* [PATCH] src: Export nftnl_set_clone symbol @ 2026-03-18 2:56 chlorodose 2026-03-18 10:46 ` Phil Sutter 0 siblings, 1 reply; 6+ messages in thread From: chlorodose @ 2026-03-18 2:56 UTC (permalink / raw) To: netfilter-devel; +Cc: chlorodose Seems that nftnl_set_clone is forgot to be exported, we add it back. Signed-off-by: chlorodose <chlorodose@gmail.com> --- src/set.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/set.c b/src/set.c index 54674bc..e5e51b6 100644 --- a/src/set.c +++ b/src/set.c @@ -360,6 +360,7 @@ uint64_t nftnl_set_get_u64(const struct nftnl_set *s, uint16_t attr) return val ? *val : 0; } +EXPORT_SYMBOL(nftnl_set_clone); struct nftnl_set *nftnl_set_clone(const struct nftnl_set *set) { struct nftnl_set *newset; -- 2.52.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] src: Export nftnl_set_clone symbol 2026-03-18 2:56 [PATCH] src: Export nftnl_set_clone symbol chlorodose @ 2026-03-18 10:46 ` Phil Sutter 2026-03-18 17:03 ` Pablo Neira Ayuso 0 siblings, 1 reply; 6+ messages in thread From: Phil Sutter @ 2026-03-18 10:46 UTC (permalink / raw) To: chlorodose; +Cc: netfilter-devel Hi chlorodose, On Wed, Mar 18, 2026 at 10:56:51AM +0800, chlorodose wrote: > Seems that nftnl_set_clone is forgot to be exported, we add it back. > > Signed-off-by: chlorodose <chlorodose@gmail.com> > --- > src/set.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/src/set.c b/src/set.c > index 54674bc..e5e51b6 100644 > --- a/src/set.c > +++ b/src/set.c > @@ -360,6 +360,7 @@ uint64_t nftnl_set_get_u64(const struct nftnl_set *s, uint16_t attr) > return val ? *val : 0; > } > > +EXPORT_SYMBOL(nftnl_set_clone); > struct nftnl_set *nftnl_set_clone(const struct nftnl_set *set) > { > struct nftnl_set *newset; Don't you also have to add it to src/libnftnl.map? How did you test this patch? Looking at the function itself, I fear the code is not correct anymore. E.g., it does not clone expr_list or user.data. If I was to decide, I'd rather drop it entirely instead of polishing it up. What's your use-case? Cheers, Phil ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] src: Export nftnl_set_clone symbol 2026-03-18 10:46 ` Phil Sutter @ 2026-03-18 17:03 ` Pablo Neira Ayuso 2026-03-18 18:53 ` Phil Sutter 0 siblings, 1 reply; 6+ messages in thread From: Pablo Neira Ayuso @ 2026-03-18 17:03 UTC (permalink / raw) To: Phil Sutter, chlorodose, netfilter-devel On Wed, Mar 18, 2026 at 11:46:14AM +0100, Phil Sutter wrote: > Hi chlorodose, > > On Wed, Mar 18, 2026 at 10:56:51AM +0800, chlorodose wrote: > > Seems that nftnl_set_clone is forgot to be exported, we add it back. > > > > Signed-off-by: chlorodose <chlorodose@gmail.com> > > --- > > src/set.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/src/set.c b/src/set.c > > index 54674bc..e5e51b6 100644 > > --- a/src/set.c > > +++ b/src/set.c > > @@ -360,6 +360,7 @@ uint64_t nftnl_set_get_u64(const struct nftnl_set *s, uint16_t attr) > > return val ? *val : 0; > > } > > > > +EXPORT_SYMBOL(nftnl_set_clone); > > struct nftnl_set *nftnl_set_clone(const struct nftnl_set *set) > > { > > struct nftnl_set *newset; > > Don't you also have to add it to src/libnftnl.map? How did you test this > patch? > > Looking at the function itself, I fear the code is not correct anymore. > E.g., it does not clone expr_list or user.data. If I was to decide, I'd > rather drop it entirely instead of polishing it up. What's your > use-case? Indeed, this function is internal and it is incomplete. it does not provide a full clone. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] src: Export nftnl_set_clone symbol 2026-03-18 17:03 ` Pablo Neira Ayuso @ 2026-03-18 18:53 ` Phil Sutter 2026-03-19 0:15 ` Chloro Dose 0 siblings, 1 reply; 6+ messages in thread From: Phil Sutter @ 2026-03-18 18:53 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: chlorodose, netfilter-devel On Wed, Mar 18, 2026 at 06:03:58PM +0100, Pablo Neira Ayuso wrote: > On Wed, Mar 18, 2026 at 11:46:14AM +0100, Phil Sutter wrote: > > Hi chlorodose, > > > > On Wed, Mar 18, 2026 at 10:56:51AM +0800, chlorodose wrote: > > > Seems that nftnl_set_clone is forgot to be exported, we add it back. > > > > > > Signed-off-by: chlorodose <chlorodose@gmail.com> > > > --- > > > src/set.c | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/src/set.c b/src/set.c > > > index 54674bc..e5e51b6 100644 > > > --- a/src/set.c > > > +++ b/src/set.c > > > @@ -360,6 +360,7 @@ uint64_t nftnl_set_get_u64(const struct nftnl_set *s, uint16_t attr) > > > return val ? *val : 0; > > > } > > > > > > +EXPORT_SYMBOL(nftnl_set_clone); > > > struct nftnl_set *nftnl_set_clone(const struct nftnl_set *set) > > > { > > > struct nftnl_set *newset; > > > > Don't you also have to add it to src/libnftnl.map? How did you test this > > patch? > > > > Looking at the function itself, I fear the code is not correct anymore. > > E.g., it does not clone expr_list or user.data. If I was to decide, I'd > > rather drop it entirely instead of polishing it up. What's your > > use-case? > > Indeed, this function is internal and it is incomplete. it does not > provide a full clone. I don't see it called inside libnftnl, though. Ah, it seems to have been used by the JSON API dropped in commit 80077787f8f21 ("src: remove json support"). And since we did not export it yet, we're safe to drop it unless chlorodose has a proper use-case for it. Cheers, Phil ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] src: Export nftnl_set_clone symbol 2026-03-18 18:53 ` Phil Sutter @ 2026-03-19 0:15 ` Chloro Dose 2026-03-19 8:56 ` Phil Sutter 0 siblings, 1 reply; 6+ messages in thread From: Chloro Dose @ 2026-03-19 0:15 UTC (permalink / raw) To: Phil Sutter, Pablo Neira Ayuso, chlorodose, netfilter-devel I have a use case where I want to construct a daemon that keeps a reference to an nft_set and repeatedly uses it to handle requests to add elems. I assume I must clone the nft_set from a clean copy each time, otherwise I'll resend all previous elements to the kernel. But I'm just starting to learn nftables, so I'm not sure my understanding is correct. Am I misunderstanding something here? ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] src: Export nftnl_set_clone symbol 2026-03-19 0:15 ` Chloro Dose @ 2026-03-19 8:56 ` Phil Sutter 0 siblings, 0 replies; 6+ messages in thread From: Phil Sutter @ 2026-03-19 8:56 UTC (permalink / raw) To: Chloro Dose; +Cc: Pablo Neira Ayuso, netfilter-devel Hi Chloro, On Thu, Mar 19, 2026 at 08:15:35AM +0800, Chloro Dose wrote: > I have a use case where I want to construct a daemon that keeps a > reference to an nft_set and repeatedly uses it to handle requests to > add elems. I assume I must clone the nft_set from a clean copy each > time, otherwise I'll resend all previous elements to the kernel. But > I'm just starting to learn nftables, so I'm not sure my understanding > is correct. Am I misunderstanding something here? All you need to keep record of is the set's name and that of the table it belongs to as well as the latter's family. With this data you may generate a NFT_MSG_NEWSETELEM-type message for the kernel to add one or many elements to an existing set. For reference, mnl_nft_setelem_batch() in nftables.git/src/mnl.c should be a good example of how to do this using libnftnl and libmnl. Cheers, Phil ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2026-03-19 8:56 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2026-03-18 2:56 [PATCH] src: Export nftnl_set_clone symbol chlorodose 2026-03-18 10:46 ` Phil Sutter 2026-03-18 17:03 ` Pablo Neira Ayuso 2026-03-18 18:53 ` Phil Sutter 2026-03-19 0:15 ` Chloro Dose 2026-03-19 8:56 ` Phil Sutter
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox