anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-06 12:45:13 +02:00
Code Issues Releases Wiki Activity

ipset: fast forward to v3.2

Browse Source
This commit is contained in:
Jan Engelhardt
2009-08-21 16:03:50 +02:00
parent 5aee8738ed
commit 3e26335cbd
7 changed files with 27 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
doc/changelog.txt
View File

@@ -1,6 +1,7 @@
- build: support for Linux 2.6.31-rc1 - build: support for Linux 2.6.31-rc1
- ipset: fast forward to v3.2
- quota2: support anonymous counters - quota2: support anonymous counters
- quota2: reduce memory footprint for anonymous counters - quota2: reduce memory footprint for anonymous counters
- quota2: extend locked period during cleanup (locking bugfix) - quota2: extend locked period during cleanup (locking bugfix)

14
extensions/ipset/ip_set.c
View File

@@ -1911,13 +1911,23 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
res = -ENOENT; res = -ENOENT;
goto done; goto done;
} }
#define SETLIST(set) (strcmp(set->type->typename, "setlist") == 0)
used = 0; used = 0;
if (index == IP_SET_INVALID_ID) { if (index == IP_SET_INVALID_ID) {
/* Save all sets */ /* Save all sets: ugly setlist type dependency */
int setlist = 0;
setlists:
for (i = 0; i < ip_set_max && res == 0; i++) { for (i = 0; i < ip_set_max && res == 0; i++) {
if (ip_set_list[i] != NULL) if (ip_set_list[i] != NULL
&& !(setlist ^ SETLIST(ip_set_list[i])))
res = ip_set_save_set(i, data, &used, *len); res = ip_set_save_set(i, data, &used, *len);
} }
if (!setlist) {
setlist = 1;
goto setlists;
}
} else { } else {
/* Save an individual set */ /* Save an individual set */
res = ip_set_save_set(index, data, &used, *len); res = ip_set_save_set(index, data, &used, *len);

4
extensions/ipset/ip_set_iptreemap.c
View File

@@ -338,7 +338,7 @@ KADT(iptreemap, add, ipaddr, ip)
static inline int static inline int
__delip_single(struct ip_set *set, ip_set_ip_t *hash_ip, __delip_single(struct ip_set *set, ip_set_ip_t *hash_ip,
ip_set_ip_t ip, unsigned int __nocast flags) ip_set_ip_t ip, gfp_t flags)
{ {
struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap *map = set->data;
struct ip_set_iptreemap_b *btree; struct ip_set_iptreemap_b *btree;
@@ -364,7 +364,7 @@ __delip_single(struct ip_set *set, ip_set_ip_t *hash_ip,
static inline int static inline int
iptreemap_del(struct ip_set *set, ip_set_ip_t *hash_ip, iptreemap_del(struct ip_set *set, ip_set_ip_t *hash_ip,
ip_set_ip_t start, ip_set_ip_t end, unsigned int __nocast flags) ip_set_ip_t start, ip_set_ip_t end, gfp_t flags)
{ {
struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap *map = set->data;
struct ip_set_iptreemap_b *btree; struct ip_set_iptreemap_b *btree;

4
extensions/ipset/ip_set_malloc.h
View File

@@ -40,7 +40,7 @@ struct harray {
}; };
static inline void * static inline void *
__harray_malloc(size_t hashsize, size_t typesize, int flags) __harray_malloc(size_t hashsize, size_t typesize, gfp_t flags)
{ {
struct harray *harray; struct harray *harray;
size_t max_elements, size, i, j; size_t max_elements, size, i, j;
@@ -88,7 +88,7 @@ __harray_malloc(size_t hashsize, size_t typesize, int flags)
} }
static inline void * static inline void *
harray_malloc(size_t hashsize, size_t typesize, int flags) harray_malloc(size_t hashsize, size_t typesize, gfp_t flags)
{ {
void *harray; void *harray;

12
extensions/ipset/ip_set_setlist.c
View File

@@ -21,7 +21,7 @@
* after ==> ref, index * after ==> ref, index
*/ */
static inline bool static inline int
next_index_eq(const struct ip_set_setlist *map, int i, ip_set_id_t index) next_index_eq(const struct ip_set_setlist *map, int i, ip_set_id_t index)
{ {
return i < map->size && map->index[i] == index; return i < map->size && map->index[i] == index;
@@ -38,18 +38,16 @@ setlist_utest(struct ip_set *set, const void *data, u_int32_t size,
struct ip_set *s; struct ip_set *s;
if (req->before && req->ref[0] == '\0') if (req->before && req->ref[0] == '\0')
return -EINVAL; return 0;
index = __ip_set_get_byname(req->name, &s); index = __ip_set_get_byname(req->name, &s);
if (index == IP_SET_INVALID_ID) if (index == IP_SET_INVALID_ID)
return -EEXIST; return 0;
if (req->ref[0] != '\0') { if (req->ref[0] != '\0') {
ref = __ip_set_get_byname(req->ref, &s); ref = __ip_set_get_byname(req->ref, &s);
if (ref == IP_SET_INVALID_ID) { if (ref == IP_SET_INVALID_ID)
res = -EEXIST;
goto finish; goto finish;
} }
}
for (i = 0; i < map->size for (i = 0; i < map->size
&& map->index[i] != IP_SET_INVALID_ID; i++) { && map->index[i] != IP_SET_INVALID_ID; i++) {
if (req->before && map->index[i] == index) { if (req->before && map->index[i] == index) {
@@ -172,7 +170,7 @@ setlist_kadd(struct ip_set *set,
return res; return res;
} }
static inline bool static inline int
unshift_setlist(struct ip_set_setlist *map, int i) unshift_setlist(struct ip_set_setlist *map, int i)
{ {
int j; int j;

3
extensions/ipset/ipset.8
View File

@@ -50,6 +50,9 @@ IP set bindings pointing to sets and iptables matches and targets
referring to sets creates references, which protects the given sets in referring to sets creates references, which protects the given sets in
the kernel. A set cannot be removed (destroyed) while there is a single the kernel. A set cannot be removed (destroyed) while there is a single
reference pointing to it. reference pointing to it.
.P
.B
Please note, binding sets is a deprecated feature and will be removed in a later release. Switch to the multidata type of sets from using bindings.
.SH OPTIONS .SH OPTIONS
The options that are recognized by The options that are recognized by
.B ipset .B ipset

2
extensions/ipset/ipset.c
View File

@@ -30,7 +30,7 @@
#define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe" #define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe"
#endif #endif
#define IPSET_VERSION "2.5.0" #define IPSET_VERSION "3.2"
char program_name[] = "ipset"; char program_name[] = "ipset";
char program_version[] = IPSET_VERSION; char program_version[] = IPSET_VERSION;