neels has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-upf/+/30498 )
Change subject: nft: allow to get the ruleset string without running ......................................................................
nft: allow to get the ruleset string without running
Separate string composition of the nftables ruleset from the actual actvation of the ruleset to nftables.
For a 'show' VTY command added in upcoming patch, I'd like to be able to vty_out() an nftables rule set. Provide API for that.
Change-Id: I0124a68ccf1ac7b90c5cc32d0cbf58d0cc219ccc --- M include/osmocom/upf/upf_nft.h M src/osmo-upf/upf_nft.c 2 files changed, 8 insertions(+), 2 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-upf refs/changes/98/30498/1
diff --git a/include/osmocom/upf/upf_nft.h b/include/osmocom/upf/upf_nft.h index fe8bb12..4cdcb51 100644 --- a/include/osmocom/upf/upf_nft.h +++ b/include/osmocom/upf/upf_nft.h @@ -49,5 +49,6 @@ int upf_nft_init(); int upf_nft_free();
+char *upf_nft_tunmap_get_ruleset_str(void *ctx, struct upf_nft_tunmap_desc *tunmap); int upf_nft_tunmap_create(struct upf_nft_tunmap_desc *tunmap); int upf_nft_tunmap_delete(struct upf_nft_tunmap_desc *tunmap); diff --git a/src/osmo-upf/upf_nft.c b/src/osmo-upf/upf_nft.c index e9c69c4..afc2fac 100644 --- a/src/osmo-upf/upf_nft.c +++ b/src/osmo-upf/upf_nft.c @@ -216,7 +216,7 @@ osmo_sockaddr_set_port(&args->peer_b.addr_local.u.sa, 0); }
-int upf_nft_tunmap_create(struct upf_nft_tunmap_desc *tunmap) +char *upf_nft_tunmap_get_ruleset_str(void *ctx, struct upf_nft_tunmap_desc *tunmap) { struct upf_nft_args args;
@@ -229,7 +229,12 @@ }
upf_nft_args_from_tunmap_desc(&args, tunmap); - return upf_nft_run(upf_nft_ruleset_tunmap_create_c(OTC_SELECT, &args)); + return upf_nft_ruleset_tunmap_create_c(ctx, &args); +} + +int upf_nft_tunmap_create(struct upf_nft_tunmap_desc *tunmap) +{ + return upf_nft_run(upf_nft_tunmap_get_ruleset_str(OTC_SELECT, tunmap)); }
int upf_nft_tunmap_delete(struct upf_nft_tunmap_desc *tunmap)
-
neels