src: centralize netlink error reporting

Consolidate error reporting from do_command() call.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/libnftables.c b/src/libnftables.c
index f336dbc3e3f4366cc9244d4dd68b29cdc55b3dc2..fe5143f66e7136100cd639ed68d4b3d07cbb0ab6 100644 (file)
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -46,8 +46,12 @@ static int nft_netlink(struct nft_ctx *nft,
                ctx.debug_mask = nft->debug_mask;
                init_list_head(&ctx.list);
                ret = do_command(&ctx, cmd);
-               if (ret < 0)
+               if (ret < 0) {
+                       netlink_io_error(&ctx, &cmd->location,
+                                        "Could not process rule: %s",
+                                        strerror(errno));
                        goto out;
+               }
        }
        if (!nft->check)
                mnl_batch_end(batch, mnl_seqnum_alloc(&seqnum));

diff --git a/src/monitor.c b/src/monitor.c
index f7fa631160c8f0673135a8c8d04b0fd39b324d9a..9249a21cfc0be602d1242d880b1e78c49135c3af 100644 (file)
--- a/src/monitor.c
+++ b/src/monitor.c
@@ -927,19 +927,13 @@ int netlink_monitor(struct netlink_mon_handler *monhandler,
                group = NFNLGRP_NFTRACE;
                if (mnl_socket_setsockopt(nf_sock, NETLINK_ADD_MEMBERSHIP,
                                          &group, sizeof(int)) < 0)
-                       return netlink_io_error(monhandler->ctx,
-                                               monhandler->loc,
-                                               "Could not bind to netlink socket %s",
-                                               strerror(errno));
+                       return -1;
        }
        if (monhandler->monitor_flags & ~(1 << NFT_MSG_TRACE)) {
                group = NFNLGRP_NFTABLES;
                if (mnl_socket_setsockopt(nf_sock, NETLINK_ADD_MEMBERSHIP,
                                          &group, sizeof(int)) < 0)
-                       return netlink_io_error(monhandler->ctx,
-                                               monhandler->loc,
-                                               "Could not bind to netlink socket %s",
-                                               strerror(errno));
+                       return -1;
        }
 
        return mnl_nft_event_listener(nf_sock, monhandler->debug_mask,

diff --git a/src/netlink.c b/src/netlink.c
index 372caaa963ca5c634aada7b0ba2fc819c01aef43..525100b62f1584014270ad9622f193455dba560d 100644 (file)
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1363,9 +1363,6 @@ int netlink_get_setelem(struct netlink_ctx *ctx, const struct handle *h,
        if (set->flags & NFT_SET_INTERVAL)
                get_set_decompose(table, set);
 out:
-       if (err < 0)
-               netlink_io_error(ctx, loc, "Could not receive set elements: %s",
-                                strerror(errno));
        return err;
 }
 
@@ -1575,14 +1572,8 @@ int netlink_reset_objs(struct netlink_ctx *ctx, const struct cmd *cmd,
 
        obj_cache = mnl_nft_obj_dump(ctx, h->family,
                                     h->table, h->obj, type, dump, true);
-       if (obj_cache == NULL) {
-               if (errno == EINTR)
-                       return -1;
-
-               return netlink_io_error(ctx, &cmd->location,
-                                       "Could not receive stateful object from kernel: %s",
-                                       strerror(errno));
-       }
+       if (obj_cache == NULL)
+               return -1;
 
        err = nftnl_obj_list_foreach(obj_cache, list_obj_cb, ctx);
        nftnl_obj_list_free(obj_cache);
@@ -1673,18 +1664,7 @@ struct nftnl_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx,
                                         const struct handle *h,
                                         const struct location *loc)
 {
-       struct nftnl_ruleset *rs;
-
-       rs = mnl_nft_ruleset_dump(ctx, h->family);
-       if (rs == NULL) {
-               if (errno == EINTR)
-                       return NULL;
-
-               netlink_io_error(ctx, loc, "Could not receive ruleset: %s",
-                                strerror(errno));
-       }
-
-       return rs;
+       return mnl_nft_ruleset_dump(ctx, h->family);
 }
 
 static void trace_print_hdr(const struct nftnl_trace *nlt,
@@ -2213,12 +2193,9 @@ static int netlink_markup_flush(const struct nftnl_parse_ctx *ctx)
 
 int netlink_markup_parse_cb(const struct nftnl_parse_ctx *ctx)
 {
-       struct ruleset_parse *rp;
        uint32_t type;
        int ret = -1;
 
-       rp = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_DATA);
-
        type = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_TYPE);
        switch (type) {
        case NFTNL_RULESET_TABLE:
@@ -2245,9 +2222,6 @@ int netlink_markup_parse_cb(const struct nftnl_parse_ctx *ctx)
        }
 
        nftnl_ruleset_ctx_free(ctx);
-       if (ret < 0)
-               netlink_io_error(rp->nl_ctx, &rp->cmd->location,
-                                "Could not import: %s", strerror(errno));
 
-       return 0;
+       return ret;
 }