These functions are not very useful, rule comparison from this layer
does not work well with implicit set definitions.
This infrastructure was added as an attempt to support for deletion by
name from this layer, which should be done from higher level libnftables
library. Finally, we never had a client for this code in
git.netfilter.org.
Let's remove it and bump libversion for safety reasons.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
Make_global.am | 2 +-
include/data_reg.h | 2 --
include/expr_ops.h | 1 -
include/libnftnl/expr.h | 2 --
include/libnftnl/rule.h | 2 --
src/expr.c | 10 ----------
src/expr/bitwise.c | 22 ----------------------
src/expr/byteorder.c | 22 ----------------------
src/expr/cmp.c | 18 ------------------
src/expr/connlimit.c | 16 ----------------
src/expr/counter.c | 16 ----------------
src/expr/ct.c | 20 --------------------
src/expr/data_reg.c | 17 -----------------
src/expr/dup.c | 16 ----------------
src/expr/dynset.c | 26 --------------------------
src/expr/exthdr.c | 26 --------------------------
src/expr/fib.c | 18 ------------------
src/expr/flow_offload.c | 14 --------------
src/expr/fwd.c | 18 ------------------
src/expr/hash.c | 30 ------------------------------
src/expr/immediate.c | 25 -------------------------
src/expr/limit.c | 22 ----------------------
src/expr/log.c | 24 ------------------------
src/expr/lookup.c | 22 ----------------------
src/expr/masq.c | 18 ------------------
src/expr/match.c | 20 --------------------
src/expr/meta.c | 18 ------------------
src/expr/nat.c | 25 -------------------------
src/expr/numgen.c | 24 ------------------------
src/expr/objref.c | 22 ----------------------
src/expr/osf.c | 17 -----------------
src/expr/payload.c | 28 ----------------------------
src/expr/queue.c | 20 --------------------
src/expr/redir.c | 18 ------------------
src/expr/reject.c | 16 ----------------
src/expr/rt.c | 16 ----------------
src/expr/socket.c | 16 ----------------
src/expr/target.c | 20 --------------------
src/expr/tproxy.c | 18 ------------------
src/expr/xfrm.c | 20 --------------------
src/libnftnl.map | 18 ++++--------------
src/rule.c | 31 -------------------------------
42 files changed, 5 insertions(+), 751 deletions(-)
diff --git a/Make_global.am b/Make_global.am
index e12a3f7df367..307816b97108 100644
--- a/Make_global.am
+++ b/Make_global.am
@@ -18,7 +18,7 @@
# set age to 0.
# </snippet>
#
-LIBVERSION=10:0:3
+LIBVERSION=11:0:0
AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_srcdir}/include ${LIBMNL_CFLAGS} ${LIBMXML_CFLAGS}
AM_CFLAGS = ${regular_CFLAGS} ${GCC_FVISIBILITY_HIDDEN}
diff --git a/include/data_reg.h b/include/data_reg.h
index 3fec7cdaa317..f2675f24918b 100644
--- a/include/data_reg.h
+++ b/include/data_reg.h
@@ -28,8 +28,6 @@ int nftnl_data_reg_snprintf(char *buf, size_t size,
const union nftnl_data_reg *reg,
uint32_t output_format, uint32_t flags,
int reg_type);
-bool nftnl_data_reg_cmp(const union nftnl_data_reg *r1,
- const union nftnl_data_reg *r2, int reg_type);
struct nlattr;
int nftnl_parse_data(union nftnl_data_reg *data, struct nlattr *attr, int *type);
diff --git a/include/expr_ops.h b/include/expr_ops.h
index 00548b355841..a7f1b9a6abfd 100644
--- a/include/expr_ops.h
+++ b/include/expr_ops.h
@@ -13,7 +13,6 @@ struct expr_ops {
uint32_t alloc_len;
int max_attr;
void (*free)(const struct nftnl_expr *e);
- bool (*cmp)(const struct nftnl_expr *e1, const struct nftnl_expr *e2);
int (*set)(struct nftnl_expr *e, uint16_t type, const void *data, uint32_t data_len);
const void *(*get)(const struct nftnl_expr *e, uint16_t type, uint32_t *data_len);
int (*parse)(struct nftnl_expr *e, struct nlattr *attr);
diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h
index 6988c6297933..cb1b54ba0992 100644
--- a/include/libnftnl/expr.h
+++ b/include/libnftnl/expr.h
@@ -36,8 +36,6 @@ uint32_t nftnl_expr_get_u32(const struct nftnl_expr *expr, uint16_t type);
uint64_t nftnl_expr_get_u64(const struct nftnl_expr *expr, uint16_t type);
const char *nftnl_expr_get_str(const struct nftnl_expr *expr, uint16_t type);
-bool nftnl_expr_cmp(const struct nftnl_expr *e1, const struct nftnl_expr *e2);
-
int nftnl_expr_snprintf(char *buf, size_t buflen, const struct nftnl_expr *expr, uint32_t type, uint32_t flags);
int nftnl_expr_fprintf(FILE *fp, const struct nftnl_expr *expr, uint32_t type, uint32_t flags);
diff --git a/include/libnftnl/rule.h b/include/libnftnl/rule.h
index 765d2ce6e4ef..8501c86e0361 100644
--- a/include/libnftnl/rule.h
+++ b/include/libnftnl/rule.h
@@ -51,8 +51,6 @@ uint64_t nftnl_rule_get_u64(const struct nftnl_rule *r, uint16_t attr);
void nftnl_rule_add_expr(struct nftnl_rule *r, struct nftnl_expr *expr);
-bool nftnl_rule_cmp(const struct nftnl_rule *r1, const struct nftnl_rule *r2);
-
struct nlmsghdr;
void nftnl_rule_nlmsg_build_payload(struct nlmsghdr *nlh, struct nftnl_rule *t);
diff --git a/src/expr.c b/src/expr.c
index 62565e046996..80c4c36a9bd7 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -203,16 +203,6 @@ const char *nftnl_expr_get_str(const struct nftnl_expr *expr, uint16_t type)
return (const char *)nftnl_expr_get(expr, type, &data_len);
}
-EXPORT_SYMBOL(nftnl_expr_cmp);
-bool nftnl_expr_cmp(const struct nftnl_expr *e1, const struct nftnl_expr *e2)
-{
- if (e1->flags != e2->flags ||
- strcmp(e1->ops->name, e2->ops->name) != 0)
- return false;
-
- return e1->ops->cmp(e1, e2);
-}
-
void nftnl_expr_build_payload(struct nlmsghdr *nlh, struct nftnl_expr *expr)
{
struct nlattr *nest;
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index 79d6a5187943..c9d40df34b54 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -211,32 +211,10 @@ nftnl_expr_bitwise_snprintf(char *buf, size_t size, uint32_t type,
return -1;
}
-static bool nftnl_expr_bitwise_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_bitwise *b1 = nftnl_expr_data(e1);
- struct nftnl_expr_bitwise *b2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_BITWISE_SREG))
- eq &= (b1->sreg == b2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_BITWISE_DREG))
- eq &= (b1->dreg == b2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_BITWISE_LEN))
- eq &= (b1->len == b2->len);
- if (e1->flags & (1 << NFTNL_EXPR_BITWISE_MASK))
- eq &= nftnl_data_reg_cmp(&b1->mask, &b2->mask, DATA_VALUE);
- if (e1->flags & (1 << NFTNL_EXPR_BITWISE_XOR))
- eq &= nftnl_data_reg_cmp(&b1->xor, &b2->xor, DATA_VALUE);
-
- return eq;
-}
-
struct expr_ops expr_ops_bitwise = {
.name = "bitwise",
.alloc_len = sizeof(struct nftnl_expr_bitwise),
.max_attr = NFTA_BITWISE_MAX,
- .cmp = nftnl_expr_bitwise_cmp,
.set = nftnl_expr_bitwise_set,
.get = nftnl_expr_bitwise_get,
.parse = nftnl_expr_bitwise_parse,
diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c
index 35c145034150..efdfa2b5eca4 100644
--- a/src/expr/byteorder.c
+++ b/src/expr/byteorder.c
@@ -226,32 +226,10 @@ nftnl_expr_byteorder_snprintf(char *buf, size_t size, uint32_t type,
return -1;
}
-static bool nftnl_expr_byteorder_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_byteorder *b1 = nftnl_expr_data(e1);
- struct nftnl_expr_byteorder *b2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_BYTEORDER_SREG))
- eq &= (b1->sreg == b2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_BYTEORDER_DREG))
- eq &= (b1->dreg == b2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_BYTEORDER_OP))
- eq &= (b1->op == b2->op);
- if (e1->flags & (1 << NFTNL_EXPR_BYTEORDER_LEN))
- eq &= (b1->len == b2->len);
- if (e1->flags & (1 << NFTNL_EXPR_BYTEORDER_SIZE))
- eq &= (b1->size == b2->size);
-
- return eq;
-}
-
struct expr_ops expr_ops_byteorder = {
.name = "byteorder",
.alloc_len = sizeof(struct nftnl_expr_byteorder),
.max_attr = NFTA_BYTEORDER_MAX,
- .cmp = nftnl_expr_byteorder_cmp,
.set = nftnl_expr_byteorder_set,
.get = nftnl_expr_byteorder_get,
.parse = nftnl_expr_byteorder_parse,
diff --git a/src/expr/cmp.c b/src/expr/cmp.c
index e39a943d58f5..86d7842d0813 100644
--- a/src/expr/cmp.c
+++ b/src/expr/cmp.c
@@ -208,28 +208,10 @@ nftnl_expr_cmp_snprintf(char *buf, size_t size, uint32_t type,
return -1;
}
-static bool nftnl_expr_cmp_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_cmp *c1 = nftnl_expr_data(e1);
- struct nftnl_expr_cmp *c2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_CMP_DATA))
- eq &= nftnl_data_reg_cmp(&c1->data, &c2->data, DATA_VALUE);
- if (e1->flags & (1 << NFTNL_EXPR_CMP_SREG))
- eq &= (c1->sreg == c2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_CMP_OP))
- eq &= (c1->op == c2->op);
-
- return eq;
-}
-
struct expr_ops expr_ops_cmp = {
.name = "cmp",
.alloc_len = sizeof(struct nftnl_expr_cmp),
.max_attr = NFTA_CMP_MAX,
- .cmp = nftnl_expr_cmp_cmp,
.set = nftnl_expr_cmp_set,
.get = nftnl_expr_cmp_get,
.parse = nftnl_expr_cmp_parse,
diff --git a/src/expr/connlimit.c b/src/expr/connlimit.c
index 9fa0a7b7263f..53af93bd8db9 100644
--- a/src/expr/connlimit.c
+++ b/src/expr/connlimit.c
@@ -141,26 +141,10 @@ static int nftnl_expr_connlimit_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_connlimit_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_connlimit *c1 = nftnl_expr_data(e1);
- struct nftnl_expr_connlimit *c2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_CONNLIMIT_COUNT))
- eq &= (c1->count == c2->count);
- if (e1->flags & (1 << NFTNL_EXPR_CONNLIMIT_FLAGS))
- eq &= (c1->flags == c2->flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_connlimit = {
.name = "connlimit",
.alloc_len = sizeof(struct nftnl_expr_connlimit),
.max_attr = NFTA_CONNLIMIT_MAX,
- .cmp = nftnl_expr_connlimit_cmp,
.set = nftnl_expr_connlimit_set,
.get = nftnl_expr_connlimit_get,
.parse = nftnl_expr_connlimit_parse,
diff --git a/src/expr/counter.c b/src/expr/counter.c
index a1f6574cb134..89a602e0dcb6 100644
--- a/src/expr/counter.c
+++ b/src/expr/counter.c
@@ -139,26 +139,10 @@ static int nftnl_expr_counter_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_counter_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_counter *c1 = nftnl_expr_data(e1);
- struct nftnl_expr_counter *c2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_CTR_PACKETS))
- eq &= (c1->pkts == c2->pkts);
- if (e1->flags & (1 << NFTNL_EXPR_CTR_BYTES))
- eq &= (c1->pkts == c2->pkts);
-
- return eq;
-}
-
struct expr_ops expr_ops_counter = {
.name = "counter",
.alloc_len = sizeof(struct nftnl_expr_counter),
.max_attr = NFTA_COUNTER_MAX,
- .cmp = nftnl_expr_counter_cmp,
.set = nftnl_expr_counter_set,
.get = nftnl_expr_counter_get,
.parse = nftnl_expr_counter_parse,
diff --git a/src/expr/ct.c b/src/expr/ct.c
index e8a8c6c92293..b9ca2dc6910c 100644
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -264,30 +264,10 @@ nftnl_expr_ct_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_ct_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_ct *c1 = nftnl_expr_data(e1);
- struct nftnl_expr_ct *c2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_CT_KEY))
- eq &= (c1->key == c2->key);
- if (e1->flags & (1 << NFTNL_EXPR_CT_DREG))
- eq &= (c1->dreg == c2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_CT_SREG))
- eq &= (c1->sreg == c2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_CT_DIR))
- eq &= (c1->dir == c2->dir);
-
- return eq;
-}
-
struct expr_ops expr_ops_ct = {
.name = "ct",
.alloc_len = sizeof(struct nftnl_expr_ct),
.max_attr = NFTA_CT_MAX,
- .cmp = nftnl_expr_ct_cmp,
.set = nftnl_expr_ct_set,
.get = nftnl_expr_ct_get,
.parse = nftnl_expr_ct_parse,
diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c
index 48a012bb6cbf..67165feb931f 100644
--- a/src/expr/data_reg.c
+++ b/src/expr/data_reg.c
@@ -93,23 +93,6 @@ int nftnl_data_reg_snprintf(char *buf, size_t size,
return -1;
}
-bool nftnl_data_reg_cmp(const union nftnl_data_reg *r1,
- const union nftnl_data_reg *r2, int reg_type)
-{
- switch (reg_type) {
- case DATA_VALUE:
- return r1->len == r2->len &&
- !memcmp(r1->val, r2->val, r1->len);
- case DATA_VERDICT:
- return r1->verdict == r2->verdict;
- case DATA_CHAIN:
- return r1->verdict == r2->verdict &&
- !strcmp(r1->chain, r2->chain);
- default:
- return false;
- }
-}
-
static int nftnl_data_parse_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
diff --git a/src/expr/dup.c b/src/expr/dup.c
index c08ccd275091..2bb35e557d9c 100644
--- a/src/expr/dup.c
+++ b/src/expr/dup.c
@@ -146,26 +146,10 @@ static int nftnl_expr_dup_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_dup_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_dup *d1 = nftnl_expr_data(e1);
- struct nftnl_expr_dup *d2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_DUP_SREG_ADDR))
- eq &= (d1->sreg_addr == d2->sreg_addr);
- if (e1->flags & (1 << NFTNL_EXPR_DUP_SREG_DEV))
- eq &= (d1->sreg_dev == d2->sreg_dev);
-
- return eq;
-}
-
struct expr_ops expr_ops_dup = {
.name = "dup",
.alloc_len = sizeof(struct nftnl_expr_dup),
.max_attr = NFTA_DUP_MAX,
- .cmp = nftnl_expr_dup_cmp,
.set = nftnl_expr_dup_set,
.get = nftnl_expr_dup_get,
.parse = nftnl_expr_dup_parse,
diff --git a/src/expr/dynset.c b/src/expr/dynset.c
index f009ec4c7a5d..68115ba50c94 100644
--- a/src/expr/dynset.c
+++ b/src/expr/dynset.c
@@ -279,37 +279,11 @@ static void nftnl_expr_dynset_free(const struct nftnl_expr *e)
xfree(dynset->set_name);
}
-static bool nftnl_expr_dynset_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_dynset *d1 = nftnl_expr_data(e1);
- struct nftnl_expr_dynset *d2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_DYNSET_SREG_KEY))
- eq &= (d1->sreg_key == d2->sreg_key);
- if (e1->flags & (1 << NFTNL_EXPR_DYNSET_SREG_DATA))
- eq &= (d1->sreg_data == d2->sreg_data);
- if (e1->flags & (1 << NFTNL_EXPR_DYNSET_OP))
- eq &= (d1->op == d2->op);
- if (e1->flags & (1 << NFTNL_EXPR_DYNSET_TIMEOUT))
- eq &= (d1->timeout == d2->timeout);
- if (e1->flags & (1 << NFTNL_EXPR_DYNSET_EXPR))
- eq &= nftnl_expr_cmp(d1->expr, d2->expr);
- if (e1->flags & (1 << NFTNL_EXPR_DYNSET_SET_NAME))
- eq &= !strcmp(d1->set_name, d2->set_name);
- if (e1->flags & (1 << NFTNL_EXPR_DYNSET_SET_ID))
- eq &= (d1->set_id == d2->set_id);
-
- return eq;
-}
-
struct expr_ops expr_ops_dynset = {
.name = "dynset",
.alloc_len = sizeof(struct nftnl_expr_dynset),
.max_attr = NFTA_DYNSET_MAX,
.free = nftnl_expr_dynset_free,
- .cmp = nftnl_expr_dynset_cmp,
.set = nftnl_expr_dynset_set,
.get = nftnl_expr_dynset_get,
.parse = nftnl_expr_dynset_parse,
diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c
index 0e098148ba25..bef453e06311 100644
--- a/src/expr/exthdr.c
+++ b/src/expr/exthdr.c
@@ -263,36 +263,10 @@ nftnl_expr_exthdr_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_exthdr_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_exthdr *h1 = nftnl_expr_data(e1);
- struct nftnl_expr_exthdr *h2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_EXTHDR_DREG))
- eq &= (h1->dreg == h2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_EXTHDR_SREG))
- eq &= (h1->sreg == h2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_EXTHDR_OFFSET))
- eq &= (h1->offset == h2->offset);
- if (e1->flags & (1 << NFTNL_EXPR_EXTHDR_LEN))
- eq &= (h1->len == h2->len);
- if (e1->flags & (1 << NFTNL_EXPR_EXTHDR_TYPE))
- eq &= (h1->type == h2->type);
- if (e1->flags & (1 << NFTNL_EXPR_EXTHDR_OP))
- eq &= (h1->op == h2->op);
- if (e1->flags & (1 << NFTNL_EXPR_EXTHDR_FLAGS))
- eq &= (h1->flags == h2->flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_exthdr = {
.name = "exthdr",
.alloc_len = sizeof(struct nftnl_expr_exthdr),
.max_attr = NFTA_EXTHDR_MAX,
- .cmp = nftnl_expr_exthdr_cmp,
.set = nftnl_expr_exthdr_set,
.get = nftnl_expr_exthdr_get,
.parse = nftnl_expr_exthdr_parse,
diff --git a/src/expr/fib.c b/src/expr/fib.c
index 2f2d219037aa..9475af404738 100644
--- a/src/expr/fib.c
+++ b/src/expr/fib.c
@@ -205,28 +205,10 @@ nftnl_expr_fib_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_fib_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_fib *h1 = nftnl_expr_data(e1);
- struct nftnl_expr_fib *h2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_FIB_RESULT))
- eq &= (h1->result == h2->result);
- if (e1->flags & (1 << NFTNL_EXPR_FIB_DREG))
- eq &= (h1->dreg == h2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_FIB_FLAGS))
- eq &= (h1->flags == h2->flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_fib = {
.name = "fib",
.alloc_len = sizeof(struct nftnl_expr_fib),
.max_attr = NFTA_FIB_MAX,
- .cmp = nftnl_expr_fib_cmp,
.set = nftnl_expr_fib_set,
.get = nftnl_expr_fib_get,
.parse = nftnl_expr_fib_parse,
diff --git a/src/expr/flow_offload.c b/src/expr/flow_offload.c
index 648099a2d6af..6ccec9a13396 100644
--- a/src/expr/flow_offload.c
+++ b/src/expr/flow_offload.c
@@ -125,25 +125,11 @@ static void nftnl_expr_flow_free(const struct nftnl_expr *e)
xfree(flow->table_name);
}
-static bool nftnl_expr_flow_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_flow *l1 = nftnl_expr_data(e1);
- struct nftnl_expr_flow *l2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_FLOW_TABLE_NAME))
- eq &= !strcmp(l1->table_name, l2->table_name);
-
- return eq;
-}
-
struct expr_ops expr_ops_flow = {
.name = "flow_offload",
.alloc_len = sizeof(struct nftnl_expr_flow),
.max_attr = NFTA_FLOW_MAX,
.free = nftnl_expr_flow_free,
- .cmp = nftnl_expr_flow_cmp,
.set = nftnl_expr_flow_set,
.get = nftnl_expr_flow_get,
.parse = nftnl_expr_flow_parse,
diff --git a/src/expr/fwd.c b/src/expr/fwd.c
index 9cb0aca6ade6..cff82351bc93 100644
--- a/src/expr/fwd.c
+++ b/src/expr/fwd.c
@@ -166,28 +166,10 @@ static int nftnl_expr_fwd_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_fwd_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_fwd *f1 = nftnl_expr_data(e1);
- struct nftnl_expr_fwd *f2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_FWD_SREG_DEV))
- eq &= (f1->sreg_dev == f2->sreg_dev);
- if (e1->flags & (1 << NFTNL_EXPR_FWD_SREG_ADDR))
- eq &= (f1->sreg_addr == f2->sreg_addr);
- if (e1->flags & (1 << NFTNL_EXPR_FWD_NFPROTO))
- eq &= (f1->nfproto == f2->nfproto);
-
- return eq;
-}
-
struct expr_ops expr_ops_fwd = {
.name = "fwd",
.alloc_len = sizeof(struct nftnl_expr_fwd),
.max_attr = NFTA_FWD_MAX,
- .cmp = nftnl_expr_fwd_cmp,
.set = nftnl_expr_fwd_set,
.get = nftnl_expr_fwd_get,
.parse = nftnl_expr_fwd_parse,
diff --git a/src/expr/hash.c b/src/expr/hash.c
index 46b79015f705..f553a3c3ec06 100644
--- a/src/expr/hash.c
+++ b/src/expr/hash.c
@@ -276,40 +276,10 @@ nftnl_expr_hash_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_hash_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_hash *h1 = nftnl_expr_data(e1);
- struct nftnl_expr_hash *h2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_HASH_SREG))
- eq &= (h1->sreg == h2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_DREG))
- eq &= (h1->dreg == h2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_LEN))
- eq &= (h1->len == h2->len);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_MODULUS))
- eq &= (h1->modulus == h2->modulus);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_SEED))
- eq &= (h1->seed == h2->seed);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_OFFSET))
- eq &= (h1->offset == h2->offset);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_TYPE))
- eq &= (h1->type == h2->type);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_SET_NAME))
- eq &= !strcmp(h1->map.name, h2->map.name);
- if (e1->flags & (1 << NFTNL_EXPR_HASH_SET_ID))
- eq &= (h1->map.id == h2->map.id);
-
- return eq;
-}
-
struct expr_ops expr_ops_hash = {
.name = "hash",
.alloc_len = sizeof(struct nftnl_expr_hash),
.max_attr = NFTA_HASH_MAX,
- .cmp = nftnl_expr_hash_cmp,
.set = nftnl_expr_hash_set,
.get = nftnl_expr_hash_get,
.parse = nftnl_expr_hash_parse,
diff --git a/src/expr/immediate.c b/src/expr/immediate.c
index d5a7e86e2a0d..47106ae86675 100644
--- a/src/expr/immediate.c
+++ b/src/expr/immediate.c
@@ -226,36 +226,11 @@ static void nftnl_expr_immediate_free(const struct nftnl_expr *e)
nftnl_free_verdict(&imm->data);
}
-static bool nftnl_expr_immediate_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_immediate *i1 = nftnl_expr_data(e1);
- struct nftnl_expr_immediate *i2 = nftnl_expr_data(e2);
- bool eq = true;
- int type = DATA_NONE;
-
- if (e1->flags & (1 << NFTNL_EXPR_IMM_DREG))
- eq &= (i1->dreg == i2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_IMM_VERDICT))
- if (e1->flags & (1 << NFTNL_EXPR_IMM_CHAIN))
- type = DATA_CHAIN;
- else
- type = DATA_VERDICT;
- else if (e1->flags & (1 << NFTNL_EXPR_IMM_DATA))
- type = DATA_VALUE;
-
- if (type != DATA_NONE)
- eq &= nftnl_data_reg_cmp(&i1->data, &i2->data, type);
-
- return eq;
-}
-
struct expr_ops expr_ops_immediate = {
.name = "immediate",
.alloc_len = sizeof(struct nftnl_expr_immediate),
.max_attr = NFTA_IMMEDIATE_MAX,
.free = nftnl_expr_immediate_free,
- .cmp = nftnl_expr_immediate_cmp,
.set = nftnl_expr_immediate_set,
.get = nftnl_expr_immediate_get,
.parse = nftnl_expr_immediate_parse,
diff --git a/src/expr/limit.c b/src/expr/limit.c
index 2a0adba8f6e4..5872e276dbb8 100644
--- a/src/expr/limit.c
+++ b/src/expr/limit.c
@@ -208,33 +208,11 @@ nftnl_expr_limit_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_limit_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_limit *l1 = nftnl_expr_data(e1);
- struct nftnl_expr_limit *l2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_LIMIT_RATE))
- eq &= (l1->rate == l2->rate);
- if (e1->flags & (1 << NFTNL_EXPR_LIMIT_UNIT))
- eq &= (l1->unit == l2->unit);
- if (e1->flags & (1 << NFTNL_EXPR_LIMIT_BURST))
- eq &= (l1->burst == l2->burst);
- if (e1->flags & (1 << NFTNL_EXPR_LIMIT_TYPE))
- eq &= (l1->type == l2->type);
- if (e1->flags & (1 << NFTNL_EXPR_LIMIT_FLAGS))
- eq &= (l1->flags == l2->flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_limit = {
.name = "limit",
.alloc_len = sizeof(struct nftnl_expr_limit),
.max_attr = NFTA_LIMIT_MAX,
.set = nftnl_expr_limit_set,
- .cmp = nftnl_expr_limit_cmp,
.get = nftnl_expr_limit_get,
.parse = nftnl_expr_limit_parse,
.build = nftnl_expr_limit_build,
diff --git a/src/expr/log.c b/src/expr/log.c
index 1119c53898a3..bbe43d2dc6bc 100644
--- a/src/expr/log.c
+++ b/src/expr/log.c
@@ -258,35 +258,11 @@ static void nftnl_expr_log_free(const struct nftnl_expr *e)
xfree(log->prefix);
}
-static bool nftnl_expr_log_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_log *l1 = nftnl_expr_data(e1);
- struct nftnl_expr_log *l2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_LOG_SNAPLEN))
- eq &= (l1->snaplen == l2->snaplen);
- if (e1->flags & (1 << NFTNL_EXPR_LOG_GROUP))
- eq &= (l1->group == l2->group);
- if (e1->flags & (1 << NFTNL_EXPR_LOG_QTHRESHOLD))
- eq &= (l1->qthreshold == l2->qthreshold);
- if (e1->flags & (1 << NFTNL_EXPR_LOG_LEVEL))
- eq &= (l1->level == l2->level);
- if (e1->flags & (1 << NFTNL_EXPR_LOG_FLAGS))
- eq &= (l1->flags == l2->flags);
- if (e1->flags & (1 << NFTNL_EXPR_LOG_PREFIX))
- eq &= !strcmp(l1->prefix, l2->prefix);
-
- return eq;
-}
-
struct expr_ops expr_ops_log = {
.name = "log",
.alloc_len = sizeof(struct nftnl_expr_log),
.max_attr = NFTA_LOG_MAX,
.free = nftnl_expr_log_free,
- .cmp = nftnl_expr_log_cmp,
.set = nftnl_expr_log_set,
.get = nftnl_expr_log_get,
.parse = nftnl_expr_log_parse,
diff --git a/src/expr/lookup.c b/src/expr/lookup.c
index a502e2a5bca5..a495ac0fdcfc 100644
--- a/src/expr/lookup.c
+++ b/src/expr/lookup.c
@@ -212,33 +212,11 @@ static void nftnl_expr_lookup_free(const struct nftnl_expr *e)
xfree(lookup->set_name);
}
-static bool nftnl_expr_lookup_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_lookup *l1 = nftnl_expr_data(e1);
- struct nftnl_expr_lookup *l2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_SREG))
- eq &= (l1->sreg == l2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_DREG))
- eq &= (l1->dreg == l2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_SET))
- eq &= !strcmp(l1->set_name, l2->set_name);
- if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_SET_ID))
- eq &= (l1->set_id == l2->set_id);
- if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_FLAGS))
- eq &= (l1->flags == l2->flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_lookup = {
.name = "lookup",
.alloc_len = sizeof(struct nftnl_expr_lookup),
.max_attr = NFTA_LOOKUP_MAX,
.free = nftnl_expr_lookup_free,
- .cmp = nftnl_expr_lookup_cmp,
.set = nftnl_expr_lookup_set,
.get = nftnl_expr_lookup_get,
.parse = nftnl_expr_lookup_parse,
diff --git a/src/expr/masq.c b/src/expr/masq.c
index fe017f727797..f6f3ceb6e8da 100644
--- a/src/expr/masq.c
+++ b/src/expr/masq.c
@@ -161,28 +161,10 @@ static int nftnl_expr_masq_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_masq_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_masq *m1 = nftnl_expr_data(e1);
- struct nftnl_expr_masq *m2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_MASQ_FLAGS))
- eq &= (m1->flags == m2->flags);
- if (e1->flags & (1 << NFTNL_EXPR_MASQ_REG_PROTO_MIN))
- eq &= (m1->sreg_proto_min == m2->sreg_proto_min);
- if (e1->flags & (1 << NFTNL_EXPR_MASQ_REG_PROTO_MAX))
- eq &= (m1->sreg_proto_max == m2->sreg_proto_max);
-
- return eq;
-}
-
struct expr_ops expr_ops_masq = {
.name = "masq",
.alloc_len = sizeof(struct nftnl_expr_masq),
.max_attr = NFTA_MASQ_MAX,
- .cmp = nftnl_expr_masq_cmp,
.set = nftnl_expr_masq_set,
.get = nftnl_expr_masq_get,
.parse = nftnl_expr_masq_parse,
diff --git a/src/expr/match.c b/src/expr/match.c
index 2b3321d14aa3..4fa74b2da893 100644
--- a/src/expr/match.c
+++ b/src/expr/match.c
@@ -189,31 +189,11 @@ static void nftnl_expr_match_free(const struct nftnl_expr *e)
xfree(match->data);
}
-static bool nftnl_expr_match_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_match *m1 = nftnl_expr_data(e1);
- struct nftnl_expr_match *m2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_MT_NAME))
- eq &= !strcmp(m1->name, m2->name);
- if (e1->flags & (1 << NFTNL_EXPR_MT_REV))
- eq &= (m1->rev == m2->rev);
- if (e1->flags & (1 << NFTNL_EXPR_MT_INFO)) {
- eq &= (m1->data_len == m2->data_len);
- eq &= !memcmp(m1->data, m2->data, m1->data_len);
- }
-
- return eq;
-}
-
struct expr_ops expr_ops_match = {
.name = "match",
.alloc_len = sizeof(struct nftnl_expr_match),
.max_attr = NFTA_MATCH_MAX,
.free = nftnl_expr_match_free,
- .cmp = nftnl_expr_match_cmp,
.set = nftnl_expr_match_set,
.get = nftnl_expr_match_get,
.parse = nftnl_expr_match_parse,
diff --git a/src/expr/meta.c b/src/expr/meta.c
index 3654837b9bb4..ffcc8967b109 100644
--- a/src/expr/meta.c
+++ b/src/expr/meta.c
@@ -214,28 +214,10 @@ nftnl_expr_meta_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_meta_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_meta *m1 = nftnl_expr_data(e1);
- struct nftnl_expr_meta *m2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_META_KEY))
- eq &= (m1->key == m2->key);
- if (e1->flags & (1 << NFTNL_EXPR_META_DREG))
- eq &= (m1->dreg == m2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_META_SREG))
- eq &= (m1->sreg == m2->sreg);
-
- return eq;
-}
-
struct expr_ops expr_ops_meta = {
.name = "meta",
.alloc_len = sizeof(struct nftnl_expr_meta),
.max_attr = NFTA_META_MAX,
- .cmp = nftnl_expr_meta_cmp,
.set = nftnl_expr_meta_set,
.get = nftnl_expr_meta_get,
.parse = nftnl_expr_meta_parse,
diff --git a/src/expr/nat.c b/src/expr/nat.c
index 38fccb0fdb3e..6b7d50ea801a 100644
--- a/src/expr/nat.c
+++ b/src/expr/nat.c
@@ -271,35 +271,10 @@ nftnl_expr_nat_snprintf(char *buf, size_t size, uint32_t type,
return -1;
}
-static bool nftnl_expr_nat_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_nat *n1 = nftnl_expr_data(e1);
- struct nftnl_expr_nat *n2 = nftnl_expr_data(e2);
- bool eq = true;
- if (e1->flags & (1 << NFTNL_EXPR_NAT_REG_ADDR_MIN))
- eq &= (n1->sreg_addr_min == n2->sreg_addr_min);
- if (e1->flags & (1 << NFTNL_EXPR_NAT_REG_ADDR_MAX))
- eq &= (n1->sreg_addr_max == n2->sreg_addr_max);
- if (e1->flags & (1 << NFTNL_EXPR_NAT_REG_PROTO_MIN))
- eq &= (n1->sreg_proto_min == n2->sreg_proto_min);
- if (e1->flags & (1 << NFTNL_EXPR_NAT_REG_PROTO_MAX))
- eq &= (n1->sreg_proto_max == n2->sreg_proto_max);
- if (e1->flags & (1 << NFTNL_EXPR_NAT_FAMILY))
- eq &= (n1->family == n2->family);
- if (e1->flags & (1 << NFTNL_EXPR_NAT_TYPE))
- eq &= (n1->type == n2->type);
- if (e1->flags & (1 << NFTNL_EXPR_NAT_FLAGS))
- eq &= (n1->flags == n2->flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_nat = {
.name = "nat",
.alloc_len = sizeof(struct nftnl_expr_nat),
.max_attr = NFTA_NAT_MAX,
- .cmp = nftnl_expr_nat_cmp,
.set = nftnl_expr_nat_set,
.get = nftnl_expr_nat_get,
.parse = nftnl_expr_nat_parse,
diff --git a/src/expr/numgen.c b/src/expr/numgen.c
index f940081c41a2..70d0d0d142b9 100644
--- a/src/expr/numgen.c
+++ b/src/expr/numgen.c
@@ -230,34 +230,10 @@ nftnl_expr_ng_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_ng_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_ng *n1 = nftnl_expr_data(e1);
- struct nftnl_expr_ng *n2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_NG_DREG))
- eq &= (n1->dreg == n2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_NG_MODULUS))
- eq &= (n1->modulus == n2->modulus);
- if (e1->flags & (1 << NFTNL_EXPR_NG_TYPE))
- eq &= (n1->type == n2->type);
- if (e1->flags & (1 << NFTNL_EXPR_NG_OFFSET))
- eq &= (n1->offset == n2->offset);
- if (e1->flags & (1 << NFTNL_EXPR_NG_SET_NAME))
- eq &= !strcmp(n1->map.name, n2->map.name);
- if (e1->flags & (1 << NFTNL_EXPR_NG_SET_ID))
- eq &= (n1->map.id == n2->map.id);
-
- return eq;
-}
-
struct expr_ops expr_ops_ng = {
.name = "numgen",
.alloc_len = sizeof(struct nftnl_expr_ng),
.max_attr = NFTA_NG_MAX,
- .cmp = nftnl_expr_ng_cmp,
.set = nftnl_expr_ng_set,
.get = nftnl_expr_ng_get,
.parse = nftnl_expr_ng_parse,
diff --git a/src/expr/objref.c b/src/expr/objref.c
index 3b815f5c1db7..7388b18ac929 100644
--- a/src/expr/objref.c
+++ b/src/expr/objref.c
@@ -202,32 +202,10 @@ static int nftnl_expr_objref_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_objref_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_objref *c1 = nftnl_expr_data(e1);
- struct nftnl_expr_objref *c2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_OBJREF_IMM_TYPE))
- eq &= (c1->imm.type == c2->imm.type);
- if (e1->flags & (1 << NFTNL_EXPR_OBJREF_IMM_NAME))
- eq &= !strcmp(c1->imm.name, c2->imm.name);
- if (e1->flags & (1 << NFTNL_EXPR_OBJREF_SET_SREG))
- eq &= (c1->set.sreg == c2->set.sreg);
- if (e1->flags & (1 << NFTNL_EXPR_OBJREF_SET_NAME))
- eq &= !strcmp(c1->set.name, c2->set.name);
- if (e1->flags & (1 << NFTNL_EXPR_OBJREF_SET_ID))
- eq &= (c1->set.id == c2->set.id);
-
- return eq;
-}
-
struct expr_ops expr_ops_objref = {
.name = "objref",
.alloc_len = sizeof(struct nftnl_expr_objref),
.max_attr = NFTA_OBJREF_MAX,
- .cmp = nftnl_expr_objref_cmp,
.set = nftnl_expr_objref_set,
.get = nftnl_expr_objref_get,
.parse = nftnl_expr_objref_parse,
diff --git a/src/expr/osf.c b/src/expr/osf.c
index 08603286b34a..52da21f4cf90 100644
--- a/src/expr/osf.c
+++ b/src/expr/osf.c
@@ -136,27 +136,10 @@ nftnl_expr_osf_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_osf_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_osf *l1 = nftnl_expr_data(e1);
- struct nftnl_expr_osf *l2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_OSF_DREG))
- eq &= (l1->dreg == l2->dreg);
-
- if (e1->flags & (1 << NFTNL_EXPR_OSF_TTL))
- eq &= (l1->ttl == l2->ttl);
-
- return eq;
-}
-
struct expr_ops expr_ops_osf = {
.name = "osf",
.alloc_len = sizeof(struct nftnl_expr_osf),
.max_attr = NFTA_OSF_MAX,
- .cmp = nftnl_expr_osf_cmp,
.set = nftnl_expr_osf_set,
.get = nftnl_expr_osf_get,
.parse = nftnl_expr_osf_parse,
diff --git a/src/expr/payload.c b/src/expr/payload.c
index 680da4a827b0..2192dad5f15d 100644
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -258,38 +258,10 @@ nftnl_expr_payload_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_payload_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_payload *p1 = nftnl_expr_data(e1);
- struct nftnl_expr_payload *p2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_SREG))
- eq &= (p1->sreg == p2->sreg);
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_DREG))
- eq &= (p1->dreg == p2->dreg);
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_BASE))
- eq &= (p1->base == p2->base);
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_OFFSET))
- eq &= (p1->offset == p2->offset);
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_LEN))
- eq &= (p1->len == p2->len);
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_CSUM_TYPE))
- eq &= (p1->csum_type == p2->csum_type);
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_CSUM_OFFSET))
- eq &= (p1->csum_offset == p2->csum_offset);
- if (e1->flags & (1 << NFTNL_EXPR_PAYLOAD_FLAGS))
- eq &= (p1->csum_flags == p2->csum_flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_payload = {
.name = "payload",
.alloc_len = sizeof(struct nftnl_expr_payload),
.max_attr = NFTA_PAYLOAD_MAX,
- .cmp = nftnl_expr_payload_cmp,
.set = nftnl_expr_payload_set,
.get = nftnl_expr_payload_get,
.parse = nftnl_expr_payload_parse,
diff --git a/src/expr/queue.c b/src/expr/queue.c
index f9d83139ce3c..051ef71e72fd 100644
--- a/src/expr/queue.c
+++ b/src/expr/queue.c
@@ -199,30 +199,10 @@ nftnl_expr_queue_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_queue_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_queue *q1 = nftnl_expr_data(e1);
- struct nftnl_expr_queue *q2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_QUEUE_NUM))
- eq &= (q1->queuenum == q2->queuenum);
- if (e1->flags & (1 << NFTNL_EXPR_QUEUE_TOTAL))
- eq &= (q1->queues_total == q2->queues_total);
- if (e1->flags & (1 << NFTNL_EXPR_QUEUE_FLAGS))
- eq &= (q1->flags == q2->flags);
- if (e1->flags & (1 << NFTNL_EXPR_QUEUE_SREG_QNUM))
- eq &= (q1->sreg_qnum == q2->sreg_qnum);
-
- return eq;
-}
-
struct expr_ops expr_ops_queue = {
.name = "queue",
.alloc_len = sizeof(struct nftnl_expr_queue),
.max_attr = NFTA_QUEUE_MAX,
- .cmp = nftnl_expr_queue_cmp,
.set = nftnl_expr_queue_set,
.get = nftnl_expr_queue_get,
.parse = nftnl_expr_queue_parse,
diff --git a/src/expr/redir.c b/src/expr/redir.c
index 36c2e2b1354f..477659a320db 100644
--- a/src/expr/redir.c
+++ b/src/expr/redir.c
@@ -173,28 +173,10 @@ nftnl_expr_redir_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_redir_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_redir *r1 = nftnl_expr_data(e1);
- struct nftnl_expr_redir *r2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_REDIR_REG_PROTO_MIN))
- eq &= (r1->sreg_proto_min== r2->sreg_proto_min);
- if (e1->flags & (1 << NFTNL_EXPR_REDIR_REG_PROTO_MAX))
- eq &= (r1->sreg_proto_max== r2->sreg_proto_max);
- if (e1->flags & (1 << NFTNL_EXPR_REDIR_FLAGS))
- eq &= (r1->flags== r2->flags);
-
- return eq;
-}
-
struct expr_ops expr_ops_redir = {
.name = "redir",
.alloc_len = sizeof(struct nftnl_expr_redir),
.max_attr = NFTA_REDIR_MAX,
- .cmp = nftnl_expr_redir_cmp,
.set = nftnl_expr_redir_set,
.get = nftnl_expr_redir_get,
.parse = nftnl_expr_redir_parse,
diff --git a/src/expr/reject.c b/src/expr/reject.c
index 3e49076f069c..141942e6941f 100644
--- a/src/expr/reject.c
+++ b/src/expr/reject.c
@@ -140,26 +140,10 @@ nftnl_expr_reject_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_reject_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_reject *r1 = nftnl_expr_data(e1);
- struct nftnl_expr_reject *r2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_REJECT_TYPE))
- eq &= (r1->type == r2->type);
- if (e1->flags & (1 << NFTNL_EXPR_REJECT_CODE))
- eq &= (r1->icmp_code == r2->icmp_code);
-
- return eq;
-}
-
struct expr_ops expr_ops_reject = {
.name = "reject",
.alloc_len = sizeof(struct nftnl_expr_reject),
.max_attr = NFTA_REJECT_MAX,
- .cmp = nftnl_expr_reject_cmp,
.set = nftnl_expr_reject_set,
.get = nftnl_expr_reject_get,
.parse = nftnl_expr_reject_parse,
diff --git a/src/expr/rt.c b/src/expr/rt.c
index a112270c92a5..0fce72d9a845 100644
--- a/src/expr/rt.c
+++ b/src/expr/rt.c
@@ -169,26 +169,10 @@ nftnl_expr_rt_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_rt_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_rt *r1 = nftnl_expr_data(e1);
- struct nftnl_expr_rt *r2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_RT_KEY))
- eq &= (r1->key == r2->key);
- if (e1->flags & (1 << NFTNL_EXPR_RT_DREG))
- eq &= (r1->dreg == r2->dreg);
-
- return eq;
-}
-
struct expr_ops expr_ops_rt = {
.name = "rt",
.alloc_len = sizeof(struct nftnl_expr_rt),
.max_attr = NFTA_RT_MAX,
- .cmp = nftnl_expr_rt_cmp,
.set = nftnl_expr_rt_set,
.get = nftnl_expr_rt_get,
.parse = nftnl_expr_rt_parse,
diff --git a/src/expr/socket.c b/src/expr/socket.c
index ebafa2f172e3..96550d58c710 100644
--- a/src/expr/socket.c
+++ b/src/expr/socket.c
@@ -166,26 +166,10 @@ nftnl_expr_socket_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_socket_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_socket *r1 = nftnl_expr_data(e1);
- struct nftnl_expr_socket *r2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_SOCKET_KEY))
- eq &= (r1->key == r2->key);
- if (e1->flags & (1 << NFTNL_EXPR_SOCKET_DREG))
- eq &= (r1->dreg == r2->dreg);
-
- return eq;
-}
-
struct expr_ops expr_ops_socket = {
.name = "socket",
.alloc_len = sizeof(struct nftnl_expr_socket),
.max_attr = NFTA_SOCKET_MAX,
- .cmp = nftnl_expr_socket_cmp,
.set = nftnl_expr_socket_set,
.get = nftnl_expr_socket_get,
.parse = nftnl_expr_socket_parse,
diff --git a/src/expr/target.c b/src/expr/target.c
index bf2ba77ba3a8..91000386704a 100644
--- a/src/expr/target.c
+++ b/src/expr/target.c
@@ -189,31 +189,11 @@ static void nftnl_expr_target_free(const struct nftnl_expr *e)
xfree(target->data);
}
-static bool nftnl_expr_target_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_target *t1 = nftnl_expr_data(e1);
- struct nftnl_expr_target *t2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_TG_NAME))
- eq &= !strcmp(t1->name, t2->name);
- if (e1->flags & (1 << NFTNL_EXPR_TG_REV))
- eq &= (t1->rev == t2->rev);
- if (e1->flags & (1 << NFTNL_EXPR_TG_INFO)) {
- eq &= (t1->data_len == t2->data_len);
- eq &= !memcmp(t1->data, t2->data, t1->data_len);
- }
-
- return eq;
-}
-
struct expr_ops expr_ops_target = {
.name = "target",
.alloc_len = sizeof(struct nftnl_expr_target),
.max_attr = NFTA_TARGET_MAX,
.free = nftnl_expr_target_free,
- .cmp = nftnl_expr_target_cmp,
.set = nftnl_expr_target_set,
.get = nftnl_expr_target_get,
.parse = nftnl_expr_target_parse,
diff --git a/src/expr/tproxy.c b/src/expr/tproxy.c
index d75abbc941dc..3827b75ed221 100644
--- a/src/expr/tproxy.c
+++ b/src/expr/tproxy.c
@@ -175,28 +175,10 @@ nftnl_expr_tproxy_snprintf(char *buf, size_t size, uint32_t type,
return -1;
}
-static bool nftnl_expr_tproxy_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_tproxy *n1 = nftnl_expr_data(e1);
- struct nftnl_expr_tproxy *n2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_TPROXY_REG_ADDR))
- eq &= (n1->sreg_addr == n2->sreg_addr);
- if (e1->flags & (1 << NFTNL_EXPR_TPROXY_REG_PORT))
- eq &= (n1->sreg_port == n2->sreg_port);
- if (e1->flags & (1 << NFTNL_EXPR_TPROXY_FAMILY))
- eq &= (n1->family == n2->family);
-
- return eq;
-}
-
struct expr_ops expr_ops_tproxy = {
.name = "tproxy",
.alloc_len = sizeof(struct nftnl_expr_tproxy),
.max_attr = NFTA_TPROXY_MAX,
- .cmp = nftnl_expr_tproxy_cmp,
.set = nftnl_expr_tproxy_set,
.get = nftnl_expr_tproxy_get,
.parse = nftnl_expr_tproxy_parse,
diff --git a/src/expr/xfrm.c b/src/expr/xfrm.c
index 7c6f98ee34d2..8fe5438bd792 100644
--- a/src/expr/xfrm.c
+++ b/src/expr/xfrm.c
@@ -231,30 +231,10 @@ nftnl_expr_xfrm_snprintf(char *buf, size_t len, uint32_t type,
return -1;
}
-static bool nftnl_expr_xfrm_cmp(const struct nftnl_expr *e1,
- const struct nftnl_expr *e2)
-{
- struct nftnl_expr_xfrm *x1 = nftnl_expr_data(e1);
- struct nftnl_expr_xfrm *x2 = nftnl_expr_data(e2);
- bool eq = true;
-
- if (e1->flags & (1 << NFTNL_EXPR_XFRM_KEY))
- eq &= (x1->key == x2->key);
- if (e1->flags & (1 << NFTNL_EXPR_XFRM_DIR))
- eq &= (x1->dir == x2->dir);
- if (e1->flags & (1 << NFTNL_EXPR_XFRM_SPNUM))
- eq &= (x1->spnum == x2->spnum);
- if (e1->flags & (1 << NFTNL_EXPR_XFRM_DREG))
- eq &= (x1->dreg == x2->dreg);
-
- return eq;
-}
-
struct expr_ops expr_ops_xfrm = {
.name = "xfrm",
.alloc_len = sizeof(struct nftnl_expr_xfrm),
.max_attr = NFTA_XFRM_MAX,
- .cmp = nftnl_expr_xfrm_cmp,
.set = nftnl_expr_xfrm_set,
.get = nftnl_expr_xfrm_get,
.parse = nftnl_expr_xfrm_parse,
diff --git a/src/libnftnl.map b/src/libnftnl.map
index 0d6b20c8f14b..89414f2146ac 100644
--- a/src/libnftnl.map
+++ b/src/libnftnl.map
@@ -1,4 +1,4 @@
-LIBNFTNL_5 {
+LIBNFTNL_11 {
global:
nftnl_table_alloc;
nftnl_table_free;
@@ -271,9 +271,6 @@ global:
nftnl_udata_next;
nftnl_udata_parse;
- nftnl_rule_cmp;
- nftnl_expr_cmp;
-
nftnl_obj_alloc;
nftnl_obj_free;
nftnl_obj_is_set;
@@ -307,14 +304,8 @@ global:
nftnl_obj_list_iter_next;
nftnl_obj_list_iter_destroy;
-local: *;
-};
-
-LIBNFTNL_6 {
nftnl_expr_fprintf;
-} LIBNFTNL_5;
-LIBNFTNL_7 {
nftnl_flowtable_alloc;
nftnl_flowtable_free;
nftnl_flowtable_is_set;
@@ -341,8 +332,7 @@ LIBNFTNL_7 {
nftnl_flowtable_list_del;
nftnl_flowtable_list_foreach;
-} LIBNFTNL_6;
-
-LIBNFTNL_8 {
nftnl_rule_list_insert_at;
-} LIBNFTNL_7;
+
+local: *;
+};
diff --git a/src/rule.c b/src/rule.c
index c3c8a8ba5813..9af8fae2a803 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -740,37 +740,6 @@ void nftnl_expr_iter_destroy(struct nftnl_expr_iter *iter)
xfree(iter);
}
-EXPORT_SYMBOL(nftnl_rule_cmp);
-bool nftnl_rule_cmp(const struct nftnl_rule *r1, const struct nftnl_rule *r2)
-{
- struct nftnl_expr_iter it1, it2;
- struct nftnl_expr *e1, *e2;
- unsigned int eq = 1;
-
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_TABLE))
- eq &= !strcmp(r1->table, r2->table);
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_CHAIN))
- eq &= !strcmp(r1->chain, r2->chain);
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_COMPAT_FLAGS))
- eq &= (r1->compat.flags == r2->compat.flags);
- if (r1->flags & r1->flags & (1 << NFTNL_RULE_COMPAT_PROTO))
- eq &= (r1->compat.proto == r2->compat.proto);
-
- nftnl_expr_iter_init(r1, &it1);
- nftnl_expr_iter_init(r2, &it2);
- e1 = nftnl_expr_iter_next(&it1);
- e2 = nftnl_expr_iter_next(&it2);
- while (eq && e1 && e2) {
- eq = nftnl_expr_cmp(e1, e2);
-
- e1 = nftnl_expr_iter_next(&it1);
- e2 = nftnl_expr_iter_next(&it2);
- }
- eq &= (!e1 && !e2);
-
- return eq;
-}
-
struct nftnl_rule_list {
struct list_head list;
};
--
2.11.0
