netfilter: nf_tables: use new transaction infrastructure to handle elements

Leave the set content in consistent state if we fail to load the batch. Use the new generic transaction infrastructure to achieve this. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2014-04-04 01:36:42 (GMT)
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-05-19 10:06:12 (GMT)
commit: 60319eb1ca351aa36e29d58d2e60ba9a9836265a (patch)
tree: 730f96cdcbb54f61cd9b449bd6c5c68def0dcbf7 /include/net/netfilter
parent: 55dd6f93076bb82aa8911191125418dcfcbf2c9b (diff)
download: linux-60319eb1ca351aa36e29d58d2e60ba9a9836265a.tar.xz
1 files changed, 10 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 15bf745..b08f2a9 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -446,6 +446,16 @@ struct nft_trans_table {
 #define nft_trans_table_enable(trans)	\
 	(((struct nft_trans_table *)trans->data)->enable)
 
+struct nft_trans_elem {
+	struct nft_set		*set;
+	struct nft_set_elem	elem;
+};
+
+#define nft_trans_elem_set(trans)	\
+	(((struct nft_trans_elem *)trans->data)->set)
+#define nft_trans_elem(trans)	\
+	(((struct nft_trans_elem *)trans->data)->elem)
+
 static inline struct nft_expr *nft_expr_first(const struct nft_rule *rule)
 {
 	return (struct nft_expr *)&rule->data[0];
author	Pablo Neira Ayuso <pablo@netfilter.org>	2014-04-04 01:36:42 (GMT)
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-05-19 10:06:12 (GMT)
commit	60319eb1ca351aa36e29d58d2e60ba9a9836265a (patch)
tree	730f96cdcbb54f61cd9b449bd6c5c68def0dcbf7 /include/net/netfilter
parent	55dd6f93076bb82aa8911191125418dcfcbf2c9b (diff)
download	linux-60319eb1ca351aa36e29d58d2e60ba9a9836265a.tar.xz