@@ -30,8 +30,7 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
break;
flags |= NFT_CACHE_TABLE |
- NFT_CACHE_SET |
- NFT_CACHE_FLOWTABLE;
+ NFT_CACHE_SET;
list_for_each_entry(set, &cmd->table->sets, list) {
if (set->automerge)
flags |= NFT_CACHE_SETELEM_MAYBE;
@@ -57,8 +56,7 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
break;
case CMD_OBJ_RULE:
flags |= NFT_CACHE_TABLE |
- NFT_CACHE_SET |
- NFT_CACHE_FLOWTABLE;
+ NFT_CACHE_SET;
if (cmd->handle.index.id ||
cmd->handle.position.id)
@@ -429,8 +427,7 @@ int nft_cache_evaluate(struct nft_ctx *nft, struct list_head *cmds,
case CMD_DELETE:
case CMD_DESTROY:
flags |= NFT_CACHE_TABLE |
- NFT_CACHE_SET |
- NFT_CACHE_FLOWTABLE;
+ NFT_CACHE_SET;
flags = evaluate_cache_del(cmd, flags);
break;
@@ -201,6 +201,10 @@ static int nft_cmd_enoent_flowtable(struct netlink_ctx *ctx,
if (!cmd->handle.flowtable.name)
return 0;
+ if (nft_cache_update(ctx->nft, NFT_CACHE_TABLE | NFT_CACHE_FLOWTABLE,
+ ctx->msgs, NULL) < 0)
+ return 0;
+
ft = flowtable_lookup_fuzzy(cmd->handle.flowtable.name,
&ctx->nft->cache, &table);
/* check table first. */
Flowtables are only required for error reporting hints if kernel reports ENOENT. Populate the cache from this error path only. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- src/cache.c | 9 +++------ src/cmd.c | 4 ++++ 2 files changed, 7 insertions(+), 6 deletions(-)