]> git.ipfire.org Git - thirdparty/iptables.git/commit
projects / thirdparty / iptables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6deb305) | patch
xtables-compat: add rule cache
authorPablo M. Bermudo Garay <pablombg@gmail.com>
Fri, 26 Aug 2016 16:58:44 +0000 (18:58 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 30 Aug 2016 16:57:53 +0000 (18:57 +0200)
commitef2a7e9fe0d82c691aeee1cbd61095841231974f
tree41191252aca69bd85eb736799ab659e4446b8ebctree
parent6deb305b668d0c1f12b5955e76ea5097ca87bf9bcommit | diff
xtables-compat: add rule cache

This patch adds a cache of rules within the nft handle. This feature is
useful since the whole ruleset was brought from the kernel for every
chain during listing operations. In addition with the new checks of
ruleset compatibility, the rule list is loaded one more time.

Now all the operations causing changes in the ruleset must invalidate
the cache, a function called flush_rule_cache has been introduced for
this purpose.

Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
iptables/nft.c diff | blob | blame | history
iptables/nft.h diff | blob | blame | history
Mirror of git://git.netfilter.org/iptables