Next round of combined cache update fix and intra-transaction rule
reference support.
Patch 2 is new, it avoids accidential cache updates when committing a
transaction containing flush ruleset command and kernel ruleset has
changed meanwhile.
Patch 3 is also new: If a transaction fails in kernel, local cache is
incorrect - drop it.
Patch 9 is a new requirement for patch 10 due to relocation of new
functions.
Patch 10 was changed, changelog included.
Phil Sutter (10):
src: Fix cache_flush() in cache_needs_more() logic
src: Utilize CMD_FLUSH for cache->cmd
libnftables: Drop cache in error case
libnftables: Keep list of commands in nft context
src: Make {table,chain}_not_found() public
src: Restore local entries after cache update
rule: Introduce rule_lookup_by_index()
src: Make cache_is_complete() public
include: Collect __stmt_binary_error() wrapper macros
src: Support intra-transaction rule references
include/erec.h | 6 +
include/nftables.h | 1 +
include/rule.h | 10 +
src/evaluate.c | 71 ++----
src/libnftables.c | 25 ++-
src/mnl.c | 4 +
src/rule.c | 202 +++++++++++++++++-
tests/json_echo/run-test.py | 6 +-
.../shell/testcases/cache/0003_cache_update_0 | 7 +
tests/shell/testcases/transactions/0024rule_0 | 17 ++
tests/shell/testcases/transactions/0025rule_0 | 21 ++
.../transactions/dumps/0024rule_0.nft | 8 +
.../transactions/dumps/0025rule_0.nft | 6 +
13 files changed, 314 insertions(+), 70 deletions(-)
create mode 100755 tests/shell/testcases/transactions/0024rule_0
create mode 100755 tests/shell/testcases/transactions/0025rule_0
create mode 100644 tests/shell/testcases/transactions/dumps/0024rule_0.nft
create mode 100644 tests/shell/testcases/transactions/dumps/0025rule_0.nft
--
2.21.0
