cache: Optimize caching for 'list tables' command

commit 674eb7fa2895813b25f6fbfcc9417fc0788fade1 upstream.

No point in fetching anything other than existing tables from kernel:
'list tables' merely prints existing table names, no contents.

Also populate filter's family field to reduce overhead when listing
tables in one family with many tables in another one. It works without
further adjustments because nftnl_nlmsg_build_hdr() will use the value
for nfgen_family.

Reported-by: anton.khazan@gmail.com
Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1735
Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/src/cache.c b/src/cache.c
index 8ffce60cdc3185b8cd92ac851dc740dac2f48255..a2cad3bf8b59451567884a3205fb63b09159721f 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -201,8 +201,12 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd,
 {
        switch (cmd->obj) {
        case CMD_OBJ_TABLE:
-               if (filter && cmd->handle.table.name) {
+               if (filter)
                        filter->list.family = cmd->handle.family;
+               if (!cmd->handle.table.name) {
+                       flags |= NFT_CACHE_TABLE;
+                       break;
+               } else if (filter) {
                        filter->list.table = cmd->handle.table.name;
                }
                flags |= NFT_CACHE_FULL;