"Could not fetch rule set generation id: %s\n", nft_strerror(errno));
}
-static struct nft_table *nft_table_alloc(void)
-{
- struct nftnl_table *nftnl;
- struct nft_table *table;
-
- table = malloc(sizeof(struct nft_table));
- if (!table)
- return NULL;
-
- nftnl = nftnl_table_alloc();
- if (!nftnl) {
- free(table);
- return NULL;
- }
- table->nftnl = nftnl;
-
- return table;
-}
-
-static void nft_table_free(struct nft_table *table)
+static int nftnl_table_list_cb(const struct nlmsghdr *nlh, void *data)
{
- nftnl_table_free(table->nftnl);
- free(table);
-}
+ struct nftnl_table *nftnl = nftnl_table_alloc();
+ const struct builtin_table *t;
+ struct nft_handle *h = data;
+ const char *name;
-static void nft_table_list_free(struct list_head *table_list)
-{
- struct nft_table *table, *next;
+ if (!nftnl)
+ return MNL_CB_OK;
- list_for_each_entry_safe(table, next, table_list, list) {
- list_del(&table->list);
- nft_table_free(table);
- }
-}
+ if (nftnl_table_nlmsg_parse(nlh, nftnl) < 0)
+ goto out;
-static int nftnl_table_list_cb(const struct nlmsghdr *nlh, void *data)
-{
- struct list_head *list = data;
- struct nft_table *t;
+ name = nftnl_table_get_str(nftnl, NFTNL_TABLE_NAME);
+ if (!name)
+ goto out;
- t = nft_table_alloc();
+ t = nft_table_builtin_find(h, name);
if (!t)
- goto err;
-
- if (nftnl_table_nlmsg_parse(nlh, t->nftnl) < 0)
goto out;
- list_add_tail(&t->list, list);
-
- return MNL_CB_OK;
+ h->cache->table[t->type].exists = true;
out:
- nft_table_free(t);
-err:
+ nftnl_table_free(nftnl);
return MNL_CB_OK;
}
char buf[16536];
int i, ret;
- if (!list_empty(&h->cache->tables))
- return 0;
-
nlh = nftnl_rule_nlmsg_build_hdr(buf, NFT_MSG_GETTABLE, h->family,
NLM_F_DUMP, h->seq);
- ret = mnl_talk(h, nlh, nftnl_table_list_cb, &h->cache->tables);
+ ret = mnl_talk(h, nlh, nftnl_table_list_cb, h);
if (ret < 0 && errno == EINTR)
assert(nft_restart(h) >= 0);
nftnl_set_list_free(c->table[i].sets);
c->table[i].sets = NULL;
}
+
+ c->table[i].exists = false;
}
- if (!list_empty(&c->tables))
- nft_table_list_free(&c->tables);
return 1;
}
}
}
-struct list_head *nft_table_list_get(struct nft_handle *h)
-{
- return &h->cache->tables;
-}
-
struct nftnl_set_list *
nft_set_list_get(struct nft_handle *h, const char *table, const char *set)
{
#ifndef _NFT_CACHE_H_
#define _NFT_CACHE_H_
-#include <libiptc/linux_list.h>
-
struct nft_handle;
struct nft_cmd;
nft_chain_list_get(struct nft_handle *h, const char *table, const char *chain);
struct nftnl_set_list *
nft_set_list_get(struct nft_handle *h, const char *table, const char *set);
-struct list_head *nft_table_list_get(struct nft_handle *h);
-
-struct nft_table {
- struct list_head list;
- struct nftnl_table *nftnl;
-};
-
#endif /* _NFT_CACHE_H_ */
INIT_LIST_HEAD(&h->obj_list);
INIT_LIST_HEAD(&h->err_list);
INIT_LIST_HEAD(&h->cmd_list);
- INIT_LIST_HEAD(&h->__cache[0].tables);
- INIT_LIST_HEAD(&h->__cache[1].tables);
INIT_LIST_HEAD(&h->cache_req.chain_list);
return 0;
bool nft_table_find(struct nft_handle *h, const char *tablename)
{
- struct list_head *list;
- struct nft_table *t;
- bool ret = false;
-
- list = nft_table_list_get(h);
-
- list_for_each_entry(t, list, list) {
- const char *this_tablename =
- nftnl_table_get(t->nftnl, NFTNL_TABLE_NAME);
-
- if (strcmp(tablename, this_tablename) == 0) {
- ret = true;
- break;
- }
- }
+ const struct builtin_table *t;
- return ret;
+ t = nft_table_builtin_find(h, tablename);
+ return t ? h->cache->table[t->type].exists : false;
}
int nft_for_each_table(struct nft_handle *h,
int (*func)(struct nft_handle *h, const char *tablename, void *data),
void *data)
{
- struct list_head *list;
- struct nft_table *t;
+ int i;
- list = nft_table_list_get(h);
+ for (i = 0; i < NFT_TABLE_MAX; i++) {
+ if (h->tables[i].name == NULL)
+ continue;
- list_for_each_entry(t, list, list) {
- const char *tablename =
- nftnl_table_get(t->nftnl, NFTNL_TABLE_NAME);
+ if (!h->cache->table[h->tables[i].type].exists)
+ continue;
- func(h, tablename, data);
+ func(h, h->tables[i].name, data);
}
return 0;
int nft_table_flush(struct nft_handle *h, const char *table)
{
- struct list_head *list;
- struct nft_table *t;
- bool exists = false;
+ const struct builtin_table *t;
int ret = 0;
nft_fn = nft_table_flush;
- list = nft_table_list_get(h);
-
- list_for_each_entry(t, list, list) {
- const char *table_name =
- nftnl_table_get_str(t->nftnl, NFTNL_TABLE_NAME);
-
- if (strcmp(table_name, table) == 0) {
- exists = true;
- break;
- }
- }
+ t = nft_table_builtin_find(h, table);
+ if (!t)
+ return 0;
- ret = __nft_table_flush(h, table, exists);
+ ret = __nft_table_flush(h, table, h->cache->table[t->type].exists);
/* the core expects 1 for success and 0 for error */
return ret == 0 ? 1 : 0;
};
struct nft_cache {
- struct list_head tables;
struct {
struct nftnl_chain_list *chains;
struct nftnl_set_list *sets;
bool initialized;
+ bool exists;
} table[NFT_TABLE_MAX];
};
projects / thirdparty / iptables.git / commitdiff
