git.ipfire.org Git - thirdparty/nftables.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 5 Jun 2019 15:07:42 +0000 (17:07 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 5 Jun 2019 15:54:50 +0000 (17:54 +0200)
commit	f211921e25e683eb0cbfac08fd0289a07b6d67d1
tree	aa8f8e60a97d152a6abee8483afd48cace4d98a1	tree
parent	60e917fa7cb55b4f675110bae78df56cd49bd486	commit \| diff

src: perform evaluation after parsing

Since 61236968b7a1 ("parser: evaluate commands immediately after
parsing"), evaluation is invoked from the parsing phase in order to
improve error reporting.

However, this approach is problematic from the cache perspective since
we don't know if a full or partial netlink dump from the kernel is
needed. If the number of objects in the kernel is significant, the
netlink dump operation to build the cache may significantly slow down
commands.

This patch moves the evaluation phase after the parsing phase as a
preparation update to allow for a better strategy to build the cache.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/parser.h		diff \| blob \| blame \| history
src/libnftables.c		diff \| blob \| blame \| history
src/parser_bison.y		diff \| blob \| blame \| history