The following series implements some changes to the NFT_MSG_DELTABLE API call. The main change is the ability to flush the entire ruleset (also per AF). We are no longer returning EBUSY. This way, clients of the API can wipe the ruleset and add a new one in just one transaction/batch. In the first patches, there are a lot of code factorization and renaming. The last patch is the change to NFT_MSG_DELTABLE itself. Changes in this v2 are: * rebase on top of git.kernel.org/cgit/linux/kernel/git/pablo/nftables.git * address comments by Pablo. Now, support AF_UNSPEC and specified table. Comments are welcome. --- Arturo Borrero Gonzalez (5): netfilter: nf_tables: refactor rule deletion helper netfilter: nf_tables: add helper to unregister chain hooks netfilter: nf_tables: rename nf_table_delrule_by_chain() netfilter: nf_tables: add helpers to schedule objects deletion netfilter: nf_tables: extend NFT_MSG_DELTABLE to support flushing the ruleset net/netfilter/nf_tables_api.c | 454 +++++++++++++++++++++++++---------------- 1 file changed, 281 insertions(+), 173 deletions(-) -- Arturo Borrero Gonzalez -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html