Merge fe3fa1cb92 into a24f918d08

2025-03-13 09:43:06 +01:00
2 changed files with 10 additions and 28 deletions
--- a/conn.go
+++ b/conn.go
@ -17,7 +17,6 @@ package nftables
 import (
 	"errors"
 	"fmt"
-	"math"
 	"os"
 	"sync"
 	"syscall"
@ -45,8 +44,6 @@ type Conn struct {
 	err         error
 	nlconn      *netlink.Conn // netlink socket using NETLINK_NETFILTER protocol.
 	sockOptions []SockOption
-	lastID       uint32
-	allocatedIDs uint32
 }

 // ConnOption is an option to change the behavior of the nftables Conn returned by Open.
@ -247,7 +244,6 @@ func (cc *Conn) Flush() error {
 	cc.mu.Lock()
 	defer func() {
 		cc.messages = nil
-		cc.allocatedIDs = 0
 		cc.mu.Unlock()
 	}()
 	if len(cc.messages) == 0 {
@ -373,20 +369,3 @@ func batch(messages []netlink.Message) []netlink.Message {

 	return batch
 }
-
-// allocateTransactionID allocates an identifier which is only valid in the
-// current transaction.
-func (cc *Conn) allocateTransactionID() uint32 {
-	if cc.allocatedIDs == math.MaxUint32 {
-		panic(fmt.Sprintf("trying to allocate more than %d IDs in a single nftables transaction", math.MaxUint32))
-	}
-	// To make it more likely to catch when a transaction ID is erroneously used
-	// in a later transaction, cc.lastID is not reset after each transaction;
-	// instead it is only reset once it rolls over from math.MaxUint32 to 0.
-	cc.allocatedIDs++
-	cc.lastID++
-	if cc.lastID == 0 {
-		cc.lastID = 1
-	}
-	return cc.lastID
-}
--- a/set.go
+++ b/set.go
@ -46,6 +46,8 @@ const (
 	NFTA_SET_ELEM_EXPRESSIONS = 0x11
 )

+var allocSetID uint32
+
 // SetDatatype represents a datatype declared by nft.
 type SetDatatype struct {
 	Name  string
@ -530,7 +532,8 @@ func (cc *Conn) AddSet(s *Set, vals []SetElement) error {
 	}

 	if s.ID == 0 {
-		s.ID = cc.allocateTransactionID()
+		allocSetID++
+		s.ID = allocSetID
 		if s.Anonymous {
 			s.Name = "__set%d"
 			if s.IsMap {