| Message ID | 20240207164835.32723-1-phil@nwl.cc |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [nft] cache: Optimize caching for 'list tables' command | expand |
On Wed, Feb 07, 2024 at 05:48:35PM +0100, Phil Sutter wrote: > No point in fetching anything other than existing tables from kernel: > 'list tables' merely prints existing table names, no contents. > > Also populate filter's family field to reduce overhead when listing > tables in one family with many tables in another one. It works without > further adjustments because nftnl_nlmsg_build_hdr() will use the value > for nfgen_family. > > Reported-by: anton.khazan@gmail.com > Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1735 > Signed-off-by: Phil Sutter <phil@nwl.cc> Patch applied.
diff --git a/src/cache.c b/src/cache.c index b7f46c001d6eb..97f50ccaf6ba1 100644 --- a/src/cache.c +++ b/src/cache.c @@ -203,8 +203,12 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd, { switch (cmd->obj) { case CMD_OBJ_TABLE: - if (filter && cmd->handle.table.name) { + if (filter) filter->list.family = cmd->handle.family; + if (!cmd->handle.table.name) { + flags |= NFT_CACHE_TABLE; + break; + } else if (filter) { filter->list.table = cmd->handle.table.name; } flags |= NFT_CACHE_FULL;
No point in fetching anything other than existing tables from kernel: 'list tables' merely prints existing table names, no contents. Also populate filter's family field to reduce overhead when listing tables in one family with many tables in another one. It works without further adjustments because nftnl_nlmsg_build_hdr() will use the value for nfgen_family. Reported-by: anton.khazan@gmail.com Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1735 Signed-off-by: Phil Sutter <phil@nwl.cc> --- src/cache.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)