Provide an ordered list of devices for (netdev) chain and flowtable. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1525 Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- src/netlink.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/netlink.c b/src/netlink.c index 6b6fe27762d5..fef869438c35 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -517,6 +517,11 @@ static int chain_parse_udata_cb(const struct nftnl_udata *attr, void *data) return 0; } +static int qsort_device_cmp(const void *a, const void *b) +{ + return strcmp(a, b) < 0; +} + struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx, const struct nftnl_chain *nlc) { @@ -580,6 +585,11 @@ struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx, chain->dev_array_len = len; } chain->flags |= CHAIN_F_BASECHAIN; + + if (chain->dev_array_len) { + qsort(chain->dev_array, chain->dev_array_len, + sizeof(char *), qsort_device_cmp); + } } if (nftnl_chain_is_set(nlc, NFTNL_CHAIN_USERDATA)) { @@ -1582,6 +1592,11 @@ netlink_delinearize_flowtable(struct netlink_ctx *ctx, flowtable->dev_array_len = len; + if (flowtable->dev_array_len) { + qsort(flowtable->dev_array, flowtable->dev_array_len, + sizeof(char *), qsort_device_cmp); + } + priority = nftnl_flowtable_get_u32(nlo, NFTNL_FLOWTABLE_PRIO); flowtable->priority.expr = constant_expr_alloc(&netlink_location, -- 2.20.1
