The following series implements some changes to the NFT_MSG_DELTABLE
API call.
The main change is the ability to flush the entire ruleset (also per AF).
We are no longing returning EBUSY.
This way, clients of the API can wipe the ruleset and add a new one in just
one transaction/batch.
In the first patches, there are a lot of code factorization and renaming.
The last patch is the change to NFT_MSG_DELTABLE itself.
Comments are welcome.
---
Arturo Borrero Gonzalez (5):
netfilter: nf_tables: refactor rule deletion helper
netfilter: nf_tables: add helper to unregister chain hooks
netfilter: nf_tables: rename nf_table_delrule_by_chain()
netfilter: nf_tables: add helpers to schedule objects deletion
netfilter: nf_tables: extend NFT_MSG_DELTABLE to support flushing the ruleset
net/netfilter/nf_tables_api.c | 464 ++++++++++++++++++++++++++---------------
1 file changed, 291 insertions(+), 173 deletions(-)
--
Arturo Borrero Gonzalez
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
