]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 99af859) | patch
netlink: improve rule deletion per chain
authorPablo Neira Ayuso <pablo@netfilter.org>
Sun, 24 Nov 2013 19:06:51 +0000 (20:06 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Sun, 24 Nov 2013 23:15:22 +0000 (00:15 +0100)
commit8764c35382fdf8ae6c7c4252042fc32397197ffe
tree5c538e917bdef1c7fc6ad437da6c406454f8a932tree
parent99af859adcf8b8d44ac8a2202467f4b7b4987e3fcommit | diff
netlink: improve rule deletion per chain

With this patch, nft asks the kernel for deleting all rules in a chain.
This replaces the current behaviour that requires to dump all the rules,
then iterate over that list to delete one by one, which is prone to races
and slowier.

After this patch, the following two commands are equivalent:

 nft flush chain filter input
 nft delete rule filter input

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/netlink.c diff | blob | blame | history
Mirror of git://git.netfilter.org/nftables