Hi, On Wed, Nov 28, 2018 at 02:51:54PM +0100, Pablo Neira Ayuso wrote: > On Wed, Nov 28, 2018 at 02:21:01PM +0100, Phil Sutter wrote: > > Hi Pablo, > > > > On Fri, Nov 23, 2018 at 01:35:17PM +0100, Pablo Neira Ayuso wrote: > > > On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote: > > > > Phil Sutter <p...@nwl.cc> wrote: > > > > > > If user doesn't want it cleared at nftnl_chain_free() time they can > > > > > > always allocate a new nftnl_rule_list and splice to that list. > > > > > > > > > > Good point. What do you think about the simple approach of > > > > > introducing: > > > > > > > > > > | struct nftnl_rule_list *nftnl_chain_get_rule_list(const struct > > > > > nftnl_chain *); > > > > > > > > Looks fine to me. > > > > > > > > > This would allow to reuse nftnl_rule_list routines from > > > > > libnftnl/rule.h. > > > > > One potential problem I see is that users may try to call > > > > > nftnl_rule_list_free(). Can we prevent that somehow? > > > > > > > > Document that nftnl_rule_list_free() pairs with nftnl_rule_list_alloc() > > > > :-) > > > > > > > > I don't think its an issue. > > > > We could add a 'bool make_free_no_op' to nftnl_rule_list and set that to > > > > true for nftnl_rule_list structures that are allocated indirectly on > > > > behalf of nftnl_chain struct, but I think thats taking things too far. > > > > > > Can we have an interface similar to nftnl_rule_add_expr() to add rules > > > to chains? > > > > > > So we add list field to nftnl_chain, and this new interface to > > > add/delete rules. > > > > I didn't look at struct nftnl_rule yet. OK, that seems rather different > > from what I had in mind. So I guess your idea would be to add a field of > > type struct list_head instead of struct nftnl_rule_list and implement > > struct nftnl_rule_iter and relevant functions? > > Yes. We would make explicit the relation between the objects, which > makes sense to me. So far only nftnl_rule and nftnl_expr are basically > "linked" in some way. > > Would this approach for you?
Yes, that's fine with me. My idea was to reuse the nftnl_rule_list API, but creating chains' rule lists in a consistent manner with respect to rules' expression lists is probably more important long-term. Thanks, Phil
