| commit | 1a94e38d254b3622d5d53f74b3b716b0fcab0ba8 | |
| author | Pablo Neira Ayuso <pablo@netfilter.org> | |
| Fri, 10 Feb 2017 11:08:23 +0000 (10 12:08 +0100) | ||
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | |
| Sun, 12 Feb 2017 13:45:13 +0000 (12 14:45 +0100) | ||
| tree | 58a49f5fc667dea423a331fa5665897c574d1edb | treesnapshot (tar.gz zip) |
| parent | 74e8bcd21c40dbbb3d74fa904536f8a3bddafed3 | commitdiff |
netfilter: nf_tables: add NFTA_RULE_ID attribute
This new attribute allows us to uniquely identify a rule in transaction.
Robots may trigger an insertion followed by deletion in a batch, in that
scenario we still don't have a public rule handle that we can use to
delete the rule. This is similar to the NFTA_SET_ID attribute that
allows us to refer to an anonymous set from a batch.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This new attribute allows us to uniquely identify a rule in transaction.
Robots may trigger an insertion followed by deletion in a batch, in that
scenario we still don't have a public rule handle that we can use to
delete the rule. This is similar to the NFTA_SET_ID attribute that
allows us to refer to an anonymous set from a batch.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| include/net/netfilter/nf_tables.h | diffblobblamehistory | |
| include/uapi/linux/netfilter/nf_tables.h | diffblobblamehistory | |
| net/netfilter/nf_tables_api.c | diffblobblamehistory |