On Thu, Oct 19, 2017 at 10:18:43AM +0200, Phil Sutter wrote: > This allows an application to explicitly flush caches associated with a > given nft context. > > Note that this is a bit inconsistent in that it releases the global > interface cache, but nft_ctx_free() does the same so at least it's not a > regression. > > Signed-off-by: Phil Sutter <[email protected]> > --- > include/nftables/nftables.h | 1 + > src/libnftables.c | 9 +++++++-- > 2 files changed, 8 insertions(+), 2 deletions(-) > > diff --git a/include/nftables/nftables.h b/include/nftables/nftables.h > index 052a77bfb5371..fbc6fd4252a97 100644 > --- a/include/nftables/nftables.h > +++ b/include/nftables/nftables.h > @@ -77,6 +77,7 @@ enum nftables_exit_codes { > struct nft_ctx *nft_ctx_new(uint32_t flags); > void nft_ctx_free(struct nft_ctx *ctx); > FILE *nft_ctx_set_output(struct nft_ctx *ctx, FILE *fp); > +void nft_ctx_flush_cache(struct nft_ctx *ctx); > > int nft_run(struct nft_ctx *nft, struct mnl_socket *nf_sock, > void *scanner, struct parser_state *state, > diff --git a/src/libnftables.c b/src/libnftables.c > index 187747c66af21..0de50c854d572 100644 > --- a/src/libnftables.c > +++ b/src/libnftables.c > @@ -146,13 +146,18 @@ struct nft_ctx *nft_ctx_new(uint32_t flags) > return ctx; > } > > +void nft_ctx_flush_cache(struct nft_ctx *ctx) > +{ > + iface_cache_release(); > + cache_release(&ctx->cache); > +}
This flush allows us to release the cache, but nft_ctx_alloc() populates it. I'm missing something here, can we force a context repopulation? If there is no usecase for this yet, I would keep this behind by now. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
