This patch adds set objects to the cache if they don't exist in the kernel, so
they can be referenced from this batch. This occurs from the evaluation step.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
src/evaluate.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/evaluate.c b/src/evaluate.c
index 31aaecc..239dde7 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1736,8 +1736,17 @@ static int setelem_evaluate(struct eval_ctx *ctx, struct expr **expr)
static int set_evaluate(struct eval_ctx *ctx, struct set *set)
{
+ struct table *table;
const char *type;
+ table = table_lookup(&ctx->cmd->handle);
+ if (table == NULL)
+ return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
+ ctx->cmd->handle.table);
+
+ if (set_lookup(table, set->handle.set) == NULL)
+ set_add_hash(set_get(set), table);
+
type = set->flags & SET_F_MAP ? "map" : "set";
if (set->keytype == NULL)
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
