From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [iptables PATCH v3 01/11] nft: Pass nft_handle to flush_cache()
Date: Tue, 8 Oct 2019 18:14:37 +0200 [thread overview]
Message-ID: <20191008161447.6595-2-phil@nwl.cc> (raw)
In-Reply-To: <20191008161447.6595-1-phil@nwl.cc>
This allows to call nft_table_builtin_find() and hence removes the only
real user of __nft_table_builtin_find(). Consequently remove the latter
by integrating it into its sole caller.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
iptables/nft.c | 28 +++++++++++-----------------
1 file changed, 11 insertions(+), 17 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index a2f36b7ee90d2..bdc9fbc37f110 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -703,31 +703,25 @@ static void nft_chain_builtin_add(struct nft_handle *h,
nftnl_chain_list_add_tail(c, h->cache->table[table->type].chains);
}
-static const struct builtin_table *
-__nft_table_builtin_find(const struct builtin_table *tables, const char *table)
+/* find if built-in table already exists */
+const struct builtin_table *
+nft_table_builtin_find(struct nft_handle *h, const char *table)
{
int i;
bool found = false;
for (i = 0; i < NFT_TABLE_MAX; i++) {
- if (tables[i].name == NULL)
+ if (h->tables[i].name == NULL)
continue;
- if (strcmp(tables[i].name, table) != 0)
+ if (strcmp(h->tables[i].name, table) != 0)
continue;
found = true;
break;
}
- return found ? &tables[i] : NULL;
-}
-
-/* find if built-in table already exists */
-const struct builtin_table *
-nft_table_builtin_find(struct nft_handle *h, const char *table)
-{
- return __nft_table_builtin_find(h->tables, table);
+ return found ? &h->tables[i] : NULL;
}
/* find if built-in chain already exists */
@@ -857,14 +851,14 @@ static int __flush_chain_cache(struct nftnl_chain *c, void *data)
return 0;
}
-static int flush_cache(struct nft_cache *c, const struct builtin_table *tables,
+static int flush_cache(struct nft_handle *h, struct nft_cache *c,
const char *tablename)
{
const struct builtin_table *table;
int i;
if (tablename) {
- table = __nft_table_builtin_find(tables, tablename);
+ table = nft_table_builtin_find(h, tablename);
if (!table || !c->table[table->type].chains)
return 0;
nftnl_chain_list_foreach(c->table[table->type].chains,
@@ -873,7 +867,7 @@ static int flush_cache(struct nft_cache *c, const struct builtin_table *tables,
}
for (i = 0; i < NFT_TABLE_MAX; i++) {
- if (tables[i].name == NULL)
+ if (h->tables[i].name == NULL)
continue;
if (!c->table[i].chains)
@@ -893,7 +887,7 @@ static void flush_chain_cache(struct nft_handle *h, const char *tablename)
if (!h->have_cache)
return;
- if (flush_cache(h->cache, h->tables, tablename))
+ if (flush_cache(h, h->cache, tablename))
h->have_cache = false;
}
@@ -1655,7 +1649,7 @@ static void nft_rebuild_cache(struct nft_handle *h)
static void nft_release_cache(struct nft_handle *h)
{
if (h->cache_index)
- flush_cache(&h->__cache[0], h->tables, NULL);
+ flush_cache(h, &h->__cache[0], NULL);
}
struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h,
--
2.23.0
next prev parent reply other threads:[~2019-10-08 16:15 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-08 16:14 [iptables PATCH v3 00/11] Improve iptables-nft performance with large rulesets Phil Sutter
2019-10-08 16:14 ` Phil Sutter [this message]
2019-10-09 9:30 ` [iptables PATCH v3 01/11] nft: Pass nft_handle to flush_cache() Pablo Neira Ayuso
2019-10-08 16:14 ` [iptables PATCH v3 02/11] nft: Avoid nested cache fetching Phil Sutter
2019-10-09 9:30 ` Pablo Neira Ayuso
2019-10-08 16:14 ` [iptables PATCH v3 03/11] nft: Extract cache routines into nft-cache.c Phil Sutter
2019-10-09 9:32 ` Pablo Neira Ayuso
2019-10-08 16:14 ` [iptables PATCH v3 04/11] nft-cache: Introduce cache levels Phil Sutter
2019-10-09 9:37 ` Pablo Neira Ayuso
2019-10-09 10:29 ` Pablo Neira Ayuso
2019-10-10 22:09 ` Phil Sutter
2019-10-11 9:28 ` Pablo Neira Ayuso
2019-10-11 11:24 ` Phil Sutter
2019-10-14 10:00 ` Pablo Neira Ayuso
2019-10-11 10:20 ` Pablo Neira Ayuso
2019-10-08 16:14 ` [iptables PATCH v3 05/11] nft-cache: Fetch only chains in nft_chain_list_get() Phil Sutter
2019-10-08 16:14 ` [iptables PATCH v3 06/11] nft-cache: Cover for multiple fetcher invocation Phil Sutter
2019-10-08 16:14 ` [iptables PATCH v3 07/11] nft-cache: Support partial cache per table Phil Sutter
2019-10-08 16:14 ` [iptables PATCH v3 08/11] nft-cache: Support partial rule cache per chain Phil Sutter
2019-10-08 16:14 ` [iptables PATCH v3 09/11] nft: Reduce cache overhead of nft_chain_builtin_init() Phil Sutter
2019-10-08 16:14 ` [iptables PATCH v3 10/11] nft: Support nft_is_table_compatible() per chain Phil Sutter
2019-10-08 16:14 ` [iptables PATCH v3 11/11] nft: Optimize flushing all chains of a table Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191008161447.6595-2-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.