Hi, In order to improve performance in 'nft -f' as well as xtables-restore with very large rulesets, we need to store rules by chain they belong to. In order to avoid pointless code duplication, this should be supported by libnftnl.
Looking into the topic, it seems like extending struct nftnl_chain is the most straightforward way to go. My idea is to embed an nftnl_rule_list in there, though I'm unsure how to best do that in practice: We could either add a field of type struct nftnl_rule_list which would have to be initialized/cleared in nftnl_chain_alloc() and nftnl_chain_free(). This would be accompanied by a function to retrieve the pointer to that field so the existing rule_list routines may be used with it. Another option would be to add a pointer to a struct nftnl_rule_list. Having a function to retrieve a pointer to that pointer, the rule_list could be initialized/cleared by users on demand. What do you consider more practical? Is there a third option I didn't think of yet? Thanks, Phil
