We can remove alloc_nftnl_flowtable() and consolidate infrastructure in
the src/mnl.c file.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
include/mnl.h | 9 +++----
include/netlink.h | 5 +---
src/mnl.c | 70 ++++++++++++++++++++++++++++++++++++++++++-------------
src/netlink.c | 62 ++----------------------------------------------
src/rule.c | 4 ++--
5 files changed, 62 insertions(+), 88 deletions(-)
diff --git a/include/mnl.h b/include/mnl.h
index 457dd2ed1b9c..1784b3aa89b6 100644
--- a/include/mnl.h
+++ b/include/mnl.h
@@ -77,12 +77,9 @@ int mnl_nft_obj_del(struct netlink_ctx *ctx, const struct cmd *cmd, int type);
struct nftnl_flowtable_list *
mnl_nft_flowtable_dump(struct netlink_ctx *ctx, int family, const char *table);
-int mnl_nft_flowtable_batch_add(struct nftnl_flowtable *flo,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum);
-int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flow,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum);
+int mnl_nft_flowtable_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+ unsigned int flags);
+int mnl_nft_flowtable_del(struct netlink_ctx *ctx, const struct cmd *cmd);
struct nftnl_ruleset *mnl_nft_ruleset_dump(struct netlink_ctx *ctx,
uint32_t family);
diff --git a/include/netlink.h b/include/netlink.h
index b82ca7272fb9..8bdf192b5e68 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -136,10 +136,6 @@ extern struct obj *netlink_delinearize_obj(struct netlink_ctx *ctx,
extern int netlink_list_flowtables(struct netlink_ctx *ctx,
const struct handle *h);
-extern int netlink_add_flowtable(struct netlink_ctx *ctx,
- const struct cmd *cmd, uint32_t flags);
-extern int netlink_delete_flowtable(struct netlink_ctx *ctx,
- const struct cmd *cmd);
extern void netlink_dump_chain(const struct nftnl_chain *nlc,
struct netlink_ctx *ctx);
@@ -150,6 +146,7 @@ extern void netlink_dump_expr(const struct nftnl_expr *nle,
extern void netlink_dump_set(const struct nftnl_set *nls,
struct netlink_ctx *ctx);
extern void netlink_dump_obj(struct nftnl_obj *nlo, struct netlink_ctx *ctx);
+extern void netlink_dump_flowtable(struct nftnl_flowtable *flo, struct netlink_ctx *ctx);
extern int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list);
diff --git a/src/mnl.c b/src/mnl.c
index 2be8ca14e50d..eb9a55b9361a 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -1306,34 +1306,72 @@ err:
return NULL;
}
-int mnl_nft_flowtable_batch_add(struct nftnl_flowtable *flo,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum)
+int mnl_nft_flowtable_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+ unsigned int flags)
{
+ struct nftnl_flowtable *flo;
+ const char *dev_array[8];
struct nlmsghdr *nlh;
+ struct expr *expr;
+ int i = 0;
- nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
- NFT_MSG_NEWFLOWTABLE,
- nftnl_flowtable_get_u32(flo, NFTNL_FLOWTABLE_FAMILY),
- NLM_F_CREATE | flags, seqnum);
+ flo = nftnl_flowtable_alloc();
+ if (!flo)
+ memory_allocation_error();
+
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY,
+ cmd->handle.family);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE,
+ cmd->handle.table.name);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_NAME,
+ cmd->handle.flowtable);
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_HOOKNUM,
+ cmd->flowtable->hooknum);
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_PRIO,
+ cmd->flowtable->priority.num);
+
+ list_for_each_entry(expr, &cmd->flowtable->dev_expr->expressions, list)
+ dev_array[i++] = expr->identifier;
+
+ dev_array[i] = NULL;
+ nftnl_flowtable_set(flo, NFTNL_FLOWTABLE_DEVICES, dev_array);
+
+ netlink_dump_flowtable(flo, ctx);
+
+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
+ NFT_MSG_NEWFLOWTABLE, cmd->handle.family,
+ NLM_F_CREATE | flags, ctx->seqnum);
nftnl_flowtable_nlmsg_build_payload(nlh, flo);
- mnl_nft_batch_continue(batch);
+ nftnl_flowtable_free(flo);
+
+ mnl_nft_batch_continue(ctx->batch);
return 0;
}
-int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flo,
- struct nftnl_batch *batch, unsigned int flags,
- uint32_t seqnum)
+int mnl_nft_flowtable_del(struct netlink_ctx *ctx, const struct cmd *cmd)
{
+ struct nftnl_flowtable *flo;
struct nlmsghdr *nlh;
- nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
- NFT_MSG_DELFLOWTABLE,
- nftnl_flowtable_get_u32(flo, NFTNL_FLOWTABLE_FAMILY),
- flags, seqnum);
+ flo = nftnl_flowtable_alloc();
+ if (!flo)
+ memory_allocation_error();
+
+ nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY,
+ cmd->handle.family);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE,
+ cmd->handle.table.name);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_NAME,
+ cmd->handle.flowtable);
+
+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
+ NFT_MSG_DELFLOWTABLE, cmd->handle.family,
+ 0, ctx->seqnum);
nftnl_flowtable_nlmsg_build_payload(nlh, flo);
- mnl_nft_batch_continue(batch);
+ nftnl_flowtable_free(flo);
+
+ mnl_nft_batch_continue(ctx->batch);
return 0;
}
diff --git a/src/netlink.c b/src/netlink.c
index 97e8ebaeb75e..ede08ffd76b7 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -994,25 +994,8 @@ struct obj *netlink_delinearize_obj(struct netlink_ctx *ctx,
return obj;
}
-static struct nftnl_flowtable *alloc_nftnl_flowtable(const struct handle *h,
- const struct flowtable *ft)
-{
- struct nftnl_flowtable *flo;
-
- flo = nftnl_flowtable_alloc();
- if (flo == NULL)
- memory_allocation_error();
-
- nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY, h->family);
- nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE, h->table.name);
- if (h->flowtable != NULL)
- nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_NAME, h->flowtable);
-
- return flo;
-}
-
-static void netlink_dump_flowtable(struct nftnl_flowtable *flo,
- struct netlink_ctx *ctx)
+void netlink_dump_flowtable(struct nftnl_flowtable *flo,
+ struct netlink_ctx *ctx)
{
FILE *fp = ctx->nft->output.output_fp;
@@ -1023,47 +1006,6 @@ static void netlink_dump_flowtable(struct nftnl_flowtable *flo,
fprintf(fp, "\n");
}
-int netlink_add_flowtable(struct netlink_ctx *ctx, const struct cmd *cmd,
- uint32_t flags)
-{
- struct flowtable *ft = cmd->flowtable;
- struct nftnl_flowtable *flo;
- const char *dev_array[8];
- struct expr *expr;
- int i = 0, err;
-
- flo = alloc_nftnl_flowtable(&cmd->handle, ft);
- nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_HOOKNUM, ft->hooknum);
- nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_PRIO, ft->priority.num);
-
- list_for_each_entry(expr, &ft->dev_expr->expressions, list)
- dev_array[i++] = expr->identifier;
-
- dev_array[i] = NULL;
- nftnl_flowtable_set(flo, NFTNL_FLOWTABLE_DEVICES, dev_array);
-
- netlink_dump_flowtable(flo, ctx);
-
- err = mnl_nft_flowtable_batch_add(flo, ctx->batch, flags, ctx->seqnum);
- nftnl_flowtable_free(flo);
-
- return err;
-}
-
-int netlink_delete_flowtable(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
- struct nftnl_flowtable *flo;
- int err;
-
- flo = alloc_nftnl_flowtable(&cmd->handle, NULL);
- netlink_dump_flowtable(flo, ctx);
-
- err = mnl_nft_flowtable_batch_del(flo, ctx->batch, 0, ctx->seqnum);
- nftnl_flowtable_free(flo);
-
- return err;
-}
-
static int list_obj_cb(struct nftnl_obj *nls, void *arg)
{
struct netlink_ctx *ctx = arg;
diff --git a/src/rule.c b/src/rule.c
index 718987dc3edf..63da3306db3b 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1417,7 +1417,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
case CMD_OBJ_SECMARK:
return mnl_nft_obj_add(ctx, cmd, flags);
case CMD_OBJ_FLOWTABLE:
- return netlink_add_flowtable(ctx, cmd, flags);
+ return mnl_nft_flowtable_add(ctx, cmd, flags);
default:
BUG("invalid command object type %u\n", cmd->obj);
}
@@ -1505,7 +1505,7 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd)
case CMD_OBJ_SECMARK:
return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_SECMARK);
case CMD_OBJ_FLOWTABLE:
- return netlink_delete_flowtable(ctx, cmd);
+ return mnl_nft_flowtable_del(ctx, cmd);
default:
BUG("invalid command object type %u\n", cmd->obj);
}
--
2.11.0
