evaluate: remove flowtable from cache on delete flowtable command

Update the cache to remove this flowtable from the evaluation phase.
Add flowtable_cache_del() function for this purpose.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/include/cache.h b/include/cache.h
index 3823e9a7865369d8328ee0eeffa668104afba2bf..ad9078432c73981b2103f15d1dff7fe59836b343 100644 (file)
--- a/include/cache.h
+++ b/include/cache.h
@@ -96,6 +96,7 @@ struct obj *obj_cache_find(const struct table *table, const char *name,
 
 struct flowtable;
 void ft_cache_add(struct flowtable *ft, struct table *table);
+void ft_cache_del(struct flowtable *ft);
 struct flowtable *ft_cache_find(const struct table *table, const char *name);
 
 struct nft_cache {

diff --git a/src/cache.c b/src/cache.c
index a98ee5954c367f40a8912ee540b221790f8d1339..f59bba03b81e33320628539f4754562d7277c48a 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -527,6 +527,11 @@ void ft_cache_add(struct flowtable *ft, struct table *table)
        cache_add(&ft->cache, &table->ft_cache, hash);
 }
 
+void ft_cache_del(struct flowtable *ft)
+{
+       cache_del(&ft->cache);
+}
+
 struct flowtable *ft_cache_find(const struct table *table, const char *name)
 {
        struct flowtable *ft;

diff --git a/src/evaluate.c b/src/evaluate.c
index 19bf73878181d8dc69854bb261b524389c5b60e6..97a77657bbd66911761d1ec24e8774771392ae38 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -4411,6 +4411,28 @@ static void set_del_cache(struct eval_ctx *ctx, struct cmd *cmd)
        set_free(set);
 }
 
+static void ft_del_cache(struct eval_ctx *ctx, struct cmd *cmd)
+{
+       struct flowtable *ft;
+       struct table *table;
+
+       if (!cmd->handle.flowtable.name)
+               return;
+
+       table = table_cache_find(&ctx->nft->cache.table_cache,
+                                cmd->handle.table.name,
+                                cmd->handle.family);
+       if (!table)
+               return;
+
+       ft = ft_cache_find(table, cmd->handle.flowtable.name);
+       if (!ft)
+               return;
+
+       ft_cache_del(ft);
+       flowtable_free(ft);
+}
+
 static int cmd_evaluate_delete(struct eval_ctx *ctx, struct cmd *cmd)
 {
        switch (cmd->obj) {
@@ -4428,6 +4450,8 @@ static int cmd_evaluate_delete(struct eval_ctx *ctx, struct cmd *cmd)
                table_del_cache(ctx, cmd);
                return 0;
        case CMD_OBJ_FLOWTABLE:
+               ft_del_cache(ctx, cmd);
+               return 0;
        case CMD_OBJ_COUNTER:
        case CMD_OBJ_QUOTA:
        case CMD_OBJ_CT_HELPER: