From patchwork Sun Nov 24 23:08:16 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 293777 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 8EFCC2C010A for ; Mon, 25 Nov 2013 10:08:26 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751760Ab3KXXIZ (ORCPT ); Sun, 24 Nov 2013 18:08:25 -0500 Received: from mail.us.es ([193.147.175.20]:42658 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751744Ab3KXXIZ (ORCPT ); Sun, 24 Nov 2013 18:08:25 -0500 Received: (qmail 8434 invoked from network); 25 Nov 2013 00:08:23 +0100 Received: from unknown (HELO us.es) (192.168.2.11) by us.es with SMTP; 25 Nov 2013 00:08:23 +0100 Received: (qmail 2405 invoked by uid 507); 24 Nov 2013 23:08:23 -0000 X-Qmail-Scanner-Diagnostics: from 127.0.0.1 by antivirus1 (envelope-from , uid 501) with qmail-scanner-2.10 (clamdscan: 0.98/18156. spamassassin: 3.3.2. Clear:RC:1(127.0.0.1):SA:0(-100.2/7.5):. Processed in 1.752248 secs); 24 Nov 2013 23:08:23 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on antivirus1 X-Spam-Level: X-Spam-Status: No, score=-100.2 required=7.5 tests=BAYES_50,RCVD_IN_PBL, RCVD_IN_SORBS_DUL,RDNS_DYNAMIC,SMTPAUTH_US,USER_IN_WHITELIST autolearn=disabled version=3.3.2 X-Spam-ASN: AS12715 188.78.0.0/16 X-Envelope-From: pablo@netfilter.org Received: from unknown (HELO antivirus1) (127.0.0.1) by us.es with SMTP; 24 Nov 2013 23:08:21 -0000 Received: from 192.168.1.13 (192.168.1.13) by antivirus1 (F-Secure/fsigk_smtp/412/antivirus1); Mon, 25 Nov 2013 00:08:21 +0100 (CET) X-Virus-Status: clean(F-Secure/fsigk_smtp/412/antivirus1) Received: (qmail 16583 invoked from network); 25 Nov 2013 00:08:21 +0100 Received: from 245.227.78.188.dynamic.jazztel.es (HELO localhost.localdomain) (pneira@us.es@188.78.227.245) by mail.us.es with SMTP; 25 Nov 2013 00:08:21 +0100 From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nftables 2/2] netlink: improve rule deletion per chain Date: Mon, 25 Nov 2013 00:08:16 +0100 Message-Id: <1385334496-3544-1-git-send-email-pablo@netfilter.org> X-Mailer: git-send-email 1.7.10.4 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org With this patch, nft asks the kernel for deleting all rules in a chain. This replaces the current behaviour that requires to dump all the rules, then iterate over that list to delete one by one, which is prone to races and slowier. After this patch, the following two commands are equivalent: nft flush chain filter input nft delete rule filter input Signed-off-by: Pablo Neira Ayuso --- src/netlink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/netlink.c b/src/netlink.c index 15cba79..533634a 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -645,7 +645,7 @@ int netlink_list_chain(struct netlink_ctx *ctx, const struct handle *h, int netlink_flush_chain(struct netlink_ctx *ctx, const struct handle *h, const struct location *loc) { - return netlink_flush_rules(ctx, h, loc); + return netlink_del_rule_batch(ctx, h, loc); } int netlink_add_table(struct netlink_ctx *ctx, const struct handle *h,