From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [iptables PATCH v3 0/9] nft: Sorted chain listing et al.
Date: Thu, 10 Dec 2020 14:06:27 +0100 [thread overview]
Message-ID: <20201210130636.26379-1-phil@nwl.cc> (raw)
This is a respin of my original series after getting rid of a few
initial ("fallout") patches. It implements structs nft_chain and
nft_chain_list to avoid changes to libnftnl as requested. Obviously this
introduces some code duplication as some bits from libnftnl have to be
replicated within iptables now.
Changes since v2:
* Reworded patch 1 comment to clarify what it fixes.
* Reordered patches so that nft_chain_foreach() introduced in patch
3 replaces nft_chain_list_get().
* Drop getters previously introduced along with struct nft_chain to
reduce size of patch 5. Extracting data from embedded nftnl_chain into
nft_chain and back if needed is future work.
Phil Sutter (9):
nft: Fix selective chain compatibility checks
nft: cache: Introduce nft_cache_add_chain()
nft: Implement nft_chain_foreach()
nft: cache: Move nft_chain_find() over
nft: Introduce struct nft_chain
nft: Introduce a dedicated base chain array
nft: cache: Sort custom chains by name
tests: shell: Drop any dump sorting in place
nft: Avoid pointless table/chain creation
iptables/Makefile.am | 2 +-
iptables/nft-cache.c | 162 ++++++---
iptables/nft-cache.h | 11 +-
iptables/nft-chain.c | 59 ++++
iptables/nft-chain.h | 29 ++
iptables/nft.c | 322 +++++++++++-------
iptables/nft.h | 10 +-
.../ebtables/0002-ebtables-save-restore_0 | 2 +-
.../firewalld-restore/0001-firewalld_0 | 17 +-
.../ipt-restore/0007-flush-noflush_0 | 4 +-
.../ipt-restore/0014-verbose-restore_0 | 2 +-
iptables/xtables-save.c | 8 +-
12 files changed, 421 insertions(+), 207 deletions(-)
create mode 100644 iptables/nft-chain.c
create mode 100644 iptables/nft-chain.h
--
2.28.0
next reply other threads:[~2020-12-10 13:07 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-10 13:06 Phil Sutter [this message]
2020-12-10 13:06 ` [iptables PATCH v3 1/9] nft: Fix selective chain compatibility checks Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 2/9] nft: cache: Introduce nft_cache_add_chain() Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 3/9] nft: Implement nft_chain_foreach() Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 4/9] nft: cache: Move nft_chain_find() over Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 5/9] nft: Introduce struct nft_chain Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 6/9] nft: Introduce a dedicated base chain array Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 7/9] nft: cache: Sort custom chains by name Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 8/9] tests: shell: Drop any dump sorting in place Phil Sutter
2020-12-10 13:06 ` [iptables PATCH v3 9/9] nft: Avoid pointless table/chain creation Phil Sutter
2020-12-14 13:24 ` [iptables PATCH v3 0/9] nft: Sorted chain listing et al Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201210130636.26379-1-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).