]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 95781fc) | patch
cache: Filter chain list on kernel side
authorPhil Sutter <phil@nwl.cc>
Mon, 29 Nov 2021 15:26:44 +0000 (16:26 +0100)
committerPhil Sutter <phil@nwl.cc>
Fri, 3 Dec 2021 11:50:18 +0000 (12:50 +0100)
commit17297d1acbbff0133f8614dbee6717edf55c39f8
treed3d0f078888445061be8af50cdf4045b6e62f982tree
parent95781fcbddcd6524f67a3357c0cf91f13be24053commit | diff
cache: Filter chain list on kernel side

When operating on a specific chain, add payload to NFT_MSG_GETCHAIN so
kernel returns only relevant data. Since ENOENT is an expected return
code, do not treat this as error.

While being at it, improve code in chain_cache_cb() a bit:
- Check chain's family first, it is a less expensive check than
  comparing table names.
- Do not extract chain name of uninteresting chains.

Signed-off-by: Phil Sutter <phil@nwl.cc>
include/mnl.h diff | blob | blame | history
src/cache.c diff | blob | blame | history
src/mnl.c diff | blob | blame | history
Mirror of git://git.netfilter.org/nftables