Provide an ordered list of devices for (netdev) chain and flowtable. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1525 Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- v2: fix qsort_device_cmp() src/netlink.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/netlink.c b/src/netlink.c index 6b6fe27762d5..7541ffd4408e 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -517,6 +517,14 @@ static int chain_parse_udata_cb(const struct nftnl_udata *attr, void *data) return 0; } +static int qsort_device_cmp(const void *a, const void *b) +{ + const char **x = (const char **)a; + const char **y = (const char **)b; + + return strcmp(*x, *y) < 0; +} + struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx, const struct nftnl_chain *nlc) { @@ -580,6 +588,11 @@ struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx, chain->dev_array_len = len; } chain->flags |= CHAIN_F_BASECHAIN; + + if (chain->dev_array_len) { + qsort(chain->dev_array, chain->dev_array_len, + sizeof(char *), qsort_device_cmp); + } } if (nftnl_chain_is_set(nlc, NFTNL_CHAIN_USERDATA)) { @@ -1582,6 +1595,11 @@ netlink_delinearize_flowtable(struct netlink_ctx *ctx, flowtable->dev_array_len = len; + if (flowtable->dev_array_len) { + qsort(flowtable->dev_array, flowtable->dev_array_len, + sizeof(char *), qsort_device_cmp); + } + priority = nftnl_flowtable_get_u32(nlo, NFTNL_FLOWTABLE_PRIO); flowtable->priority.expr = constant_expr_alloc(&netlink_location, -- 2.20.1
