@@ -31,7 +31,6 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
flags |= NFT_CACHE_TABLE |
NFT_CACHE_SET |
- NFT_CACHE_OBJECT |
NFT_CACHE_FLOWTABLE;
list_for_each_entry(set, &cmd->table->sets, list) {
if (set->automerge)
@@ -54,13 +53,11 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
case CMD_OBJ_ELEMENTS:
flags |= NFT_CACHE_TABLE |
NFT_CACHE_SET |
- NFT_CACHE_OBJECT |
NFT_CACHE_SETELEM_MAYBE;
break;
case CMD_OBJ_RULE:
flags |= NFT_CACHE_TABLE |
NFT_CACHE_SET |
- NFT_CACHE_OBJECT |
NFT_CACHE_FLOWTABLE;
if (cmd->handle.index.id ||
@@ -433,8 +430,7 @@ int nft_cache_evaluate(struct nft_ctx *nft, struct list_head *cmds,
case CMD_DESTROY:
flags |= NFT_CACHE_TABLE |
NFT_CACHE_SET |
- NFT_CACHE_FLOWTABLE |
- NFT_CACHE_OBJECT;
+ NFT_CACHE_FLOWTABLE;
flags = evaluate_cache_del(cmd, flags);
break;
@@ -169,6 +169,10 @@ static int nft_cmd_enoent_obj(struct netlink_ctx *ctx, const struct cmd *cmd,
if (!cmd->handle.obj.name)
return 0;
+ if (nft_cache_update(ctx->nft, NFT_CACHE_TABLE | NFT_CACHE_OBJECT,
+ ctx->msgs, NULL) < 0)
+ return 0;
+
obj = obj_lookup_fuzzy(cmd->handle.obj.name, &ctx->nft->cache, &table);
/* check table first. */
if (!table)
Objects are only required for error reporting hints if kernel reports ENOENT. Populate the cache from this error path only. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- src/cache.c | 6 +----- src/cmd.c | 4 ++++ 2 files changed, 5 insertions(+), 5 deletions(-)