@@ -102,6 +102,7 @@ struct nft_ctx {
struct parser_state *state;
void *scanner;
void *json_root;
+ struct list_head cmds;
FILE *f[MAX_INCLUDE_DEPTH];
};
@@ -143,6 +143,7 @@ struct nft_ctx *nft_ctx_new(uint32_t flags)
nft_ctx_add_include_path(ctx, DEFAULT_INCLUDE_PATH);
ctx->parser_max_errors = 10;
init_list_head(&ctx->cache.list);
+ init_list_head(&ctx->cmds);
ctx->flags = flags;
ctx->output.output_fp = stdout;
ctx->output.error_fp = stderr;
@@ -342,7 +343,7 @@ static int nft_parse_bison_buffer(struct nft_ctx *nft, const char *buf,
struct cmd *cmd;
int ret;
- parser_init(nft, nft->state, msgs, cmds);
+ parser_init(nft, nft->state, msgs, &nft->cmds);
nft->scanner = scanner_init(nft->state);
scanner_push_buffer(nft->scanner, &indesc_cmdline, buf);
@@ -381,7 +382,6 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf)
{
struct cmd *cmd, *next;
LIST_HEAD(msgs);
- LIST_HEAD(cmds);
char *nlbuf;
int rc = -EINVAL;
@@ -389,17 +389,17 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf)
sprintf(nlbuf, "%s\n", buf);
if (nft_output_json(&nft->output))
- rc = nft_parse_json_buffer(nft, nlbuf, &msgs, &cmds);
+ rc = nft_parse_json_buffer(nft, nlbuf, &msgs, &nft->cmds);
if (rc == -EINVAL)
- rc = nft_parse_bison_buffer(nft, nlbuf, &msgs, &cmds);
+ rc = nft_parse_bison_buffer(nft, nlbuf, &msgs, &nft->cmds);
if (rc)
goto err;
- if (nft_netlink(nft, &cmds, &msgs, nft->nf_sock) != 0)
+ if (nft_netlink(nft, &nft->cmds, &msgs, nft->nf_sock) != 0)
rc = -1;
err:
erec_print_list(&nft->output, &msgs, nft->debug_mask);
- list_for_each_entry_safe(cmd, next, &cmds, list) {
+ list_for_each_entry_safe(cmd, next, &nft->cmds, list) {
list_del(&cmd->list);
cmd_free(cmd);
}
@@ -421,7 +421,6 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename)
{
struct cmd *cmd, *next;
LIST_HEAD(msgs);
- LIST_HEAD(cmds);
int rc;
rc = cache_update(nft, CMD_INVALID, &msgs);
@@ -433,17 +432,17 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename)
rc = -EINVAL;
if (nft_output_json(&nft->output))
- rc = nft_parse_json_filename(nft, filename, &msgs, &cmds);
+ rc = nft_parse_json_filename(nft, filename, &msgs, &nft->cmds);
if (rc == -EINVAL)
- rc = nft_parse_bison_filename(nft, filename, &msgs, &cmds);
+ rc = nft_parse_bison_filename(nft, filename, &msgs, &nft->cmds);
if (rc)
goto err;
- if (nft_netlink(nft, &cmds, &msgs, nft->nf_sock) != 0)
+ if (nft_netlink(nft, &nft->cmds, &msgs, nft->nf_sock) != 0)
rc = -1;
err:
erec_print_list(&nft->output, &msgs, nft->debug_mask);
- list_for_each_entry_safe(cmd, next, &cmds, list) {
+ list_for_each_entry_safe(cmd, next, &nft->cmds, list) {
list_del(&cmd->list);
cmd_free(cmd);
}
To fix the pending issues with cache updates, the list of commands needs to be accessible from within cache_update(). In theory, there is a path via nft->state->cmds but that struct parser_state is used (and initialized) by bison parser only so that does not work with JSON parser. Signed-off-by: Phil Sutter <phil@nwl.cc> --- include/nftables.h | 1 + src/libnftables.c | 21 ++++++++++----------- 2 files changed, 11 insertions(+), 11 deletions(-)