[iptables PATCH v2 12/24] nft: Reduce cache overhead of adding a custom chain

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Pass the new chain name to nft_chain_list_get() although that doesn't
make sense (it is not supposed to be found). The reason is it avoids
full chain list retrieval from kernel if not present already.

Signed-off-by: Phil Sutter <phil@xxxxxx>
---
 iptables/nft.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/iptables/nft.c b/iptables/nft.c
index 904068a6404a6..2c05643f7d691 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1937,7 +1937,7 @@ int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *tabl
 
 	ret = batch_chain_add(h, NFT_COMPAT_CHAIN_USER_ADD, c);
 
-	list = nft_chain_list_get(h, table, NULL);
+	list = nft_chain_list_get(h, table, chain);
 	if (list)
 		nftnl_chain_list_add(c, list);
 
@@ -1977,7 +1977,7 @@ int nft_chain_restore(struct nft_handle *h, const char *chain, const char *table
 
 	ret = batch_chain_add(h, NFT_COMPAT_CHAIN_USER_ADD, c);
 
-	list = nft_chain_list_get(h, table, NULL);
+	list = nft_chain_list_get(h, table, chain);
 	if (list)
 		nftnl_chain_list_add(c, list);
 
-- 
2.23.0




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux