Support passing an nftnl_chain to fetch its rules from kernel.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index 02da53e60bc83..7c974af8b4141 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1575,10 +1575,13 @@ static int nft_rule_list_update(struct nftnl_chain *c, void *data)
return 0;
}
-static int fetch_rule_cache(struct nft_handle *h)
+static int fetch_rule_cache(struct nft_handle *h, struct nftnl_chain *c)
{
int i;
+ if (c)
+ return nft_rule_list_update(c, h);
+
for (i = 0; i < NFT_TABLE_MAX; i++) {
enum nft_table_type type = h->tables[i].type;
@@ -1599,7 +1602,7 @@ static void __nft_build_cache(struct nft_handle *h)
retry:
mnl_genid_get(h, &genid_start);
fetch_chain_cache(h);
- fetch_rule_cache(h);
+ fetch_rule_cache(h, NULL);
h->have_cache = true;
mnl_genid_get(h, &genid_stop);
--
2.23.0
