From d35e789cdae6e7ac622c40e50558901f45e2d53c Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 20 May 2020 20:23:36 +0200
Subject: src: delete devices to an existing flowtable

This patch allows you to remove a device to an existing flowtable:

 # nft delete flowtable x y { devices = { eth0 } \;  }

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/mnl.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'src/mnl.c')

diff --git a/src/mnl.c b/src/mnl.c
index 8f8fcc2c..759ae41c 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -1682,6 +1682,7 @@ int mnl_nft_flowtable_add(struct netlink_ctx *ctx, struct cmd *cmd,
 int mnl_nft_flowtable_del(struct netlink_ctx *ctx, struct cmd *cmd)
 {
 	struct nftnl_flowtable *flo;
+	const char **dev_array;
 	struct nlmsghdr *nlh;
 
 	flo = nftnl_flowtable_alloc();
@@ -1691,6 +1692,16 @@ int mnl_nft_flowtable_del(struct netlink_ctx *ctx, struct cmd *cmd)
 	nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY,
 				cmd->handle.family);
 
+	if (cmd->flowtable && cmd->flowtable->dev_expr) {
+		nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_HOOKNUM, 0);
+		nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_PRIO, 0);
+
+		dev_array = nft_flowtable_dev_array(cmd);
+		nftnl_flowtable_set_data(flo, NFTNL_FLOWTABLE_DEVICES,
+					 dev_array, 0);
+		nft_flowtable_dev_array_free(dev_array);
+	}
+
 	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
 				    NFT_MSG_DELFLOWTABLE, cmd->handle.family,
 				    0, ctx->seqnum);
-- 
cgit v1.2.3