So we can remove nft_chain_dump() and replace nftnl_chain_get_list(). Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- iptables/nft.c | 27 +++++++++++---------------- iptables/nft.h | 2 +- iptables/xtables-restore.c | 2 +- iptables/xtables-save.c | 6 +++--- 4 files changed, 16 insertions(+), 21 deletions(-) diff --git a/iptables/nft.c b/iptables/nft.c index b81f41ab5350..d098068e01ca 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -672,9 +672,9 @@ nft_chain_builtin_find(struct builtin_table *t, const char *chain) static void nft_chain_builtin_init(struct nft_handle *h, struct builtin_table *table) { - int i; - struct nftnl_chain_list *list = nft_chain_dump(h); + struct nftnl_chain_list *list = nft_chain_list_get(h); struct nftnl_chain *c; + int i; /* Initialize built-in chains if they don't exist yet */ for (i=0; i < NF_INET_NUMHOOKS && table->chains[i].name != NULL; i++) { @@ -1289,7 +1289,7 @@ err: return MNL_CB_OK; } -static struct nftnl_chain_list *nftnl_chain_list_get(struct nft_handle *h) +struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h) { char buf[16536]; struct nlmsghdr *nlh; @@ -1320,11 +1320,6 @@ retry: return list; } -struct nftnl_chain_list *nft_chain_dump(struct nft_handle *h) -{ - return nftnl_chain_list_get(h); -} - static const char *policy_name[NF_ACCEPT+1] = { [NF_DROP] = "DROP", [NF_ACCEPT] = "ACCEPT", @@ -1533,7 +1528,7 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table, nft_fn = nft_rule_flush; - list = nftnl_chain_list_get(h); + list = nft_chain_list_get(h); if (list == NULL) { ret = 1; goto err; @@ -1595,7 +1590,7 @@ int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *tabl ret = batch_chain_add(h, NFT_COMPAT_CHAIN_USER_ADD, c); - nft_chain_dump(h); + nft_chain_list_get(h); nftnl_chain_list_add(c, h->chain_cache); @@ -1619,7 +1614,7 @@ int nft_chain_user_del(struct nft_handle *h, const char *chain, nft_fn = nft_chain_user_del; - list = nftnl_chain_list_get(h); + list = nft_chain_list_get(h); if (list == NULL) goto err; @@ -1712,7 +1707,7 @@ nft_chain_find(struct nft_handle *h, const char *table, const char *chain) { struct nftnl_chain_list *list; - list = nftnl_chain_list_get(h); + list = nft_chain_list_get(h); if (list == NULL) return NULL; @@ -2328,7 +2323,7 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, return 1; } - list = nft_chain_dump(h); + list = nft_chain_list_get(h); iter = nftnl_chain_list_iter_create(list); if (iter == NULL) @@ -2473,7 +2468,7 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain, return 0; } - list = nft_chain_dump(h); + list = nft_chain_list_get(h); /* Dump policies and custom chains first */ if (!rulenum) @@ -3004,7 +2999,7 @@ int nft_chain_zero_counters(struct nft_handle *h, const char *chain, struct nftnl_chain *c; int ret = 0; - list = nftnl_chain_list_get(h); + list = nft_chain_list_get(h); if (list == NULL) goto err; @@ -3156,7 +3151,7 @@ static int nft_are_chains_compatible(struct nft_handle *h, const char *tablename struct nftnl_chain *chain; int ret = 0; - list = nftnl_chain_list_get(h); + list = nft_chain_list_get(h); if (list == NULL) return -1; diff --git a/iptables/nft.h b/iptables/nft.h index 7419ec21a63a..bb5f03b4218f 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -76,7 +76,7 @@ struct builtin_table *nft_table_builtin_find(struct nft_handle *h, const char *t struct nftnl_chain; int nft_chain_set(struct nft_handle *h, const char *table, const char *chain, const char *policy, const struct xt_counters *counters); -struct nftnl_chain_list *nft_chain_dump(struct nft_handle *h); +struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h); struct nftnl_chain *nft_chain_list_find(struct nftnl_chain_list *list, const char *table, const char *chain); int nft_chain_save(struct nft_handle *h, struct nftnl_chain_list *list, const char *table); int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *table); diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index d9faa4d01ca4..f52977405421 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -60,7 +60,7 @@ static struct nftnl_chain_list *get_chain_list(struct nft_handle *h) { struct nftnl_chain_list *chain_list; - chain_list = nft_chain_dump(h); + chain_list = nft_chain_list_get(h); if (chain_list == NULL) xtables_error(OTHER_PROBLEM, "cannot retrieve chain list\n"); diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c index 53ce4b87febf..87b299c5a0cc 100644 --- a/iptables/xtables-save.c +++ b/iptables/xtables-save.c @@ -56,7 +56,7 @@ __do_output(struct nft_handle *h, const char *tablename, bool counters) return 0; } - chain_list = nft_chain_dump(h); + chain_list = nft_chain_list_get(h); time_t now = time(NULL); @@ -239,7 +239,7 @@ static int __ebt_save(struct nft_handle *h, const char *tablename, bool counters return 0; } - chain_list = nft_chain_dump(h); + chain_list = nft_chain_list_get(h); if (first) { now = time(NULL); @@ -324,7 +324,7 @@ int xtables_arp_save_main(int argc, char **argv) } printf("*filter\n"); - nft_chain_save(&h, nft_chain_dump(&h), "filter"); + nft_chain_save(&h, nft_chain_list_get(&h), "filter"); nft_rule_save(&h, "filter", FMT_NOCOUNTS); printf("\n"); nft_fini(&h); -- 2.11.0