OpenWrt – Blame information for rev 4

Subversion Repositories:
Rev:
Rev Author Line No. Line
4 office 1 From: Pablo Neira Ayuso <pablo@netfilter.org>
2 Date: Fri, 19 Jan 2018 01:41:38 +0100
3 Subject: [PATCH] src: delete flowtable
4  
5 This patch allows you to delete an existing flowtable:
6  
7 # nft delete flowtable x m
8  
9 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
10 ---
11  
12 --- a/include/mnl.h
13 +++ b/include/mnl.h
14 @@ -95,6 +95,9 @@ mnl_nft_flowtable_dump(struct netlink_ct
15 int mnl_nft_flowtable_batch_add(struct nftnl_flowtable *flo,
16 struct nftnl_batch *batch, unsigned int flags,
17 uint32_t seqnum);
18 +int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flow,
19 + struct nftnl_batch *batch, unsigned int flags,
20 + uint32_t seqnum);
21  
22 struct nftnl_ruleset *mnl_nft_ruleset_dump(struct netlink_ctx *ctx,
23 uint32_t family);
24 --- a/include/netlink.h
25 +++ b/include/netlink.h
26 @@ -186,6 +186,9 @@ extern int netlink_list_flowtables(struc
27 extern int netlink_add_flowtable(struct netlink_ctx *ctx,
28 const struct handle *h, struct flowtable *ft,
29 uint32_t flags);
30 +extern int netlink_delete_flowtable(struct netlink_ctx *ctx,
31 + const struct handle *h,
32 + struct location *loc);
33  
34 extern void netlink_dump_chain(const struct nftnl_chain *nlc,
35 struct netlink_ctx *ctx);
36 --- a/src/evaluate.c
37 +++ b/src/evaluate.c
38 @@ -3121,6 +3121,7 @@ static int cmd_evaluate_delete(struct ev
39 case CMD_OBJ_RULE:
40 case CMD_OBJ_CHAIN:
41 case CMD_OBJ_TABLE:
42 + case CMD_OBJ_FLOWTABLE:
43 case CMD_OBJ_COUNTER:
44 case CMD_OBJ_QUOTA:
45 case CMD_OBJ_CT_HELPER:
46 --- a/src/mnl.c
47 +++ b/src/mnl.c
48 @@ -1027,6 +1027,22 @@ int mnl_nft_flowtable_batch_add(struct n
49 return 0;
50 }
51  
52 +int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flo,
53 + struct nftnl_batch *batch, unsigned int flags,
54 + uint32_t seqnum)
55 +{
56 + struct nlmsghdr *nlh;
57 +
58 + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
59 + NFT_MSG_DELFLOWTABLE,
60 + nftnl_flowtable_get_u32(flo, NFTNL_FLOWTABLE_FAMILY),
61 + flags, seqnum);
62 + nftnl_flowtable_nlmsg_build_payload(nlh, flo);
63 + mnl_nft_batch_continue(batch);
64 +
65 + return 0;
66 +}
67 +
68 /*
69 * ruleset
70 */
71 --- a/src/netlink.c
72 +++ b/src/netlink.c
73 @@ -1831,6 +1831,24 @@ int netlink_add_flowtable(struct netlink
74 return err;
75 }
76  
77 +int netlink_delete_flowtable(struct netlink_ctx *ctx, const struct handle *h,
78 + struct location *loc)
79 +{
80 + struct nftnl_flowtable *flo;
81 + int err;
82 +
83 + flo = alloc_nftnl_flowtable(h, NULL);
84 + netlink_dump_flowtable(flo, ctx);
85 +
86 + err = mnl_nft_flowtable_batch_del(flo, ctx->batch, 0, ctx->seqnum);
87 + if (err < 0)
88 + netlink_io_error(ctx, loc, "Could not delete flowtable: %s",
89 + strerror(errno));
90 + nftnl_flowtable_free(flo);
91 +
92 + return err;
93 +}
94 +
95 static int list_obj_cb(struct nftnl_obj *nls, void *arg)
96 {
97 struct netlink_ctx *ctx = arg;
98 --- a/src/parser_bison.y
99 +++ b/src/parser_bison.y
100 @@ -1024,6 +1024,10 @@ delete_cmd : TABLE table_spec
101 {
102 $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SETELEM, &$2, &@$, $3);
103 }
104 + | FLOWTABLE flowtable_spec
105 + {
106 + $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_FLOWTABLE, &$2, &@$, NULL);
107 + }
108 | COUNTER obj_spec
109 {
110 $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_COUNTER, &$2, &@$, NULL);
111 --- a/src/rule.c
112 +++ b/src/rule.c
113 @@ -1177,6 +1177,9 @@ static int do_command_delete(struct netl
114 case CMD_OBJ_LIMIT:
115 return netlink_delete_obj(ctx, &cmd->handle, &cmd->location,
116 NFT_OBJECT_LIMIT);
117 + case CMD_OBJ_FLOWTABLE:
118 + return netlink_delete_flowtable(ctx, &cmd->handle,
119 + &cmd->location);
120 default:
121 BUG("invalid command object type %u\n", cmd->obj);
122 }