if (ctx->table != NULL)
return ctx->table;
- table = table_lookup(&ctx->cmd->handle, ctx->cache);
+ table = table_lookup(&ctx->cmd->handle, &ctx->nft->cache);
if (table == NULL)
return NULL;
}
break;
case SYMBOL_SET:
- ret = cache_update(ctx->nf_sock, ctx->cache, ctx->cmd->op,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, ctx->cmd->op,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
static int expr_evaluate_osf(struct eval_ctx *ctx, struct expr **expr)
{
struct netlink_ctx nl_ctx = {
- .nf_sock = ctx->nf_sock,
- .debug_mask = ctx->debug_mask,
- .octx = ctx->octx,
+ .nf_sock = ctx->nft->nf_sock,
+ .debug_mask = ctx->nft->debug_mask,
+ .octx = &ctx->nft->output,
.seqnum = time(NULL),
};
static int expr_evaluate(struct eval_ctx *ctx, struct expr **expr)
{
- if (ctx->debug_mask & NFT_DEBUG_EVALUATION) {
+ if (ctx->nft->debug_mask & NFT_DEBUG_EVALUATION) {
struct error_record *erec;
erec = erec_create(EREC_INFORMATIONAL, &(*expr)->location,
"Evaluate %s", (*expr)->ops->name);
- erec_print(ctx->octx, erec, ctx->debug_mask);
- expr_print(*expr, ctx->octx);
- nft_print(ctx->octx, "\n\n");
+ erec_print(&ctx->nft->output, erec, ctx->nft->debug_mask);
+ expr_print(*expr, &ctx->nft->output);
+ nft_print(&ctx->nft->output, "\n\n");
erec_destroy(erec);
}
int stmt_evaluate(struct eval_ctx *ctx, struct stmt *stmt)
{
- if (ctx->debug_mask & NFT_DEBUG_EVALUATION) {
+ if (ctx->nft->debug_mask & NFT_DEBUG_EVALUATION) {
struct error_record *erec;
erec = erec_create(EREC_INFORMATIONAL, &stmt->location,
"Evaluate %s", stmt->ops->name);
- erec_print(ctx->octx, erec, ctx->debug_mask);
- stmt_print(stmt, ctx->octx);
- nft_print(ctx->octx, "\n\n");
+ erec_print(&ctx->nft->output, erec, ctx->nft->debug_mask);
+ stmt_print(stmt, &ctx->nft->output);
+ nft_print(&ctx->nft->output, "\n\n");
erec_destroy(erec);
}
int ret;
/* update cache with CMD_LIST so that rules are fetched, too */
- ret = cache_update(ctx->nf_sock, ctx->cache, CMD_LIST,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, CMD_LIST,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
- table = table_lookup(&rule->handle, ctx->cache);
+ table = table_lookup(&rule->handle, &ctx->nft->cache);
if (!table)
return cmd_error(ctx, &rule->handle.table.location,
"Could not process rule: %s",
struct stmt *stmt, *tstmt = NULL;
struct error_record *erec;
- proto_ctx_init(&ctx->pctx, rule->handle.family, ctx->debug_mask);
+ proto_ctx_init(&ctx->pctx, rule->handle.family, ctx->nft->debug_mask);
memset(&ctx->ectx, 0, sizeof(ctx->ectx));
ctx->rule = rule;
struct set *set;
struct obj *obj;
- if (table_lookup(&ctx->cmd->handle, ctx->cache) == NULL) {
+ if (table_lookup(&ctx->cmd->handle, &ctx->nft->cache) == NULL) {
if (table == NULL) {
table = table_alloc();
handle_merge(&table->handle, &ctx->cmd->handle);
- table_add_hash(table, ctx->cache);
+ table_add_hash(table, &ctx->nft->cache);
} else {
- table_add_hash(table_get(table), ctx->cache);
+ table_add_hash(table_get(table), &ctx->nft->cache);
}
}
switch (cmd->obj) {
case CMD_OBJ_SETELEM:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
return setelem_evaluate(ctx, &cmd->expr);
case CMD_OBJ_SET:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
handle_merge(&cmd->rule->handle, &cmd->handle);
return rule_evaluate(ctx, cmd->rule);
case CMD_OBJ_CHAIN:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
case CMD_OBJ_TABLE:
return table_evaluate(ctx, cmd->table);
case CMD_OBJ_FLOWTABLE:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
switch (cmd->obj) {
case CMD_OBJ_SETELEM:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
struct set *set;
int ret;
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
switch (cmd->obj) {
case CMD_OBJ_SETELEM:
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &ctx->cmd->handle.table.location,
"Could not process rule: %s",
if (obj_type == NFT_OBJECT_UNSPEC)
obj_type = NFT_OBJECT_COUNTER;
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
struct set *set;
int ret;
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
if (cmd->handle.table.name == NULL)
return 0;
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
return 0;
case CMD_OBJ_SET:
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
return 0;
case CMD_OBJ_METER:
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
return 0;
case CMD_OBJ_MAP:
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
return 0;
case CMD_OBJ_CHAIN:
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
case CMD_OBJ_SECMARKS:
if (cmd->handle.table.name == NULL)
return 0;
- if (table_lookup(&cmd->handle, ctx->cache) == NULL)
+ if (table_lookup(&cmd->handle, &ctx->nft->cache) == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
{
int ret;
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
case CMD_OBJ_QUOTAS:
if (cmd->handle.table.name == NULL)
return 0;
- if (table_lookup(&cmd->handle, ctx->cache) == NULL)
+ if (table_lookup(&cmd->handle, &ctx->nft->cache) == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
switch (cmd->obj) {
case CMD_OBJ_RULESET:
- cache_flush(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ cache_flush(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
break;
case CMD_OBJ_TABLE:
/* Flushing a table does not empty the sets in the table nor remove
/* Chains don't hold sets */
break;
case CMD_OBJ_SET:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
return 0;
case CMD_OBJ_MAP:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &ctx->cmd->handle.table.location,
"Could not process rule: %s",
strerror(ENOENT));
return 0;
case CMD_OBJ_METER:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
- table = table_lookup(&cmd->handle, ctx->cache);
+ table = table_lookup(&cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &ctx->cmd->handle.table.location,
"Could not process rule: %s",
switch (cmd->obj) {
case CMD_OBJ_CHAIN:
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op,
- ctx->msgs, ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op,
+ ctx->msgs, ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
- table = table_lookup(&ctx->cmd->handle, ctx->cache);
+ table = table_lookup(&ctx->cmd->handle, &ctx->nft->cache);
if (table == NULL)
return cmd_error(ctx, &ctx->cmd->handle.table.location,
"Could not process rule: %s",
uint32_t event;
int ret;
- ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ ret = cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
if (ret < 0)
return ret;
return cmd_error(ctx, &cmd->location,
"this output type is not supported");
- return cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
- ctx->debug_mask, ctx->octx);
+ return cache_update(ctx->nft->nf_sock, &ctx->nft->cache, cmd->op, ctx->msgs,
+ ctx->nft->debug_mask, &ctx->nft->output);
}
static int cmd_evaluate_import(struct eval_ctx *ctx, struct cmd *cmd)
int cmd_evaluate(struct eval_ctx *ctx, struct cmd *cmd)
{
- if (ctx->debug_mask & NFT_DEBUG_EVALUATION) {
+ if (ctx->nft->debug_mask & NFT_DEBUG_EVALUATION) {
struct error_record *erec;
erec = erec_create(EREC_INFORMATIONAL, &cmd->location,
"Evaluate %s", cmd_op_to_name(cmd->op));
- erec_print(ctx->octx, erec, ctx->debug_mask);
- nft_print(ctx->octx, "\n\n");
+ erec_print(&ctx->nft->output, erec, ctx->nft->debug_mask);
+ nft_print(&ctx->nft->output, "\n\n");
erec_destroy(erec);
}
projects / thirdparty / nftables.git / commitdiff
