anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-22 12:34:58 +02:00
Code Issues Releases Wiki Activity

ipset: update to 6.9.1-genl

Browse Source
This commit is contained in:
Jan Engelhardt
2011-09-21 19:58:05 +02:00
parent ec97cd6d89
commit 5245220246
39 changed files with 309 additions and 252 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
extensions/ipset-6/libipset/data.c
View File

@@ -8,7 +8,6 @@
#include <arpa/inet.h> /* ntoh* */
#include <net/ethernet.h> /* ETH_ALEN */
#include <net/if.h> /* IFNAMSIZ */
#include <sys/socket.h> /* AF_ */
#include <stdlib.h> /* malloc, free */
#include <string.h> /* memset */
@@ -81,7 +80,7 @@ struct ipset_data {
static void
copy_addr(uint8_t family, union nf_inet_addr *ip, const void *value)
{
if (family == AF_INET)
if (family == NFPROTO_IPV4)
in4cpy(&ip->in, value);
else
in6cpy(&ip->in6, value);
@@ -213,12 +212,12 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
break;
/* CADT options */
case IPSET_OPT_IP:
if (!(data->family == AF_INET || data->family == AF_INET6))
if (!(data->family == NFPROTO_IPV4 || data->family == NFPROTO_IPV6))
return -1;
copy_addr(data->family, &data->ip, value);
break;
case IPSET_OPT_IP_TO:
if (!(data->family == AF_INET || data->family == AF_INET6))
if (!(data->family == NFPROTO_IPV4 || data->family == NFPROTO_IPV6))
return -1;
copy_addr(data->family, &data->ip_to, value);
break;
@@ -288,12 +287,12 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
ipset_strlcpy(data->adt.nameref, value, IPSET_MAXNAMELEN);
break;
case IPSET_OPT_IP2:
if (!(data->family == AF_INET || data->family == AF_INET6))
if (!(data->family == NFPROTO_IPV4 || data->family == NFPROTO_IPV6))
return -1;
copy_addr(data->family, &data->adt.ip2, value);
break;
case IPSET_OPT_IP2_TO:
if (!(data->family == AF_INET || data->family == AF_INET6))
if (!(data->family == NFPROTO_IPV4 || data->family == NFPROTO_IPV6))
return -1;
copy_addr(data->family, &data->adt.ip2_to, value);
break;
@@ -456,7 +455,7 @@ ipset_data_sizeof(enum ipset_opt opt, uint8_t family)
case IPSET_OPT_IP_TO:
case IPSET_OPT_IP2:
case IPSET_OPT_IP2_TO:
return family == AF_INET ? sizeof(uint32_t)
return family == NFPROTO_IPV4 ? sizeof(uint32_t)
: sizeof(struct in6_addr);
case IPSET_OPT_PORT:
case IPSET_OPT_PORT_TO:
@@ -511,14 +510,14 @@ ipset_data_setname(const struct ipset_data *data)
* @data: data blob
*
* Return the INET family supported by the set from the data blob.
* If the family is not set yet, AF_UNSPEC is returned.
* If the family is not set yet, NFPROTO_UNSPEC is returned.
*/
uint8_t
ipset_data_family(const struct ipset_data *data)
{
assert(data);
return ipset_data_test(data, IPSET_OPT_FAMILY)
? data->family : AF_UNSPEC;
? data->family : NFPROTO_UNSPEC;
}
/**
@@ -534,8 +533,8 @@ ipset_data_cidr(const struct ipset_data *data)
{
assert(data);
return ipset_data_test(data, IPSET_OPT_CIDR) ? data->cidr :
data->family == AF_INET ? 32 :
data->family == AF_INET6 ? 128 : 0;
data->family == NFPROTO_IPV4 ? 32 :
data->family == NFPROTO_IPV6 ? 128 : 0;
}
/**

4
extensions/ipset-6/libipset/debug.c
View File

@@ -116,14 +116,14 @@ debug_cadt_attrs(int max, const struct ipset_attr_policy *policy,
d = mnl_attr_get_payload(
ipattr[IPSET_ATTR_IPADDR_IPV4]);
inet_ntop(AF_INET, d, addr, INET6_ADDRSTRLEN);
inet_ntop(NFPROTO_IPV4, d, addr, INET6_ADDRSTRLEN);
fprintf(stderr, "\t\t%s: %s\n",
attr2name[i].name, addr);
} else if (ipattr[IPSET_ATTR_IPADDR_IPV6]) {
d = mnl_attr_get_payload(
ipattr[IPSET_ATTR_IPADDR_IPV6]);
inet_ntop(AF_INET6, d, addr, INET6_ADDRSTRLEN);
inet_ntop(NFPROTO_IPV6, d, addr, INET6_ADDRSTRLEN);
fprintf(stderr, "\t\t%s: %s\n",
attr2name[i].name, addr);
}

58
extensions/ipset-6/libipset/parse.c
View File

@@ -511,7 +511,7 @@ ipset_parse_proto_port(struct ipset_session *session,
tmp = a;
goto parse_port;
case IPPROTO_ICMP:
if (family != AF_INET) {
if (family != NFPROTO_IPV4) {
syntax_err("Protocol ICMP can be used "
"with family INET only");
goto error;
@@ -519,7 +519,7 @@ ipset_parse_proto_port(struct ipset_session *session,
err = ipset_parse_icmp(session, opt, a);
break;
case IPPROTO_ICMPV6:
if (family != AF_INET6) {
if (family != NFPROTO_IPV6) {
syntax_err("Protocol ICMPv6 can be used "
"with family INET6 only");
goto error;
@@ -577,11 +577,11 @@ ipset_parse_family(struct ipset_session *session,
"multiple times");
if (STREQ(str, "inet") || STREQ(str, "ipv4") || STREQ(str, "-4"))
family = AF_INET;
family = NFPROTO_IPV4;
else if (STREQ(str, "inet6") || STREQ(str, "ipv6") || STREQ(str, "-6"))
family = AF_INET6;
family = NFPROTO_IPV6;
else if (STREQ(str, "any") || STREQ(str, "unspec"))
family = AF_UNSPEC;
family = NFPROTO_UNSPEC;
else
return syntax_err("unknown INET family %s", str);
@@ -610,7 +610,7 @@ call_getaddrinfo(struct ipset_session *session, const char *str,
if ((err = getaddrinfo(str, NULL, &hints, &res)) != 0) {
syntax_err("cannot resolve '%s' to an %s address: %s",
str, family == AF_INET6 ? "IPv6" : "IPv4",
str, family == NFPROTO_IPV6 ? "IPv6" : "IPv4",
gai_strerror(err));
return NULL;
} else
@@ -625,13 +625,13 @@ get_addrinfo(struct ipset_session *session,
uint8_t family)
{
struct addrinfo *i;
size_t addrlen = family == AF_INET ? sizeof(struct sockaddr_in)
size_t addrlen = family == NFPROTO_IPV4 ? sizeof(struct sockaddr_in)
: sizeof(struct sockaddr_in6);
int found, err = 0;
if ((*info = call_getaddrinfo(session, str, family)) == NULL) {
syntax_err("cannot parse %s: resolving to %s address failed",
str, family == AF_INET ? "IPv4" : "IPv6");
str, family == NFPROTO_IPV4 ? "IPv4" : "IPv6");
return EINVAL;
}
@@ -639,7 +639,7 @@ get_addrinfo(struct ipset_session *session,
if (i->ai_family != family || i->ai_addrlen != addrlen)
continue;
if (found == 0) {
if (family == AF_INET) {
if (family == NFPROTO_IPV4) {
/* Workaround: direct cast increases
* required alignment on Sparc
*/
@@ -668,7 +668,7 @@ get_addrinfo(struct ipset_session *session,
if (found == 0)
return syntax_err("cannot parse %s: "
"%s address could not be resolved",
str, family == AF_INET ? "IPv4" : "IPv6");
str, family == NFPROTO_IPV4 ? "IPv4" : "IPv6");
return err;
}
@@ -677,7 +677,7 @@ parse_ipaddr(struct ipset_session *session,
enum ipset_opt opt, const char *str,
uint8_t family)
{
uint8_t m = family == AF_INET ? 32 : 128;
uint8_t m = family == NFPROTO_IPV4 ? 32 : 128;
int aerr = EINVAL, err = 0, range = 0;
char *saved = strdup(str);
char *a, *tmp = saved;
@@ -737,7 +737,7 @@ cidr_hostaddr(const char *str, uint8_t family)
{
char *a = cidr_separator(str);
return family == AF_INET ? STREQ(a, "/32") : STREQ(a, "/128");
return family == NFPROTO_IPV4 ? STREQ(a, "/32") : STREQ(a, "/128");
}
static int
@@ -747,8 +747,8 @@ parse_ip(struct ipset_session *session,
struct ipset_data *data = ipset_session_data(session);
uint8_t family = ipset_data_family(data);
if (family == AF_UNSPEC) {
family = AF_INET;
if (family == NFPROTO_UNSPEC) {
family = NFPROTO_IPV4;
ipset_data_set(data, IPSET_OPT_FAMILY, &family);
}
@@ -985,12 +985,12 @@ ipset_parse_ip4_single6(struct ipset_session *session,
data = ipset_session_data(session);
family = ipset_data_family(data);
if (family == AF_UNSPEC) {
family = AF_INET;
if (family == NFPROTO_UNSPEC) {
family = NFPROTO_IPV4;
ipset_data_set(data, IPSET_OPT_FAMILY, &family);
}
return family == AF_INET ? ipset_parse_ip(session, opt, str)
return family == NFPROTO_IPV4 ? ipset_parse_ip(session, opt, str)
: ipset_parse_single_ip(session, opt, str);
}
@@ -1025,12 +1025,12 @@ ipset_parse_ip4_net6(struct ipset_session *session,
data = ipset_session_data(session);
family = ipset_data_family(data);
if (family == AF_UNSPEC) {
family = AF_INET;
if (family == NFPROTO_UNSPEC) {
family = NFPROTO_IPV4;
ipset_data_set(data, IPSET_OPT_FAMILY, &family);
}
return family == AF_INET ? parse_ip(session, opt, str, IPADDR_ANY)
return family == NFPROTO_IPV4 ? parse_ip(session, opt, str, IPADDR_ANY)
: ipset_parse_ipnet(session, opt, str);
}
@@ -1330,21 +1330,21 @@ ipset_parse_netmask(struct ipset_session *session,
data = ipset_session_data(session);
family = ipset_data_family(data);
if (family == AF_UNSPEC) {
family = AF_INET;
if (family == NFPROTO_UNSPEC) {
family = NFPROTO_IPV4;
ipset_data_set(data, IPSET_OPT_FAMILY, &family);
}
err = string_to_cidr(session, str,
family == AF_INET ? 1 : 4,
family == AF_INET ? 31 : 124,
family == NFPROTO_IPV4 ? 1 : 4,
family == NFPROTO_IPV4 ? 31 : 124,
&cidr);
if (err)
return syntax_err("netmask is out of the inclusive range "
"of %u-%u",
family == AF_INET ? 1 : 4,
family == AF_INET ? 31 : 124);
family == NFPROTO_IPV4 ? 1 : 4,
family == NFPROTO_IPV4 ? 31 : 124);
return ipset_data_set(data, opt, &cidr);
}
@@ -1525,9 +1525,9 @@ ipset_call_parser(struct ipset_session *session,
#define parse_elem(s, t, d, str) \
do { \
if (!(t)->elem[d].parse) \
if (!(t)->elem[d - 1].parse) \
goto internal; \
ret = (t)->elem[d].parse(s, (t)->elem[d].opt, str); \
ret = (t)->elem[d - 1].parse(s, (t)->elem[d - 1].opt, str); \
if (ret) \
goto out; \
} while (0)
@@ -1582,7 +1582,7 @@ ipset_parse_elem(struct ipset_session *session,
} else if (a != NULL) {
if (type->compat_parse_elem) {
ret = type->compat_parse_elem(session,
type->elem[IPSET_DIM_ONE].opt,
type->elem[IPSET_DIM_ONE - 1].opt,
saved);
goto out;
}

38
extensions/ipset-6/libipset/print.c
View File

@@ -152,7 +152,7 @@ __getnameinfo4(char *buf, unsigned int len,
memset(&saddr, 0, sizeof(saddr));
in4cpy(&saddr.sin_addr, &addr->in);
saddr.sin_family = AF_INET;
saddr.sin_family = NFPROTO_IPV4;
err = getnameinfo((const struct sockaddr *)&saddr,
sizeof(saddr),
@@ -178,7 +178,7 @@ __getnameinfo6(char *buf, unsigned int len,
memset(&saddr, 0, sizeof(saddr));
in6cpy(&saddr.sin6_addr, &addr->in6);
saddr.sin6_family = AF_INET6;
saddr.sin6_family = NFPROTO_IPV6;
err = getnameinfo((const struct sockaddr *)&saddr,
sizeof(saddr),
@@ -253,14 +253,14 @@ ipset_print_ip(char *buf, unsigned int len,
cidr = *(const uint8_t *) ipset_data_get(data, cidropt);
D("CIDR: %u", cidr);
} else
cidr = family == AF_INET6 ? 128 : 32;
cidr = family == NFPROTO_IPV6 ? 128 : 32;
flags = (env & IPSET_ENV_RESOLVE) ? 0 : NI_NUMERICHOST;
ip = ipset_data_get(data, opt);
assert(ip);
if (family == AF_INET)
if (family == NFPROTO_IPV4)
size = snprintf_ipv4(buf, len, flags, ip, cidr);
else if (family == AF_INET6)
else if (family == NFPROTO_IPV6)
size = snprintf_ipv6(buf, len, flags, ip, cidr);
else
return -1;
@@ -275,9 +275,9 @@ ipset_print_ip(char *buf, unsigned int len,
SNPRINTF_FAILURE(size, len, offset);
ip = ipset_data_get(data, IPSET_OPT_IP_TO);
if (family == AF_INET)
if (family == NFPROTO_IPV4)
size = snprintf_ipv4(buf + offset, len, flags, ip, cidr);
else if (family == AF_INET6)
else if (family == NFPROTO_IPV6)
size = snprintf_ipv6(buf + offset, len, flags, ip, cidr);
else
return -1;
@@ -320,14 +320,14 @@ ipset_print_ipaddr(char *buf, unsigned int len,
if (ipset_data_test(data, cidropt))
cidr = *(const uint8_t *) ipset_data_get(data, cidropt);
else
cidr = family == AF_INET6 ? 128 : 32;
cidr = family == NFPROTO_IPV6 ? 128 : 32;
flags = (env & IPSET_ENV_RESOLVE) ? 0 : NI_NUMERICHOST;
ip = ipset_data_get(data, opt);
assert(ip);
if (family == AF_INET)
if (family == NFPROTO_IPV4)
return snprintf_ipv4(buf, len, flags, ip, cidr);
else if (family == AF_INET6)
else if (family == NFPROTO_IPV6)
return snprintf_ipv6(buf, len, flags, ip, cidr);
return -1;
@@ -705,30 +705,30 @@ ipset_print_elem(char *buf, unsigned int len,
if (!type)
return -1;
size = type->elem[IPSET_DIM_ONE].print(buf, len, data,
type->elem[IPSET_DIM_ONE].opt, env);
size = type->elem[IPSET_DIM_ONE - 1].print(buf, len, data,
type->elem[IPSET_DIM_ONE - 1].opt, env);
SNPRINTF_FAILURE(size, len, offset);
IF_D(ipset_data_test(data, type->elem[IPSET_DIM_TWO].opt),
IF_D(ipset_data_test(data, type->elem[IPSET_DIM_TWO - 1].opt),
"print second elem");
if (type->dimension == IPSET_DIM_ONE ||
(type->last_elem_optional &&
!ipset_data_test(data, type->elem[IPSET_DIM_TWO].opt)))
!ipset_data_test(data, type->elem[IPSET_DIM_TWO - 1].opt)))
return offset;
size = snprintf(buf + offset, len, IPSET_ELEM_SEPARATOR);
SNPRINTF_FAILURE(size, len, offset);
size = type->elem[IPSET_DIM_TWO].print(buf + offset, len, data,
type->elem[IPSET_DIM_TWO].opt, env);
size = type->elem[IPSET_DIM_TWO - 1].print(buf + offset, len, data,
type->elem[IPSET_DIM_TWO - 1].opt, env);
SNPRINTF_FAILURE(size, len, offset);
if (type->dimension == IPSET_DIM_TWO ||
(type->last_elem_optional &&
!ipset_data_test(data, type->elem[IPSET_DIM_THREE].opt)))
!ipset_data_test(data, type->elem[IPSET_DIM_THREE - 1].opt)))
return offset;
size = snprintf(buf + offset, len, IPSET_ELEM_SEPARATOR);
SNPRINTF_FAILURE(size, len, offset);
size = type->elem[IPSET_DIM_THREE].print(buf + offset, len, data,
type->elem[IPSET_DIM_THREE].opt, env);
size = type->elem[IPSET_DIM_THREE - 1].print(buf + offset, len, data,
type->elem[IPSET_DIM_THREE - 1].opt, env);
SNPRINTF_FAILURE(size, len, offset);
return offset;

34
extensions/ipset-6/libipset/session.c
View File

@@ -570,7 +570,7 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
/* Validate by hand */
switch (family) {
case AF_INET:
case NFPROTO_IPV4:
atype = IPSET_ATTR_IPADDR_IPV4;
if (!ipattr[atype])
FAILURE("Broken kernel message: IPv4 address "
@@ -580,7 +580,7 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
"cannot validate IPv4 "
"address attribute!");
break;
case AF_INET6:
case NFPROTO_IPV6:
atype = IPSET_ATTR_IPADDR_IPV6;
if (!ipattr[atype])
FAILURE("Broken kernel message: IPv6 address "
@@ -816,8 +816,8 @@ list_adt(struct ipset_session *session, struct nlattr *nla[])
}
#define FAMILY_TO_STR(f) \
((f) == AF_INET ? "inet" : \
(f) == AF_INET6 ? "inet6" : "any")
((f) == NFPROTO_IPV4 ? "inet" : \
(f) == NFPROTO_IPV6 ? "inet6" : "any")
static int
list_create(struct ipset_session *session, struct nlattr *nla[])
@@ -1415,7 +1415,7 @@ attr_len(const struct ipset_attr_policy *attr, uint8_t family, uint16_t *flags)
return attr->len;
*flags = NLA_F_NET_BYTEORDER;
return family == AF_INET ? sizeof(uint32_t)
return family == NFPROTO_IPV4 ? sizeof(uint32_t)
: sizeof(struct in6_addr);
case MNL_TYPE_U32:
*flags = NLA_F_NET_BYTEORDER;
@@ -1448,7 +1448,7 @@ rawdata2attr(struct ipset_session *session, struct nlmsghdr *nlh,
if (attr->type == MNL_TYPE_NESTED) {
/* IP addresses */
struct nlattr *nested;
int atype = family == AF_INET ? IPSET_ATTR_IPADDR_IPV4
int atype = family == NFPROTO_IPV4 ? IPSET_ATTR_IPADDR_IPV4
: IPSET_ATTR_IPADDR_IPV6;
alen = attr_len(attr, family, &flags);
@@ -1456,8 +1456,8 @@ rawdata2attr(struct ipset_session *session, struct nlmsghdr *nlh,
MNL_ATTR_HDRLEN, alen))
return 1;
nested = mnl_attr_nest_start(nlh, type);
D("family: %s", family == AF_INET ? "INET" :
family == AF_INET6 ? "INET6" : "UNSPEC");
D("family: %s", family == NFPROTO_IPV4 ? "INET" :
family == NFPROTO_IPV6 ? "INET6" : "UNSPEC");
mnl_attr_put(nlh, atype | flags, alen, d);
mnl_attr_nest_end(nlh, nested);
@@ -1511,14 +1511,14 @@ data2attr(struct ipset_session *session, struct nlmsghdr *nlh,
data2attr(session, nlh, data, type, family, attrs)
#define ADDATTR_SETNAME(session, nlh, data) \
data2attr(session, nlh, data, IPSET_ATTR_SETNAME, AF_INET, cmd_attrs)
data2attr(session, nlh, data, IPSET_ATTR_SETNAME, NFPROTO_IPV4, cmd_attrs)
#define ADDATTR_IF(session, nlh, data, type, family, attrs) \
ipset_data_test(data, attrs[type].opt) ? \
data2attr(session, nlh, data, type, family, attrs) : 0
#define ADDATTR_RAW(session, nlh, data, type, attrs) \
rawdata2attr(session, nlh, data, type, AF_INET, attrs)
rawdata2attr(session, nlh, data, type, NFPROTO_IPV4, attrs)
static void
addattr_create(struct ipset_session *session,
@@ -1574,13 +1574,13 @@ build_send_private_msg(struct ipset_session *session, enum ipset_cmd cmd)
"Invalid internal TYPE command: "
"missing settype");
ADDATTR(session, nlh, data, IPSET_ATTR_TYPENAME,
AF_INET, cmd_attrs);
NFPROTO_IPV4, cmd_attrs);
if (ipset_data_test(data, IPSET_OPT_FAMILY))
ADDATTR(session, nlh, data, IPSET_ATTR_FAMILY,
AF_INET, cmd_attrs);
NFPROTO_IPV4, cmd_attrs);
else
/* bitmap:port and list:set types */
mnl_attr_put_u8(nlh, IPSET_ATTR_FAMILY, AF_UNSPEC);
mnl_attr_put_u8(nlh, IPSET_ATTR_FAMILY, NFPROTO_UNSPEC);
break;
default:
return ipset_err(session, "Internal error: "
@@ -1640,17 +1640,17 @@ build_msg(struct ipset_session *session, bool aggregate)
* setname, typename, revision, family, flags (optional) */
ADDATTR_SETNAME(session, nlh, data);
ADDATTR(session, nlh, data, IPSET_ATTR_TYPENAME,
AF_INET, cmd_attrs);
NFPROTO_IPV4, cmd_attrs);
ADDATTR_RAW(session, nlh, &type->revision,
IPSET_ATTR_REVISION, cmd_attrs);
D("family: %u, type family %u",
ipset_data_family(data), type->family);
if (ipset_data_test(data, IPSET_OPT_FAMILY))
ADDATTR(session, nlh, data, IPSET_ATTR_FAMILY,
AF_INET, cmd_attrs);
NFPROTO_IPV4, cmd_attrs);
else
/* bitmap:port and list:set types */
mnl_attr_put_u8(nlh, IPSET_ATTR_FAMILY, AF_UNSPEC);
mnl_attr_put_u8(nlh, IPSET_ATTR_FAMILY, NFPROTO_UNSPEC);
/* Type-specific create attributes */
D("call open_nested");
@@ -1677,7 +1677,7 @@ build_msg(struct ipset_session *session, bool aggregate)
ADDATTR_SETNAME(session, nlh, data);
if (flags && session->mode != IPSET_LIST_SAVE) {
ipset_data_set(data, IPSET_OPT_FLAGS, &flags);
ADDATTR(session, nlh, data, IPSET_ATTR_FLAGS, AF_INET,
ADDATTR(session, nlh, data, IPSET_ATTR_FLAGS, NFPROTO_IPV4,
cmd_attrs);
}
break;

29
extensions/ipset-6/libipset/types.c
View File

@@ -173,7 +173,8 @@ ipset_cache_swap(const char *from, const char *to)
}
#define MATCH_FAMILY(type, f) \
(f == AF_UNSPEC || type->family == f || type->family == AF_INET46)
(f == NFPROTO_UNSPEC || type->family == f || \
type->family == NFPROTO_IPSET_IPV46)
bool
ipset_match_typename(const char *name, const struct ipset_type *type)
@@ -227,8 +228,9 @@ create_type_get(struct ipset_session *session)
typename);
/* Family is unspecified yet: set from matching set type */
if (family == AF_UNSPEC && match->family != AF_UNSPEC) {
family = match->family == AF_INET46 ? AF_INET : match->family;
if (family == NFPROTO_UNSPEC && match->family != NFPROTO_UNSPEC) {
family = match->family == NFPROTO_IPSET_IPV46 ?
NFPROTO_IPV4 : match->family;
ipset_data_set(data, IPSET_OPT_FAMILY, &family);
}
@@ -254,8 +256,8 @@ create_type_get(struct ipset_session *session)
"with maximal revision %u.\n"
"You need to upgrade your ipset program.",
typename,
family == AF_INET ? "INET" :
family == AF_INET6 ? "INET6" : "UNSPEC",
family == NFPROTO_IPV4 ? "INET" :
family == NFPROTO_IPV6 ? "INET6" : "UNSPEC",
kmin, tmax);
else
return ipset_errptr(session,
@@ -264,8 +266,8 @@ create_type_get(struct ipset_session *session)
"with minimal revision %u.\n"
"You need to upgrade your kernel.",
typename,
family == AF_INET ? "INET" :
family == AF_INET6 ? "INET6" : "UNSPEC",
family == NFPROTO_IPV4 ? "INET" :
family == NFPROTO_IPV6 ? "INET6" : "UNSPEC",
kmax, tmin);
}
@@ -290,8 +292,9 @@ found:
}
#define set_family_and_type(data, match, family) do { \
if (family == AF_UNSPEC && match->family != AF_UNSPEC) \
family = match->family == AF_INET46 ? AF_INET : match->family;\
if (family == NFPROTO_UNSPEC && match->family != NFPROTO_UNSPEC) \
family = match->family == NFPROTO_IPSET_IPV46 ? \
NFPROTO_IPV4 : match->family;\
ipset_data_set(data, IPSET_OPT_FAMILY, &family); \
ipset_data_set(data, IPSET_OPT_TYPE, match); \
} while (0)
@@ -306,7 +309,7 @@ adt_type_get(struct ipset_session *session)
const struct ipset_type *match;
const char *setname, *typename;
const uint8_t *revision;
uint8_t family = AF_UNSPEC;
uint8_t family = NFPROTO_UNSPEC;
int ret;
data = ipset_session_data(session);
@@ -352,8 +355,8 @@ adt_type_get(struct ipset_session *session)
"ipset library does not support the "
"settype with that family and revision.",
setname, typename,
family == AF_INET ? "inet" :
family == AF_INET6 ? "inet6" : "unspec",
family == NFPROTO_IPV4 ? "inet" :
family == NFPROTO_IPV6 ? "inet6" : "unspec",
*revision);
set_family_and_type(data, match, family);
@@ -409,7 +412,7 @@ ipset_type_check(struct ipset_session *session)
const struct ipset_type *t, *match = NULL;
struct ipset_data *data;
const char *typename;
uint8_t family = AF_UNSPEC, revision;
uint8_t family = NFPROTO_UNSPEC, revision;
assert(session);
data = ipset_session_data(session);