evaluate: remove set from cache on delete set command

Update the cache to remove this set from the evaluation phase.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/evaluate.c b/src/evaluate.c
index 49d47d0b4f348015020d7ba85086c3b7e7b8d7dc..19bf73878181d8dc69854bb261b524389c5b60e6 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -4389,12 +4389,36 @@ static void chain_del_cache(struct eval_ctx *ctx, struct cmd *cmd)
        chain_free(chain);
 }
 
+static void set_del_cache(struct eval_ctx *ctx, struct cmd *cmd)
+{
+       struct table *table;
+       struct set *set;
+
+       if (!cmd->handle.set.name)
+               return;
+
+       table = table_cache_find(&ctx->nft->cache.table_cache,
+                                cmd->handle.table.name,
+                                cmd->handle.family);
+       if (!table)
+               return;
+
+       set = set_cache_find(table, cmd->handle.set.name);
+       if (!set)
+               return;
+
+       set_cache_del(set);
+       set_free(set);
+}
+
 static int cmd_evaluate_delete(struct eval_ctx *ctx, struct cmd *cmd)
 {
        switch (cmd->obj) {
        case CMD_OBJ_ELEMENTS:
                return setelem_evaluate(ctx, cmd);
        case CMD_OBJ_SET:
+               set_del_cache(ctx, cmd);
+               return 0;
        case CMD_OBJ_RULE:
                return 0;
        case CMD_OBJ_CHAIN: