock, struct nft_cache *cache,
- enum cmd_ops cmd, struct list_head *msgs, unsigned int debug_mask,
- struct output_ctx *octx)
+int cache_update(struct nft_ctx *nft, enum cmd_ops cmd, struct list_head *msgs)
{
uint16_t genid;
int ret;
struct netlink_ctx ctx = {
.list = LIST_HEAD_INIT(ctx.list),
- .nf_sock = nf_sock,
- .cache = cache,
+ .nft = nft,
.msgs = msgs,
- .debug_mask = debug_mask,
- .octx = octx,
+ .nft = nft,
};
+ struct mnl_socket *nf_sock = nft->nf_sock;
+ struct nft_cache *cache = &nft->cache;
replay:
ctx.seqnum = cache->seqnum++;
@@ -265,18 +263,14 @@ static void __cache_flush(struct list_head *table_list)
}
}
-void cache_flush(struct mnl_socket *nf_sock, struct nft_cache *cache,
- enum cmd_ops cmd, struct list_head *msgs,
- unsigned int debug_mask, struct output_ctx *octx)
+void cache_flush(struct nft_ctx *nft, enum cmd_ops cmd, struct list_head *msgs)
{
struct netlink_ctx ctx = {
.list = LIST_HEAD_INIT(ctx.list),
- .nf_sock = nf_sock,
- .cache = cache,
+ .nft = nft,
.msgs = msgs,
- .debug_mask = debug_mask,
- .octx = octx,
};
+ struct nft_cache *cache = &nft->cache;
__cache_flush(&cache->list);
cache->genid = mnl_genid_get(&ctx);
@@ -1361,12 +1355,12 @@ static int do_add_setelems(struct netlink_ctx *ctx, struct cmd *cmd,
struct table *table;
struct set *set;
- table = table_lookup(h, ctx->cache);
+ table = table_lookup(h, &ctx->nft->cache);
set = set_lookup(table, h->set.name);
if (set->flags & NFT_SET_INTERVAL &&
set_to_intervals(ctx->msgs, set, init, true,
- ctx->debug_mask, set->automerge) < 0)
+ ctx->nft->debug_mask, set->automerge) < 0)
return -1;
return __do_add_setelems(ctx, set, init, flags);
@@ -1380,7 +1374,7 @@ static int do_add_set(struct netlink_ctx *ctx, const struct cmd *cmd,
if (set->init != NULL) {
if (set->flags & NFT_SET_INTERVAL &&
set_to_intervals(ctx->msgs, set, set->init, true,
- ctx->debug_mask, set->automerge) < 0)
+ ctx->nft->debug_mask, set->automerge) < 0)
return -1;
}
if (mnl_nft_set_add(ctx, cmd, flags) < 0)
@@ -1395,11 +1389,10 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
{
uint32_t flags = excl ? NLM_F_EXCL : 0;
- if (ctx->octx->echo) {
+ if (ctx->nft->output.echo) {
int ret;
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->obj,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft, cmd->obj, ctx->msgs);
if (ret < 0)
return ret;
@@ -1447,11 +1440,10 @@ static int do_command_insert(struct netlink_ctx *ctx, struct cmd *cmd)
{
uint32_t flags = 0;
- if (ctx->octx->echo) {
+ if (ctx->nft->output.echo) {
int ret;
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->obj,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft, cmd->obj, ctx->msgs);
if (ret < 0)
return ret;
@@ -1474,12 +1466,12 @@ static int do_delete_setelems(struct netlink_ctx *ctx, struct cmd *cmd)
struct table *table;
struct set *set;
- table = table_lookup(h, ctx->cache);
+ table = table_lookup(h, &ctx->nft->cache);
set = set_lookup(table, h->set.name);
if (set->flags & NFT_SET_INTERVAL &&
set_to_intervals(ctx->msgs, set, expr, false,
- ctx->debug_mask, set->automerge) < 0)
+ ctx->nft->debug_mask, set->automerge) < 0)
return -1;
if (mnl_nft_setelem_del(ctx, cmd) < 0)
@@ -1524,7 +1516,7 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd)
static int do_command_export(struct netlink_ctx *ctx, struct cmd *cmd)
{
struct nftnl_ruleset *rs;
- FILE *fp = ctx->octx->output_fp;
+ FILE *fp = ctx->nft->output.output_fp;
do {
rs = netlink_dump_ruleset(ctx, &cmd->handle, &cmd->location);
@@ -1534,7 +1526,7 @@ static int do_command_export(struct netlink_ctx *ctx, struct cmd *cmd)
nftnl_ruleset_fprintf(fp, rs, cmd->markup->format, NFTNL_OF_EVENT_NEW);
- nft_print(ctx->octx, "\n");
+ nft_print(&ctx->nft->output, "\n");
nftnl_ruleset_free(rs);
return 0;
@@ -1565,7 +1557,7 @@ static int do_command_import(struct netlink_ctx *ctx, struct cmd *cmd)
static int do_list_table(struct netlink_ctx *ctx, struct cmd *cmd,
struct table *table)
{
- table_print(table, ctx->octx);
+ table_print(table, &ctx->nft->output);
return 0;
}
@@ -1579,12 +1571,12 @@ static int do_list_sets(struct netlink_ctx *ctx, struct cmd *cmd)
struct table *table;
struct set *set;
- list_for_each_entry(table, &ctx->cache->list, list) {
+ list_for_each_entry(table, &ctx->nft->cache.list, list) {
if (cmd->handle.family != NFPROTO_UNSPEC &&
cmd->handle.family != table->handle.family)
continue;
- nft_print(ctx->octx, "table %s %s {\n",
+ nft_print(&ctx->nft->output, "table %s %s {\n",
family2str(table->handle.family),
table->handle.table.name);
@@ -1599,11 +1591,11 @@ static int do_list_sets(struct netlink_ctx *ctx, struct cmd *cmd)
if (cmd->obj == CMD_OBJ_MAPS &&
!(set->flags & NFT_SET_MAP))
continue;
- set_print_declaration(set, &opts, ctx->octx);
- nft_print(ctx->octx, "%s}%s", opts.tab, opts.nl);
+ set_print_declaration(set, &opts, &ctx->nft->output);
+ nft_print(&ctx->nft->output, "%s}%s", opts.tab, opts.nl);
}
- nft_print(ctx->octx, "}\n");
+ nft_print(&ctx->nft->output, "}\n");
}
return 0;
}
@@ -1881,14 +1873,14 @@ static int do_list_obj(struct netlink_ctx *ctx, struct cmd *cmd, uint32_t type)
struct table *table;
struct obj *obj;
- list_for_each_entry(table, &ctx->cache->list, list) {
+ list_for_each_entry(table, &ctx->nft->cache.list, list) {
if (cmd->handle.family != NFPROTO_UNSPEC &&
cmd->handle.family != table->handle.family)
continue;
if (cmd->handle.table.name != NULL &&
!strcmp(cmd->handle.table.name, table->handle.table.name)) {
- nft_print(ctx->octx, "table %s %s {\n",
+ nft_print(&ctx->nft->output, "table %s %s {\n",
family2str(table->handle.family),
cmd->handle.table.name);
} else
@@ -1900,10 +1892,10 @@ static int do_list_obj(struct netlink_ctx *ctx, struct cmd *cmd, uint32_t type)
strcmp(cmd->handle.obj.name, obj->handle.obj.name)))
continue;
- obj_print_declaration(obj, &opts, ctx->octx);
+ obj_print_declaration(obj, &opts, &ctx->nft->output);
}
- nft_print(ctx->octx, "}\n");
+ nft_print(&ctx->nft->output, "}\n");
}
return 0;
}
@@ -2003,21 +1995,21 @@ static int do_list_flowtables(struct netlink_ctx *ctx, struct cmd *cmd)
struct flowtable *flowtable;
struct table *table;
- list_for_each_entry(table, &ctx->cache->list, list) {
+ list_for_each_entry(table, &ctx->nft->cache.list, list) {
if (cmd->handle.family != NFPROTO_UNSPEC &&
cmd->handle.family != table->handle.family)
continue;
- nft_print(ctx->octx, "table %s %s {\n",
+ nft_print(&ctx->nft->output, "table %s %s {\n",
family2str(table->handle.family),
table->handle.table.name);
list_for_each_entry(flowtable, &table->flowtables, list) {
- flowtable_print_declaration(flowtable, &opts, ctx->octx);
- nft_print(ctx->octx, "%s}%s", opts.tab, opts.nl);
+ flowtable_print_declaration(flowtable, &opts, &ctx->nft->output);
+ nft_print(&ctx->nft->output, "%s}%s", opts.tab, opts.nl);
}
- nft_print(ctx->octx, "}\n");
+ nft_print(&ctx->nft->output, "}\n");
}
return 0;
}
@@ -2027,7 +2019,7 @@ static int do_list_ruleset(struct netlink_ctx *ctx, struct cmd *cmd)
unsigned int family = cmd->handle.family;
struct table *table;
- list_for_each_entry(table, &ctx->cache->list, list) {
+ list_for_each_entry(table, &ctx->nft->cache.list, list) {
if (family != NFPROTO_UNSPEC &&
table->handle.family != family)
continue;
@@ -2048,12 +2040,12 @@ static int do_list_tables(struct netlink_ctx *ctx, struct cmd *cmd)
{
struct table *table;
- list_for_each_entry(table, &ctx->cache->list, list) {
+ list_for_each_entry(table, &ctx->nft->cache.list, list) {
if (cmd->handle.family != NFPROTO_UNSPEC &&
cmd->handle.family != table->handle.family)
continue;
- nft_print(ctx->octx, "table %s %s\n",
+ nft_print(&ctx->nft->output, "table %s %s\n",
family2str(table->handle.family),
table->handle.table.name);
}
@@ -2074,17 +2066,17 @@ static int do_list_chain(struct netlink_ctx *ctx, struct cmd *cmd,
{
struct chain *chain;
- table_print_declaration(table, ctx->octx);
+ table_print_declaration(table, &ctx->nft->output);
list_for_each_entry(chain, &table->chains, list) {
if (chain->handle.family != cmd->handle.family ||
strcmp(cmd->handle.chain.name, chain->handle.chain.name) != 0)
continue;
- chain_print(chain, ctx->octx);
+ chain_print(chain, &ctx->nft->output);
}
- nft_print(ctx->octx, "}\n");
+ nft_print(&ctx->nft->output, "}\n");
return 0;
}
@@ -2094,18 +2086,18 @@ static int do_list_chains(struct netlink_ctx *ctx, struct cmd *cmd)
struct table *table;
struct chain *chain;
- list_for_each_entry(table, &ctx->cache->list, list) {
+ list_for_each_entry(table, &ctx->nft->cache.list, list) {
if (cmd->handle.family != NFPROTO_UNSPEC &&
cmd->handle.family != table->handle.family)
continue;
- table_print_declaration(table, ctx->octx);
+ table_print_declaration(table, &ctx->nft->output);
list_for_each_entry(chain, &table->chains, list) {
- chain_print_declaration(chain, ctx->octx);
- nft_print(ctx->octx, "\t}\n");
+ chain_print_declaration(chain, &ctx->nft->output);
+ nft_print(&ctx->nft->output, "\t}\n");
}
- nft_print(ctx->octx, "}\n");
+ nft_print(&ctx->nft->output, "}\n");
}
return 0;
@@ -2114,9 +2106,9 @@ static int do_list_chains(struct netlink_ctx *ctx, struct cmd *cmd)
static void __do_list_set(struct netlink_ctx *ctx, struct cmd *cmd,
struct table *table, struct set *set)
{
- table_print_declaration(table, ctx->octx);
- set_print(set, ctx->octx);
- nft_print(ctx->octx, "}\n");
+ table_print_declaration(table, &ctx->nft->output);
+ set_print(set, &ctx->nft->output);
+ nft_print(&ctx->nft->output, "}\n");
}
static int do_list_set(struct netlink_ctx *ctx, struct cmd *cmd,
@@ -2137,11 +2129,11 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
{
struct table *table = NULL;
- if (ctx->octx->json)
+ if (ctx->nft->output.json)
return do_command_list_json(ctx, cmd);
if (cmd->handle.table.name != NULL)
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
switch (cmd->obj) {
case CMD_OBJ_TABLE:
@@ -2228,7 +2220,7 @@ static int do_command_get(struct netlink_ctx *ctx, struct cmd *cmd)
struct table *table = NULL;
if (cmd->handle.table.name != NULL)
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
switch (cmd->obj) {
case CMD_OBJ_SETELEM:
@@ -2267,7 +2259,7 @@ static int do_command_reset(struct netlink_ctx *ctx, struct cmd *cmd)
ret = netlink_reset_objs(ctx, cmd, type, dump);
list_for_each_entry_safe(obj, next, &ctx->list, list) {
- table = table_lookup(&obj->handle, ctx->cache);
+ table = table_lookup(&obj->handle, &ctx->nft->cache);
list_move(&obj->list, &table->objs);
}
if (ret < 0)
@@ -2296,7 +2288,7 @@ static int do_command_flush(struct netlink_ctx *ctx, struct cmd *cmd)
static int do_command_rename(struct netlink_ctx *ctx, struct cmd *cmd)
{
- struct table *table = table_lookup(&cmd->handle, ctx->cache);
+ struct table *table = table_lookup(&cmd->handle, &ctx->nft->cache);
const struct chain *chain;
switch (cmd->obj) {
@@ -2336,8 +2328,8 @@ static int do_command_monitor(struct netlink_ctx *ctx, struct cmd *cmd)
.format = cmd->monitor->format,
.ctx = ctx,
.loc = &cmd->location,
- .cache = ctx->cache,
- .debug_mask = ctx->debug_mask,
+ .cache = &ctx->nft->cache,
+ .debug_mask = ctx->nft->debug_mask,
};
monhandler.cache_needed = need_cache(cmd);
@@ -2346,7 +2338,7 @@ static int do_command_monitor(struct netlink_ctx *ctx, struct cmd *cmd)
struct chain *chain;
int ret;
- list_for_each_entry(t, &ctx->cache->list, list) {
+ list_for_each_entry(t, &ctx->nft->cache.list, list) {
list_for_each_entry(s, &t->sets, list)
s->init = set_expr_alloc(&cmd->location, s);
@@ -2372,7 +2364,7 @@ static int do_command_monitor(struct netlink_ctx *ctx, struct cmd *cmd)
}
}
- return netlink_monitor(&monhandler, ctx->nf_sock);
+ return netlink_monitor(&monhandler, ctx->nft->nf_sock);
}
static int do_command_describe(struct netlink_ctx *ctx, struct cmd *cmd,
@@ -2434,7 +2426,7 @@ int do_command(struct netlink_ctx *ctx, struct cmd *cmd)
case CMD_MONITOR:
return do_command_monitor(ctx, cmd);
case CMD_DESCRIBE:
- return do_command_describe(ctx, cmd, ctx->octx);
+ return do_command_describe(ctx, cmd, &ctx->nft->output);
default:
BUG("invalid command object type %u\n", cmd->obj);
}