To do so, turn nft_chain_save_rules() into a suitable callback. It is
not used outside of nft_rule_save anyway.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft.c | 34 ++++++++++++++--------------------
1 file changed, 14 insertions(+), 20 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index 809957c6daeb0..51716ff70108d 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1577,9 +1577,14 @@ int nft_chain_save(struct nftnl_chain *c, void *data)
return 0;
}
-static int nft_chain_save_rules(struct nft_handle *h,
- struct nftnl_chain *c, unsigned int format)
+struct nft_rule_save_data {
+ struct nft_handle *h;
+ unsigned int format;
+};
+
+static int nft_rule_save_cb(struct nftnl_chain *c, void *data)
{
+ struct nft_rule_save_data *d = data;
struct nftnl_rule_iter *iter;
struct nftnl_rule *r;
@@ -1589,7 +1594,7 @@ static int nft_chain_save_rules(struct nft_handle *h,
r = nftnl_rule_iter_next(iter);
while (r != NULL) {
- nft_rule_print_save(h, r, NFT_RULE_APPEND, format);
+ nft_rule_print_save(d->h, r, NFT_RULE_APPEND, d->format);
r = nftnl_rule_iter_next(iter);
}
@@ -1599,29 +1604,18 @@ static int nft_chain_save_rules(struct nft_handle *h,
int nft_rule_save(struct nft_handle *h, const char *table, unsigned int format)
{
- struct nftnl_chain_list_iter *iter;
+ struct nft_rule_save_data d = {
+ .h = h,
+ .format = format,
+ };
struct nftnl_chain_list *list;
- struct nftnl_chain *c;
- int ret = 0;
+ int ret;
list = nft_chain_list_get(h, table, NULL);
if (!list)
return 0;
- iter = nftnl_chain_list_iter_create(list);
- if (!iter)
- return 0;
-
- c = nftnl_chain_list_iter_next(iter);
- while (c) {
- ret = nft_chain_save_rules(h, c, format);
- if (ret != 0)
- break;
-
- c = nftnl_chain_list_iter_next(iter);
- }
-
- nftnl_chain_list_iter_destroy(iter);
+ ret = nftnl_chain_list_foreach(list, nft_rule_save_cb, &d);
/* the core expects 1 for success and 0 for error */
return ret == 0 ? 1 : 0;
--
2.27.0
