diff options
| author | Rosy Song <rosysong@rosinson.com> | 2018-05-15 11:42:29 +0800 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2018-05-21 18:07:47 +0200 |
| commit | 39e87e0ffc4eabf27d25459a369be425e9ef0474 (patch) | |
| tree | b7bff5520f53bccf4d2b40b0440b85ec6b3359bc /package/network/utils/nftables/patches/202-src-delete-flowtable.patch | |
| parent | c7e9d72f056a190fe14b1ebc3f07e726121e2965 (diff) | |
| download | mtk-20170518-39e87e0ffc4eabf27d25459a369be425e9ef0474.zip mtk-20170518-39e87e0ffc4eabf27d25459a369be425e9ef0474.tar.gz mtk-20170518-39e87e0ffc4eabf27d25459a369be425e9ef0474.tar.bz2 | |
nftables: bump to 0.8.5 version
Signed-off-by: Rosy Song <rosysong@rosinson.com>
Diffstat (limited to 'package/network/utils/nftables/patches/202-src-delete-flowtable.patch')
| -rw-r--r-- | package/network/utils/nftables/patches/202-src-delete-flowtable.patch | 122 |
1 files changed, 0 insertions, 122 deletions
diff --git a/package/network/utils/nftables/patches/202-src-delete-flowtable.patch b/package/network/utils/nftables/patches/202-src-delete-flowtable.patch deleted file mode 100644 index 32b7f96..0000000 --- a/package/network/utils/nftables/patches/202-src-delete-flowtable.patch +++ /dev/null @@ -1,122 +0,0 @@ -From: Pablo Neira Ayuso <pablo@netfilter.org> -Date: Fri, 19 Jan 2018 01:41:38 +0100 -Subject: [PATCH] src: delete flowtable - -This patch allows you to delete an existing flowtable: - - # nft delete flowtable x m - -Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> ---- - ---- a/include/mnl.h -+++ b/include/mnl.h -@@ -95,6 +95,9 @@ mnl_nft_flowtable_dump(struct netlink_ct - int mnl_nft_flowtable_batch_add(struct nftnl_flowtable *flo, - struct nftnl_batch *batch, unsigned int flags, - uint32_t seqnum); -+int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flow, -+ struct nftnl_batch *batch, unsigned int flags, -+ uint32_t seqnum); - - struct nftnl_ruleset *mnl_nft_ruleset_dump(struct netlink_ctx *ctx, - uint32_t family); ---- a/include/netlink.h -+++ b/include/netlink.h -@@ -186,6 +186,9 @@ extern int netlink_list_flowtables(struc - extern int netlink_add_flowtable(struct netlink_ctx *ctx, - const struct handle *h, struct flowtable *ft, - uint32_t flags); -+extern int netlink_delete_flowtable(struct netlink_ctx *ctx, -+ const struct handle *h, -+ struct location *loc); - - extern void netlink_dump_chain(const struct nftnl_chain *nlc, - struct netlink_ctx *ctx); ---- a/src/evaluate.c -+++ b/src/evaluate.c -@@ -3121,6 +3121,7 @@ static int cmd_evaluate_delete(struct ev - case CMD_OBJ_RULE: - case CMD_OBJ_CHAIN: - case CMD_OBJ_TABLE: -+ case CMD_OBJ_FLOWTABLE: - case CMD_OBJ_COUNTER: - case CMD_OBJ_QUOTA: - case CMD_OBJ_CT_HELPER: ---- a/src/mnl.c -+++ b/src/mnl.c -@@ -1027,6 +1027,22 @@ int mnl_nft_flowtable_batch_add(struct n - return 0; - } - -+int mnl_nft_flowtable_batch_del(struct nftnl_flowtable *flo, -+ struct nftnl_batch *batch, unsigned int flags, -+ uint32_t seqnum) -+{ -+ struct nlmsghdr *nlh; -+ -+ nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch), -+ NFT_MSG_DELFLOWTABLE, -+ nftnl_flowtable_get_u32(flo, NFTNL_FLOWTABLE_FAMILY), -+ flags, seqnum); -+ nftnl_flowtable_nlmsg_build_payload(nlh, flo); -+ mnl_nft_batch_continue(batch); -+ -+ return 0; -+} -+ - /* - * ruleset - */ ---- a/src/netlink.c -+++ b/src/netlink.c -@@ -1831,6 +1831,24 @@ int netlink_add_flowtable(struct netlink - return err; - } - -+int netlink_delete_flowtable(struct netlink_ctx *ctx, const struct handle *h, -+ struct location *loc) -+{ -+ struct nftnl_flowtable *flo; -+ int err; -+ -+ flo = alloc_nftnl_flowtable(h, NULL); -+ netlink_dump_flowtable(flo, ctx); -+ -+ err = mnl_nft_flowtable_batch_del(flo, ctx->batch, 0, ctx->seqnum); -+ if (err < 0) -+ netlink_io_error(ctx, loc, "Could not delete flowtable: %s", -+ strerror(errno)); -+ nftnl_flowtable_free(flo); -+ -+ return err; -+} -+ - static int list_obj_cb(struct nftnl_obj *nls, void *arg) - { - struct netlink_ctx *ctx = arg; ---- a/src/parser_bison.y -+++ b/src/parser_bison.y -@@ -1024,6 +1024,10 @@ delete_cmd : TABLE table_spec - { - $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SETELEM, &$2, &@$, $3); - } -+ | FLOWTABLE flowtable_spec -+ { -+ $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_FLOWTABLE, &$2, &@$, NULL); -+ } - | COUNTER obj_spec - { - $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_COUNTER, &$2, &@$, NULL); ---- a/src/rule.c -+++ b/src/rule.c -@@ -1177,6 +1177,9 @@ static int do_command_delete(struct netl - case CMD_OBJ_LIMIT: - return netlink_delete_obj(ctx, &cmd->handle, &cmd->location, - NFT_OBJECT_LIMIT); -+ case CMD_OBJ_FLOWTABLE: -+ return netlink_delete_flowtable(ctx, &cmd->handle, -+ &cmd->location); - default: - BUG("invalid command object type %u\n", cmd->obj); - } |