Patchwork [iptables-nftables,RFC,v3,16/16] xtables: Support -Z options for a given rule number

login
register
mail settings
Submitter Tomasz Bursztyka
Date Aug. 9, 2013, 1:31 p.m.
Message ID <1376055090-26551-17-git-send-email-tomasz.bursztyka@linux.intel.com>
Download mbox | patch
Permalink /patch/266040/
State RFC
Headers show

Comments

Tomasz Bursztyka - Aug. 9, 2013, 1:31 p.m.
Support for such command:
xtbles-multi xtables -Z foo 4

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
---
 iptables/xtables.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)
Pablo Neira - Aug. 9, 2013, 10:02 p.m.
On Fri, Aug 09, 2013 at 04:31:30PM +0300, Tomasz Bursztyka wrote:
> Support for such command:
> xtbles-multi xtables -Z foo 4

If you add an interface, you also have to add the first client of that
new interface.

This should be collapsed with patch 15/16.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Tomasz Bursztyka - Aug. 12, 2013, 7:45 a.m.
Hi Pablo,

> If you add an interface, you also have to add the first client of that
> new interface.
>
> This should be collapsed with patch 15/16.

Ok

Tomasz
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/iptables/xtables.c b/iptables/xtables.c
index 946f04d..dae2500 100644
--- a/iptables/xtables.c
+++ b/iptables/xtables.c
@@ -1194,8 +1194,7 @@  int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table)
 		ret = nft_chain_zero_counters(h, chain, *table);
 		break;
 	case CMD_ZERO_NUM:
-		/* FIXME */
-//		ret = iptc_zero_counter(chain, rulenum, *handle);
+		ret = nft_rule_zero_counters(h, chain, *table, rulenum - 1);
 		break;
 	case CMD_LIST:
 	case CMD_LIST|CMD_ZERO:
@@ -1208,9 +1207,9 @@  int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table)
 				   cs.options&OPT_LINENUMBERS);
 		if (ret && (command & CMD_ZERO))
 			ret = nft_chain_zero_counters(h, chain, *table);
-		/* FIXME */
-/*		if (ret && (command & CMD_ZERO_NUM))
-			ret = iptc_zero_counter(chain, rulenum, *handle); */
+		if (ret && (command & CMD_ZERO_NUM))
+			ret = nft_rule_zero_counters(h, chain,
+							*table, rulenum - 1);
 		break;
 	case CMD_LIST_RULES:
 	case CMD_LIST_RULES|CMD_ZERO:
@@ -1218,9 +1217,9 @@  int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table)
 		ret = list_rules(h, chain, *table, rulenum, cs.options&OPT_VERBOSE);
 		if (ret && (command & CMD_ZERO))
 			ret = nft_chain_zero_counters(h, chain, *table);
-		/* FIXME */
-/*		if (ret && (command & CMD_ZERO_NUM))
-			ret = iptc_zero_counter(chain, rulenum, *handle); */
+		if (ret && (command & CMD_ZERO_NUM))
+			ret = nft_rule_zero_counters(h, chain,
+							*table, rulenum - 1);
 		break;
 	case CMD_NEW_CHAIN:
 		ret = nft_chain_user_add(h, chain, *table);