[PATCH iptables] nft: add NFT_TABLE_* enumeration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 iptables/nft.c | 26 +++++++++++++-------------
 iptables/nft.h | 20 +++++++++++---------
 2 files changed, 24 insertions(+), 22 deletions(-)

diff --git a/iptables/nft.c b/iptables/nft.c
index d098068e01ca..dab7fbe235d2 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -375,8 +375,8 @@ static int batch_rule_add(struct nft_handle *h, enum obj_update_type type,
 	return batch_add(h, type, r);
 }
 
-struct builtin_table xtables_ipv4[TABLES_MAX] = {
-	[RAW] = {
+struct builtin_table xtables_ipv4[NFT_TABLE_MAX] = {
+	[NFT_TABLE_RAW] = {
 		.name	= "raw",
 		.chains = {
 			{
@@ -393,7 +393,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = {
 			},
 		},
 	},
-	[MANGLE] = {
+	[NFT_TABLE_MANGLE] = {
 		.name	= "mangle",
 		.chains = {
 			{
@@ -428,7 +428,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = {
 			},
 		},
 	},
-	[FILTER] = {
+	[NFT_TABLE_FILTER] = {
 		.name	= "filter",
 		.chains = {
 			{
@@ -451,7 +451,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = {
 			},
 		},
 	},
-	[SECURITY] = {
+	[NFT_TABLE_SECURITY] = {
 		.name	= "security",
 		.chains = {
 			{
@@ -474,7 +474,7 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = {
 			},
 		},
 	},
-	[NAT] = {
+	[NFT_TABLE_NAT] = {
 		.name	= "nat",
 		.chains = {
 			{
@@ -507,8 +507,8 @@ struct builtin_table xtables_ipv4[TABLES_MAX] = {
 
 #include <linux/netfilter_arp.h>
 
-struct builtin_table xtables_arp[TABLES_MAX] = {
-	[FILTER] = {
+struct builtin_table xtables_arp[NFT_TABLE_MAX] = {
+	[NFT_TABLE_FILTER] = {
 	.name   = "filter",
 	.chains = {
 			{
@@ -529,8 +529,8 @@ struct builtin_table xtables_arp[TABLES_MAX] = {
 
 #include <linux/netfilter_bridge.h>
 
-struct builtin_table xtables_bridge[TABLES_MAX] = {
-	[FILTER] = {
+struct builtin_table xtables_bridge[NFT_TABLE_MAX] = {
+	[NFT_TABLE_FILTER] = {
 		.name = "filter",
 		.chains = {
 			{
@@ -553,7 +553,7 @@ struct builtin_table xtables_bridge[TABLES_MAX] = {
 			},
 		},
 	},
-	[NAT] = {
+	[NFT_TABLE_NAT] = {
 		.name = "nat",
 		.chains = {
 			{
@@ -638,7 +638,7 @@ nft_table_builtin_find(struct nft_handle *h, const char *table)
 	int i;
 	bool found = false;
 
-	for (i=0; i<TABLES_MAX; i++) {
+	for (i = 0; i < NFT_TABLE_MAX; i++) {
 		if (h->tables[i].name == NULL)
 			continue;
 
@@ -3122,7 +3122,7 @@ static int nft_is_chain_compatible(const struct nft_handle *h,
 	prio = nftnl_chain_get_u32(chain, NFTNL_CHAIN_PRIO);
 	hook = nftnl_chain_get_u32(chain, NFTNL_CHAIN_HOOKNUM);
 
-	for (i = 0; i < TABLES_MAX; i++) {
+	for (i = 0; i < NFT_TABLE_MAX; i++) {
 		cur_table = h->tables[i].name;
 		chains = h->tables[i].chains;
 
diff --git a/iptables/nft.h b/iptables/nft.h
index bb5f03b4218f..9b4ba5f9a63e 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -5,12 +5,14 @@
 #include "nft-shared.h"
 #include <libiptc/linux_list.h>
 
-#define FILTER         0
-#define MANGLE         1
-#define RAW            2
-#define SECURITY       3
-#define NAT            4
-#define TABLES_MAX     5
+enum nft_table_type {
+	NFT_TABLE_FILTER	= 0,
+	NFT_TABLE_MANGLE,
+	NFT_TABLE_RAW,
+	NFT_TABLE_SECURITY,
+	NFT_TABLE_NAT,
+};
+#define NFT_TABLE_MAX	(NFT_TABLE_NAT + 1)
 
 struct builtin_chain {
 	const char *name;
@@ -47,9 +49,9 @@ struct nft_handle {
 	} error;
 };
 
-extern struct builtin_table xtables_ipv4[TABLES_MAX];
-extern struct builtin_table xtables_arp[TABLES_MAX];
-extern struct builtin_table xtables_bridge[TABLES_MAX];
+extern struct builtin_table xtables_ipv4[NFT_TABLE_MAX];
+extern struct builtin_table xtables_arp[NFT_TABLE_MAX];
+extern struct builtin_table xtables_bridge[NFT_TABLE_MAX];
 
 int mnl_talk(struct nft_handle *h, struct nlmsghdr *nlh,
 	     int (*cb)(const struct nlmsghdr *nlh, void *data),
-- 
2.11.0




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux