Add declared table objects to the cache, thus we can refer to objects that
come in this batch but that are not yet available in the kernel. This happens
from the evaluation step.
Get rid of code that is doing this from the later do_command_*() stage.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct chain *chain;
struct set *set;
+ if (table_lookup(&ctx->cmd->handle) == NULL) {
+ if (table == NULL) {
+ table = table_alloc();
+ handle_merge(&table->handle, &ctx->cmd->handle);
+ table_add_hash(table);
+ } else {
+ table_add_hash(table_get(table));
+ }
+ }
+
+ if (ctx->cmd->table == NULL)
+ return 0;
+
ctx->table = table;
list_for_each_entry(set, &table->sets, list) {
handle_merge(&set->handle, &table->handle);
return 0;
return chain_evaluate(ctx, cmd->chain);
case CMD_OBJ_TABLE:
- if (cmd->data == NULL)
- return 0;
return table_evaluate(ctx, cmd->table);
default:
BUG("invalid command object type %u\n", cmd->obj);
struct table *table = NULL;
struct set *set;
- /* No need to allocate the table object when listing all tables */
- if (cmd->handle.table != NULL) {
+ if (cmd->handle.table != NULL)
table = table_lookup(&cmd->handle);
- if (table == NULL) {
- table = table_alloc();
- handle_merge(&table->handle, &cmd->handle);
- table_add_hash(table);
- }
- }
switch (cmd->obj) {
case CMD_OBJ_TABLE:
static int do_command_rename(struct netlink_ctx *ctx, struct cmd *cmd)
{
- struct table *table;
+ struct table *table = table_lookup(&cmd->handle);
struct chain *chain;
int err;
- table = table_alloc();
- handle_merge(&table->handle, &cmd->handle);
- table_add_hash(table);
-
switch (cmd->obj) {
case CMD_OBJ_CHAIN:
err = netlink_get_chain(ctx, &cmd->handle, &cmd->location);
projects / thirdparty / nftables.git / commitdiff
