Commit 67c49de4 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso

netfilter: nf_tables: expose enum nft_chain_flags through UAPI

This enum definition was never exposed through UAPI. Rename
NFT_BASE_CHAIN to NFT_CHAIN_BASE for consistency.
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 51d70f18
...@@ -921,11 +921,6 @@ static inline void nft_set_elem_update_expr(const struct nft_set_ext *ext, ...@@ -921,11 +921,6 @@ static inline void nft_set_elem_update_expr(const struct nft_set_ext *ext,
(expr) != (last); \ (expr) != (last); \
(expr) = nft_expr_next(expr)) (expr) = nft_expr_next(expr))
enum nft_chain_flags {
NFT_BASE_CHAIN = 0x1,
NFT_CHAIN_HW_OFFLOAD = 0x2,
};
#define NFT_CHAIN_POLICY_UNSET U8_MAX #define NFT_CHAIN_POLICY_UNSET U8_MAX
/** /**
...@@ -1036,7 +1031,7 @@ static inline struct nft_base_chain *nft_base_chain(const struct nft_chain *chai ...@@ -1036,7 +1031,7 @@ static inline struct nft_base_chain *nft_base_chain(const struct nft_chain *chai
static inline bool nft_is_base_chain(const struct nft_chain *chain) static inline bool nft_is_base_chain(const struct nft_chain *chain)
{ {
return chain->flags & NFT_BASE_CHAIN; return chain->flags & NFT_CHAIN_BASE;
} }
int __nft_release_basechain(struct nft_ctx *ctx); int __nft_release_basechain(struct nft_ctx *ctx);
......
...@@ -184,6 +184,11 @@ enum nft_table_attributes { ...@@ -184,6 +184,11 @@ enum nft_table_attributes {
}; };
#define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1) #define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1)
enum nft_chain_flags {
NFT_CHAIN_BASE = (1 << 0),
NFT_CHAIN_HW_OFFLOAD = (1 << 1),
};
/** /**
* enum nft_chain_attributes - nf_tables chain netlink attributes * enum nft_chain_attributes - nf_tables chain netlink attributes
* *
......
...@@ -1903,7 +1903,7 @@ static int nft_basechain_init(struct nft_base_chain *basechain, u8 family, ...@@ -1903,7 +1903,7 @@ static int nft_basechain_init(struct nft_base_chain *basechain, u8 family,
nft_basechain_hook_init(&basechain->ops, family, hook, chain); nft_basechain_hook_init(&basechain->ops, family, hook, chain);
} }
chain->flags |= NFT_BASE_CHAIN | flags; chain->flags |= NFT_CHAIN_BASE | flags;
basechain->policy = NF_ACCEPT; basechain->policy = NF_ACCEPT;
if (chain->flags & NFT_CHAIN_HW_OFFLOAD && if (chain->flags & NFT_CHAIN_HW_OFFLOAD &&
nft_chain_offload_priority(basechain) < 0) nft_chain_offload_priority(basechain) < 0)
...@@ -2255,7 +2255,7 @@ static int nf_tables_newchain(struct net *net, struct sock *nlsk, ...@@ -2255,7 +2255,7 @@ static int nf_tables_newchain(struct net *net, struct sock *nlsk,
if (nlh->nlmsg_flags & NLM_F_REPLACE) if (nlh->nlmsg_flags & NLM_F_REPLACE)
return -EOPNOTSUPP; return -EOPNOTSUPP;
flags |= chain->flags & NFT_BASE_CHAIN; flags |= chain->flags & NFT_CHAIN_BASE;
return nf_tables_updchain(&ctx, genmask, policy, flags); return nf_tables_updchain(&ctx, genmask, policy, flags);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment