evaluate: remove chain from cache on delete chain command

author Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 29 Apr 2021 15:41:25 +0000 (17:41 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Sun, 2 May 2021 21:30:35 +0000 (23:30 +0200)
author Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 29 Apr 2021 15:41:25 +0000 (17:41 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Sun, 2 May 2021 21:30:35 +0000 (23:30 +0200)
diff --git a/include/cache.h b/include/cache.h

index fddb843b510e7d2bcea29afe13d12158ab3a0853..3823e9a7865369d8328ee0eeffa668104afba2bf 100644 (file)
--- a/include/cache.h
+++ b/include/cache.h
@@ -62,7 +62,9 @@ struct table;
  struct chain;
  
  void chain_cache_add(struct chain *chain, struct table *table);
+void chain_cache_del(struct chain *chain);
  struct chain *chain_cache_find(const struct table *table, const char *name);
+
  void set_cache_add(struct set *set, struct table *table);
  void set_cache_del(struct set *set);
  struct set *set_cache_find(const struct table *table, const char *name);
diff --git a/src/cache.c b/src/cache.c

index 3c139f1a5dbbba8964543a515941c789a9892052..a98ee5954c367f40a8912ee540b221790f8d1339 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -278,6 +278,11 @@ void chain_cache_add(struct chain *chain, struct table *table)
         cache_add(&chain->cache, &table->chain_cache, hash);
  }
  
+void chain_cache_del(struct chain *chain)
+{
+       cache_del(&chain->cache);
+}
+
  struct chain *chain_cache_find(const struct table *table, const char *name)
  {
         struct chain *chain;
diff --git a/src/evaluate.c b/src/evaluate.c

index e770cffa6d9953ffafe2bb77715b062af4ef54d3..49d47d0b4f348015020d7ba85086c3b7e7b8d7dc 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -4367,6 +4367,28 @@ static void table_del_cache(struct eval_ctx *ctx, struct cmd *cmd)
         table_free(table);
  }
  
+static void chain_del_cache(struct eval_ctx *ctx, struct cmd *cmd)
+{
+       struct table *table;
+       struct chain *chain;
+
+       if (!cmd->handle.chain.name)
+               return;
+
+       table = table_cache_find(&ctx->nft->cache.table_cache,
+                                cmd->handle.table.name,
+                                cmd->handle.family);
+       if (!table)
+               return;
+
+       chain = chain_cache_find(table, cmd->handle.chain.name);
+       if (!chain)
+               return;
+
+       chain_cache_del(chain);
+       chain_free(chain);
+}
+
  static int cmd_evaluate_delete(struct eval_ctx *ctx, struct cmd *cmd)
  {
         switch (cmd->obj) {
@@ -4374,7 +4396,9 @@ static int cmd_evaluate_delete(struct eval_ctx *ctx, struct cmd *cmd)
                 return setelem_evaluate(ctx, cmd);
         case CMD_OBJ_SET:
         case CMD_OBJ_RULE:
+               return 0;
         case CMD_OBJ_CHAIN:
+               chain_del_cache(ctx, cmd);
                 return 0;
         case CMD_OBJ_TABLE:
                 table_del_cache(ctx, cmd);
author	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 29 Apr 2021 15:41:25 +0000 (17:41 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Sun, 2 May 2021 21:30:35 +0000 (23:30 +0200)
include/cache.h		patch \| blob \| blame \| history
src/cache.c		patch \| blob \| blame \| history
src/evaluate.c		patch \| blob \| blame \| history