On Thu, Dec 20, 2018 at 04:09:18PM +0100, Phil Sutter wrote:
> Make use of nftnl_chain_list_lookup_byname() even if not listing a
> specific rule. Introduce __nft_print_header() to consolidate chain value
> extraction for printing with ops->print_header().
>
> Signed-off-by: Phil Sutter <phil@xxxxxx>
> ---
> iptables/nft.c | 78 +++++++++++++++++++++-----------------------------
> 1 file changed, 32 insertions(+), 46 deletions(-)
>
> diff --git a/iptables/nft.c b/iptables/nft.c
> index 250cae0a34e37..b11c390edcc10 100644
> --- a/iptables/nft.c
> +++ b/iptables/nft.c
> @@ -2247,6 +2247,24 @@ static int nft_rule_count(struct nft_handle *h, struct nftnl_chain *c)
> return rule_ctr;
> }
>
> +static void __nft_print_header(struct nft_handle *h,
> + const struct nft_family_ops *ops,
> + struct nftnl_chain *c, unsigned int format)
> +{
> + const char *chain_name = nftnl_chain_get_str(c, NFTNL_CHAIN_NAME);
> + uint32_t policy = nftnl_chain_get_u32(c, NFTNL_CHAIN_POLICY);
> + bool basechain = !!nftnl_chain_get(c, NFTNL_CHAIN_HOOKNUM);
> + uint32_t refs = nftnl_chain_get_u32(c, NFTNL_CHAIN_USE);
> + uint32_t entries = nft_rule_count(h, c);
> + struct xt_counters ctrs = {
> + .pcnt = nftnl_chain_get_u64(c, NFTNL_CHAIN_PACKETS),
> + .bcnt = nftnl_chain_get_u64(c, NFTNL_CHAIN_BYTES),
> + };
Maybe we can introduce a container structure for this.
> + ops->print_header(format, chain_name, policy_name[policy],
> + &ctrs, basechain, refs - entries, entries);
So we can pass it to ->print_header.
I would have preferred you add this in a initial patch, makes it
harder to review. Please do so in the future.
