From patchwork Wed Oct 3 15:52:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 978434 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42QLL243Wwz9s55 for ; Thu, 4 Oct 2018 01:59:06 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726943AbeJCWsD (ORCPT ); Wed, 3 Oct 2018 18:48:03 -0400 Received: from mail.us.es ([193.147.175.20]:39852 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726834AbeJCWsD (ORCPT ); Wed, 3 Oct 2018 18:48:03 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id 945DE210572 for ; Wed, 3 Oct 2018 17:53:18 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 7818057480 for ; Wed, 3 Oct 2018 17:53:18 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id 6CD64BAAC5; Wed, 3 Oct 2018 17:53:18 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 449C4DA91A for ; Wed, 3 Oct 2018 17:53:07 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Wed, 03 Oct 2018 17:53:07 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id 29F244265A31 for ; Wed, 3 Oct 2018 17:53:07 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nft 1/4] netlink: remove markup json parsing code Date: Wed, 3 Oct 2018 17:52:58 +0200 Message-Id: <20181003155301.10901-2-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181003155301.10901-1-pablo@netfilter.org> References: <20181003155301.10901-1-pablo@netfilter.org> X-Virus-Scanned: ClamAV using ClamSMTP Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org We have better json support these days, remove libnftnl json support. Signed-off-by: Pablo Neira Ayuso --- src/netlink.c | 276 +--------------------------------------------------------- 1 file changed, 2 insertions(+), 274 deletions(-) diff --git a/src/netlink.c b/src/netlink.c index 7c3082bb4dc5..7639847b56c9 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -1986,280 +1986,8 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type, return MNL_CB_OK; } -static int netlink_markup_setelems(const struct nftnl_parse_ctx *ctx) -{ - const struct ruleset_parse *rp; - struct nftnl_set *set; - uint32_t cmd; - int ret = -1; - - set = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_SET); - rp = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_DATA); - - cmd = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_CMD); - switch (cmd) { - case NFTNL_CMD_ADD: - ret = mnl_nft_setelem_batch_add(set, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_DELETE: - ret = mnl_nft_setelem_batch_del(set, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - default: - errno = EOPNOTSUPP; - break; - } - - return ret; -} - -static int netlink_markup_set(const struct nftnl_parse_ctx *ctx) -{ - const struct ruleset_parse *rp; - struct nftnl_set *set; - uint32_t cmd; - int ret = -1; - - set = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_SET); - rp = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_DATA); - - cmd = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_CMD); - switch (cmd) { - case NFTNL_CMD_ADD: - ret = mnl_nft_set_batch_add(set, rp->nl_ctx->batch, NLM_F_EXCL, - rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_DELETE: - ret = mnl_nft_set_batch_del(set, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - default: - errno = EOPNOTSUPP; - break; - } - - if (ret < 0) - return ret; - - return netlink_markup_setelems(ctx); -} - -static int netlink_markup_build_rule(const struct nftnl_parse_ctx *ctx, - uint32_t cmd, struct nftnl_rule *rule) -{ - const struct ruleset_parse *rp; - uint32_t nl_flags; - int ret = -1; - - rp = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_DATA); - - switch (cmd) { - case NFTNL_CMD_ADD: - nl_flags = NLM_F_APPEND | NLM_F_CREATE; - nftnl_rule_unset(rule, NFTNL_RULE_HANDLE); - ret = mnl_nft_rule_batch_add(rule, rp->nl_ctx->batch, nl_flags, - rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_DELETE: - ret = mnl_nft_rule_batch_del(rule, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_REPLACE: - nl_flags = NLM_F_REPLACE; - ret = mnl_nft_rule_batch_add(rule, rp->nl_ctx->batch, nl_flags, - rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_INSERT: - nl_flags = NLM_F_CREATE; - nftnl_rule_unset(rule, NFTNL_RULE_HANDLE); - ret = mnl_nft_rule_batch_add(rule, rp->nl_ctx->batch, nl_flags, - rp->nl_ctx->seqnum); - break; - default: - errno = EOPNOTSUPP; - break; - } - - return ret; - -} - -static int netlink_markup_rule(const struct nftnl_parse_ctx *ctx) -{ - struct nftnl_rule *rule; - uint32_t cmd; - - cmd = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_CMD); - rule = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_RULE); - - return netlink_markup_build_rule(ctx, cmd, rule); -} - -static int netlink_markup_build_flush(const struct nftnl_parse_ctx *ctx) -{ - struct nftnl_rule *rule; - struct nftnl_table *table; - struct nftnl_chain *chain; - const char *table_get_name, *table_get_family; - const char *chain_get_table, *chain_get_name, *chain_get_family; - uint32_t type; - int ret = -1; - - rule = nftnl_rule_alloc(); - if (rule == NULL) - return -1; - - type = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_TYPE); - switch (type) { - case NFTNL_RULESET_TABLE: - table = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_TABLE); - table_get_name = nftnl_table_get(table, NFTNL_TABLE_NAME); - table_get_family = nftnl_table_get(table, NFTNL_TABLE_FAMILY); - - nftnl_rule_set(rule, NFTNL_RULE_TABLE, table_get_name); - nftnl_rule_set(rule, NFTNL_RULE_FAMILY, table_get_family); - break; - case NFTNL_RULESET_CHAIN: - chain = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_CHAIN); - chain_get_table = nftnl_chain_get(chain, NFTNL_CHAIN_TABLE); - chain_get_name = nftnl_chain_get(chain, NFTNL_CHAIN_NAME); - chain_get_family = nftnl_chain_get(chain, NFTNL_TABLE_FAMILY); - - nftnl_rule_set(rule, NFTNL_RULE_TABLE, chain_get_table); - nftnl_rule_set(rule, NFTNL_RULE_CHAIN, chain_get_name); - nftnl_rule_set(rule, NFTNL_RULE_FAMILY, chain_get_family); - break; - default: - errno = EOPNOTSUPP; - goto err; - } - - ret = netlink_markup_build_rule(ctx, NFTNL_CMD_DELETE, rule); -err: - nftnl_rule_free(rule); - return ret; -} - -static int netlink_markup_chain(const struct nftnl_parse_ctx *ctx) -{ - const struct ruleset_parse *rp; - struct nftnl_chain *chain; - uint32_t cmd; - int ret = -1; - - chain = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_CHAIN); - rp = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_DATA); - - nftnl_chain_unset(chain, NFTNL_CHAIN_HANDLE); - - cmd = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_CMD); - switch (cmd) { - case NFTNL_CMD_ADD: - ret = mnl_nft_chain_batch_add(chain, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_DELETE: - ret = mnl_nft_chain_batch_del(chain, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_FLUSH: - ret = netlink_markup_build_flush(ctx); - break; - default: - errno = EOPNOTSUPP; - break; - } - - return ret; -} - - -static int netlink_markup_build_table(const struct nftnl_parse_ctx *ctx, - uint32_t cmd, struct nftnl_table *table) -{ - struct ruleset_parse *rp; - int ret = -1; - - rp = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_DATA); - - switch (cmd) { - case NFTNL_CMD_ADD: - ret = mnl_nft_table_batch_add(table, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_DELETE: - ret = mnl_nft_table_batch_del(table, rp->nl_ctx->batch, - 0, rp->nl_ctx->seqnum); - break; - case NFTNL_CMD_FLUSH: - ret = netlink_markup_build_flush(ctx); - break; - default: - errno = EOPNOTSUPP; - break; - } - - return ret; -} - -static int netlink_markup_table(const struct nftnl_parse_ctx *ctx) -{ - struct nftnl_table *table; - uint32_t cmd; - - cmd = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_CMD); - table = nftnl_ruleset_ctx_get(ctx, NFTNL_RULESET_CTX_TABLE); - - return netlink_markup_build_table(ctx, cmd, table); -} - -static int netlink_markup_flush(const struct nftnl_parse_ctx *ctx) -{ - struct nftnl_table *table; - int ret; - - table = nftnl_table_alloc(); - if (table == NULL) - return -1; - - ret = netlink_markup_build_table(ctx, NFTNL_CMD_DELETE, table); - nftnl_table_free(table); - - return ret; -} - int netlink_markup_parse_cb(const struct nftnl_parse_ctx *ctx) { - uint32_t type; - int ret = -1; - - type = nftnl_ruleset_ctx_get_u32(ctx, NFTNL_RULESET_CTX_TYPE); - switch (type) { - case NFTNL_RULESET_TABLE: - ret = netlink_markup_table(ctx); - break; - case NFTNL_RULESET_CHAIN: - ret = netlink_markup_chain(ctx); - break; - case NFTNL_RULESET_RULE: - ret = netlink_markup_rule(ctx); - break; - case NFTNL_RULESET_SET: - ret = netlink_markup_set(ctx); - break; - case NFTNL_RULESET_SET_ELEMS: - ret = netlink_markup_setelems(ctx); - break; - case NFTNL_RULESET_RULESET: - ret = netlink_markup_flush(ctx); - break; - default: - errno = EOPNOTSUPP; - break; - } - - nftnl_ruleset_ctx_free(ctx); - - return ret; + errno = EOPNOTSUPP; + return -1; } From patchwork Wed Oct 3 15:52:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 978435 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42QLL31m47z9s7W for ; Thu, 4 Oct 2018 01:59:07 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726950AbeJCWsD (ORCPT ); Wed, 3 Oct 2018 18:48:03 -0400 Received: from mail.us.es ([193.147.175.20]:39894 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726854AbeJCWsD (ORCPT ); Wed, 3 Oct 2018 18:48:03 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id 3808F210570 for ; Wed, 3 Oct 2018 17:53:18 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 24D9FBAACA for ; Wed, 3 Oct 2018 17:53:18 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id 1A459BAAC5; Wed, 3 Oct 2018 17:53:18 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id F2C76DA8FE for ; Wed, 3 Oct 2018 17:53:07 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Wed, 03 Oct 2018 17:53:07 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id D70884265A31 for ; Wed, 3 Oct 2018 17:53:07 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nft 2/4] src: get rid of netlink_genid_get() Date: Wed, 3 Oct 2018 17:52:59 +0200 Message-Id: <20181003155301.10901-3-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181003155301.10901-1-pablo@netfilter.org> References: <20181003155301.10901-1-pablo@netfilter.org> X-Virus-Scanned: ClamAV using ClamSMTP Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Signed-off-by: Pablo Neira Ayuso --- include/netlink.h | 1 - src/netlink.c | 5 ----- src/rule.c | 5 +++-- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/include/netlink.h b/include/netlink.h index d153e2be03ac..4925af04a707 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -195,7 +195,6 @@ extern void netlink_dump_obj(struct nftnl_obj *nlo, struct netlink_ctx *ctx); extern int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list); -extern uint16_t netlink_genid_get(struct netlink_ctx *ctx); extern void netlink_restart(struct mnl_socket *nf_sock); #define netlink_abi_error() \ __netlink_abi_error(__FILE__, __LINE__, strerror(errno)); diff --git a/src/netlink.c b/src/netlink.c index 7639847b56c9..f40678f8c01b 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -79,11 +79,6 @@ void netlink_restart(struct mnl_socket *nf_sock) nf_sock = netlink_open_sock(); } -uint16_t netlink_genid_get(struct netlink_ctx *ctx) -{ - return mnl_genid_get(ctx); -} - void __noreturn __netlink_abi_error(const char *file, int line, const char *reason) { diff --git a/src/rule.c b/src/rule.c index 6d027c261f97..32b13b19b6e1 100644 --- a/src/rule.c +++ b/src/rule.c @@ -235,7 +235,7 @@ int cache_update(struct mnl_socket *nf_sock, struct nft_cache *cache, replay: ctx.seqnum = cache->seqnum++; - genid = netlink_genid_get(&ctx); + genid = mnl_genid_get(&ctx); if (genid && genid == cache->genid) return 0; if (cache->genid) @@ -278,7 +278,7 @@ void cache_flush(struct mnl_socket *nf_sock, struct nft_cache *cache, }; __cache_flush(&cache->list); - cache->genid = netlink_genid_get(&ctx); + cache->genid = mnl_genid_get(&ctx); } void cache_release(struct nft_cache *cache) @@ -1341,6 +1341,7 @@ void cmd_free(struct cmd *cmd) } #include +#include static int __do_add_setelems(struct netlink_ctx *ctx, const struct handle *h, struct set *set, struct expr *expr, uint32_t flags) From patchwork Wed Oct 3 15:53:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 978432 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42QLL075D3z9s55 for ; Thu, 4 Oct 2018 01:59:04 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726884AbeJCWsC (ORCPT ); Wed, 3 Oct 2018 18:48:02 -0400 Received: from mail.us.es ([193.147.175.20]:39842 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726833AbeJCWsC (ORCPT ); Wed, 3 Oct 2018 18:48:02 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id 6806221057A for ; Wed, 3 Oct 2018 17:53:23 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 44C03E1518 for ; Wed, 3 Oct 2018 17:53:23 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id 2855CE1501; Wed, 3 Oct 2018 17:53:23 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 8333FBAAAD for ; Wed, 3 Oct 2018 17:53:08 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Wed, 03 Oct 2018 17:53:08 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id 64CFD4265A31 for ; Wed, 3 Oct 2018 17:53:08 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nft 3/4] mnl: remove alloc_nftnl_table() Date: Wed, 3 Oct 2018 17:53:00 +0200 Message-Id: <20181003155301.10901-4-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181003155301.10901-1-pablo@netfilter.org> References: <20181003155301.10901-1-pablo@netfilter.org> X-Virus-Scanned: ClamAV using ClamSMTP Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The netlink layer sits in between the mnl and the rule layers, remove it. We can remove alloc_nftnl_table() and consolidate infrastructure in the src/mnl.c file. Signed-off-by: Pablo Neira Ayuso --- include/mnl.h | 9 +++++---- include/netlink.h | 7 ------- src/mnl.c | 55 ++++++++++++++++++++++++++++++++++++++++----------- src/netlink.c | 59 ------------------------------------------------------- src/rule.c | 7 ++++--- 5 files changed, 52 insertions(+), 85 deletions(-) diff --git a/include/mnl.h b/include/mnl.h index 36109c7ad94e..44dd90f91814 100644 --- a/include/mnl.h +++ b/include/mnl.h @@ -3,6 +3,7 @@ #include #include +#include #include struct mnl_socket *netlink_open_sock(void); @@ -42,10 +43,10 @@ int mnl_nft_chain_batch_del(struct nftnl_chain *nlc, struct nftnl_batch *batch, struct nftnl_chain_list *mnl_nft_chain_dump(struct netlink_ctx *ctx, int family); -int mnl_nft_table_batch_add(struct nftnl_table *nlt, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum); -int mnl_nft_table_batch_del(struct nftnl_table *nlt, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum); +int mnl_nft_table_add(struct netlink_ctx *ctx, const struct cmd *cmd, + unsigned int flags); +int mnl_nft_table_del(struct netlink_ctx *ctx, const struct cmd *cmd); + struct nftnl_table_list *mnl_nft_table_dump(struct netlink_ctx *ctx, int family); diff --git a/include/netlink.h b/include/netlink.h index 4925af04a707..42c3eb902a1e 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -57,7 +57,6 @@ struct netlink_ctx { struct nft_cache *cache; }; -extern struct nftnl_table *alloc_nftnl_table(const struct handle *h); extern struct nftnl_chain *alloc_nftnl_chain(const struct handle *h); extern struct nftnl_rule *alloc_nftnl_rule(const struct handle *h); extern struct nftnl_expr *alloc_nft_expr(const char *name); @@ -130,10 +129,6 @@ extern int netlink_flush_chain(struct netlink_ctx *ctx, const struct cmd *cmd); extern struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx, const struct nftnl_chain *nlc); -extern int netlink_add_table_batch(struct netlink_ctx *ctx, - const struct cmd *cmd, uint32_t flags); -extern int netlink_delete_table_batch(struct netlink_ctx *ctx, - const struct cmd *cmd); extern int netlink_list_tables(struct netlink_ctx *ctx, const struct handle *h); extern int netlink_list_table(struct netlink_ctx *ctx, const struct handle *h); extern int netlink_flush_table(struct netlink_ctx *ctx, const struct cmd *cmd); @@ -205,8 +200,6 @@ extern int netlink_io_error(struct netlink_ctx *ctx, __netlink_init_error(__FILE__, __LINE__, strerror(errno)); extern void __noreturn __netlink_init_error(const char *file, int line, const char *reason); -extern int netlink_flush_ruleset(struct netlink_ctx *ctx, const struct cmd *cmd); - extern struct nftnl_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx, const struct handle *h, const struct location *loc); diff --git a/src/mnl.c b/src/mnl.c index 6a6d45ce71db..8cc4f168829c 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -468,32 +468,63 @@ err: /* * Table */ -int mnl_nft_table_batch_add(struct nftnl_table *nlt, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum) +int mnl_nft_table_add(struct netlink_ctx *ctx, const struct cmd *cmd, + unsigned int flags) { + struct nftnl_table *nlt; struct nlmsghdr *nlh; - nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch), + nlt = nftnl_table_alloc(); + if (nlt == NULL) + memory_allocation_error(); + + nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, cmd->handle.family); + nftnl_table_set(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name); + if (cmd->table) + nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, cmd->table->flags); + else + nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, 0); + + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), NFT_MSG_NEWTABLE, - nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY), - flags, seqnum); + cmd->handle.family, + flags, ctx->seqnum); nftnl_table_nlmsg_build_payload(nlh, nlt); - mnl_nft_batch_continue(batch); + nftnl_table_free(nlt); + + mnl_nft_batch_continue(ctx->batch); return 0; } -int mnl_nft_table_batch_del(struct nftnl_table *nlt, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum) +int mnl_nft_table_del(struct netlink_ctx *ctx, const struct cmd *cmd) { + struct nftnl_table *nlt; struct nlmsghdr *nlh; - nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch), + nlt = nftnl_table_alloc(); + if (nlt == NULL) + memory_allocation_error(); + + nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, cmd->handle.family); + if (cmd->handle.table.name) + nftnl_table_set(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name); + if (cmd->handle.handle.id) + nftnl_table_set_u64(nlt, NFTNL_TABLE_HANDLE, + cmd->handle.handle.id); + + nlt = nftnl_table_alloc(); + if (nlt == NULL) + memory_allocation_error(); + + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), NFT_MSG_DELTABLE, - nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY), - NLM_F_ACK, seqnum); + cmd->handle.family, + NLM_F_ACK, ctx->seqnum); nftnl_table_nlmsg_build_payload(nlh, nlt); - mnl_nft_batch_continue(batch); + nftnl_table_free(nlt); + + mnl_nft_batch_continue(ctx->batch); return 0; } diff --git a/src/netlink.c b/src/netlink.c index f40678f8c01b..f84c050102f5 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -111,23 +111,6 @@ void __noreturn __netlink_init_error(const char *filename, int line, exit(NFT_EXIT_NONL); } -struct nftnl_table *alloc_nftnl_table(const struct handle *h) -{ - struct nftnl_table *nlt; - - nlt = nftnl_table_alloc(); - if (nlt == NULL) - memory_allocation_error(); - - nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, h->family); - if (h->table.name != NULL) - nftnl_table_set(nlt, NFTNL_TABLE_NAME, h->table.name); - if (h->handle.id) - nftnl_table_set_u64(nlt, NFTNL_TABLE_HANDLE, h->handle.id); - - return nlt; -} - struct nftnl_chain *alloc_nftnl_chain(const struct handle *h) { struct nftnl_chain *nlc; @@ -733,36 +716,6 @@ int netlink_flush_chain(struct netlink_ctx *ctx, const struct cmd *cmd) return netlink_del_rule_batch(ctx, cmd); } -int netlink_add_table_batch(struct netlink_ctx *ctx, const struct cmd *cmd, - uint32_t flags) -{ - struct nftnl_table *nlt; - int err; - - nlt = alloc_nftnl_table(&cmd->handle); - if (cmd->table != NULL) - nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, cmd->table->flags); - else - nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, 0); - - err = mnl_nft_table_batch_add(nlt, ctx->batch, flags, ctx->seqnum); - nftnl_table_free(nlt); - - return err; -} - -int netlink_delete_table_batch(struct netlink_ctx *ctx, const struct cmd *cmd) -{ - struct nftnl_table *nlt; - int err; - - nlt = alloc_nftnl_table(&cmd->handle); - err = mnl_nft_table_batch_del(nlt, ctx->batch, 0, ctx->seqnum); - nftnl_table_free(nlt); - - return err; -} - struct table *netlink_delinearize_table(struct netlink_ctx *ctx, const struct nftnl_table *nlt) { @@ -1652,18 +1605,6 @@ int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list) return mnl_batch_talk(ctx, err_list); } -int netlink_flush_ruleset(struct netlink_ctx *ctx, const struct cmd *cmd) -{ - struct nftnl_table *nlt; - int err; - - nlt = alloc_nftnl_table(&cmd->handle); - err = mnl_nft_table_batch_del(nlt, ctx->batch, 0, ctx->seqnum); - nftnl_table_free(nlt); - - return err; -} - struct nftnl_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx, const struct handle *h, const struct location *loc) diff --git a/src/rule.c b/src/rule.c index 32b13b19b6e1..81d5c3e9f41f 100644 --- a/src/rule.c +++ b/src/rule.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include @@ -1409,7 +1410,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl) switch (cmd->obj) { case CMD_OBJ_TABLE: - return netlink_add_table_batch(ctx, cmd, flags); + return mnl_nft_table_add(ctx, cmd, flags); case CMD_OBJ_CHAIN: return netlink_add_chain_batch(ctx, cmd, flags); case CMD_OBJ_RULE: @@ -1492,7 +1493,7 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd) { switch (cmd->obj) { case CMD_OBJ_TABLE: - return netlink_delete_table_batch(ctx, cmd); + return mnl_nft_table_del(ctx, cmd); case CMD_OBJ_CHAIN: return netlink_delete_chain_batch(ctx, cmd); case CMD_OBJ_RULE: @@ -2267,7 +2268,7 @@ static int do_command_flush(struct netlink_ctx *ctx, struct cmd *cmd) case CMD_OBJ_METER: return netlink_flush_setelems(ctx, cmd); case CMD_OBJ_RULESET: - return netlink_flush_ruleset(ctx, cmd); + return mnl_nft_table_del(ctx, cmd); default: BUG("invalid command object type %u\n", cmd->obj); } From patchwork Wed Oct 3 15:53:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 978436 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42QLL36D9Tz9s55 for ; Thu, 4 Oct 2018 01:59:07 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726964AbeJCWsF (ORCPT ); Wed, 3 Oct 2018 18:48:05 -0400 Received: from mail.us.es ([193.147.175.20]:39834 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726829AbeJCWsE (ORCPT ); Wed, 3 Oct 2018 18:48:04 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id C3B0221057E for ; Wed, 3 Oct 2018 17:53:23 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 8C973EBAE3 for ; Wed, 3 Oct 2018 17:53:23 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id 7380FEBAE1; Wed, 3 Oct 2018 17:53:23 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id F00EABAAB4 for ; Wed, 3 Oct 2018 17:53:08 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Wed, 03 Oct 2018 17:53:08 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id D270D4265A31 for ; Wed, 3 Oct 2018 17:53:08 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nft 4/4] mnl: remove alloc_nftnl_chain() Date: Wed, 3 Oct 2018 17:53:01 +0200 Message-Id: <20181003155301.10901-5-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181003155301.10901-1-pablo@netfilter.org> References: <20181003155301.10901-1-pablo@netfilter.org> X-Virus-Scanned: ClamAV using ClamSMTP Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The netlink layer sits in between the mnl and the rule layers, remove it. We can remove alloc_nftnl_chain() and consolidate infrastructure in the src/mnl.c file. Signed-off-by: Pablo Neira Ayuso --- include/mnl.h | 10 +++--- include/netlink.h | 8 ----- src/mnl.c | 98 ++++++++++++++++++++++++++++++++++++++++++++++++------- src/netlink.c | 79 -------------------------------------------- src/rule.c | 8 ++--- 5 files changed, 96 insertions(+), 107 deletions(-) diff --git a/include/mnl.h b/include/mnl.h index 44dd90f91814..96bf4b035d1d 100644 --- a/include/mnl.h +++ b/include/mnl.h @@ -36,10 +36,12 @@ int mnl_nft_rule_batch_replace(struct nftnl_rule *nlr, struct nftnl_batch *batch struct nftnl_rule_list *mnl_nft_rule_dump(struct netlink_ctx *ctx, int family); -int mnl_nft_chain_batch_add(struct nftnl_chain *nlc, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum); -int mnl_nft_chain_batch_del(struct nftnl_chain *nlc, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum); +int mnl_nft_chain_add(struct netlink_ctx *ctx, const struct cmd *cmd, + unsigned int flags); +int mnl_nft_chain_del(struct netlink_ctx *ctx, const struct cmd *cmd); +int mnl_nft_chain_rename(struct netlink_ctx *ctx, const struct cmd *cmd, + const struct chain *chain); + struct nftnl_chain_list *mnl_nft_chain_dump(struct netlink_ctx *ctx, int family); diff --git a/include/netlink.h b/include/netlink.h index 42c3eb902a1e..4de4a09d5710 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -57,7 +57,6 @@ struct netlink_ctx { struct nft_cache *cache; }; -extern struct nftnl_chain *alloc_nftnl_chain(const struct handle *h); extern struct nftnl_rule *alloc_nftnl_rule(const struct handle *h); extern struct nftnl_expr *alloc_nft_expr(const char *name); extern struct nftnl_set *alloc_nftnl_set(const struct handle *h); @@ -117,13 +116,6 @@ extern int netlink_del_rule_batch(struct netlink_ctx *ctx, extern int netlink_replace_rule_batch(struct netlink_ctx *ctx, const struct cmd *cmd); -extern int netlink_add_chain_batch(struct netlink_ctx *ctx, - const struct cmd *cmd, uint32_t flags); -extern int netlink_rename_chain_batch(struct netlink_ctx *ctx, - const struct handle *h, - const struct cmd *cmd); -extern int netlink_delete_chain_batch(struct netlink_ctx *ctx, - const struct cmd *cmd); extern int netlink_list_chains(struct netlink_ctx *ctx, const struct handle *h); extern int netlink_flush_chain(struct netlink_ctx *ctx, const struct cmd *cmd); extern struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx, diff --git a/src/mnl.c b/src/mnl.c index 8cc4f168829c..337e0658e123 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -387,32 +387,106 @@ err: /* * Chain */ -int mnl_nft_chain_batch_add(struct nftnl_chain *nlc, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum) +int mnl_nft_chain_add(struct netlink_ctx *ctx, const struct cmd *cmd, + unsigned int flags) { + struct nftnl_chain *nlc; struct nlmsghdr *nlh; - nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch), + nlc = nftnl_chain_alloc(); + if (nlc == NULL) + memory_allocation_error(); + + nftnl_chain_set_u32(nlc, NFTNL_CHAIN_FAMILY, cmd->handle.family); + nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, cmd->handle.table.name); + nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, cmd->handle.chain.name); + + if (cmd->chain) { + if (cmd->chain->flags & CHAIN_F_BASECHAIN) { + nftnl_chain_set_u32(nlc, NFTNL_CHAIN_HOOKNUM, + cmd->chain->hooknum); + nftnl_chain_set_s32(nlc, NFTNL_CHAIN_PRIO, + cmd->chain->priority.num); + nftnl_chain_set_str(nlc, NFTNL_CHAIN_TYPE, + cmd->chain->type); + } + if (cmd->chain->policy != -1) + nftnl_chain_set_u32(nlc, NFTNL_CHAIN_POLICY, + cmd->chain->policy); + if (cmd->chain->dev != NULL) + nftnl_chain_set_str(nlc, NFTNL_CHAIN_DEV, + cmd->chain->dev); + } + netlink_dump_chain(nlc, ctx); + + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), NFT_MSG_NEWCHAIN, - nftnl_chain_get_u32(nlc, NFTNL_CHAIN_FAMILY), - NLM_F_CREATE | flags, seqnum); + cmd->handle.family, + NLM_F_CREATE | flags, ctx->seqnum); nftnl_chain_nlmsg_build_payload(nlh, nlc); - mnl_nft_batch_continue(batch); + nftnl_chain_free(nlc); + + mnl_nft_batch_continue(ctx->batch); return 0; } -int mnl_nft_chain_batch_del(struct nftnl_chain *nlc, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum) +int mnl_nft_chain_rename(struct netlink_ctx *ctx, const struct cmd *cmd, + const struct chain *chain) { + const char *name = cmd->arg; + struct nftnl_chain *nlc; struct nlmsghdr *nlh; - nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch), + nlc = nftnl_chain_alloc(); + if (nlc == NULL) + memory_allocation_error(); + + nftnl_chain_set_u32(nlc, NFTNL_CHAIN_FAMILY, cmd->handle.family); + nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, cmd->handle.table.name); + nftnl_chain_set_u64(nlc, NFTNL_CHAIN_HANDLE, chain->handle.handle.id); + nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, name); + + netlink_dump_chain(nlc, ctx); + + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), + NFT_MSG_NEWCHAIN, + cmd->handle.family, + 0, ctx->seqnum); + nftnl_chain_nlmsg_build_payload(nlh, nlc); + nftnl_chain_free(nlc); + + mnl_nft_batch_continue(ctx->batch); + + return 0; +} + +int mnl_nft_chain_del(struct netlink_ctx *ctx, const struct cmd *cmd) +{ + struct nftnl_chain *nlc; + struct nlmsghdr *nlh; + + nlc = nftnl_chain_alloc(); + if (nlc == NULL) + memory_allocation_error(); + + nftnl_chain_set_u32(nlc, NFTNL_CHAIN_FAMILY, cmd->handle.family); + nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, cmd->handle.table.name); + if (cmd->handle.chain.name) + nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, + cmd->handle.chain.name); + else if (cmd->handle.handle.id) + nftnl_chain_set_u64(nlc, NFTNL_CHAIN_HANDLE, + cmd->handle.handle.id); + + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), NFT_MSG_DELCHAIN, - nftnl_chain_get_u32(nlc, NFTNL_CHAIN_FAMILY), - NLM_F_ACK, seqnum); + cmd->handle.family, + NLM_F_ACK, ctx->seqnum); nftnl_chain_nlmsg_build_payload(nlh, nlc); - mnl_nft_batch_continue(batch); + nftnl_chain_free(nlc); + + mnl_nft_batch_continue(ctx->batch); return 0; } diff --git a/src/netlink.c b/src/netlink.c index f84c050102f5..d7b8da6bb3f0 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -111,24 +111,6 @@ void __noreturn __netlink_init_error(const char *filename, int line, exit(NFT_EXIT_NONL); } -struct nftnl_chain *alloc_nftnl_chain(const struct handle *h) -{ - struct nftnl_chain *nlc; - - nlc = nftnl_chain_alloc(); - if (nlc == NULL) - memory_allocation_error(); - - nftnl_chain_set_u32(nlc, NFTNL_CHAIN_FAMILY, h->family); - nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, h->table.name); - if (h->handle.id) - nftnl_chain_set_u64(nlc, NFTNL_CHAIN_HANDLE, h->handle.id); - if (h->chain.name != NULL) - nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, h->chain.name); - - return nlc; -} - struct nftnl_rule *alloc_nftnl_rule(const struct handle *h) { struct nftnl_rule *nlr; @@ -570,67 +552,6 @@ void netlink_dump_chain(const struct nftnl_chain *nlc, struct netlink_ctx *ctx) fprintf(fp, "\n"); } -int netlink_add_chain_batch(struct netlink_ctx *ctx, const struct cmd *cmd, - uint32_t flags) -{ - struct chain *chain = cmd->chain; - struct nftnl_chain *nlc; - int err; - - nlc = alloc_nftnl_chain(&cmd->handle); - if (chain != NULL) { - if (chain->flags & CHAIN_F_BASECHAIN) { - nftnl_chain_set_u32(nlc, NFTNL_CHAIN_HOOKNUM, - chain->hooknum); - nftnl_chain_set_s32(nlc, NFTNL_CHAIN_PRIO, - chain->priority.num); - nftnl_chain_set_str(nlc, NFTNL_CHAIN_TYPE, - chain->type); - } - if (chain->policy != -1) - nftnl_chain_set_u32(nlc, NFTNL_CHAIN_POLICY, - chain->policy); - if (chain->dev != NULL) - nftnl_chain_set_str(nlc, NFTNL_CHAIN_DEV, - chain->dev); - } - - netlink_dump_chain(nlc, ctx); - err = mnl_nft_chain_batch_add(nlc, ctx->batch, flags, ctx->seqnum); - nftnl_chain_free(nlc); - - return err; -} - -int netlink_rename_chain_batch(struct netlink_ctx *ctx, const struct handle *h, - const struct cmd *cmd) -{ - const char *name = cmd->arg; - struct nftnl_chain *nlc; - int err; - - nlc = alloc_nftnl_chain(h); - nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, name); - netlink_dump_chain(nlc, ctx); - err = mnl_nft_chain_batch_add(nlc, ctx->batch, 0, ctx->seqnum); - nftnl_chain_free(nlc); - - return err; -} - -int netlink_delete_chain_batch(struct netlink_ctx *ctx, const struct cmd *cmd) -{ - struct nftnl_chain *nlc; - int err; - - nlc = alloc_nftnl_chain(&cmd->handle); - netlink_dump_chain(nlc, ctx); - err = mnl_nft_chain_batch_del(nlc, ctx->batch, 0, ctx->seqnum); - nftnl_chain_free(nlc); - - return err; -} - struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx, const struct nftnl_chain *nlc) { diff --git a/src/rule.c b/src/rule.c index 81d5c3e9f41f..b00a17d65200 100644 --- a/src/rule.c +++ b/src/rule.c @@ -1412,7 +1412,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl) case CMD_OBJ_TABLE: return mnl_nft_table_add(ctx, cmd, flags); case CMD_OBJ_CHAIN: - return netlink_add_chain_batch(ctx, cmd, flags); + return mnl_nft_chain_add(ctx, cmd, flags); case CMD_OBJ_RULE: return netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND); case CMD_OBJ_SET: @@ -1495,7 +1495,7 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd) case CMD_OBJ_TABLE: return mnl_nft_table_del(ctx, cmd); case CMD_OBJ_CHAIN: - return netlink_delete_chain_batch(ctx, cmd); + return mnl_nft_chain_del(ctx, cmd); case CMD_OBJ_RULE: return netlink_del_rule_batch(ctx, cmd); case CMD_OBJ_SET: @@ -2278,13 +2278,13 @@ static int do_command_flush(struct netlink_ctx *ctx, struct cmd *cmd) static int do_command_rename(struct netlink_ctx *ctx, struct cmd *cmd) { struct table *table = table_lookup(&cmd->handle, ctx->cache); - struct chain *chain; + const struct chain *chain; switch (cmd->obj) { case CMD_OBJ_CHAIN: chain = chain_lookup(table, &cmd->handle); - return netlink_rename_chain_batch(ctx, &chain->handle, cmd); + return mnl_nft_chain_rename(ctx, cmd, chain); default: BUG("invalid command object type %u\n", cmd->obj); }