--terse does not apply to anonymous set, add a NFT_CACHE_TERSE bit
to skip named sets only.
Fixes: 9628d52e46ac ("cache: disable NFT_CACHE_SETELEM_BIT on --terse listing only")
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
include/cache.h | 1 +
src/cache.c | 7 +++++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/include/cache.h b/include/cache.h
index e5c509e8510c..3a9a5e819711 100644
--- a/include/cache.h
+++ b/include/cache.h
@@ -32,6 +32,7 @@ enum cache_level_flags {
NFT_CACHE_CHAIN_BIT |
NFT_CACHE_RULE_BIT,
NFT_CACHE_FULL = __NFT_CACHE_MAX_BIT - 1,
+ NFT_CACHE_TERSE = (1 << 27),
NFT_CACHE_SETELEM_MAYBE = (1 << 28),
NFT_CACHE_REFRESH = (1 << 29),
NFT_CACHE_UPDATE = (1 << 30),
diff --git a/src/cache.c b/src/cache.c
index fe31e3f02163..9f5980bc25cb 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -216,7 +216,7 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd,
filter->list.set = cmd->handle.set.name;
}
if (nft_output_terse(&nft->output))
- flags |= (NFT_CACHE_FULL & ~NFT_CACHE_SETELEM_BIT);
+ flags |= (NFT_CACHE_FULL | NFT_CACHE_TERSE);
else if (filter->list.table && filter->list.set)
flags |= NFT_CACHE_TABLE | NFT_CACHE_SET | NFT_CACHE_SETELEM;
else
@@ -234,7 +234,7 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd,
break;
case CMD_OBJ_RULESET:
if (nft_output_terse(&nft->output))
- flags |= (NFT_CACHE_FULL & ~NFT_CACHE_SETELEM_BIT);
+ flags |= (NFT_CACHE_FULL | NFT_CACHE_TERSE);
else
flags |= NFT_CACHE_FULL;
break;
@@ -830,6 +830,9 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags,
list_for_each_entry(set, &table->set_cache.list, cache.list) {
if (cache_filter_find(filter, &set->handle))
continue;
+ if (!set_is_anonymous(set->flags) &&
+ flags & NFT_CACHE_TERSE)
+ continue;
ret = netlink_list_setelems(ctx, &set->handle,
set);
--
2.30.2
