From d545778d5933ab20c1d9d34a44ae93b2668c60d2 Mon Sep 17 00:00:00 2001 From: Elise Lennion Date: Thu, 26 Jan 2017 15:09:44 -0200 Subject: src: Allow reset single stateful object Currently the stateful objects can only be reseted in groups. With this patch reseting a single object is allowed: $ nft reset counter filter https-traffic table ip filter { counter https-traffic { packets 8774 bytes 542668 } } $ nft list counter filter https-traffic table ip filter { counter https-traffic { packets 0 bytes 0 } } Heavily based on work from Pablo Neira Ayuso . Signed-off-by: Elise Lennion Signed-off-by: Pablo Neira Ayuso --- src/mnl.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'src/mnl.c') diff --git a/src/mnl.c b/src/mnl.c index 1c4b0703..295dd84a 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -849,8 +849,9 @@ err_free: struct nftnl_obj_list * mnl_nft_obj_dump(struct mnl_socket *nf_sock, int family, const char *table, - uint32_t type, bool reset) + const char *name, uint32_t type, bool dump, bool reset) { + uint16_t nl_flags = dump ? NLM_F_DUMP : 0; struct nftnl_obj_list *nln_list; char buf[MNL_SOCKET_BUFFER_SIZE]; struct nftnl_obj *n; @@ -867,9 +868,11 @@ mnl_nft_obj_dump(struct mnl_socket *nf_sock, int family, const char *table, memory_allocation_error(); nlh = nftnl_nlmsg_build_hdr(buf, msg_type, family, - NLM_F_DUMP | NLM_F_ACK, seq); + nl_flags | NLM_F_ACK, seq); if (table != NULL) - nftnl_obj_set(n, NFTNL_OBJ_TABLE, table); + nftnl_obj_set_str(n, NFTNL_OBJ_TABLE, table); + if (name != NULL) + nftnl_obj_set_str(n, NFTNL_OBJ_NAME, name); if (type != NFT_OBJECT_UNSPEC) nftnl_obj_set_u32(n, NFTNL_OBJ_TYPE, type); nftnl_obj_nlmsg_build_payload(nlh, n); -- cgit v1.2.3