interesting
/
nftables
mirror of https://github.com/google/nftables.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

rule replace (#50) 

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
This commit is contained in:
Serguei Bezverkhi 2019-08-19 17:35:24 -04:00 committed by Michael Stapelberg
parent 0b3d8b56f6
commit 5cb71bfba1
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
rule.go
View File

@ -103,7 +103,13 @@ func (cc *Conn) AddRule(r *Rule) *Rule {
{Type: unix.NFTA_RULE_USERDATA, Data: r.UserData}, {Type: unix.NFTA_RULE_USERDATA, Data: r.UserData},
})...) })...)
} }
if r.Position != 0 { if r.Handle != 0 {
flags = netlink.Request | netlink.Acknowledge | netlink.Replace | unix.NLM_F_ECHO | unix.NLM_F_REPLACE
msgData = append(msgData, cc.marshalAttr([]netlink.Attribute{
{Type: unix.NFTA_RULE_HANDLE, Data: binaryutil.BigEndian.PutUint64(r.Handle)},
})...)
} else if r.Position != 0 {
// when a rule's position is specified, it becomes nft insert rule operation
msgData = append(msgData, cc.marshalAttr([]netlink.Attribute{ msgData = append(msgData, cc.marshalAttr([]netlink.Attribute{
{Type: unix.NFTA_RULE_POSITION, Data: binaryutil.BigEndian.PutUint64(r.Position)}, {Type: unix.NFTA_RULE_POSITION, Data: binaryutil.BigEndian.PutUint64(r.Position)},
})...) })...)
@ -113,6 +119,7 @@ func (cc *Conn) AddRule(r *Rule) *Rule {
// unix.NLM_F_APPEND is added when nft add rule operation is executed. // unix.NLM_F_APPEND is added when nft add rule operation is executed.
flags = netlink.Request | netlink.Acknowledge | netlink.Create | unix.NLM_F_ECHO | unix.NLM_F_APPEND flags = netlink.Request | netlink.Acknowledge | netlink.Create | unix.NLM_F_ECHO | unix.NLM_F_APPEND
} }
cc.messages = append(cc.messages, netlink.Message{ cc.messages = append(cc.messages, netlink.Message{
Header: netlink.Header{ Header: netlink.Header{
Type: ruleHeaderType, Type: ruleHeaderType,