This new function takes a struct nft_cache as parameter.
This patch also introduces __nft_table_builtin_find() which is required
to look up for built-in tables without the nft_handle structure.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
iptables/nft.c | 41 +++++++++++++++++++++++++++--------------
1 file changed, 27 insertions(+), 14 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index c5ddde5f0064..14141bb7dbcf 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -688,25 +688,31 @@ static void nft_chain_builtin_add(struct nft_handle *h,
nftnl_chain_list_add_tail(c, h->cache->table[table->type].chains);
}
-/* find if built-in table already exists */
-const struct builtin_table *
-nft_table_builtin_find(struct nft_handle *h, const char *table)
+static const struct builtin_table *
+__nft_table_builtin_find(const struct builtin_table *tables, const char *table)
{
int i;
bool found = false;
for (i = 0; i < NFT_TABLE_MAX; i++) {
- if (h->tables[i].name == NULL)
+ if (tables[i].name == NULL)
continue;
- if (strcmp(h->tables[i].name, table) != 0)
+ if (strcmp(tables[i].name, table) != 0)
continue;
found = true;
break;
}
- return found ? &h->tables[i] : NULL;
+ return found ? &tables[i] : NULL;
+}
+
+/* find if built-in table already exists */
+const struct builtin_table *
+nft_table_builtin_find(struct nft_handle *h, const char *table)
+{
+ return __nft_table_builtin_find(h->tables, table);
}
/* find if built-in chain already exists */
@@ -836,30 +842,37 @@ static int __flush_chain_cache(struct nftnl_chain *c, void *data)
return 0;
}
-static void flush_chain_cache(struct nft_handle *h, const char *tablename)
+static void flush_cache(struct nft_cache *c,
+ const struct builtin_table *tables,
+ const char *tablename)
{
const struct builtin_table *table;
int i;
if (tablename) {
- table = nft_table_builtin_find(h, tablename);
- if (!table || !h->cache->table[table->type].chains)
+ table = __nft_table_builtin_find(tables, tablename);
+ if (!table || !c->table[table->type].chains)
return;
- nftnl_chain_list_foreach(h->cache->table[table->type].chains,
+ nftnl_chain_list_foreach(c->table[table->type].chains,
__flush_chain_cache, NULL);
return;
}
for (i = 0; i < NFT_TABLE_MAX; i++) {
- if (h->tables[i].name == NULL)
+ if (tables[i].name == NULL)
continue;
- if (!h->cache->table[i].chains)
+ if (!c->table[i].chains)
continue;
- nftnl_chain_list_free(h->cache->table[i].chains);
- h->cache->table[i].chains = NULL;
+ nftnl_chain_list_free(c->table[i].chains);
+ c->table[i].chains = NULL;
}
+}
+
+static void flush_chain_cache(struct nft_handle *h, const char *tablename)
+{
+ flush_cache(h->cache, h->tables, tablename);
h->have_cache = false;
}
--
2.11.0
