@@ -2055,6 +2055,12 @@ void nft_table_new(struct nft_handle *h, const char *table)
nft_xt_builtin_init(h, table);
}
+void nft_bridge_table_new(struct nft_handle *h, const char *table)
+{
+ nft_bridge_commit(h);
+ nft_table_new(h, table);
+}
+
static int __nft_rule_del(struct nft_handle *h, struct nftnl_rule *r)
{
struct obj_update *obj;
@@ -96,6 +96,7 @@ bool nft_table_find(struct nft_handle *h, const char *tablename);
int nft_table_purge_chains(struct nft_handle *h, const char *table, struct nftnl_chain_list *list);
int nft_table_flush(struct nft_handle *h, const char *table);
void nft_table_new(struct nft_handle *h, const char *table);
+void nft_bridge_table_new(struct nft_handle *h, const char *table);
const struct builtin_table *nft_table_builtin_find(struct nft_handle *h, const char *table);
/*
@@ -493,7 +493,7 @@ static int ebt_table_flush(struct nft_handle *h, const char *table)
static const struct nft_xt_restore_cb ebt_restore_cb = {
.commit = nft_bridge_commit,
- .table_new = nft_table_new,
+ .table_new = nft_bridge_table_new,
.table_flush = ebt_table_flush,
.do_command = do_commandeb,
.chain_set = nft_chain_set,
Cache code is suited for holding multiple tables' data at once. The only user of that is ebtables-restore with its support for multiple tables and lack of explicit COMMIT lines. By introducing implicit commits when parsing a table line in ebtables-restore, it will be possible to simplify cache code considerably. Signed-off-by: Phil Sutter <phil@nwl.cc> --- iptables/nft.c | 6 ++++++ iptables/nft.h | 1 + iptables/xtables-restore.c | 2 +- 3 files changed, 8 insertions(+), 1 deletion(-)