@@ -108,6 +108,4 @@ int mnl_nft_event_listener(struct mnl_socket *nf_sock, unsigned int debug_mask,
int (*cb)(const struct nlmsghdr *nlh, void *data),
void *cb_data);
-bool mnl_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum);
-
#endif /* _NFTABLES_MNL_H_ */
@@ -52,7 +52,6 @@ struct netlink_ctx {
const void *data;
uint32_t seqnum;
struct nftnl_batch *batch;
- bool batch_supported;
unsigned int debug_mask;
struct output_ctx *octx;
struct nft_cache *cache;
@@ -246,8 +245,6 @@ struct netlink_mon_handler {
extern int netlink_monitor(struct netlink_mon_handler *monhandler,
struct mnl_socket *nf_sock);
-bool netlink_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum);
-
int netlink_echo_callback(const struct nlmsghdr *nlh, void *data);
struct ruleset_parse {
@@ -27,7 +27,6 @@ static int nft_netlink(struct nft_ctx *nft,
struct cmd *cmd;
struct mnl_err *err, *tmp;
LIST_HEAD(err_list);
- bool batch_supported = netlink_batch_supported(nf_sock, &seqnum);
int ret = 0;
if (list_empty(&state->cmds))
@@ -41,7 +40,6 @@ static int nft_netlink(struct nft_ctx *nft,
ctx.msgs = msgs;
ctx.seqnum = cmd->seqnum = mnl_seqnum_alloc(&seqnum);
ctx.batch = batch;
- ctx.batch_supported = batch_supported;
ctx.octx = &nft->output;
ctx.nf_sock = nf_sock;
ctx.cache = &nft->cache;
@@ -1196,67 +1196,3 @@ int mnl_nft_event_listener(struct mnl_socket *nf_sock, unsigned int debug_mask,
}
return ret;
}
-
-static void nft_mnl_batch_put(char *buf, uint16_t type, uint32_t seqnum)
-{
- struct nlmsghdr *nlh;
- struct nfgenmsg *nfg;
-
- nlh = mnl_nlmsg_put_header(buf);
- nlh->nlmsg_type = type;
- nlh->nlmsg_flags = NLM_F_REQUEST;
- nlh->nlmsg_seq = seqnum;
-
- nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(*nfg));
- nfg->nfgen_family = AF_INET;
- nfg->version = NFNETLINK_V0;
- nfg->res_id = NFNL_SUBSYS_NFTABLES;
-}
-
-bool mnl_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum)
-{
- struct mnl_nlmsg_batch *b;
- char buf[MNL_SOCKET_BUFFER_SIZE];
- int ret;
-
- b = mnl_nlmsg_batch_start(buf, sizeof(buf));
-
- nft_mnl_batch_put(mnl_nlmsg_batch_current(b), NFNL_MSG_BATCH_BEGIN,
- mnl_seqnum_alloc(seqnum));
- mnl_nlmsg_batch_next(b);
-
- nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(b), NFT_MSG_NEWSET,
- AF_INET, NLM_F_ACK, mnl_seqnum_alloc(seqnum));
- mnl_nlmsg_batch_next(b);
-
- nft_mnl_batch_put(mnl_nlmsg_batch_current(b), NFNL_MSG_BATCH_END,
- mnl_seqnum_alloc(seqnum));
- mnl_nlmsg_batch_next(b);
-
- ret = mnl_socket_sendto(nf_sock, mnl_nlmsg_batch_head(b),
- mnl_nlmsg_batch_size(b));
- if (ret < 0)
- goto err;
-
- mnl_nlmsg_batch_stop(b);
-
- ret = mnl_socket_recvfrom(nf_sock, buf, sizeof(buf));
- while (ret > 0) {
- ret = mnl_cb_run(buf, ret, 0, mnl_socket_get_portid(nf_sock),
- NULL, NULL);
- if (ret <= 0)
- break;
-
- ret = mnl_socket_recvfrom(nf_sock, buf, sizeof(buf));
- }
-
- /* We're sending an incomplete message to see if the kernel supports
- * set messages in batches. EINVAL means that we sent an incomplete
- * message with missing attributes. The kernel just ignores messages
- * that we cannot include in the batch.
- */
- return (ret == -1 && errno == EINVAL) ? true : false;
-err:
- mnl_nlmsg_batch_stop(b);
- return ret;
-}
@@ -1749,9 +1749,6 @@ int netlink_flush_ruleset(struct netlink_ctx *ctx, const struct handle *h,
struct nftnl_table *nlt;
int err;
- if (!ctx->batch_supported)
- return netlink_io_error(ctx, loc, "Operation not supported");
-
nlt = alloc_nftnl_table(h);
err = mnl_nft_table_batch_del(nlt, ctx->batch, 0, ctx->seqnum);
nftnl_table_free(nlt);
@@ -2344,8 +2341,3 @@ int netlink_markup_parse_cb(const struct nftnl_parse_ctx *ctx)
return 0;
}
-
-bool netlink_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum)
-{
- return mnl_batch_supported(nf_sock, seqnum);
-}
Follow up after cc8c5fd02448 ("netlink: remove non-batching routine"). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- include/mnl.h | 2 -- include/netlink.h | 3 --- src/libnftables.c | 2 -- src/mnl.c | 64 ------------------------------------------------------- src/netlink.c | 8 ------- 5 files changed, 79 deletions(-)