85 lines
2.4 KiB
Diff
85 lines
2.4 KiB
Diff
From e3d00ed1f657d5ce989a780990c6fb0097368d1e Mon Sep 17 00:00:00 2001
|
|
From: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Date: Wed, 12 Jan 2022 01:34:00 +0100
|
|
Subject: cache: add helper function to fill up the rule cache
|
|
|
|
Add a helper function to dump the rules and add them to the
|
|
corresponding chain.
|
|
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
Conflict:change about netlink_list_rules and rule_cache_init
|
|
Reference:https://git.netfilter.org/nftables/commit/?id=e3d00ed1f657d5ce989a780990c6fb0097368d1e
|
|
|
|
---
|
|
src/cache.c | 41 +++++++++++++++++++++++++----------------
|
|
1 file changed, 24 insertions(+), 15 deletions(-)
|
|
|
|
diff --git a/src/cache.c b/src/cache.c
|
|
index 0e9e7fe5..14957f2d 100644
|
|
--- a/src/cache.c
|
|
+++ b/src/cache.c
|
|
@@ -811,6 +811,28 @@ static int cache_init_tables(struct netlink_ctx *ctx, struct handle *h,
|
|
return 0;
|
|
}
|
|
|
|
+static int rule_init_cache(struct netlink_ctx *ctx, struct table *table)
|
|
+{
|
|
+ struct rule *rule, *nrule;
|
|
+ struct chain *chain;
|
|
+ int ret;
|
|
+
|
|
+ ret = netlink_list_rules(ctx, &table->handle);
|
|
+
|
|
+ list_for_each_entry_safe(rule, nrule, &ctx->list, list) {
|
|
+ chain = chain_cache_find(table, rule->handle.chain.name);
|
|
+ if (!chain)
|
|
+ chain = chain_binding_lookup(table,
|
|
+ rule->handle.chain.name);
|
|
+ if (!chain)
|
|
+ return -1;
|
|
+
|
|
+ list_move_tail(&rule->list, &chain->rules);
|
|
+ }
|
|
+
|
|
+ return ret;
|
|
+}
|
|
+
|
|
static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags)
|
|
{
|
|
struct nftnl_flowtable_list *ft_list = NULL;
|
|
@@ -818,9 +841,7 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags,
|
|
struct nftnl_chain_list *chain_list = NULL;
|
|
struct nftnl_set_list *set_list = NULL;
|
|
struct nftnl_obj_list *obj_list;
|
|
- struct rule *rule, *nrule;
|
|
struct table *table;
|
|
- struct chain *chain;
|
|
struct set *set;
|
|
int ret = 0;
|
|
|
|
@@ -902,19 +923,7 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags,
|
|
}
|
|
|
|
if (flags & NFT_CACHE_RULE_BIT) {
|
|
- ret = netlink_list_rules(ctx, &table->handle);
|
|
- list_for_each_entry_safe(rule, nrule, &ctx->list, list) {
|
|
- chain = chain_cache_find(table, rule->handle.chain.name);
|
|
- if (!chain)
|
|
- chain = chain_binding_lookup(table,
|
|
- rule->handle.chain.name);
|
|
- if (!chain) {
|
|
- ret = -1;
|
|
- goto cache_fails;
|
|
- }
|
|
-
|
|
- list_move_tail(&rule->list, &chain->rules);
|
|
- }
|
|
+ ret = rule_init_cache(ctx, table);
|
|
if (ret < 0) {
|
|
ret = -1;
|
|
goto cache_fails;
|
|
--
|
|
cgit v1.2.3
|
|
|