mirror of
https://github.com/Dasharo/systemd.git
synced 2026-03-06 15:02:31 -08:00
Resolve conflicts between #23616 and the recent NFT additions
This commit is contained in:
Zbigniew Jędrzejewski-Szmek
@@ -453,47 +453,36 @@ static int address_set_masquerade(Address *address, bool add) {
|
||||
}
|
||||
|
||||
static void address_add_nft_set_context(const Address *address, const NFTSetContext *nft_set_context, size_t n_nft_set_contexts) {
|
||||
int r;
|
||||
|
||||
assert(address);
|
||||
|
||||
for (size_t i = 0; i < n_nft_set_contexts; i++) {
|
||||
int r;
|
||||
|
||||
r = nft_set_element_add_in_addr(&nft_set_context[i], address->family,
|
||||
&address->in_addr, address->prefixlen);
|
||||
if (r < 0) {
|
||||
_cleanup_free_ char *addr_str = NULL;
|
||||
|
||||
(void) in_addr_prefix_to_string(address->family, &address->in_addr, address->prefixlen, &addr_str);
|
||||
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Adding NFT family %s table %s set %s for IP address %s failed, ignoring",
|
||||
nfproto_to_string(nft_set_context[i].nfproto),
|
||||
nft_set_context[i].table,
|
||||
nft_set_context[i].set,
|
||||
strna(addr_str));
|
||||
}
|
||||
IN_ADDR_PREFIX_TO_STRING(address->family, &address->in_addr, address->prefixlen));
|
||||
}
|
||||
}
|
||||
|
||||
static void address_del_nft_set_context(const Address *address, const NFTSetContext *nft_set_context, size_t n_nft_set_contexts) {
|
||||
int r;
|
||||
|
||||
assert(address);
|
||||
|
||||
for (size_t i = 0; i < n_nft_set_contexts; i++) {
|
||||
int r;
|
||||
|
||||
r = nft_set_element_del_in_addr(&nft_set_context[i], address->family,
|
||||
&address->in_addr, address->prefixlen);
|
||||
if (r < 0) {
|
||||
_cleanup_free_ char *addr_str = NULL;
|
||||
|
||||
(void) in_addr_prefix_to_string(address->family, &address->in_addr, address->prefixlen, &addr_str);
|
||||
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Deleting NFT family %s table %s set %s for IP address %s failed, ignoring",
|
||||
nfproto_to_string(nft_set_context[i].nfproto),
|
||||
nft_set_context[i].table,
|
||||
nft_set_context[i].set,
|
||||
strna(addr_str));
|
||||
}
|
||||
}
|
||||
IN_ADDR_PREFIX_TO_STRING(address->family, &address->in_addr, address->prefixlen)); }
|
||||
}
|
||||
|
||||
static void address_add_nft_set(const Address *address) {
|
||||
|
||||
@@ -83,19 +83,18 @@ static int netlabel_command(uint16_t command, const char *label, const Address *
|
||||
}
|
||||
|
||||
static void address_add_netlabel_set(const Address *address, Set *labels) {
|
||||
_cleanup_free_ char *addr_str = NULL;
|
||||
int r;
|
||||
const char *label;
|
||||
|
||||
(void) in_addr_prefix_to_string(address->family, &address->in_addr, address->prefixlen, &addr_str);
|
||||
int r;
|
||||
|
||||
SET_FOREACH(label, labels) {
|
||||
r = netlabel_command(NLBL_UNLABEL_C_STATICADD, label, address);
|
||||
if (r < 0)
|
||||
log_link_warning_errno(address->link, r, "Adding NetLabel %s for IP address %s failed, ignoring",
|
||||
label, strna(addr_str));
|
||||
label,
|
||||
IN_ADDR_PREFIX_TO_STRING(address->family, &address->in_addr, address->prefixlen));
|
||||
else
|
||||
log_link_debug(address->link, "Adding NetLabel %s for IP address %s", label, strna(addr_str));
|
||||
log_link_debug(address->link, "Adding NetLabel %s for IP address %s", label,
|
||||
IN_ADDR_PREFIX_TO_STRING(address->family, &address->in_addr, address->prefixlen));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -124,7 +123,6 @@ void address_add_netlabel(const Address *address) {
|
||||
|
||||
void address_del_netlabel(const Address *address) {
|
||||
int r;
|
||||
_cleanup_free_ char *addr_str = NULL;
|
||||
|
||||
assert(address);
|
||||
assert(address->link);
|
||||
@@ -132,14 +130,13 @@ void address_del_netlabel(const Address *address) {
|
||||
if (!address->link->network || !IN_SET(address->family, AF_INET, AF_INET6))
|
||||
return;
|
||||
|
||||
(void) in_addr_prefix_to_string(address->family, &address->in_addr, address->prefixlen, &addr_str);
|
||||
|
||||
r = netlabel_command(NLBL_UNLABEL_C_STATICREMOVE, NULL, address);
|
||||
if (r < 0)
|
||||
log_link_warning_errno(address->link, r, "Deleting NetLabels for IP address %s failed, ignoring",
|
||||
strna(addr_str));
|
||||
IN_ADDR_PREFIX_TO_STRING(address->family, &address->in_addr, address->prefixlen));
|
||||
else
|
||||
log_link_debug(address->link, "Deleting NetLabels for IP address %s", strna(addr_str));
|
||||
log_link_debug(address->link, "Deleting NetLabels for IP address %s",
|
||||
IN_ADDR_PREFIX_TO_STRING(address->family, &address->in_addr, address->prefixlen));
|
||||
}
|
||||
|
||||
int config_parse_netlabel(
|
||||
|
||||
@@ -909,10 +909,10 @@ static int nft_set_element_op_in_addr_open(
|
||||
int af,
|
||||
const union in_addr_union *address,
|
||||
unsigned int prefixlen) {
|
||||
|
||||
_cleanup_(sd_netlink_unrefp) sd_netlink *nfnl = NULL;
|
||||
_cleanup_free_ char *addr_str = NULL;
|
||||
int r, nfproto;
|
||||
const char *table, *set;
|
||||
int r, nfproto;
|
||||
|
||||
assert(nft_set_context);
|
||||
nfproto = nft_set_context->nfproto;
|
||||
@@ -928,10 +928,10 @@ static int nft_set_element_op_in_addr_open(
|
||||
r = nft_set_element_op_in_addr(nfnl, table, set,
|
||||
add, nfproto, af, address, prefixlen);
|
||||
|
||||
(void) in_addr_prefix_to_string(af, address, prefixlen, &addr_str);
|
||||
|
||||
log_debug("%s NFT family %s table %s set %s IP addresss %s", add? "Added" : "Deleted",
|
||||
nfproto_to_string(nfproto), table, set, strna(addr_str));
|
||||
log_debug("%s NFT family %s table %s set %s IP addresss %s",
|
||||
add ? "Added" : "Deleted",
|
||||
nfproto_to_string(nfproto), table, set,
|
||||
IN_ADDR_PREFIX_TO_STRING(af, address, prefixlen));
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user