cache: position does not require full cache

commit d414f756af9d638fe0c0002b2df31c8c17a15002 upstream.

position refers to the rule handle, it has similar cache requirements as
replace rule command, relax cache requirements.

Commit e5382c0d08e3 ("src: Support intra-transaction rule references")
uses position.id for index support which requires a full cache, but
only in such case.

Fixes: 01e5c6f0ed03 ("src: add cache level flags")
Tested-by: Eric Garver <eric@garver.life>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/cache.c b/src/cache.c
index d3d6e834bc171d8e2b1faa17a744f1f0c02599fc..d9324f74878f988f878ed7e5112f38d23b7e46af 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -56,8 +56,7 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
                flags |= NFT_CACHE_TABLE |
                         NFT_CACHE_SET;
 
-               if (cmd->handle.index.id ||
-                   cmd->handle.position.id)
+               if (cmd->handle.index.id)
                        flags |= NFT_CACHE_FULL | NFT_CACHE_UPDATE;
                break;
        default: