nft-shared.c was already oversized, upcoming enhancement of the
nftnl_rule parser will add to that. So prepare any further work in that
field by creating a common 'nft-ruleparse.c' source and one for each
family to hold all the parsing code (basically the stack below
nft_rule_to_iptables_command_state).
Collect the existing expression parsing callbacks in a new struct
nft_ruleparse_ops and add a pointer to it into nft_family_ops. This way
the callbacks may be static and the nft-ruleparse-<family>.c sources
only export their ops object.
This series does things somewhat gradually:
* First pull everything from nft-shared.c into nft-ruleparse.c (likewise
with header files)
* Then perform the *_ops struct changes which should not have a
functional implication
* Finally weed parsers from nft-<family>.c files into
nft-ruleparse-<family>.c ones.
Phil Sutter (3):
nft: Introduce nft-ruleparse.{c,h}
nft: Extract rule parsing callbacks from nft_family_ops
nft: ruleparse: Create family-specific source files
iptables/Makefile.am | 3 +
iptables/nft-arp.c | 139 +---
iptables/nft-bridge.c | 390 +---------
iptables/nft-cache.h | 2 +
iptables/nft-ipv4.c | 106 +--
iptables/nft-ipv6.c | 83 +--
iptables/nft-ruleparse-arp.c | 168 +++++
iptables/nft-ruleparse-bridge.c | 422 +++++++++++
iptables/nft-ruleparse-ipv4.c | 135 ++++
iptables/nft-ruleparse-ipv6.c | 112 +++
iptables/nft-ruleparse.c | 1208 +++++++++++++++++++++++++++++++
iptables/nft-ruleparse.h | 138 ++++
iptables/nft-shared.c | 1190 ------------------------------
iptables/nft-shared.h | 115 +--
14 files changed, 2194 insertions(+), 2017 deletions(-)
create mode 100644 iptables/nft-ruleparse-arp.c
create mode 100644 iptables/nft-ruleparse-bridge.c
create mode 100644 iptables/nft-ruleparse-ipv4.c
create mode 100644 iptables/nft-ruleparse-ipv6.c
create mode 100644 iptables/nft-ruleparse.c
create mode 100644 iptables/nft-ruleparse.h
--
2.40.0
