netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Phil Sutter <phil@nwl.cc>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [iptables PATCH v2 17/24] xtables-restore: Carry in_table in struct nft_xt_restore_parse
Date: Mon, 30 Sep 2019 18:31:34 +0200	[thread overview]
Message-ID: <20190930163134.ypt64m56qfzmadjs@salvia> (raw)
In-Reply-To: <20190930163053.m4vlsfmgjrp6jifo@salvia>

[-- Attachment #1: Type: text/plain, Size: 1174 bytes --]

On Mon, Sep 30, 2019 at 06:30:53PM +0200, Pablo Neira Ayuso wrote:
> On Wed, Sep 25, 2019 at 11:25:58PM +0200, Phil Sutter wrote:
> > This is a requirement for outsourcing line parsing code into a dedicated
> > function.
> > 
> > Signed-off-by: Phil Sutter <phil@nwl.cc>
> > ---
> >  iptables/nft-shared.h      |  1 +
> >  iptables/xtables-restore.c | 17 ++++++++---------
> >  2 files changed, 9 insertions(+), 9 deletions(-)
> > 
> > diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
> > index 9d62913461fa4..facad6d02a7ec 100644
> > --- a/iptables/nft-shared.h
> > +++ b/iptables/nft-shared.h
> > @@ -237,6 +237,7 @@ struct nft_xt_restore_parse {
> >  	int		testing;
> >  	const char	*tablename;
> >  	bool		commit;
> > +	bool		in_table;
> 
> I don't think this belong here.
> 
> If you want to add a structure, then add something like:
> 
> struct nft_xt_parse_ctx {
>         char    buffer[10240];
>         char    *curtable;
>         int     in_table;
> };
> 
> to store all the internal context, not mix things like internal
> parsing context with the object that describes the parser
> configuration.

Attaching a patch to constify nft_xt_restore_parse.

[-- Attachment #2: x.patch --]
[-- Type: text/x-diff, Size: 857 bytes --]

diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index de889ead7b60..ea9e5bfa6ae1 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -261,7 +261,7 @@ struct nft_xt_restore_cb {
 };
 
 void xtables_restore_parse(struct nft_handle *h,
-			   struct nft_xt_restore_parse *p,
+			   const struct nft_xt_restore_parse *p,
 			   struct nft_xt_restore_cb *cb,
 			   int argc, char *argv[]);
 
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index 601c842feab3..d34fad43e0b3 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -85,7 +85,7 @@ static const struct xtc_ops xtc_ops = {
 };
 
 void xtables_restore_parse(struct nft_handle *h,
-			   struct nft_xt_restore_parse *p,
+			   const struct nft_xt_restore_parse *p,
 			   struct nft_xt_restore_cb *cb,
 			   int argc, char *argv[])
 {

  reply	other threads:[~2019-09-30 16:31 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-25 21:25 [iptables PATCH v2 00/24] Improve iptables-nft performance with large rulesets Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 01/24] xtables_error() does not return Phil Sutter
2019-09-25 21:31   ` Florian Westphal
2019-09-25 21:47     ` Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 02/24] tests/shell: Speed up ipt-restore/0004-restore-race_0 Phil Sutter
2019-09-26  9:07   ` Florian Westphal
2019-09-25 21:25 ` [iptables PATCH v2 03/24] tests: shell: Support running for legacy/nft only Phil Sutter
2019-09-27 14:19   ` Florian Westphal
2019-09-30 16:20     ` Pablo Neira Ayuso
2019-09-25 21:25 ` [iptables PATCH v2 04/24] nft: Fix for add and delete of same rule in single batch Phil Sutter
2019-09-27 14:20   ` Florian Westphal
2019-09-30 16:36     ` Pablo Neira Ayuso
2019-09-25 21:25 ` [iptables PATCH v2 05/24] nft: Make nftnl_table_list_get() fetch only tables Phil Sutter
2019-09-27 14:25   ` Florian Westphal
2019-09-25 21:25 ` [iptables PATCH v2 06/24] xtables-restore: Minimize caching when flushing Phil Sutter
2019-09-27 14:27   ` Florian Westphal
2019-09-25 21:25 ` [iptables PATCH v2 07/24] nft: Support fetch_rule_cache() per chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 08/24] nft: Fetch only chains in nft_chain_list_get() Phil Sutter
2019-09-30 16:57   ` Pablo Neira Ayuso
2019-09-30 17:12   ` Pablo Neira Ayuso
2019-09-25 21:25 ` [iptables PATCH v2 09/24] nft: Support fetch_chain_cache() per table Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 10/24] nft: Support fetch_chain_cache() per chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 11/24] nft: Support nft_chain_list_get() " Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 12/24] nft: Reduce cache overhead of adding a custom chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 13/24] nft: Reduce cache overhead of nft_chain_builtin_init() Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 14/24] nft: Support nft_is_table_compatible() per chain Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 15/24] nft: Optimize flushing all chains of a table Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 16/24] xtables-restore: Introduce rule counter tokenizer function Phil Sutter
2019-09-25 21:25 ` [iptables PATCH v2 17/24] xtables-restore: Carry in_table in struct nft_xt_restore_parse Phil Sutter
2019-09-30 16:30   ` Pablo Neira Ayuso
2019-09-30 16:31     ` Pablo Neira Ayuso [this message]
2019-09-25 21:25 ` [iptables PATCH v2 18/24] xtables-restore: Use xt_params->program_name Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 19/24] xtables-restore: Carry curtable in struct nft_xt_restore_parse Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 20/24] xtables-restore: Introduce line parsing function Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 21/24] tests: shell: Add ipt-restore/0007-flush-noflush_0 Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 22/24] xtables-restore: Remove some pointless linebreaks Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 23/24] xtables-restore: Allow lines without trailing newline character Phil Sutter
2019-09-25 21:26 ` [iptables PATCH v2 24/24] xtables-restore: Improve performance of --noflush operation Phil Sutter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190930163134.ypt64m56qfzmadjs@salvia \
    --to=pablo@netfilter.org \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=phil@nwl.cc \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).