[PATCH nft] src: don't return error in netlink_linearize

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH nft] src: don't return error in netlink_linearize_rule()
@ 2014-08-18 20:33 Pablo Neira Ayuso
  0 siblings, 0 replies; only message in thread
From: Pablo Neira Ayuso @ 2014-08-18 20:33 UTC (permalink / raw)
  To: netfilter-devel; +Cc: kaber

This function converts the rule from the list of statements to the
netlink message format. The only two possible errors that can make
this function to fail are memory exhaustion and malformed statements
which inmediately stop the execution of nft.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/netlink.h       |    6 +++---
 src/netlink.c           |   16 +++++++---------
 src/netlink_linearize.c |    5 ++---
 3 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/include/netlink.h b/include/netlink.h
index af5dcd9..d7d5c2d 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -65,9 +65,9 @@ extern struct expr *netlink_alloc_data(const struct location *loc,
 				       const struct nft_data_delinearize *nld,
 				       enum nft_registers dreg);
 
-extern int netlink_linearize_rule(struct netlink_ctx *ctx,
-				  struct nft_rule *nlr,
-				  const struct rule *rule);
+extern void netlink_linearize_rule(struct netlink_ctx *ctx,
+				   struct nft_rule *nlr,
+				   const struct rule *rule);
 extern struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx,
 					     const struct nft_rule *r);
 
diff --git a/src/netlink.c b/src/netlink.c
index dc7a7c4..102f799 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -354,16 +354,14 @@ int netlink_add_rule_batch(struct netlink_ctx *ctx,
 	int err;
 
 	nlr = alloc_nft_rule(&rule->handle);
-	err = netlink_linearize_rule(ctx, nlr, rule);
-	if (err == 0) {
-		err = mnl_nft_rule_batch_add(nlr, flags | NLM_F_EXCL,
-					     ctx->seqnum);
-		if (err < 0)
-			netlink_io_error(ctx, &rule->location,
-					 "Could not add rule to batch: %s",
-					 strerror(errno));
-	}
+	netlink_linearize_rule(ctx, nlr, rule);
+	err = mnl_nft_rule_batch_add(nlr, flags | NLM_F_EXCL, ctx->seqnum);
 	nft_rule_free(nlr);
+	if (err < 0) {
+		netlink_io_error(ctx, &rule->location,
+				 "Could not add rule to batch: %s",
+				 strerror(errno));
+	}
 	return err;
 }
 
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 075e243..d950299 100644
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -746,8 +746,8 @@ static void netlink_gen_stmt(struct netlink_linearize_ctx *ctx,
 	}
 }
 
-int netlink_linearize_rule(struct netlink_ctx *ctx, struct nft_rule *nlr,
-			   const struct rule *rule)
+void netlink_linearize_rule(struct netlink_ctx *ctx, struct nft_rule *nlr,
+			    const struct rule *rule)
 {
 	struct netlink_linearize_ctx lctx;
 	const struct stmt *stmt;
@@ -760,5 +760,4 @@ int netlink_linearize_rule(struct netlink_ctx *ctx, struct nft_rule *nlr,
 		netlink_gen_stmt(&lctx, stmt);
 
 	netlink_dump_rule(nlr);
-	return 0;
 }
-- 
1.7.10.4


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2014-08-18 20:36 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-18 20:33 [PATCH nft] src: don't return error in netlink_linearize_rule() Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).