nft: family_ops: Pass nft_handle to 'print_rule' callback

Prepare for 'rule_to_cs' callback to receive nft_handle pointer so it is
able to access cache for set lookups.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 5ad7556c637b83286cfd70afe7a0a362a4ebcbe5..da22c12d34a7b5a7214486cccbd0ee02cb0ed4f5 100644 (file)
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -582,7 +582,8 @@ nft_arp_save_rule(const void *data, unsigned int format)
 }
 
 static void
-nft_arp_print_rule(struct nftnl_rule *r, unsigned int num, unsigned int format)
+nft_arp_print_rule(struct nft_handle *h, struct nftnl_rule *r,
+                  unsigned int num, unsigned int format)
 {
        struct iptables_command_state cs = {};
 

diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index 73bca2f38101e8c2eefd3ec884f994349e09a6c6..b0c6c5a4db3cd673c808a98f652781fe5f207f57 100644 (file)
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -472,8 +472,8 @@ static void nft_bridge_save_rule(const void *data, unsigned int format)
                fputc('\n', stdout);
 }
 
-static void nft_bridge_print_rule(struct nftnl_rule *r, unsigned int num,
-                                 unsigned int format)
+static void nft_bridge_print_rule(struct nft_handle *h, struct nftnl_rule *r,
+                                 unsigned int num, unsigned int format)
 {
        struct iptables_command_state cs = {};
 

diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c
index 57d1b3c6d2d0c91876d49302b33f7420b54c3d5b..98d7f966e3694f19038241ad73e56a140562d159 100644 (file)
--- a/iptables/nft-ipv4.c
+++ b/iptables/nft-ipv4.c
@@ -261,8 +261,8 @@ static void print_fragment(unsigned int flags, unsigned int invflags,
        fputc(' ', stdout);
 }
 
-static void nft_ipv4_print_rule(struct nftnl_rule *r, unsigned int num,
-                               unsigned int format)
+static void nft_ipv4_print_rule(struct nft_handle *h, struct nftnl_rule *r,
+                               unsigned int num, unsigned int format)
 {
        struct iptables_command_state cs = {};
 

diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
index 0e2c4a2946e256339b32514ec8a18332855bbd1e..56236bff03c2b84ce2a2ab054ffd4eabcbcac599 100644 (file)
--- a/iptables/nft-ipv6.c
+++ b/iptables/nft-ipv6.c
@@ -187,8 +187,8 @@ static void nft_ipv6_parse_immediate(const char *jumpto, bool nft_goto,
                cs->fw6.ipv6.flags |= IP6T_F_GOTO;
 }
 
-static void nft_ipv6_print_rule(struct nftnl_rule *r, unsigned int num,
-                               unsigned int format)
+static void nft_ipv6_print_rule(struct nft_handle *h, struct nftnl_rule *r,
+                               unsigned int num, unsigned int format)
 {
        struct iptables_command_state cs = {};
 

diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 8c64d6e795ccd3ecf9cbd1b95783f497810d8f28..4523dda9410bc36fc39b2f949473f2583252421e 100644 (file)
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -90,8 +90,8 @@ struct nft_family_ops {
                             const char *pol,
                             const struct xt_counters *counters, bool basechain,
                             uint32_t refs, uint32_t entries);
-       void (*print_rule)(struct nftnl_rule *r, unsigned int num,
-                          unsigned int format);
+       void (*print_rule)(struct nft_handle *h, struct nftnl_rule *r,
+                          unsigned int num, unsigned int format);
        void (*save_rule)(const void *data, unsigned int format);
        void (*save_counters)(const void *data);
        void (*save_chain)(const struct nftnl_chain *c, const char *policy);

diff --git a/iptables/nft.c b/iptables/nft.c
index 387aada9f86db932126a292085540de126a6b749..049c3cfa10098b7ff4e09f252497c00c132a2499 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1202,7 +1202,7 @@ nft_rule_append(struct nft_handle *h, const char *chain, const char *table,
        }
 
        if (verbose)
-               h->ops->print_rule(r, 0, FMT_PRINT_RULE);
+               h->ops->print_rule(h, r, 0, FMT_PRINT_RULE);
 
        if (ref) {
                nftnl_chain_rule_insert_at(r, ref);
@@ -1935,7 +1935,7 @@ int nft_rule_check(struct nft_handle *h, const char *chain,
                goto fail_enoent;
 
        if (verbose)
-               h->ops->print_rule(r, 0, FMT_PRINT_RULE);
+               h->ops->print_rule(h, r, 0, FMT_PRINT_RULE);
 
        return 1;
 fail_enoent:
@@ -1964,7 +1964,7 @@ int nft_rule_delete(struct nft_handle *h, const char *chain,
                if (ret < 0)
                        errno = ENOMEM;
                if (verbose)
-                       h->ops->print_rule(r, 0, FMT_PRINT_RULE);
+                       h->ops->print_rule(h, r, 0, FMT_PRINT_RULE);
        } else
                errno = ENOENT;
 
@@ -2005,7 +2005,7 @@ nft_rule_add(struct nft_handle *h, const char *chain,
        }
 
        if (verbose)
-               h->ops->print_rule(r, 0, FMT_PRINT_RULE);
+               h->ops->print_rule(h, r, 0, FMT_PRINT_RULE);
 
        return r;
 }
@@ -2114,8 +2114,8 @@ int nft_rule_replace(struct nft_handle *h, const char *chain,
 static int
 __nft_rule_list(struct nft_handle *h, struct nftnl_chain *c,
                int rulenum, unsigned int format,
-               void (*cb)(struct nftnl_rule *r, unsigned int num,
-                          unsigned int format))
+               void (*cb)(struct nft_handle *h, struct nftnl_rule *r,
+                          unsigned int num, unsigned int format))
 {
        struct nftnl_rule_iter *iter;
        struct nftnl_rule *r;
@@ -2128,7 +2128,7 @@ __nft_rule_list(struct nft_handle *h, struct nftnl_chain *c,
                         * valid chain but invalid rule number
                         */
                        return 1;
-               cb(r, rulenum, format);
+               cb(h, r, rulenum, format);
                return 1;
        }
 
@@ -2138,7 +2138,7 @@ __nft_rule_list(struct nft_handle *h, struct nftnl_chain *c,
 
        r = nftnl_rule_iter_next(iter);
        while (r != NULL) {
-               cb(r, ++rule_ctr, format);
+               cb(h, r, ++rule_ctr, format);
                r = nftnl_rule_iter_next(iter);
        }
 
@@ -2242,7 +2242,8 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table,
 }
 
 static void
-list_save(struct nftnl_rule *r, unsigned int num, unsigned int format)
+list_save(struct nft_handle *h, struct nftnl_rule *r,
+         unsigned int num, unsigned int format)
 {
        nft_rule_print_save(r, NFT_RULE_APPEND, format);
 }