Hi Pablo, On Fri, Nov 23, 2018 at 01:35:17PM +0100, Pablo Neira Ayuso wrote: > On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote: > > Phil Sutter <phil@xxxxxx> wrote: > > > > If user doesn't want it cleared at nftnl_chain_free() time they can > > > > always allocate a new nftnl_rule_list and splice to that list. > > > > > > Good point. What do you think about the simple approach of introducing: > > > > > > | struct nftnl_rule_list *nftnl_chain_get_rule_list(const struct nftnl_chain *); > > > > Looks fine to me. > > > > > This would allow to reuse nftnl_rule_list routines from libnftnl/rule.h. > > > One potential problem I see is that users may try to call > > > nftnl_rule_list_free(). Can we prevent that somehow? > > > > Document that nftnl_rule_list_free() pairs with nftnl_rule_list_alloc() :-) > > > > I don't think its an issue. > > We could add a 'bool make_free_no_op' to nftnl_rule_list and set that to > > true for nftnl_rule_list structures that are allocated indirectly on > > behalf of nftnl_chain struct, but I think thats taking things too far. > > Can we have an interface similar to nftnl_rule_add_expr() to add rules > to chains? > > So we add list field to nftnl_chain, and this new interface to > add/delete rules. I didn't look at struct nftnl_rule yet. OK, that seems rather different from what I had in mind. So I guess your idea would be to add a field of type struct list_head instead of struct nftnl_rule_list and implement struct nftnl_rule_iter and relevant functions? > We can probably deprecate the existing list interface if we follow > that procedure after a bit of time in favour of this one. OK, cool. Thanks, Phil
