[S] Change in ...osmo-s1gw[master]: enft_kpi: flush the table on init - gerrit-log

26 Jun 2025

fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/erlang/osmo-s1gw/+/40532?usp=email )
Change subject: enft_kpi: flush the table on init
......................................................................
enft_kpi: flush the table on init
Older versions of nftables, including the 1.0.6 provided by Osmocom,
do not support setting the "owner" flag when creating a table via JSON.
Ensure that we start with a clean state by deleting the table on init.
Change-Id: I96bf4f7b6d5c9104fad0d6f98eda56e7a4e4fa7d
Related: SYS#7307
---
M src/enft_kpi.erl
1 file changed, 30 insertions(+), 15 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/erlang/osmo-s1gw refs/changes/32/40532/1

diff --git a/src/enft_kpi.erl b/src/enft_kpi.erl
index cc2107a..f8cf126 100644
--- a/src/enft_kpi.erl
+++ b/src/enft_kpi.erl
@@ -149,20 +149,11 @@
     process_flag(trap_exit, true),
     TName = maps:get(table_name, Cfg, "osmo-s1gw"),
     Interval = maps:get(interval, Cfg, 3000),
-    %% ignore (accept) anything but GTPU @ udp/2152
-    R1 = [enftables:nft_expr_match_ip_proto("udp", ?OP_NEQ),
-          enftables:nft_expr_accept()],
-    R2 = [enftables:nft_expr_match_udp_dport(?GTPU_PORT, ?OP_NEQ),
-          enftables:nft_expr_accept()],
-    Cmds = [enftables:nft_cmd_add_table(TName, [<< "owner" >>]),
-            nft_cmd_add_chain(TName, "gtpu-ul", "prerouting"),
-            nft_cmd_add_chain(TName, "gtpu-dl", "postrouting"),
-            enftables:nft_cmd_add_rule(TName, "gtpu-ul", R1),
-            enftables:nft_cmd_add_rule(TName, "gtpu-dl", R1),
-            enftables:nft_cmd_add_rule(TName, "gtpu-ul", R2),
-            enftables:nft_cmd_add_rule(TName, "gtpu-dl", R2)
-           ],
-    case nft_exec(Cmds) of
+    %% flush the table, in case it remained
+    %% it may not exist, so we ignore the result
+    nft_flush_table(TName),
+    %% create and initialize the table
+    case nft_init_table(TName) of
         ok ->
             ?LOG_INFO("NFT table ~p has been initialized", [TName]),
             spawn_link(fun() -> heartbeat(Interval) end),
@@ -317,7 +308,7 @@
     ?LOG_NOTICE("Terminating, reason ~p", [Reason]),
     case Cfg of
         #{enable := true, table_name := TName} ->
-            nft_exec([enftables:nft_cmd_del_table(TName)]), %% delete the table
+            nft_flush_table(TName),
             ok;
         _ -> ok %% stub mode
     end.
@@ -518,6 +509,30 @@
     end.
+-spec nft_flush_table(string()) -> enftables:result().
+nft_flush_table(TName) ->
+    Cmds = [enftables:nft_cmd_del_table(TName)],
+    nft_exec(Cmds).
+
+
+-spec nft_init_table(string()) -> enftables:result().
+nft_init_table(TName) ->
+    %% ignore (accept) anything but GTPU @ udp/2152
+    R1 = [enftables:nft_expr_match_ip_proto("udp", ?OP_NEQ),
+          enftables:nft_expr_accept()],
+    R2 = [enftables:nft_expr_match_udp_dport(?GTPU_PORT, ?OP_NEQ),
+          enftables:nft_expr_accept()],
+    Cmds = [enftables:nft_cmd_add_table(TName, [<< "owner" >>]),
+            nft_cmd_add_chain(TName, "gtpu-ul", "prerouting"),
+            nft_cmd_add_chain(TName, "gtpu-dl", "postrouting"),
+            enftables:nft_cmd_add_rule(TName, "gtpu-ul", R1),
+            enftables:nft_cmd_add_rule(TName, "gtpu-dl", R1),
+            enftables:nft_cmd_add_rule(TName, "gtpu-ul", R2),
+            enftables:nft_cmd_add_rule(TName, "gtpu-dl", R2)
+           ],
+    nft_exec(Cmds).
+
+
 -spec nft_exec(Cmds) -> enftables:result()
     when Cmds :: [enftables:nft_cmd()].
 nft_exec(Cmds) ->
-- 
To view, visit https://gerrit.osmocom.org/c/erlang/osmo-s1gw/+/40532?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email

Gerrit-MessageType: newchange
Gerrit-Project: erlang/osmo-s1gw
Gerrit-Branch: master
Gerrit-Change-Id: I96bf4f7b6d5c9104fad0d6f98eda56e7a4e4fa7d
Gerrit-Change-Number: 40532
Gerrit-PatchSet: 1
Gerrit-Owner: fixeria vyanitskiy@sysmocom.de



    