From 56a503c879247d53fdd420029fcc2f4c0dd44638 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 27 Sep 2022 18:15:31 +0200
Subject: [PATCH] firewall: introduce helper function for add/flush/delete nft
 table command

(cherry picked from commit e796a67d6c0283d587d00ab6297c178e36a1b4c3)
---
 src/core/nm-firewall-utils.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c
index 7e92928981..e482ab9684 100644
--- a/src/core/nm-firewall-utils.c
+++ b/src/core/nm-firewall-utils.c
@@ -619,6 +619,14 @@ _fw_nft_call_sync(GBytes *stdin_buf, GError **error)
 
 #define _append(p_strbuf, fmt, ...) nm_str_buf_append_printf((p_strbuf), "" fmt "\n", ##__VA_ARGS__)
 
+static void
+_fw_nft_append_cmd_table(NMStrBuf *strbuf, const char *family, const char *table_name, gboolean up)
+{
+    /* Either delete the table, or create/flush it. */
+    _append(strbuf, "add table %s %s", family, table_name);
+    _append(strbuf, "%s table %s %s", up ? "flush" : "delete", family, table_name);
+}
+
 static GBytes *
 _fw_nft_set_shared_construct(gboolean up, const char *ip_iface, in_addr_t addr, guint8 plen)
 {
@@ -630,8 +638,7 @@ _fw_nft_set_shared_construct(gboolean up, const char *ip_iface, in_addr_t addr,
 
     _share_iptables_subnet_to_str(str_subnet, addr, plen);
 
-    _append(&strbuf, "add table ip %s", table_name);
-    _append(&strbuf, "%s table ip %s", up ? "flush" : "delete", table_name);
+    _fw_nft_append_cmd_table(&strbuf, "ip", table_name, up);
 
     if (up) {
         _append(&strbuf,