From 98b853cea3e3aaa6d5a6e9bb2844f829d58835ef Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@medozas.de>
Date: Wed, 22 Sep 2010 22:41:24 +0200
Subject: [PATCH] ipset: update to 4.3+git3

---
 extensions/ipset/ip_set.c | 10 ++++++----
 extensions/ipset/ipset.8  |  6 +++++-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/extensions/ipset/ip_set.c b/extensions/ipset/ip_set.c
index f7e2785..6b9ffbe 100644
--- a/extensions/ipset/ip_set.c
+++ b/extensions/ipset/ip_set.c
@@ -929,11 +929,11 @@ ip_set_sockfn_set(struct sock *sk, int optval, void *user, unsigned int len)
 	}
 	if (copy_from_user(data, user, len) != 0) {
 		res = -EFAULT;
-		goto done;
+		goto cleanup;
 	}
 	if (down_interruptible(&ip_set_app_mutex)) {
 		res = -EINTR;
-		goto done;
+		goto cleanup;
 	}
 
 	op = (unsigned *)data;
@@ -1109,6 +1109,7 @@ ip_set_sockfn_set(struct sock *sk, int optval, void *user, unsigned int len)
 
     done:
 	up(&ip_set_app_mutex);
+    cleanup:
 	vfree(data);
 	if (res > 0)
 		res = 0;
@@ -1142,11 +1143,11 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
 	}
 	if (copy_from_user(data, user, *len) != 0) {
 		res = -EFAULT;
-		goto done;
+		goto cleanup;
 	}
 	if (down_interruptible(&ip_set_app_mutex)) {
 		res = -EINTR;
-		goto done;
+		goto cleanup;
 	}
 
 	op = (unsigned *) data;
@@ -1439,6 +1440,7 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
     	
     done:
 	up(&ip_set_app_mutex);
+    cleanup:
 	vfree(data);
 	if (res > 0)
 		res = 0;
diff --git a/extensions/ipset/ipset.8 b/extensions/ipset/ipset.8
index fa73298..85e3a7b 100644
--- a/extensions/ipset/ipset.8
+++ b/extensions/ipset/ipset.8
@@ -502,9 +502,13 @@ data storage in
 set and add src to the first single or src,dst to the first double 
 data storage set in
 \fIb\fP.
-.P
 You can imagine a setlist type of set as an ordered union of
 the set elements. 
+.P
+Please note: by the ipset command you can add, delete and
+.B test
+the setnames in a setlist type of set, and not the presence of 
+a set's member (such as an IP address).
 .SH GENERAL RESTRICTIONS
 Setnames starting with colon (:) cannot be defined. Zero valued set 
 entries cannot be used with hash type of sets.