git.ipfire.org Git - thirdparty/iptables.git/commit

]> git.ipfire.org Git - thirdparty/iptables.git/commit

projects / thirdparty / iptables.git / commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 28 May 2018 17:10:56 +0000 (19:10 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 28 May 2018 21:55:40 +0000 (23:55 +0200)
commit	9b896224e0bfc2c68c0c4b8b11f6ef650d0655ff
tree	56ff851cc20be5e1fa1996c237e254939c994835	tree
parent	01e25e264a4c4872fc0b1b50b4ee83768e7c0248	commit \| diff

xtables: rework rule cache logic

Perform incremental tracking on rule cache updates, instead of flushing
and resynchronizing with the kernel over and over again.

Note that there is no need to call flush_rule_cache() from
nft_rule_delete() and nft_rule_delete_num(), since __nft_rule_del()
already deletes the rule from the list.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

iptables/nft.c

diff | blob | blame | history

Mirror of git://git.netfilter.org/iptables

RSS Atom