|
 |
8cce6c |
From b54cb3132045f5cac8c09b24e564ef05aff29288 Mon Sep 17 00:00:00 2001
|
|
|
8cce6c |
From: Phil Sutter <phil@nwl.cc>
|
|
|
8cce6c |
Date: Thu, 20 Dec 2018 16:09:02 +0100
|
|
|
8cce6c |
Subject: [PATCH] nft: Simplify nftnl_rule_list_chain_save()
|
|
|
8cce6c |
|
|
|
8cce6c |
Since there are per table chain caches, The chain list passed to that
|
|
|
8cce6c |
function is comprised of chains belonging to the right table only.
|
|
|
8cce6c |
Therefore the table name check can safely be skipped.
|
|
|
8cce6c |
|
|
|
8cce6c |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
8cce6c |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
8cce6c |
(cherry picked from commit 71f9e474d467dd59582d7a3920eded9613b99000)
|
|
|
8cce6c |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
8cce6c |
---
|
|
|
8cce6c |
iptables/nft.c | 10 +++-------
|
|
|
8cce6c |
1 file changed, 3 insertions(+), 7 deletions(-)
|
|
|
8cce6c |
|
|
|
8cce6c |
diff --git a/iptables/nft.c b/iptables/nft.c
|
|
|
8cce6c |
index 7b6fb2b10686d..9d20eb0eac2db 100644
|
|
|
8cce6c |
--- a/iptables/nft.c
|
|
|
8cce6c |
+++ b/iptables/nft.c
|
|
|
8cce6c |
@@ -2381,8 +2381,7 @@ list_save(struct nftnl_rule *r, unsigned int num, unsigned int format)
|
|
|
8cce6c |
|
|
|
8cce6c |
static int
|
|
|
8cce6c |
nftnl_rule_list_chain_save(struct nft_handle *h, const char *chain,
|
|
|
8cce6c |
- const char *table, struct nftnl_chain_list *list,
|
|
|
8cce6c |
- int counters)
|
|
|
8cce6c |
+ struct nftnl_chain_list *list, int counters)
|
|
|
8cce6c |
{
|
|
|
8cce6c |
struct nftnl_chain_list_iter *iter;
|
|
|
8cce6c |
struct nftnl_chain *c;
|
|
|
8cce6c |
@@ -2393,15 +2392,12 @@ nftnl_rule_list_chain_save(struct nft_handle *h, const char *chain,
|
|
|
8cce6c |
|
|
|
8cce6c |
c = nftnl_chain_list_iter_next(iter);
|
|
|
8cce6c |
while (c != NULL) {
|
|
|
8cce6c |
- const char *chain_table =
|
|
|
8cce6c |
- nftnl_chain_get_str(c, NFTNL_CHAIN_TABLE);
|
|
|
8cce6c |
const char *chain_name =
|
|
|
8cce6c |
nftnl_chain_get_str(c, NFTNL_CHAIN_NAME);
|
|
|
8cce6c |
uint32_t policy =
|
|
|
8cce6c |
nftnl_chain_get_u32(c, NFTNL_CHAIN_POLICY);
|
|
|
8cce6c |
|
|
|
8cce6c |
- if (strcmp(table, chain_table) != 0 ||
|
|
|
8cce6c |
- (chain && strcmp(chain, chain_name) != 0))
|
|
|
8cce6c |
+ if (chain && strcmp(chain, chain_name) != 0)
|
|
|
8cce6c |
goto next;
|
|
|
8cce6c |
|
|
|
8cce6c |
/* this is a base chain */
|
|
|
8cce6c |
@@ -2458,7 +2454,7 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain,
|
|
|
8cce6c |
|
|
|
8cce6c |
/* Dump policies and custom chains first */
|
|
|
8cce6c |
if (!rulenum)
|
|
|
8cce6c |
- nftnl_rule_list_chain_save(h, chain, table, list, counters);
|
|
|
8cce6c |
+ nftnl_rule_list_chain_save(h, chain, list, counters);
|
|
|
8cce6c |
|
|
|
8cce6c |
/* Now dump out rules in this table */
|
|
|
8cce6c |
iter = nftnl_chain_list_iter_create(list);
|
|
|
8cce6c |
--
|
|
|
8cce6c |
2.20.1
|
|
|
8cce6c |
|