Hi Pablo, On Fri, Sep 01, 2017 at 12:17:33PM +0200, Pablo Neira Ayuso wrote: > On Fri, Sep 01, 2017 at 12:14:07PM +0200, Pablo Neira Ayuso wrote: > > Add these two new functions to set up netlink sockets in the global > > context structure. > > We can alternatively call this nft_ctx_netlink_auto() if prefer. > > I'm just trying to skip the type/flag field for nft_ctx_alloc(). > > Does this look acceptable to you to have this extra API to request > libnftables to deal with IO details too? I think we could do it in a simpler way: | /* create an mnl netlink socket object */ | struct mnl_socket *netlink_open_sock(void); | | /* create nft context, optionally passing mnl socket object returned | * from netlink_open_sock() | * Calling nft_ctx_new(NULL) is equivalent to calling | * nft_ctx_new(netlink_open_sock()) | */ | static struct nft_ctx *nft_ctx_new(struct mnl_socket *nf_sock); This way we allow the application to control mnl_socket object, provide a simple API for applications which don't need that and at the same time always have ctx->nf_sock point to the socket so we can further simplify things. What do you think? Cheers, Phil -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
