diff options
| author | Pablo Neira Ayuso | 2014-04-03 11:53:37 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso | 2014-05-19 12:06:12 +0200 |
| commit | 55dd6f93076bb82aa8911191125418dcfcbf2c9b (patch) | |
| tree | 7d2faa787f524b4b5e48783948b9d258858b2a56 /include/net/netfilter/nf_tables.h | |
| parent | netfilter: nf_tables: pass context to nf_tables_updtable() (diff) | |
| download | kernel-qcow2-linux-55dd6f93076bb82aa8911191125418dcfcbf2c9b.tar.gz kernel-qcow2-linux-55dd6f93076bb82aa8911191125418dcfcbf2c9b.tar.xz kernel-qcow2-linux-55dd6f93076bb82aa8911191125418dcfcbf2c9b.zip | |
netfilter: nf_tables: use new transaction infrastructure to handle table
This patch speeds up rule-set updates and it also provides a way
to revert updates and leave things in consistent state in case that
the batch needs to be aborted.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net/netfilter/nf_tables.h')
| -rw-r--r-- | include/net/netfilter/nf_tables.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 7b2361c559b5..15bf745f198d 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -436,6 +436,16 @@ struct nft_trans_chain { #define nft_trans_chain_policy(trans) \ (((struct nft_trans_chain *)trans->data)->policy) +struct nft_trans_table { + bool update; + bool enable; +}; + +#define nft_trans_table_update(trans) \ + (((struct nft_trans_table *)trans->data)->update) +#define nft_trans_table_enable(trans) \ + (((struct nft_trans_table *)trans->data)->enable) + static inline struct nft_expr *nft_expr_first(const struct nft_rule *rule) { return (struct nft_expr *)&rule->data[0]; |