struct nftnl_flowtable_list *
mnl_nft_flowtable_dump(struct netlink_ctx *ctx, int family, const char *table);
-int mnl_nft_flowtable_batch_add(struct nftnl_flowtable *flo,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum);
-int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flow,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum);
+int mnl_nft_flowtable_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+ unsigned int flags);
+int mnl_nft_flowtable_del(struct netlink_ctx *ctx, const struct cmd *cmd);
struct nftnl_ruleset *mnl_nft_ruleset_dump(struct netlink_ctx *ctx,
uint32_t family);
extern int netlink_list_flowtables(struct netlink_ctx *ctx,
const struct handle *h);
-extern int netlink_add_flowtable(struct netlink_ctx *ctx,
- const struct cmd *cmd, uint32_t flags);
-extern int netlink_delete_flowtable(struct netlink_ctx *ctx,
- const struct cmd *cmd);
extern void netlink_dump_chain(const struct nftnl_chain *nlc,
struct netlink_ctx *ctx);
extern void netlink_dump_set(const struct nftnl_set *nls,
struct netlink_ctx *ctx);
extern void netlink_dump_obj(struct nftnl_obj *nlo, struct netlink_ctx *ctx);
+extern void netlink_dump_flowtable(struct nftnl_flowtable *flo, struct netlink_ctx *ctx);
extern int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list);
return NULL;
}
-int mnl_nft_flowtable_batch_add(struct nftnl_flowtable *flo,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum)
+int mnl_nft_flowtable_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+ unsigned int flags)
{
+ struct nftnl_flowtable *flo;
+ const char *dev_array[8];
struct nlmsghdr *nlh;
+ struct expr *expr;
+ int i = 0;
- nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
- NFT_MSG_NEWFLOWTABLE,
- nftnl_flowtable_get_u32(flo, NFTNL_FLOWTABLE_FAMILY),
- NLM_F_CREATE | flags, seqnum);
+ flo = nftnl_flowtable_alloc();
+ if (!flo)
+ memory_allocation_error();
+
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY,
+ cmd->handle.family);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE,
+ cmd->handle.table.name);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_NAME,
+ cmd->handle.flowtable);
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_HOOKNUM,
+ cmd->flowtable->hooknum);
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_PRIO,
+ cmd->flowtable->priority.num);
+
+ list_for_each_entry(expr, &cmd->flowtable->dev_expr->expressions, list)
+ dev_array[i++] = expr->identifier;
+
+ dev_array[i] = NULL;
+ nftnl_flowtable_set(flo, NFTNL_FLOWTABLE_DEVICES, dev_array);
+
+ netlink_dump_flowtable(flo, ctx);
+
+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
+ NFT_MSG_NEWFLOWTABLE, cmd->handle.family,
+ NLM_F_CREATE | flags, ctx->seqnum);
nftnl_flowtable_nlmsg_build_payload(nlh, flo);
- mnl_nft_batch_continue(batch);
+ nftnl_flowtable_free(flo);
+
+ mnl_nft_batch_continue(ctx->batch);
return 0;
}
-int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flo,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum)
+int mnl_nft_flowtable_del(struct netlink_ctx *ctx, const struct cmd *cmd)
{
+ struct nftnl_flowtable *flo;
struct nlmsghdr *nlh;
- nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
- NFT_MSG_DELFLOWTABLE,
- nftnl_flowtable_get_u32(flo, NFTNL_FLOWTABLE_FAMILY),
- flags, seqnum);
+ flo = nftnl_flowtable_alloc();
+ if (!flo)
+ memory_allocation_error();
+
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY,
+ cmd->handle.family);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE,
+ cmd->handle.table.name);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_NAME,
+ cmd->handle.flowtable);
+
+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
+ NFT_MSG_DELFLOWTABLE, cmd->handle.family,
+ 0, ctx->seqnum);
nftnl_flowtable_nlmsg_build_payload(nlh, flo);
- mnl_nft_batch_continue(batch);
+ nftnl_flowtable_free(flo);
+
+ mnl_nft_batch_continue(ctx->batch);
return 0;
}
return obj;
}
-static struct nftnl_flowtable *alloc_nftnl_flowtable(const struct handle *h,
- const struct flowtable *ft)
-{
- struct nftnl_flowtable *flo;
-
- flo = nftnl_flowtable_alloc();
- if (flo == NULL)
- memory_allocation_error();
-
- nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY, h->family);
- nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE, h->table.name);
- if (h->flowtable != NULL)
- nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_NAME, h->flowtable);
-
- return flo;
-}
-
-static void netlink_dump_flowtable(struct nftnl_flowtable *flo,
- struct netlink_ctx *ctx)
+void netlink_dump_flowtable(struct nftnl_flowtable *flo,
+ struct netlink_ctx *ctx)
{
FILE *fp = ctx->nft->output.output_fp;
fprintf(fp, "\n");
}
-int netlink_add_flowtable(struct netlink_ctx *ctx, const struct cmd *cmd,
- uint32_t flags)
-{
- struct flowtable *ft = cmd->flowtable;
- struct nftnl_flowtable *flo;
- const char *dev_array[8];
- struct expr *expr;
- int i = 0, err;
-
- flo = alloc_nftnl_flowtable(&cmd->handle, ft);
- nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_HOOKNUM, ft->hooknum);
- nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_PRIO, ft->priority.num);
-
- list_for_each_entry(expr, &ft->dev_expr->expressions, list)
- dev_array[i++] = expr->identifier;
-
- dev_array[i] = NULL;
- nftnl_flowtable_set(flo, NFTNL_FLOWTABLE_DEVICES, dev_array);
-
- netlink_dump_flowtable(flo, ctx);
-
- err = mnl_nft_flowtable_batch_add(flo, ctx->batch, flags, ctx->seqnum);
- nftnl_flowtable_free(flo);
-
- return err;
-}
-
-int netlink_delete_flowtable(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
- struct nftnl_flowtable *flo;
- int err;
-
- flo = alloc_nftnl_flowtable(&cmd->handle, NULL);
- netlink_dump_flowtable(flo, ctx);
-
- err = mnl_nft_flowtable_batch_del(flo, ctx->batch, 0, ctx->seqnum);
- nftnl_flowtable_free(flo);
-
- return err;
-}
-
static int list_obj_cb(struct nftnl_obj *nls, void *arg)
{
struct netlink_ctx *ctx = arg;
case CMD_OBJ_SECMARK:
return mnl_nft_obj_add(ctx, cmd, flags);
case CMD_OBJ_FLOWTABLE:
- return netlink_add_flowtable(ctx, cmd, flags);
+ return mnl_nft_flowtable_add(ctx, cmd, flags);
default:
BUG("invalid command object type %u\n", cmd->obj);
}
case CMD_OBJ_SECMARK:
return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_SECMARK);
case CMD_OBJ_FLOWTABLE:
- return netlink_delete_flowtable(ctx, cmd);
+ return mnl_nft_flowtable_del(ctx, cmd);
default:
BUG("invalid command object type %u\n", cmd->obj);
}
projects / thirdparty / nftables.git / commitdiff
