We can remove alloc_nftnl_set() and consolidate infrastructure in the
src/mnl.c file.
Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
---
include/mnl.h | 18 +++--
include/netlink.h | 14 ++--
src/mnl.c | 192 ++++++++++++++++++++++++++++++++++++++++++++++--------
src/netlink.c | 176 +++++++------------------------------------------
src/rule.c | 19 +++---
5 files changed, 209 insertions(+), 210 deletions(-)
diff --git a/include/mnl.h b/include/mnl.h
index c5fcb4cdc2ef..3ddc82a05cb0 100644
--- a/include/mnl.h
+++ b/include/mnl.h
@@ -51,19 +51,17 @@ int mnl_nft_table_del(struct netlink_ctx *ctx, const struct
cmd *cmd);
struct nftnl_table_list *mnl_nft_table_dump(struct netlink_ctx *ctx,
int family);
-int mnl_nft_set_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum);
-int mnl_nft_set_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum);
+int mnl_nft_set_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+ unsigned int flags);
+int mnl_nft_set_del(struct netlink_ctx *ctx, const struct cmd *cmd);
+
struct nftnl_set_list *mnl_nft_set_dump(struct netlink_ctx *ctx, int family,
const char *table);
-int mnl_nft_setelem_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum);
-int mnl_nft_setelem_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum);
-int mnl_nft_setelem_batch_flush(struct nftnl_set *nls, struct nftnl_batch
*batch,
- unsigned int flags, uint32_t seqnum);
+int mnl_nft_setelem_add(struct netlink_ctx *ctx, const struct set *set,
+ const struct expr *expr, unsigned int flags);
+int mnl_nft_setelem_del(struct netlink_ctx *ctx, const struct cmd *cmd);
+int mnl_nft_setelem_flush(struct netlink_ctx *ctx, const struct cmd *cmd);
int mnl_nft_setelem_get(struct netlink_ctx *ctx, struct nftnl_set *nls);
struct nftnl_set *mnl_nft_setelem_get_one(struct netlink_ctx *ctx,
struct nftnl_set *nls);
diff --git a/include/netlink.h b/include/netlink.h
index 36a89b9bb05e..57e1d98a57a5 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -58,7 +58,7 @@ struct netlink_ctx {
};
extern struct nftnl_expr *alloc_nft_expr(const char *name);
-extern struct nftnl_set *alloc_nftnl_set(const struct handle *h);
+extern void alloc_setelem_cache(const struct expr *set, struct nftnl_set *nls);
struct nft_data_linearize {
uint32_t len;
@@ -118,10 +118,6 @@ extern int netlink_flush_table(struct netlink_ctx *ctx,
const struct cmd *cmd);
extern struct table *netlink_delinearize_table(struct netlink_ctx *ctx,
const struct nftnl_table *nlt);
-extern int netlink_add_set_batch(struct netlink_ctx *ctx, const struct cmd
*cmd,
- uint32_t flags);
-extern int netlink_delete_set_batch(struct netlink_ctx *ctx,
- const struct cmd *cmd);
extern int netlink_list_sets(struct netlink_ctx *ctx, const struct handle *h);
extern struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
const struct nftnl_set *nls);
@@ -130,16 +126,11 @@ extern struct stmt *netlink_parse_set_expr(const struct
set *set,
const struct nft_cache *cache,
const struct nftnl_expr *nle);
-extern int netlink_add_setelems_batch(struct netlink_ctx *ctx, const struct
handle *h,
- const struct expr *expr, uint32_t flags);
-extern int netlink_delete_setelems_batch(struct netlink_ctx *ctx,
- const struct cmd *cmd);
extern int netlink_list_setelems(struct netlink_ctx *ctx,
const struct handle *h, struct set *set);
extern int netlink_get_setelem(struct netlink_ctx *ctx, const struct handle *h,
const struct location *loc, struct table *table,
struct set *set, struct expr *init);
-extern int netlink_flush_setelems(struct netlink_ctx *ctx, const struct cmd
*cmd);
extern int netlink_delinearize_setelem(struct nftnl_set_elem *nlse,
const struct set *set,
struct nft_cache *cache);
@@ -212,4 +203,7 @@ int netlink_markup_parse_cb(const struct nftnl_parse_ctx
*ctx);
int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type,
struct netlink_mon_handler *monh);
+enum nft_data_types dtype_map_to_kernel(const struct datatype *dtype);
+const struct datatype *dtype_map_from_kernel(enum nft_data_types type);
+
#endif /* NFTABLES_NETLINK_H */
diff --git a/src/mnl.c b/src/mnl.c
index 07316395db66..48637e27a3c1 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -19,6 +19,7 @@
#include <libnftnl/object.h>
#include <libnftnl/flowtable.h>
#include <libnftnl/batch.h>
+#include <libnftnl/udata.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nf_tables.h>
@@ -710,32 +711,116 @@ err:
/*
* Set
*/
-int mnl_nft_set_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum)
+int mnl_nft_set_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+ unsigned int flags)
{
+ const struct handle *h = &cmd->handle;
+ struct nftnl_udata_buf *udbuf;
+ struct set *set = cmd->set;
+ struct nftnl_set *nls;
struct nlmsghdr *nlh;
- nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+ nls = nftnl_set_alloc();
+ if (!nls)
+ memory_allocation_error();
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
+ nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
+ nftnl_set_set_u32(nls, NFTNL_SET_ID, h->set_id);
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FLAGS, set->flags);
+ nftnl_set_set_u32(nls, NFTNL_SET_KEY_TYPE,
+ dtype_map_to_kernel(set->key->dtype));
+ nftnl_set_set_u32(nls, NFTNL_SET_KEY_LEN,
+ div_round_up(set->key->len, BITS_PER_BYTE));
+ if (set->flags & NFT_SET_MAP) {
+ nftnl_set_set_u32(nls, NFTNL_SET_DATA_TYPE,
+ dtype_map_to_kernel(set->datatype));
+ nftnl_set_set_u32(nls, NFTNL_SET_DATA_LEN,
+ set->datalen / BITS_PER_BYTE);
+ }
+ if (set->flags & NFT_SET_OBJECT)
+ nftnl_set_set_u32(nls, NFTNL_SET_OBJ_TYPE, set->objtype);
+
+ if (set->timeout)
+ nftnl_set_set_u64(nls, NFTNL_SET_TIMEOUT, set->timeout);
+ if (set->gc_int)
+ nftnl_set_set_u32(nls, NFTNL_SET_GC_INTERVAL, set->gc_int);
+
+ nftnl_set_set_u32(nls, NFTNL_SET_ID, set->handle.set_id);
+
+ if (!(set->flags & NFT_SET_CONSTANT)) {
+ if (set->policy != NFT_SET_POL_PERFORMANCE)
+ nftnl_set_set_u32(nls, NFTNL_SET_POLICY, set->policy);
+
+ if (set->desc.size != 0)
+ nftnl_set_set_u32(nls, NFTNL_SET_DESC_SIZE,
+ set->desc.size);
+ } else if (set->init) {
+ nftnl_set_set_u32(nls, NFTNL_SET_DESC_SIZE, set->init->size);
+ }
+
+ udbuf = nftnl_udata_buf_alloc(NFT_USERDATA_MAXLEN);
+ if (!udbuf)
+ memory_allocation_error();
+ if (!nftnl_udata_put_u32(udbuf, UDATA_SET_KEYBYTEORDER,
+ set->key->byteorder))
+ memory_allocation_error();
+
+ if (set->flags & NFT_SET_MAP &&
+ !nftnl_udata_put_u32(udbuf, UDATA_SET_DATABYTEORDER,
+ set->datatype->byteorder))
+ memory_allocation_error();
+
+ if (set->automerge &&
+ !nftnl_udata_put_u32(udbuf, UDATA_SET_MERGE_ELEMENTS,
+ set->automerge))
+ memory_allocation_error();
+
+ nftnl_set_set_data(nls, NFTNL_SET_USERDATA, nftnl_udata_buf_data(udbuf),
+ nftnl_udata_buf_len(udbuf));
+ nftnl_udata_buf_free(udbuf);
+
+ netlink_dump_set(nls, ctx);
+
+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
NFT_MSG_NEWSET,
- nftnl_set_get_u32(nls, NFTNL_SET_FAMILY),
- NLM_F_CREATE | flags, seqnum);
+ h->family,
+ NLM_F_CREATE | flags, ctx->seqnum);
nftnl_set_nlmsg_build_payload(nlh, nls);
- mnl_nft_batch_continue(batch);
+ nftnl_set_free(nls);
+
+ mnl_nft_batch_continue(ctx->batch);
return 0;
}
-int mnl_nft_set_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum)
+int mnl_nft_set_del(struct netlink_ctx *ctx, const struct cmd *cmd)
{
+ const struct handle *h = &cmd->handle;
+ struct nftnl_set *nls;
struct nlmsghdr *nlh;
- nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+ nls = nftnl_set_alloc();
+ if (!nls)
+ memory_allocation_error();
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
+ if (h->set.name)
+ nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
+ if (h->handle.id)
+ nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id);
+
+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
NFT_MSG_DELSET,
- nftnl_set_get_u32(nls, NFTNL_SET_FAMILY),
- flags, seqnum);
+ h->family,
+ 0, ctx->seqnum);
nftnl_set_nlmsg_build_payload(nlh, nls);
- mnl_nft_batch_continue(batch);
+ nftnl_set_free(nls);
+
+ mnl_nft_batch_continue(ctx->batch);
return 0;
}
@@ -940,33 +1025,88 @@ static int mnl_nft_setelem_batch(struct nftnl_set *nls,
return 0;
}
-int mnl_nft_setelem_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum)
+int mnl_nft_setelem_add(struct netlink_ctx *ctx, const struct set *set,
+ const struct expr *expr, unsigned int flags)
{
- return mnl_nft_setelem_batch(nls, batch, NFT_MSG_NEWSETELEM, flags,
- seqnum);
+ const struct handle *h = &set->handle;
+ struct nftnl_set *nls;
+ int err;
+
+ nls = nftnl_set_alloc();
+ if (nls == NULL)
+ memory_allocation_error();
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
+ nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
+ if (h->set_id)
+ nftnl_set_set_u32(nls, NFTNL_SET_ID, h->set_id);
+
+ alloc_setelem_cache(expr, nls);
+ netlink_dump_set(nls, ctx);
+
+ err = mnl_nft_setelem_batch(nls, ctx->batch, NFT_MSG_NEWSETELEM, flags,
+ ctx->seqnum);
+ nftnl_set_free(nls);
+
+ return err;
}
-int mnl_nft_setelem_batch_flush(struct nftnl_set *nls, struct nftnl_batch
*batch,
- unsigned int flags, uint32_t seqnum)
+int mnl_nft_setelem_flush(struct netlink_ctx *ctx, const struct cmd *cmd)
{
+ const struct handle *h = &cmd->handle;
+ struct nftnl_set *nls;
struct nlmsghdr *nlh;
- nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+ nls = nftnl_set_alloc();
+ if (nls == NULL)
+ memory_allocation_error();
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
+ nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
+ if (h->handle.id)
+ nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id);
+
+ netlink_dump_set(nls, ctx);
+
+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
NFT_MSG_DELSETELEM,
- nftnl_set_get_u32(nls, NFTNL_SET_FAMILY),
- flags, seqnum);
+ h->family,
+ 0, ctx->seqnum);
nftnl_set_elems_nlmsg_build_payload(nlh, nls);
- mnl_nft_batch_continue(batch);
+ nftnl_set_free(nls);
+
+ mnl_nft_batch_continue(ctx->batch);
return 0;
}
-int mnl_nft_setelem_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch,
- unsigned int flags, uint32_t seqnum)
+int mnl_nft_setelem_del(struct netlink_ctx *ctx, const struct cmd *cmd)
{
- return mnl_nft_setelem_batch(nls, batch, NFT_MSG_DELSETELEM, flags,
- seqnum);
+ const struct handle *h = &cmd->handle;
+ struct nftnl_set *nls;
+ int err;
+
+ nls = nftnl_set_alloc();
+ if (nls == NULL)
+ memory_allocation_error();
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
+ nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
+ if (h->handle.id)
+ nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id);
+
+ if (cmd->expr)
+ alloc_setelem_cache(cmd->expr, nls);
+ netlink_dump_set(nls, ctx);
+
+ err = mnl_nft_setelem_batch(nls, ctx->batch, NFT_MSG_DELSETELEM, 0,
+ ctx->seqnum);
+ nftnl_set_free(nls);
+
+ return err;
}
struct nftnl_set *mnl_nft_setelem_get_one(struct netlink_ctx *ctx,
diff --git a/src/netlink.c b/src/netlink.c
index 5e205aa19e6e..3cf423510b6b 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -122,26 +122,6 @@ struct nftnl_expr *alloc_nft_expr(const char *name)
return nle;
}
-struct nftnl_set *alloc_nftnl_set(const struct handle *h)
-{
- struct nftnl_set *nls;
-
- nls = nftnl_set_alloc();
- if (nls == NULL)
- memory_allocation_error();
-
- nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
- nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
- if (h->set.name != NULL)
- nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
- if (h->set_id)
- nftnl_set_set_u32(nls, NFTNL_SET_ID, h->set_id);
- if (h->handle.id)
- nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id);
-
- return nls;
-}
-
static struct nftnl_set_elem *alloc_nftnl_setelem(const struct expr *set,
const struct expr *expr)
{
@@ -618,7 +598,7 @@ int netlink_flush_table(struct netlink_ctx *ctx, const
struct cmd *cmd)
return netlink_flush_rules(ctx, cmd);
}
-static enum nft_data_types dtype_map_to_kernel(const struct datatype *dtype)
+enum nft_data_types dtype_map_to_kernel(const struct datatype *dtype)
{
switch (dtype->type) {
case TYPE_VERDICT:
@@ -628,7 +608,7 @@ static enum nft_data_types dtype_map_to_kernel(const struct
datatype *dtype)
}
}
-static const struct datatype *dtype_map_from_kernel(enum nft_data_types type)
+const struct datatype *dtype_map_from_kernel(enum nft_data_types type)
{
switch (type) {
case NFT_DATA_VERDICT:
@@ -768,88 +748,6 @@ struct set *netlink_delinearize_set(struct netlink_ctx
*ctx,
return set;
}
-int netlink_add_set_batch(struct netlink_ctx *ctx, const struct cmd *cmd,
- uint32_t flags)
-{
- struct nftnl_udata_buf *udbuf;
- struct set *set = cmd->set;
- struct nftnl_set *nls;
- int err;
-
- nls = alloc_nftnl_set(&cmd->handle);
- nftnl_set_set_u32(nls, NFTNL_SET_FLAGS, set->flags);
- nftnl_set_set_u32(nls, NFTNL_SET_KEY_TYPE,
- dtype_map_to_kernel(set->key->dtype));
- nftnl_set_set_u32(nls, NFTNL_SET_KEY_LEN,
- div_round_up(set->key->len, BITS_PER_BYTE));
- if (set->flags & NFT_SET_MAP) {
- nftnl_set_set_u32(nls, NFTNL_SET_DATA_TYPE,
- dtype_map_to_kernel(set->datatype));
- nftnl_set_set_u32(nls, NFTNL_SET_DATA_LEN,
- set->datalen / BITS_PER_BYTE);
- }
- if (set->flags & NFT_SET_OBJECT)
- nftnl_set_set_u32(nls, NFTNL_SET_OBJ_TYPE, set->objtype);
-
- if (set->timeout)
- nftnl_set_set_u64(nls, NFTNL_SET_TIMEOUT, set->timeout);
- if (set->gc_int)
- nftnl_set_set_u32(nls, NFTNL_SET_GC_INTERVAL, set->gc_int);
-
- nftnl_set_set_u32(nls, NFTNL_SET_ID, set->handle.set_id);
-
- if (!(set->flags & NFT_SET_CONSTANT)) {
- if (set->policy != NFT_SET_POL_PERFORMANCE)
- nftnl_set_set_u32(nls, NFTNL_SET_POLICY, set->policy);
-
- if (set->desc.size != 0)
- nftnl_set_set_u32(nls, NFTNL_SET_DESC_SIZE,
- set->desc.size);
- } else if (set->init) {
- nftnl_set_set_u32(nls, NFTNL_SET_DESC_SIZE, set->init->size);
- }
-
- udbuf = nftnl_udata_buf_alloc(NFT_USERDATA_MAXLEN);
- if (!udbuf)
- memory_allocation_error();
- if (!nftnl_udata_put_u32(udbuf, UDATA_SET_KEYBYTEORDER,
- set->key->byteorder))
- memory_allocation_error();
-
- if (set->flags & NFT_SET_MAP &&
- !nftnl_udata_put_u32(udbuf, UDATA_SET_DATABYTEORDER,
- set->datatype->byteorder))
- memory_allocation_error();
-
- if (set->automerge &&
- !nftnl_udata_put_u32(udbuf, UDATA_SET_MERGE_ELEMENTS,
- set->automerge))
- memory_allocation_error();
-
- nftnl_set_set_data(nls, NFTNL_SET_USERDATA, nftnl_udata_buf_data(udbuf),
- nftnl_udata_buf_len(udbuf));
- nftnl_udata_buf_free(udbuf);
-
- netlink_dump_set(nls, ctx);
-
- err = mnl_nft_set_batch_add(nls, ctx->batch, flags, ctx->seqnum);
- nftnl_set_free(nls);
-
- return err;
-}
-
-int netlink_delete_set_batch(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
- struct nftnl_set *nls;
- int err;
-
- nls = alloc_nftnl_set(&cmd->handle);
- err = mnl_nft_set_batch_del(nls, ctx->batch, 0, ctx->seqnum);
- nftnl_set_free(nls);
-
- return err;
-}
-
static int list_set_cb(struct nftnl_set *nls, void *arg)
{
struct netlink_ctx *ctx = arg;
@@ -881,7 +779,7 @@ int netlink_list_sets(struct netlink_ctx *ctx, const struct
handle *h)
return err;
}
-static void alloc_setelem_cache(const struct expr *set, struct nftnl_set *nls)
+void alloc_setelem_cache(const struct expr *set, struct nftnl_set *nls)
{
struct nftnl_set_elem *nlse;
const struct expr *expr;
@@ -892,53 +790,6 @@ static void alloc_setelem_cache(const struct expr *set,
struct nftnl_set *nls)
}
}
-int netlink_add_setelems_batch(struct netlink_ctx *ctx, const struct handle *h,
- const struct expr *expr, uint32_t flags)
-{
- struct nftnl_set *nls;
- int err;
-
- nls = alloc_nftnl_set(h);
- alloc_setelem_cache(expr, nls);
- netlink_dump_set(nls, ctx);
-
- err = mnl_nft_setelem_batch_add(nls, ctx->batch, flags, ctx->seqnum);
- nftnl_set_free(nls);
-
- return err;
-}
-
-int netlink_delete_setelems_batch(struct netlink_ctx *ctx,
- const struct cmd *cmd)
-{
- struct nftnl_set *nls;
- int err;
-
- nls = alloc_nftnl_set(&cmd->handle);
- if (cmd->expr)
- alloc_setelem_cache(cmd->expr, nls);
- netlink_dump_set(nls, ctx);
-
- err = mnl_nft_setelem_batch_del(nls, ctx->batch, 0, ctx->seqnum);
- nftnl_set_free(nls);
-
- return err;
-}
-
-int netlink_flush_setelems(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
- struct nftnl_set *nls;
- int err;
-
- nls = alloc_nftnl_set(&cmd->handle);
- netlink_dump_set(nls, ctx);
-
- err = mnl_nft_setelem_batch_flush(nls, ctx->batch, 0, ctx->seqnum);
- nftnl_set_free(nls);
-
- return err;
-}
-
static struct expr *netlink_parse_concat_elem(const struct datatype *dtype,
struct expr *data)
{
@@ -1105,7 +956,15 @@ int netlink_list_setelems(struct netlink_ctx *ctx, const
struct handle *h,
struct nftnl_set *nls;
int err;
- nls = alloc_nftnl_set(h);
+ nls = nftnl_set_alloc();
+ if (nls == NULL)
+ memory_allocation_error();
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
+ nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
+ if (h->handle.id)
+ nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id);
err = mnl_nft_setelem_get(ctx, nls);
if (err < 0) {
@@ -1138,7 +997,16 @@ int netlink_get_setelem(struct netlink_ctx *ctx, const
struct handle *h,
{
struct nftnl_set *nls, *nls_out = NULL;
- nls = alloc_nftnl_set(h);
+ nls = nftnl_set_alloc();
+ if (nls == NULL)
+ memory_allocation_error();
+
+ nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
+ nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
+ if (h->handle.id)
+ nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id);
+
alloc_setelem_cache(init, nls);
netlink_dump_set(nls, ctx);
diff --git a/src/rule.c b/src/rule.c
index b5014788961b..5ef84f79592d 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1344,11 +1344,11 @@ void cmd_free(struct cmd *cmd)
#include <netlink.h>
#include <mnl.h>
-static int __do_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
- struct set *set, struct expr *expr, uint32_t flags)
+static int __do_add_setelems(struct netlink_ctx *ctx, struct set *set,
+ struct expr *expr, uint32_t flags)
{
expr->set_flags |= set->flags;
- if (netlink_add_setelems_batch(ctx, h, expr, flags) < 0)
+ if (mnl_nft_setelem_add(ctx, set, expr, flags) < 0)
return -1;
return 0;
@@ -1370,7 +1370,7 @@ static int do_add_setelems(struct netlink_ctx *ctx,
struct cmd *cmd,
ctx->debug_mask, set->automerge) < 0)
return -1;
- return __do_add_setelems(ctx, h, set, init, flags);
+ return __do_add_setelems(ctx, set, init, flags);
}
static int do_add_set(struct netlink_ctx *ctx, const struct cmd *cmd,
@@ -1384,11 +1384,10 @@ static int do_add_set(struct netlink_ctx *ctx, const
struct cmd *cmd,
ctx->debug_mask, set->automerge) < 0)
return -1;
}
- if (netlink_add_set_batch(ctx, cmd, flags) < 0)
+ if (mnl_nft_set_add(ctx, cmd, flags) < 0)
return -1;
if (set->init != NULL) {
- return __do_add_setelems(ctx, &set->handle, set, set->init,
- flags);
+ return __do_add_setelems(ctx, set, set->init, flags);
}
return 0;
}
@@ -1483,7 +1482,7 @@ static int do_delete_setelems(struct netlink_ctx *ctx,
struct cmd *cmd)
ctx->debug_mask, set->automerge) < 0)
return -1;
- if (netlink_delete_setelems_batch(ctx, cmd) < 0)
+ if (mnl_nft_setelem_del(ctx, cmd) < 0)
return -1;
return 0;
@@ -1499,7 +1498,7 @@ static int do_command_delete(struct netlink_ctx *ctx,
struct cmd *cmd)
case CMD_OBJ_RULE:
return mnl_nft_rule_del(ctx, cmd);
case CMD_OBJ_SET:
- return netlink_delete_set_batch(ctx, cmd);
+ return mnl_nft_set_del(ctx, cmd);
case CMD_OBJ_SETELEM:
return do_delete_setelems(ctx, cmd);
case CMD_OBJ_COUNTER:
@@ -2266,7 +2265,7 @@ static int do_command_flush(struct netlink_ctx *ctx,
struct cmd *cmd)
case CMD_OBJ_SET:
case CMD_OBJ_MAP:
case CMD_OBJ_METER:
- return netlink_flush_setelems(ctx, cmd);
+ return mnl_nft_setelem_flush(ctx, cmd);
case CMD_OBJ_RULESET:
return mnl_nft_table_del(ctx, cmd);
default:
--
2.11.0
