Signed-off-by: Giuseppe Longo <giuseppelng@xxxxxxxxx>
---
iptables/nft.c | 20 ++------------------
iptables/nft.h | 20 ++++++++++++++++++++
2 files changed, 22 insertions(+), 18 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index 4d6a7a3..02c12f6 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -80,24 +80,7 @@ static int mnl_talk(struct nft_handle *h, struct nlmsghdr *nlh,
return 0;
}
-#define FILTER 0
-#define MANGLE 1
-#define RAW 2
-#define SECURITY 3
-#define NAT 4
-#define TABLES_MAX 5
-
-struct builtin_chain {
- const char *name;
- const char *type;
- uint32_t prio;
- uint32_t hook;
-};
-
-static struct builtin_table {
- const char *name;
- struct builtin_chain chains[NF_INET_NUMHOOKS];
-} tables[TABLES_MAX] = {
+static struct builtin_table tables[TABLES_MAX] = {
[RAW] = {
.name = "raw",
.chains = {
@@ -402,6 +385,7 @@ int nft_init(struct nft_handle *h)
return -1;
}
h->portid = mnl_socket_get_portid(h->nl);
+ h->tables = tables;
return 0;
}
diff --git a/iptables/nft.h b/iptables/nft.h
index 7a6351b..39ed7c0 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -4,6 +4,25 @@
#include "xshared.h"
#include "nft-shared.h"
+#define FILTER 0
+#define MANGLE 1
+#define RAW 2
+#define SECURITY 3
+#define NAT 4
+#define TABLES_MAX 5
+
+struct builtin_chain {
+ const char *name;
+ const char *type;
+ uint32_t prio;
+ uint32_t hook;
+};
+
+struct builtin_table {
+ const char *name;
+ struct builtin_chain chains[NF_INET_NUMHOOKS];
+};
+
struct nft_handle {
int family;
struct mnl_socket *nl;
@@ -11,6 +30,7 @@ struct nft_handle {
uint32_t seq;
bool commit;
struct nft_family_ops *ops;
+ struct builtin_table *tables;
};
int nft_init(struct nft_handle *h);
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
