@@ -74,6 +74,9 @@ extern const struct datatype *dtype_map_from_kernel(enum nft_data_types type);
extern struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
struct nft_set *nls);
+extern struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx,
+ struct nft_chain *nlc);
+
extern int netlink_add_rule(struct netlink_ctx *ctx, const struct handle *h,
const struct rule *rule, uint32_t flags);
extern int netlink_delete_rule(struct netlink_ctx *ctx, const struct handle *h,
@@ -500,7 +500,6 @@ static int list_chain_cb(struct nft_chain *nlc, void *arg)
{
struct netlink_ctx *ctx = arg;
const struct handle *h = ctx->data;
- struct chain *chain;
if ((h->family != nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_FAMILY)) ||
strcmp(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_TABLE), h->table) != 0)
@@ -510,27 +509,7 @@ static int list_chain_cb(struct nft_chain *nlc, void *arg)
strcmp(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_NAME), h->chain) != 0)
return 0;
- chain = chain_alloc(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_NAME));
- chain->handle.family =
- nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_FAMILY);
- chain->handle.table =
- xstrdup(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_NAME));
- chain->handle.handle =
- nft_chain_attr_get_u64(nlc, NFT_CHAIN_ATTR_HANDLE);
-
- if (nft_chain_attr_is_set(nlc, NFT_CHAIN_ATTR_HOOKNUM) &&
- nft_chain_attr_is_set(nlc, NFT_CHAIN_ATTR_PRIO) &&
- nft_chain_attr_is_set(nlc, NFT_CHAIN_ATTR_TYPE)) {
- chain->hooknum =
- nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_HOOKNUM);
- chain->priority =
- nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_PRIO);
- chain->type =
- xstrdup(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_TYPE));
- chain->flags |= CHAIN_F_BASECHAIN;
- }
- list_add_tail(&chain->list, &ctx->list);
-
+ netlink_delinearize_chain(ctx, nlc);
return 0;
}
@@ -922,3 +922,33 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
return set;
}
+
+struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx,
+ struct nft_chain *nlc)
+{
+ struct chain *chain;
+
+ chain = chain_alloc(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_NAME));
+ chain->handle.family =
+ nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_FAMILY);
+ chain->handle.table =
+ xstrdup(nft_chain_attr_get_str(nlc, NFT_CHAIN_ATTR_TABLE));
+ chain->handle.handle =
+ nft_chain_attr_get_u64(nlc, NFT_CHAIN_ATTR_HANDLE);
+
+ if (nft_chain_attr_is_set(nlc, NFT_CHAIN_ATTR_HOOKNUM) &&
+ nft_chain_attr_is_set(nlc, NFT_CHAIN_ATTR_PRIO) &&
+ nft_chain_attr_is_set(nlc, NFT_CHAIN_ATTR_TYPE)) {
+ chain->hooknum =
+ nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_HOOKNUM);
+ chain->priority =
+ nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_PRIO);
+ chain->type =
+ xstrdup(nft_chain_attr_get_str(nlc,
+ NFT_CHAIN_ATTR_TYPE));
+ chain->flags |= CHAIN_F_BASECHAIN;
+ }
+ list_add_tail(&chain->list, &ctx->list);
+
+ return chain;
+}
Let's make this code reusable. Also, this patch fixes a hidden bug: the table in the chain's handle was being set to the chain name. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> --- include/netlink.h | 3 +++ src/netlink.c | 23 +---------------------- src/netlink_delinearize.c | 30 ++++++++++++++++++++++++++++++ 3 files changed, 34 insertions(+), 22 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html