From fd33d964a94063d7af6f1713350df980cf440503 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 24 Aug 2016 16:45:06 +0200
Subject: src: create element command

This patch adds the create command, that send the NLM_F_EXCL flag so
nf_tables bails out if the element already exists, eg.

 # nft add element x y { 1.1.1.1 }
 # nft create element x y { 1.1.1.1 }
 <cmdline>:1:1-31: Error: Could not process rule: File exists
 create element x y { 1.1.1.1 }
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This update requires nf_tables kernel patches to honor the NLM_F_EXCL.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/netlink.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/netlink.h')

diff --git a/include/netlink.h b/include/netlink.h
index 5f487074..28c11f60 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -160,7 +160,7 @@ extern struct stmt *netlink_parse_set_expr(const struct set *set,
 					   const struct nftnl_expr *nle);
 
 extern int netlink_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
-				const struct expr *expr);
+				const struct expr *expr, bool excl);
 extern int netlink_delete_setelems(struct netlink_ctx *ctx, const struct handle *h,
 				   const struct expr *expr);
 extern int netlink_get_setelems(struct netlink_ctx *ctx, const struct handle *h,
-- 
cgit v1.2.3