Commit 55dd6f93 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso

netfilter: nf_tables: use new transaction infrastructure to handle table

This patch speeds up rule-set updates and it also provides a way
to revert updates and leave things in consistent state in case that
the batch needs to be aborted.
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent e1aaca93
...@@ -436,6 +436,16 @@ struct nft_trans_chain { ...@@ -436,6 +436,16 @@ struct nft_trans_chain {
#define nft_trans_chain_policy(trans) \ #define nft_trans_chain_policy(trans) \
(((struct nft_trans_chain *)trans->data)->policy) (((struct nft_trans_chain *)trans->data)->policy)
struct nft_trans_table {
bool update;
bool enable;
};
#define nft_trans_table_update(trans) \
(((struct nft_trans_table *)trans->data)->update)
#define nft_trans_table_enable(trans) \
(((struct nft_trans_table *)trans->data)->enable)
static inline struct nft_expr *nft_expr_first(const struct nft_rule *rule) static inline struct nft_expr *nft_expr_first(const struct nft_rule *rule)
{ {
return (struct nft_expr *)&rule->data[0]; return (struct nft_expr *)&rule->data[0];
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment