interesting
/
nftables
mirror of https://github.com/google/nftables.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge fe3fa1cb92 into a24f918d08

This commit is contained in:
Jan Schär 2025-03-13 09:43:06 +01:00 committed by GitHub
parent a24f918d08 fe3fa1cb92
commit 2858b58738
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
rule.go
View File

@ -46,10 +46,8 @@ type Rule struct {
Chain *Chain Chain *Chain
Position uint64 Position uint64
Handle uint64 Handle uint64
// The list of possible flags are specified by nftnl_rule_attr, see // Deprecated: The feature for which this field was added never worked.
// https://git.netfilter.org/libnftnl/tree/include/libnftnl/rule.h#n21 // The field may be removed in a later version.
// Current nftables go implementation supports only
// NFTNL_RULE_POSITION flag for setting rule at position 0
Flags uint32 Flags uint32
Exprs []expr.Any Exprs []expr.Any
UserData []byte UserData []byte
@ -163,7 +161,7 @@ func (cc *Conn) newRule(r *Rule, op ruleOperation) *Rule {
flags = netlink.Request | netlink.Acknowledge | netlink.Replace | unix.NLM_F_ECHO | unix.NLM_F_REPLACE flags = netlink.Request | netlink.Acknowledge | netlink.Replace | unix.NLM_F_ECHO | unix.NLM_F_REPLACE
} }
if r.Position != 0 || (r.Flags&(1<<unix.NFTA_RULE_POSITION)) != 0 { if r.Position != 0 {
msgData = append(msgData, cc.marshalAttr([]netlink.Attribute{ msgData = append(msgData, cc.marshalAttr([]netlink.Attribute{
{Type: unix.NFTA_RULE_POSITION, Data: binaryutil.BigEndian.PutUint64(r.Position)}, {Type: unix.NFTA_RULE_POSITION, Data: binaryutil.BigEndian.PutUint64(r.Position)},
})...) })...)