mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-21 12:04:56 +02:00
Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
23e83aa04c | ||
|
|
77ee63ba8b | ||
|
|
49e59a6dce | ||
|
|
137ecb9814 | ||
|
|
7e25254e93 | ||
|
|
0c9ae3cb1b | ||
|
|
471e747fc0 |
@@ -1,5 +1,5 @@
|
||||
|
||||
AC_INIT([xtables-addons], [1.15])
|
||||
AC_INIT([xtables-addons], [1.16])
|
||||
AC_CONFIG_HEADERS([config.h])
|
||||
AC_CONFIG_MACRO_DIR([m4])
|
||||
AC_PROG_INSTALL
|
||||
|
||||
@@ -1,5 +1,11 @@
|
||||
|
||||
|
||||
Xtables-addons 1.16 (May 27 2009)
|
||||
=================================
|
||||
- RAWNAT: make iptable_rawpost compile with 2.6.30-rc5
|
||||
- ipset: fast forward to 3.0
|
||||
|
||||
|
||||
Xtables-addons 1.15 (April 30 2009)
|
||||
===================================
|
||||
- build: add kernel version check to configure
|
||||
|
||||
@@ -31,17 +31,14 @@ AM_CFLAGS := ${regular_CFLAGS} -I${top_srcdir}/include ${xtables_CFLAGS} ${
|
||||
AM_DEPFLAGS = -Wp,-MMD,$(@D)/.$(@F).d,-MT,$@
|
||||
|
||||
VU := 0
|
||||
am__1verbose_CC_0 = @echo " CC " $@;
|
||||
am__1verbose_CCLD_0 = @echo " CCLD " $@;
|
||||
am__1verbose_GEN_0 = @echo " GEN " $@;
|
||||
am__1verbose_SILENT_0 = @
|
||||
am__1verbose_CC_1 = @echo " CC " $@ "<-" $<;
|
||||
am__1verbose_CCLD_1 = @echo " CCLD " $@ "<-" $^;
|
||||
am__1verbose_GEN_1 = @echo " GEN " $@ "<-" $<;
|
||||
am__verbose_CC = ${am__1verbose_CC_${VU}}
|
||||
am__verbose_CCLD = ${am__1verbose_CCLD_${VU}}
|
||||
am__verbose_GEN = ${am__1verbose_GEN_${VU}}
|
||||
am__verbose_SILENT = ${am__1verbose_GEN_${VU}}
|
||||
am__v_CC_0 = @echo " CC " $@;
|
||||
am__v_CCLD_0 = @echo " CCLD " $@;
|
||||
am__v_GEN_0 = @echo " GEN " $@;
|
||||
am__v_SILENT_0 = @
|
||||
AM_V_CC = ${am__v_CC_${VU}}
|
||||
AM_V_CCLD = ${am__v_CCLD_${VU}}
|
||||
AM_V_GEN = ${am__v_GEN_${VU}}
|
||||
AM_V_silent = ${am__v_GEN_${VU}}
|
||||
|
||||
|
||||
#
|
||||
@@ -95,23 +92,23 @@ distclean: clean
|
||||
.PHONY: modules modules_install clean_modules
|
||||
|
||||
modules:
|
||||
${am__verbose_SILENT}if [ -n "${kbuilddir}" ]; then make -C ${kbuilddir} M=${abssrcdir} XA_TOPSRCDIR=${abstop_srcdir} modules; fi;
|
||||
${AM_V_silent}if [ -n "${kbuilddir}" ]; then make -C ${kbuilddir} M=${abssrcdir} XA_TOPSRCDIR=${abstop_srcdir} modules; fi;
|
||||
|
||||
modules_install:
|
||||
${am__verbose_SILENT}if [ -n "${kbuilddir}" ]; then make -C ${kbuilddir} M=${abssrcdir} XA_TOPSRCDIR=${abstop_srcdir} INSTALL_MOD_PATH=${DESTDIR} modules_install; fi;
|
||||
${AM_V_silent}if [ -n "${kbuilddir}" ]; then make -C ${kbuilddir} M=${abssrcdir} XA_TOPSRCDIR=${abstop_srcdir} INSTALL_MOD_PATH=${DESTDIR} modules_install; fi;
|
||||
|
||||
clean_modules:
|
||||
${am__verbose_SILENT}if [ -n "${kbuilddir}" ]; then make -C ${kbuilddir} M=${abssrcdir} XA_TOPSRCDIR=${abstop_srcdir} clean; fi;
|
||||
${AM_V_silent}if [ -n "${kbuilddir}" ]; then make -C ${kbuilddir} M=${abssrcdir} XA_TOPSRCDIR=${abstop_srcdir} clean; fi;
|
||||
|
||||
|
||||
#
|
||||
# Shared libraries
|
||||
#
|
||||
lib%.so: lib%.oo
|
||||
${am__verbose_CCLD}${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $<;
|
||||
${AM_V_CCLD}${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $<;
|
||||
|
||||
lib%.oo: ${srcdir}/lib%.c
|
||||
${am__verbose_CC}${CC} ${AM_DEPFLAGS} ${AM_CFLAGS} -D_INIT=lib$*_init -DPIC -fPIC ${CFLAGS} -o $@ -c $<;
|
||||
${AM_V_CC}${CC} ${AM_DEPFLAGS} ${AM_CFLAGS} -D_INIT=lib$*_init -DPIC -fPIC ${CFLAGS} -o $@ -c $<;
|
||||
|
||||
|
||||
#
|
||||
@@ -128,7 +125,7 @@ wlist_targets := $(patsubst ${srcdir}/libxt_%.man,%,${wcman_targets})
|
||||
rm -f $@.tmp;
|
||||
|
||||
man_run = \
|
||||
${am__verbose_GEN}for ext in $(1); do \
|
||||
${AM_V_GEN}for ext in $(1); do \
|
||||
f="${srcdir}/libxt_$$ext.man"; \
|
||||
if [ -f "$$f" ]; then \
|
||||
echo ".SS $$ext"; \
|
||||
|
||||
@@ -69,7 +69,9 @@ static int __init rawpost6_table_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 29)
|
||||
rwlock_init(&rawpost6_itable.lock);
|
||||
#endif
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 25)
|
||||
rawpost6_ptable = ip6t_register_table(&init_net, &rawpost6_itable,
|
||||
&rawpost6_initial.repl);
|
||||
|
||||
@@ -493,7 +493,7 @@ ip_set_find_byindex(ip_set_id_t index)
|
||||
static inline int
|
||||
__ip_set_testip(struct ip_set *set,
|
||||
const void *data,
|
||||
size_t size,
|
||||
u_int32_t size,
|
||||
ip_set_ip_t *ip)
|
||||
{
|
||||
int res;
|
||||
@@ -508,7 +508,7 @@ __ip_set_testip(struct ip_set *set,
|
||||
static int
|
||||
__ip_set_addip(ip_set_id_t index,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set = ip_set_list[index];
|
||||
ip_set_ip_t ip;
|
||||
@@ -529,15 +529,15 @@ __ip_set_addip(ip_set_id_t index,
|
||||
static int
|
||||
ip_set_addip(ip_set_id_t index,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set = ip_set_list[index];
|
||||
|
||||
IP_SET_ASSERT(set);
|
||||
|
||||
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
|
||||
ip_set_printk("data length wrong (want %zu, have %zu)",
|
||||
set->type->reqsize,
|
||||
ip_set_printk("data length wrong (want %lu, have %zu)",
|
||||
(long unsigned)set->type->reqsize,
|
||||
size - sizeof(struct ip_set_req_adt));
|
||||
return -EINVAL;
|
||||
}
|
||||
@@ -549,7 +549,7 @@ ip_set_addip(ip_set_id_t index,
|
||||
static int
|
||||
ip_set_delip(ip_set_id_t index,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set = ip_set_list[index];
|
||||
ip_set_ip_t ip;
|
||||
@@ -558,8 +558,8 @@ ip_set_delip(ip_set_id_t index,
|
||||
IP_SET_ASSERT(set);
|
||||
|
||||
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
|
||||
ip_set_printk("data length wrong (want %zu, have %zu)",
|
||||
set->type->reqsize,
|
||||
ip_set_printk("data length wrong (want %lu, have %zu)",
|
||||
(long unsigned)set->type->reqsize,
|
||||
size - sizeof(struct ip_set_req_adt));
|
||||
return -EINVAL;
|
||||
}
|
||||
@@ -576,7 +576,7 @@ ip_set_delip(ip_set_id_t index,
|
||||
static int
|
||||
ip_set_testip(ip_set_id_t index,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set = ip_set_list[index];
|
||||
ip_set_ip_t ip;
|
||||
@@ -585,8 +585,8 @@ ip_set_testip(ip_set_id_t index,
|
||||
IP_SET_ASSERT(set);
|
||||
|
||||
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
|
||||
ip_set_printk("data length wrong (want %zu, have %zu)",
|
||||
set->type->reqsize,
|
||||
ip_set_printk("data length wrong (want %lu, have %zu)",
|
||||
(long unsigned)set->type->reqsize,
|
||||
size - sizeof(struct ip_set_req_adt));
|
||||
return -EINVAL;
|
||||
}
|
||||
@@ -601,7 +601,7 @@ ip_set_testip(ip_set_id_t index,
|
||||
static int
|
||||
ip_set_bindip(ip_set_id_t index,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set = ip_set_list[index];
|
||||
const struct ip_set_req_bind *req_bind;
|
||||
@@ -687,7 +687,7 @@ __unbind_default(struct ip_set *set)
|
||||
static int
|
||||
ip_set_unbindip(ip_set_id_t index,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set;
|
||||
const struct ip_set_req_bind *req_bind;
|
||||
@@ -760,7 +760,7 @@ ip_set_unbindip(ip_set_id_t index,
|
||||
static int
|
||||
ip_set_testbind(ip_set_id_t index,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set = ip_set_list[index];
|
||||
const struct ip_set_req_bind *req_bind;
|
||||
@@ -862,7 +862,7 @@ ip_set_create(const char *name,
|
||||
const char *typename,
|
||||
ip_set_id_t restore,
|
||||
const void *data,
|
||||
size_t size)
|
||||
u_int32_t size)
|
||||
{
|
||||
struct ip_set *set;
|
||||
ip_set_id_t index = 0, id;
|
||||
@@ -915,9 +915,9 @@ ip_set_create(const char *name,
|
||||
|
||||
/* Check request size */
|
||||
if (size != set->type->header_size) {
|
||||
ip_set_printk("data length wrong (want %zu, have %zu)",
|
||||
set->type->header_size,
|
||||
size);
|
||||
ip_set_printk("data length wrong (want %lu, have %lu)",
|
||||
(long unsigned)set->type->header_size,
|
||||
(long unsigned)size);
|
||||
goto put_out;
|
||||
}
|
||||
|
||||
@@ -1109,7 +1109,7 @@ ip_set_swap(ip_set_id_t from_index, ip_set_id_t to_index)
|
||||
|
||||
static inline void
|
||||
__set_hash_bindings_size_list(struct ip_set_hash *set_hash,
|
||||
ip_set_id_t id, size_t *size)
|
||||
ip_set_id_t id, u_int32_t *size)
|
||||
{
|
||||
if (set_hash->id == id)
|
||||
*size += sizeof(struct ip_set_hash_list);
|
||||
@@ -1117,7 +1117,7 @@ __set_hash_bindings_size_list(struct ip_set_hash *set_hash,
|
||||
|
||||
static inline void
|
||||
__set_hash_bindings_size_save(struct ip_set_hash *set_hash,
|
||||
ip_set_id_t id, size_t *size)
|
||||
ip_set_id_t id, u_int32_t *size)
|
||||
{
|
||||
if (set_hash->id == id)
|
||||
*size += sizeof(struct ip_set_hash_save);
|
||||
@@ -1220,7 +1220,7 @@ static int ip_set_save_set(ip_set_id_t index,
|
||||
*used += sizeof(struct ip_set_save);
|
||||
|
||||
set = ip_set_list[index];
|
||||
DP("set: %s, used: %u(%u) %p %p", set->name, *used, len,
|
||||
DP("set: %s, used: %d(%d) %p %p", set->name, *used, len,
|
||||
data, data + *used);
|
||||
|
||||
read_lock_bh(&set->lock);
|
||||
@@ -1237,8 +1237,8 @@ static int ip_set_save_set(ip_set_id_t index,
|
||||
set->type->list_header(set, data + *used);
|
||||
*used += set_save->header_size;
|
||||
|
||||
DP("set header filled: %s, used: %u(%u) %p %p", set->name, *used,
|
||||
set_save->header_size, data, data + *used);
|
||||
DP("set header filled: %s, used: %d(%lu) %p %p", set->name, *used,
|
||||
(unsigned long)set_save->header_size, data, data + *used);
|
||||
/* Get and ensure set specific members size */
|
||||
set_save->members_size = set->type->list_members_size(set);
|
||||
if (*used + set_save->members_size > len)
|
||||
@@ -1248,8 +1248,8 @@ static int ip_set_save_set(ip_set_id_t index,
|
||||
set->type->list_members(set, data + *used);
|
||||
*used += set_save->members_size;
|
||||
read_unlock_bh(&set->lock);
|
||||
DP("set members filled: %s, used: %u(%u) %p %p", set->name, *used,
|
||||
set_save->members_size, data, data + *used);
|
||||
DP("set members filled: %s, used: %d(%lu) %p %p", set->name, *used,
|
||||
(unsigned long)set_save->members_size, data, data + *used);
|
||||
return 0;
|
||||
|
||||
unlock_set:
|
||||
@@ -1329,7 +1329,7 @@ static int ip_set_restore(void *data,
|
||||
while (1) {
|
||||
line++;
|
||||
|
||||
DP("%u %u %u", used, sizeof(struct ip_set_restore), len);
|
||||
DP("%d %zu %d", used, sizeof(struct ip_set_restore), len);
|
||||
/* Get and ensure header size */
|
||||
if (used + sizeof(struct ip_set_restore) > len)
|
||||
return line;
|
||||
@@ -1367,12 +1367,13 @@ static int ip_set_restore(void *data,
|
||||
/* Try to restore members data */
|
||||
set = ip_set_list[index];
|
||||
members_size = 0;
|
||||
DP("members_size %u reqsize %u",
|
||||
set_restore->members_size, set->type->reqsize);
|
||||
DP("members_size %lu reqsize %lu",
|
||||
(unsigned long)set_restore->members_size,
|
||||
(unsigned long)set->type->reqsize);
|
||||
while (members_size + set->type->reqsize <=
|
||||
set_restore->members_size) {
|
||||
line++;
|
||||
DP("members: %u, line %u", members_size, line);
|
||||
DP("members: %d, line %d", members_size, line);
|
||||
res = __ip_set_addip(index,
|
||||
data + used + members_size,
|
||||
set->type->reqsize);
|
||||
@@ -1381,8 +1382,8 @@ static int ip_set_restore(void *data,
|
||||
members_size += set->type->reqsize;
|
||||
}
|
||||
|
||||
DP("members_size %u %u",
|
||||
set_restore->members_size, members_size);
|
||||
DP("members_size %lu %d",
|
||||
(unsigned long)set_restore->members_size, members_size);
|
||||
if (members_size != set_restore->members_size)
|
||||
return line++;
|
||||
used += set_restore->members_size;
|
||||
@@ -1442,10 +1443,10 @@ ip_set_sockfn_set(struct sock *sk, int optval, void *user, unsigned int len)
|
||||
struct ip_set_req_adt *req_adt;
|
||||
ip_set_id_t index = IP_SET_INVALID_ID;
|
||||
int (*adtfn)(ip_set_id_t index,
|
||||
const void *data, size_t size);
|
||||
const void *data, u_int32_t size);
|
||||
struct fn_table {
|
||||
int (*fn)(ip_set_id_t index,
|
||||
const void *data, size_t size);
|
||||
const void *data, u_int32_t size);
|
||||
} adtfn_table[] =
|
||||
{ { ip_set_addip }, { ip_set_delip }, { ip_set_testip},
|
||||
{ ip_set_bindip}, { ip_set_unbindip }, { ip_set_testbind },
|
||||
@@ -1938,14 +1939,14 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
|
||||
|
||||
if (*len < sizeof(struct ip_set_req_setnames)
|
||||
|| *len != req_restore->size) {
|
||||
ip_set_printk("invalid RESTORE (want =%zu, got %d)",
|
||||
req_restore->size, *len);
|
||||
ip_set_printk("invalid RESTORE (want =%lu, got %d)",
|
||||
(long unsigned)req_restore->size, *len);
|
||||
res = -EINVAL;
|
||||
goto done;
|
||||
}
|
||||
line = ip_set_restore(data + sizeof(struct ip_set_req_setnames),
|
||||
req_restore->size - sizeof(struct ip_set_req_setnames));
|
||||
DP("ip_set_restore: %u", line);
|
||||
DP("ip_set_restore: %d", line);
|
||||
if (line != 0) {
|
||||
res = -EAGAIN;
|
||||
req_restore->size = line;
|
||||
@@ -1960,7 +1961,7 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
|
||||
} /* end of switch(op) */
|
||||
|
||||
copy:
|
||||
DP("set %s, copylen %u", index != IP_SET_INVALID_ID
|
||||
DP("set %s, copylen %d", index != IP_SET_INVALID_ID
|
||||
&& ip_set_list[index]
|
||||
? ip_set_list[index]->name
|
||||
: ":all:", copylen);
|
||||
|
||||
@@ -48,7 +48,7 @@
|
||||
/*
|
||||
* Used so that the kernel module and ipset-binary can match their versions
|
||||
*/
|
||||
#define IP_SET_PROTOCOL_VERSION 2
|
||||
#define IP_SET_PROTOCOL_VERSION 3
|
||||
|
||||
#define IP_SET_MAXNAMELEN 32 /* set names and set typenames */
|
||||
|
||||
@@ -236,7 +236,7 @@ struct ip_set_req_max_sets {
|
||||
struct ip_set_req_setnames {
|
||||
unsigned op;
|
||||
ip_set_id_t index; /* set to list/save */
|
||||
size_t size; /* size to get setdata/bindings */
|
||||
u_int32_t size; /* size to get setdata/bindings */
|
||||
/* followed by sets number of struct ip_set_name_list */
|
||||
};
|
||||
|
||||
@@ -258,9 +258,9 @@ struct ip_set_list {
|
||||
ip_set_id_t index;
|
||||
ip_set_id_t binding;
|
||||
u_int32_t ref;
|
||||
size_t header_size; /* Set header data of header_size */
|
||||
size_t members_size; /* Set members data of members_size */
|
||||
size_t bindings_size; /* Set bindings data of bindings_size */
|
||||
u_int32_t header_size; /* Set header data of header_size */
|
||||
u_int32_t members_size; /* Set members data of members_size */
|
||||
u_int32_t bindings_size;/* Set bindings data of bindings_size */
|
||||
};
|
||||
|
||||
struct ip_set_hash_list {
|
||||
@@ -277,8 +277,8 @@ struct ip_set_hash_list {
|
||||
struct ip_set_save {
|
||||
ip_set_id_t index;
|
||||
ip_set_id_t binding;
|
||||
size_t header_size; /* Set header data of header_size */
|
||||
size_t members_size; /* Set members data of members_size */
|
||||
u_int32_t header_size; /* Set header data of header_size */
|
||||
u_int32_t members_size; /* Set members data of members_size */
|
||||
};
|
||||
|
||||
/* At restoring, ip == 0 means default binding for the given set: */
|
||||
@@ -298,8 +298,8 @@ struct ip_set_restore {
|
||||
char name[IP_SET_MAXNAMELEN];
|
||||
char typename[IP_SET_MAXNAMELEN];
|
||||
ip_set_id_t index;
|
||||
size_t header_size; /* Create data of header_size */
|
||||
size_t members_size; /* Set members data of members_size */
|
||||
u_int32_t header_size; /* Create data of header_size */
|
||||
u_int32_t members_size; /* Set members data of members_size */
|
||||
};
|
||||
|
||||
static inline int bitmap_bytes(ip_set_ip_t a, ip_set_ip_t b)
|
||||
@@ -366,14 +366,14 @@ struct ip_set_type {
|
||||
* return 0 if not in set, 1 if in set.
|
||||
*/
|
||||
int (*testip) (struct ip_set *set,
|
||||
const void *data, size_t size,
|
||||
const void *data, u_int32_t size,
|
||||
ip_set_ip_t *ip);
|
||||
|
||||
/*
|
||||
* Size of the data structure passed by when
|
||||
* adding/deletin/testing an entry.
|
||||
*/
|
||||
size_t reqsize;
|
||||
u_int32_t reqsize;
|
||||
|
||||
/* Add IP into set (userspace: ipset -A set IP)
|
||||
* Return -EEXIST if the address is already in the set,
|
||||
@@ -381,7 +381,7 @@ struct ip_set_type {
|
||||
* If the address was not already in the set, 0 is returned.
|
||||
*/
|
||||
int (*addip) (struct ip_set *set,
|
||||
const void *data, size_t size,
|
||||
const void *data, u_int32_t size,
|
||||
ip_set_ip_t *ip);
|
||||
|
||||
/* Add IP into set (kernel: iptables ... -j SET set src|dst)
|
||||
@@ -401,7 +401,7 @@ struct ip_set_type {
|
||||
* If the address really was in the set, 0 is returned.
|
||||
*/
|
||||
int (*delip) (struct ip_set *set,
|
||||
const void *data, size_t size,
|
||||
const void *data, u_int32_t size,
|
||||
ip_set_ip_t *ip);
|
||||
|
||||
/* remove IP from set (kernel: iptables ... -j SET --entry x)
|
||||
@@ -418,7 +418,7 @@ struct ip_set_type {
|
||||
/* new set creation - allocated type specific items
|
||||
*/
|
||||
int (*create) (struct ip_set *set,
|
||||
const void *data, size_t size);
|
||||
const void *data, u_int32_t size);
|
||||
|
||||
/* retry the operation after successfully tweaking the set
|
||||
*/
|
||||
@@ -437,7 +437,7 @@ struct ip_set_type {
|
||||
|
||||
/* Listing: size needed for header
|
||||
*/
|
||||
size_t header_size;
|
||||
u_int32_t header_size;
|
||||
|
||||
/* Listing: Get the header
|
||||
*
|
||||
@@ -523,7 +523,7 @@ extern int ip_set_testip_kernel(ip_set_id_t id,
|
||||
|
||||
#define UADT0(type, adt, args...) \
|
||||
static int \
|
||||
FNAME(type,_u,adt)(struct ip_set *set, const void *data, size_t size, \
|
||||
FNAME(type,_u,adt)(struct ip_set *set, const void *data, u_int32_t size,\
|
||||
ip_set_ip_t *hash_ip) \
|
||||
{ \
|
||||
const STRUCT(ip_set_req_,type) *req = data; \
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
#ifdef __KERNEL__
|
||||
#define BITMAP_CREATE(type) \
|
||||
static int \
|
||||
type##_create(struct ip_set *set, const void *data, size_t size) \
|
||||
type##_create(struct ip_set *set, const void *data, u_int32_t size) \
|
||||
{ \
|
||||
int newbytes; \
|
||||
const struct ip_set_req_##type##_create *req = data; \
|
||||
@@ -19,8 +19,8 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
|
||||
\
|
||||
map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL); \
|
||||
if (!map) { \
|
||||
DP("out of memory for %d bytes", \
|
||||
sizeof(struct ip_set_#type)); \
|
||||
DP("out of memory for %zu bytes", \
|
||||
sizeof(struct ip_set_##type)); \
|
||||
return -ENOMEM; \
|
||||
} \
|
||||
map->first_ip = req->from; \
|
||||
@@ -35,7 +35,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
|
||||
map->size = newbytes; \
|
||||
map->members = ip_set_malloc(newbytes); \
|
||||
if (!map->members) { \
|
||||
DP("out of memory for %d bytes", newbytes); \
|
||||
DP("out of memory for %i bytes", newbytes); \
|
||||
kfree(map); \
|
||||
return -ENOMEM; \
|
||||
} \
|
||||
|
||||
@@ -58,6 +58,7 @@ static inline void *kzalloc(size_t size, gfp_t flags)
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
|
||||
#include <linux/netfilter.h>
|
||||
#define KMEM_CACHE_CREATE(name, size) \
|
||||
kmem_cache_create(name, size, 0, 0, NULL, NULL)
|
||||
#else
|
||||
|
||||
@@ -28,20 +28,22 @@ type##_retry(struct ip_set *set) \
|
||||
hashsize++; \
|
||||
\
|
||||
ip_set_printk("rehashing of set %s triggered: " \
|
||||
"hashsize grows from %u to %u", \
|
||||
set->name, map->hashsize, hashsize); \
|
||||
"hashsize grows from %lu to %lu", \
|
||||
set->name, \
|
||||
(long unsigned)map->hashsize, \
|
||||
(long unsigned)hashsize); \
|
||||
\
|
||||
tmp = kmalloc(sizeof(struct ip_set_##type) \
|
||||
+ map->probes * sizeof(initval_t), GFP_ATOMIC); \
|
||||
if (!tmp) { \
|
||||
DP("out of memory for %d bytes", \
|
||||
DP("out of memory for %zu bytes", \
|
||||
sizeof(struct ip_set_##type) \
|
||||
+ map->probes * sizeof(initval_t)); \
|
||||
return -ENOMEM; \
|
||||
} \
|
||||
tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\
|
||||
if (!tmp->members) { \
|
||||
DP("out of memory for %d bytes", hashsize * sizeof(dtype));\
|
||||
DP("out of memory for %zu bytes", hashsize * sizeof(dtype));\
|
||||
kfree(tmp); \
|
||||
return -ENOMEM; \
|
||||
} \
|
||||
@@ -88,7 +90,7 @@ type##_retry(struct ip_set *set) \
|
||||
|
||||
#define HASH_CREATE(type, dtype) \
|
||||
static int \
|
||||
type##_create(struct ip_set *set, const void *data, size_t size) \
|
||||
type##_create(struct ip_set *set, const void *data, u_int32_t size) \
|
||||
{ \
|
||||
const struct ip_set_req_##type##_create *req = data; \
|
||||
struct ip_set_##type *map; \
|
||||
@@ -107,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
|
||||
map = kmalloc(sizeof(struct ip_set_##type) \
|
||||
+ req->probes * sizeof(initval_t), GFP_KERNEL); \
|
||||
if (!map) { \
|
||||
DP("out of memory for %d bytes", \
|
||||
DP("out of memory for %zu bytes", \
|
||||
sizeof(struct ip_set_##type) \
|
||||
+ req->probes * sizeof(initval_t)); \
|
||||
return -ENOMEM; \
|
||||
@@ -124,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
|
||||
} \
|
||||
map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\
|
||||
if (!map->members) { \
|
||||
DP("out of memory for %d bytes", map->hashsize * sizeof(dtype));\
|
||||
DP("out of memory for %zu bytes", map->hashsize * sizeof(dtype));\
|
||||
kfree(map); \
|
||||
return -ENOMEM; \
|
||||
} \
|
||||
|
||||
@@ -13,7 +13,7 @@ struct ip_set_ipmap {
|
||||
ip_set_ip_t netmask; /* subnet netmask */
|
||||
ip_set_ip_t sizeid; /* size of set in IPs */
|
||||
ip_set_ip_t hosts; /* number of hosts in a subnet */
|
||||
size_t size; /* size of the ipmap proper */
|
||||
u_int32_t size; /* size of the ipmap proper */
|
||||
};
|
||||
|
||||
struct ip_set_req_ipmap_create {
|
||||
|
||||
@@ -102,7 +102,7 @@ ipportnethash_test(struct ip_set *set, ip_set_ip_t *hash_ip,
|
||||
}
|
||||
|
||||
static int
|
||||
ipportnethash_utest(struct ip_set *set, const void *data, size_t size,
|
||||
ipportnethash_utest(struct ip_set *set, const void *data, u_int32_t size,
|
||||
ip_set_ip_t *hash_ip)
|
||||
{
|
||||
const struct ip_set_req_ipportnethash *req = data;
|
||||
|
||||
@@ -276,21 +276,21 @@ init_gc_timer(struct ip_set *set)
|
||||
}
|
||||
|
||||
static int
|
||||
iptree_create(struct ip_set *set, const void *data, size_t size)
|
||||
iptree_create(struct ip_set *set, const void *data, u_int32_t size)
|
||||
{
|
||||
const struct ip_set_req_iptree_create *req = data;
|
||||
struct ip_set_iptree *map;
|
||||
|
||||
if (size != sizeof(struct ip_set_req_iptree_create)) {
|
||||
ip_set_printk("data length wrong (want %zu, have %zu)",
|
||||
ip_set_printk("data length wrong (want %zu, have %lu)",
|
||||
sizeof(struct ip_set_req_iptree_create),
|
||||
size);
|
||||
(unsigned long)size);
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
map = kmalloc(sizeof(struct ip_set_iptree), GFP_KERNEL);
|
||||
if (!map) {
|
||||
DP("out of memory for %d bytes",
|
||||
DP("out of memory for %zu bytes",
|
||||
sizeof(struct ip_set_iptree));
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
@@ -470,7 +470,7 @@ init_gc_timer(struct ip_set *set)
|
||||
}
|
||||
|
||||
static int
|
||||
iptreemap_create(struct ip_set *set, const void *data, size_t size)
|
||||
iptreemap_create(struct ip_set *set, const void *data, u_int32_t size)
|
||||
{
|
||||
const struct ip_set_req_iptreemap_create *req = data;
|
||||
struct ip_set_iptreemap *map;
|
||||
@@ -567,7 +567,7 @@ iptreemap_list_members_size(const struct ip_set *set)
|
||||
return (count * sizeof(struct ip_set_req_iptreemap));
|
||||
}
|
||||
|
||||
static inline size_t
|
||||
static inline u_int32_t
|
||||
add_member(void *data, size_t offset, ip_set_ip_t start, ip_set_ip_t end)
|
||||
{
|
||||
struct ip_set_req_iptreemap *entry = data + offset;
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
#include "ip_set_macipmap.h"
|
||||
|
||||
static int
|
||||
macipmap_utest(struct ip_set *set, const void *data, size_t size,
|
||||
macipmap_utest(struct ip_set *set, const void *data, u_int32_t size,
|
||||
ip_set_ip_t *hash_ip)
|
||||
{
|
||||
const struct ip_set_macipmap *map = set->data;
|
||||
@@ -35,8 +35,7 @@ macipmap_utest(struct ip_set *set, const void *data, size_t size,
|
||||
*hash_ip = req->ip;
|
||||
DP("set: %s, ip:%u.%u.%u.%u, %u.%u.%u.%u",
|
||||
set->name, HIPQUAD(req->ip), HIPQUAD(*hash_ip));
|
||||
if (test_bit(IPSET_MACIP_ISSET,
|
||||
(void *) &table[req->ip - map->first_ip].flags)) {
|
||||
if (table[req->ip - map->first_ip].match) {
|
||||
return (memcmp(req->ethernet,
|
||||
&table[req->ip - map->first_ip].ethernet,
|
||||
ETH_ALEN) == 0);
|
||||
@@ -64,8 +63,7 @@ macipmap_ktest(struct ip_set *set,
|
||||
*hash_ip = ip;
|
||||
DP("set: %s, ip:%u.%u.%u.%u, %u.%u.%u.%u",
|
||||
set->name, HIPQUAD(ip), HIPQUAD(*hash_ip));
|
||||
if (test_bit(IPSET_MACIP_ISSET,
|
||||
(void *) &table[ip - map->first_ip].flags)) {
|
||||
if (table[ip - map->first_ip].match) {
|
||||
/* Is mac pointer valid?
|
||||
* If so, compare... */
|
||||
return (skb_mac_header(skb) >= skb->head
|
||||
@@ -88,13 +86,13 @@ macipmap_add(struct ip_set *set, ip_set_ip_t *hash_ip,
|
||||
|
||||
if (ip < map->first_ip || ip > map->last_ip)
|
||||
return -ERANGE;
|
||||
if (test_and_set_bit(IPSET_MACIP_ISSET,
|
||||
(void *) &table[ip - map->first_ip].flags))
|
||||
if (table[ip - map->first_ip].match)
|
||||
return -EEXIST;
|
||||
|
||||
*hash_ip = ip;
|
||||
DP("%u.%u.%u.%u, %u.%u.%u.%u", HIPQUAD(ip), HIPQUAD(*hash_ip));
|
||||
memcpy(&table[ip - map->first_ip].ethernet, ethernet, ETH_ALEN);
|
||||
table[ip - map->first_ip].match = IPSET_MACIP_ISSET;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -114,11 +112,11 @@ macipmap_del(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip)
|
||||
|
||||
if (ip < map->first_ip || ip > map->last_ip)
|
||||
return -ERANGE;
|
||||
if (!test_and_clear_bit(IPSET_MACIP_ISSET,
|
||||
(void *)&table[ip - map->first_ip].flags))
|
||||
if (!table[ip - map->first_ip].match)
|
||||
return -EEXIST;
|
||||
|
||||
*hash_ip = ip;
|
||||
table[ip - map->first_ip].match = 0;
|
||||
DP("%u.%u.%u.%u, %u.%u.%u.%u", HIPQUAD(ip), HIPQUAD(*hash_ip));
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ struct ip_set_macipmap {
|
||||
ip_set_ip_t first_ip; /* host byte order, included in range */
|
||||
ip_set_ip_t last_ip; /* host byte order, included in range */
|
||||
u_int32_t flags;
|
||||
size_t size; /* size of the ipmap proper */
|
||||
u_int32_t size; /* size of the ipmap proper */
|
||||
};
|
||||
|
||||
struct ip_set_req_macipmap_create {
|
||||
@@ -32,7 +32,7 @@ struct ip_set_req_macipmap {
|
||||
};
|
||||
|
||||
struct ip_set_macip {
|
||||
unsigned short flags;
|
||||
unsigned short match;
|
||||
unsigned char ethernet[ETH_ALEN];
|
||||
};
|
||||
|
||||
|
||||
@@ -80,7 +80,7 @@ nethash_test(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip)
|
||||
}
|
||||
|
||||
static int
|
||||
nethash_utest(struct ip_set *set, const void *data, size_t size,
|
||||
nethash_utest(struct ip_set *set, const void *data, u_int32_t size,
|
||||
ip_set_ip_t *hash_ip)
|
||||
{
|
||||
const struct ip_set_req_nethash *req = data;
|
||||
|
||||
@@ -10,7 +10,7 @@ struct ip_set_portmap {
|
||||
void *members; /* the portmap proper */
|
||||
ip_set_ip_t first_ip; /* host byte order, included in range */
|
||||
ip_set_ip_t last_ip; /* host byte order, included in range */
|
||||
size_t size; /* size of the ipmap proper */
|
||||
u_int32_t size; /* size of the ipmap proper */
|
||||
};
|
||||
|
||||
struct ip_set_req_portmap_create {
|
||||
|
||||
@@ -28,7 +28,7 @@ next_index_eq(const struct ip_set_setlist *map, int i, ip_set_id_t index)
|
||||
}
|
||||
|
||||
static int
|
||||
setlist_utest(struct ip_set *set, const void *data, size_t size,
|
||||
setlist_utest(struct ip_set *set, const void *data, u_int32_t size,
|
||||
ip_set_ip_t *hash_ip)
|
||||
{
|
||||
const struct ip_set_setlist *map = set->data;
|
||||
@@ -109,7 +109,7 @@ insert_setlist(struct ip_set_setlist *map, int i, ip_set_id_t index)
|
||||
}
|
||||
|
||||
static int
|
||||
setlist_uadd(struct ip_set *set, const void *data, size_t size,
|
||||
setlist_uadd(struct ip_set *set, const void *data, u_int32_t size,
|
||||
ip_set_ip_t *hash_ip)
|
||||
{
|
||||
struct ip_set_setlist *map = set->data;
|
||||
@@ -184,7 +184,7 @@ unshift_setlist(struct ip_set_setlist *map, int i)
|
||||
}
|
||||
|
||||
static int
|
||||
setlist_udel(struct ip_set *set, const void *data, size_t size,
|
||||
setlist_udel(struct ip_set *set, const void *data, u_int32_t size,
|
||||
ip_set_ip_t *hash_ip)
|
||||
{
|
||||
struct ip_set_setlist *map = set->data;
|
||||
@@ -251,7 +251,7 @@ setlist_kdel(struct ip_set *set,
|
||||
}
|
||||
|
||||
static int
|
||||
setlist_create(struct ip_set *set, const void *data, size_t size)
|
||||
setlist_create(struct ip_set *set, const void *data, u_int32_t size)
|
||||
{
|
||||
struct ip_set_setlist *map;
|
||||
const struct ip_set_req_setlist_create *req = data;
|
||||
|
||||
@@ -1580,7 +1580,7 @@ static int set_adtip(struct set *set, const char *adt,
|
||||
|
||||
/* Alloc memory for the data to send */
|
||||
size = sizeof(struct ip_set_req_adt) + set->settype->adt_size ;
|
||||
DP("alloc size %i", size);
|
||||
DP("alloc size %d", size);
|
||||
data = ipset_malloc(size);
|
||||
|
||||
/* Fill out the request */
|
||||
@@ -1666,7 +1666,7 @@ static int set_bind(struct set *set, const char *adt,
|
||||
size += IP_SET_MAXNAMELEN;
|
||||
else if (!(op == IP_SET_OP_UNBIND_SET && set == NULL))
|
||||
size += set->settype->adt_size;
|
||||
DP("alloc size %i", size);
|
||||
DP("alloc size %d", size);
|
||||
data = ipset_malloc(size);
|
||||
|
||||
/* Fill out the request */
|
||||
|
||||
@@ -95,7 +95,7 @@ struct settype {
|
||||
*/
|
||||
|
||||
/* Size of create data. Will be sent to kernel */
|
||||
size_t create_size;
|
||||
u_int32_t create_size;
|
||||
|
||||
/* Initialize the create. */
|
||||
void (*create_init) (void *data);
|
||||
@@ -115,7 +115,7 @@ struct settype {
|
||||
*/
|
||||
|
||||
/* Size of data. Will be sent to kernel */
|
||||
size_t adt_size;
|
||||
u_int32_t adt_size;
|
||||
|
||||
/* Function which parses command options */
|
||||
ip_set_ip_t (*adt_parser) (int cmd, const char *optarg, void *data);
|
||||
@@ -125,7 +125,7 @@ struct settype {
|
||||
*/
|
||||
|
||||
/* Size of header. */
|
||||
size_t header_size;
|
||||
u_int32_t header_size;
|
||||
|
||||
/* Initialize the type-header */
|
||||
void (*initheader) (struct set *set, const void *data);
|
||||
@@ -134,16 +134,16 @@ struct settype {
|
||||
void (*printheader) (struct set *set, unsigned options);
|
||||
|
||||
/* Pretty print all IPs */
|
||||
void (*printips) (struct set *set, void *data, size_t len, unsigned options);
|
||||
void (*printips) (struct set *set, void *data, u_int32_t len, unsigned options);
|
||||
|
||||
/* Pretty print all IPs sorted */
|
||||
void (*printips_sorted) (struct set *set, void *data, size_t len, unsigned options);
|
||||
void (*printips_sorted) (struct set *set, void *data, u_int32_t len, unsigned options);
|
||||
|
||||
/* Print save arguments for creating the set */
|
||||
void (*saveheader) (struct set *set, unsigned options);
|
||||
|
||||
/* Print save for all IPs */
|
||||
void (*saveips) (struct set *set, void *data, size_t len, unsigned options);
|
||||
void (*saveips) (struct set *set, void *data, u_int32_t len, unsigned options);
|
||||
|
||||
/* Conver a single IP (binding) to string */
|
||||
char * (*bindip_tostring)(struct set *set, ip_set_ip_t ip, unsigned options);
|
||||
@@ -189,10 +189,13 @@ extern struct set *set_find_byid(ip_set_id_t id);
|
||||
|
||||
extern unsigned warn_once;
|
||||
|
||||
#define BITSPERBYTE (8*sizeof(char))
|
||||
#define ID2BYTE(id) ((id)/BITSPERBYTE)
|
||||
#define ID2MASK(id) (1 << ((id)%BITSPERBYTE))
|
||||
#define test_bit(id, heap) ((((char *)(heap))[ID2BYTE(id)] & ID2MASK(id)) != 0)
|
||||
#define BITS_PER_LONG (8*sizeof(unsigned long))
|
||||
#define BIT_WORD(nr) ((nr) / BITS_PER_LONG)
|
||||
|
||||
static inline int test_bit(int nr, const unsigned long *addr)
|
||||
{
|
||||
return 1UL & (addr[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG-1)));
|
||||
}
|
||||
|
||||
#define UNUSED __attribute__ ((unused))
|
||||
#define CONSTRUCTOR(module) \
|
||||
|
||||
@@ -192,7 +192,7 @@ printheader(struct set *set, unsigned options UNUSED)
|
||||
}
|
||||
|
||||
static void
|
||||
printips(struct set *set UNUSED, void *data, size_t len, unsigned options)
|
||||
printips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
size_t offset = 0;
|
||||
ip_set_ip_t *ip;
|
||||
@@ -221,7 +221,7 @@ saveheader(struct set *set, unsigned options UNUSED)
|
||||
|
||||
/* Print save for an IP */
|
||||
static void
|
||||
saveips(struct set *set UNUSED, void *data, size_t len, unsigned options)
|
||||
saveips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
size_t offset = 0;
|
||||
ip_set_ip_t *ip;
|
||||
|
||||
@@ -225,12 +225,12 @@ initheader(struct set *set, const void *data)
|
||||
mask = range_to_mask(header->from, header->to, &mask_bits);
|
||||
netmask_bits = mask_to_bits(header->netmask);
|
||||
|
||||
DP("bits: %i %i", mask_bits, netmask_bits);
|
||||
DP("bits: %d %d", mask_bits, netmask_bits);
|
||||
map->hosts = 2 << (32 - netmask_bits - 1);
|
||||
map->sizeid = 2 << (netmask_bits - mask_bits - 1);
|
||||
}
|
||||
|
||||
DP("%i %i", map->hosts, map->sizeid );
|
||||
DP("%d %d", map->hosts, map->sizeid );
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -248,7 +248,7 @@ printheader(struct set *set, unsigned options)
|
||||
|
||||
static void
|
||||
printips_sorted(struct set *set, void *data,
|
||||
size_t len UNUSED, unsigned options)
|
||||
u_int32_t len UNUSED, unsigned options)
|
||||
{
|
||||
struct ip_set_ipmap *mysetdata = set->settype->header;
|
||||
ip_set_ip_t id;
|
||||
@@ -279,7 +279,7 @@ saveheader(struct set *set, unsigned options)
|
||||
}
|
||||
|
||||
static void
|
||||
saveips(struct set *set, void *data, size_t len UNUSED, unsigned options)
|
||||
saveips(struct set *set, void *data, u_int32_t len UNUSED, unsigned options)
|
||||
{
|
||||
struct ip_set_ipmap *mysetdata = set->settype->header;
|
||||
ip_set_ip_t id;
|
||||
|
||||
@@ -248,7 +248,7 @@ printheader(struct set *set, unsigned options)
|
||||
}
|
||||
|
||||
static void
|
||||
printips(struct set *set, void *data, size_t len, unsigned options)
|
||||
printips(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_ipporthash *mysetdata = set->settype->header;
|
||||
size_t offset = 0;
|
||||
@@ -284,7 +284,7 @@ saveheader(struct set *set, unsigned options)
|
||||
|
||||
/* Print save for an IP */
|
||||
static void
|
||||
saveips(struct set *set, void *data, size_t len, unsigned options)
|
||||
saveips(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_ipporthash *mysetdata = set->settype->header;
|
||||
size_t offset = 0;
|
||||
|
||||
@@ -253,7 +253,7 @@ printheader(struct set *set, unsigned options)
|
||||
}
|
||||
|
||||
static void
|
||||
printips(struct set *set, void *data, size_t len, unsigned options)
|
||||
printips(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_ipportiphash *mysetdata = set->settype->header;
|
||||
size_t offset = 0;
|
||||
@@ -292,7 +292,7 @@ saveheader(struct set *set, unsigned options)
|
||||
|
||||
/* Print save for an IP */
|
||||
static void
|
||||
saveips(struct set *set, void *data, size_t len, unsigned options)
|
||||
saveips(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_ipportiphash *mysetdata = set->settype->header;
|
||||
size_t offset = 0;
|
||||
|
||||
@@ -318,7 +318,7 @@ unpack_ip_tostring(ip_set_ip_t ip, unsigned options UNUSED)
|
||||
}
|
||||
|
||||
static void
|
||||
printips(struct set *set, void *data, size_t len, unsigned options)
|
||||
printips(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_ipportnethash *mysetdata = set->settype->header;
|
||||
size_t offset = 0;
|
||||
@@ -357,7 +357,7 @@ saveheader(struct set *set, unsigned options)
|
||||
|
||||
/* Print save for an IP */
|
||||
static void
|
||||
saveips(struct set *set, void *data, size_t len, unsigned options)
|
||||
saveips(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_ipportnethash *mysetdata = set->settype->header;
|
||||
size_t offset = 0;
|
||||
|
||||
@@ -123,7 +123,7 @@ printheader(struct set *set, unsigned options UNUSED)
|
||||
}
|
||||
|
||||
static void
|
||||
printips_sorted(struct set *set, void *data, size_t len, unsigned options)
|
||||
printips_sorted(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_iptree *mysetdata = set->settype->header;
|
||||
struct ip_set_req_iptree *req;
|
||||
@@ -155,7 +155,7 @@ saveheader(struct set *set, unsigned options UNUSED)
|
||||
}
|
||||
|
||||
static void
|
||||
saveips(struct set *set, void *data, size_t len, unsigned options)
|
||||
saveips(struct set *set, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
struct ip_set_iptree *mysetdata = set->settype->header;
|
||||
struct ip_set_req_iptree *req;
|
||||
|
||||
@@ -115,7 +115,7 @@ printheader(struct set *set, unsigned int options UNUSED)
|
||||
|
||||
static void
|
||||
printips_sorted(struct set *set UNUSED, void *data,
|
||||
size_t len, unsigned int options)
|
||||
u_int32_t len, unsigned int options)
|
||||
{
|
||||
struct ip_set_req_iptreemap *req;
|
||||
size_t offset = 0;
|
||||
@@ -147,7 +147,7 @@ saveheader(struct set *set, unsigned int options UNUSED)
|
||||
|
||||
static void
|
||||
saveips(struct set *set UNUSED, void *data,
|
||||
size_t len, unsigned int options)
|
||||
u_int32_t len, unsigned int options)
|
||||
{
|
||||
struct ip_set_req_iptreemap *req;
|
||||
size_t offset = 0;
|
||||
|
||||
@@ -245,15 +245,14 @@ print_mac(unsigned char macaddress[ETH_ALEN])
|
||||
|
||||
static void
|
||||
printips_sorted(struct set *set, void *data,
|
||||
size_t len UNUSED, unsigned options)
|
||||
u_int32_t len UNUSED, unsigned options)
|
||||
{
|
||||
struct ip_set_macipmap *mysetdata = set->settype->header;
|
||||
struct ip_set_macip *table = data;
|
||||
u_int32_t addr = mysetdata->first_ip;
|
||||
|
||||
while (addr <= mysetdata->last_ip) {
|
||||
if (test_bit(IPSET_MACIP_ISSET,
|
||||
(void *)&table[addr - mysetdata->first_ip].flags)) {
|
||||
if (table[addr - mysetdata->first_ip].match) {
|
||||
printf("%s,", ip_tostring(addr, options));
|
||||
print_mac(table[addr - mysetdata->first_ip].
|
||||
ethernet);
|
||||
@@ -280,15 +279,14 @@ saveheader(struct set *set, unsigned options)
|
||||
|
||||
static void
|
||||
saveips(struct set *set, void *data,
|
||||
size_t len UNUSED, unsigned options)
|
||||
u_int32_t len UNUSED, unsigned options)
|
||||
{
|
||||
struct ip_set_macipmap *mysetdata = set->settype->header;
|
||||
struct ip_set_macip *table = data;
|
||||
u_int32_t addr = mysetdata->first_ip;
|
||||
|
||||
while (addr <= mysetdata->last_ip) {
|
||||
if (test_bit(IPSET_MACIP_ISSET,
|
||||
(void *)&table[addr - mysetdata->first_ip].flags)) {
|
||||
if (table[addr - mysetdata->first_ip].match) {
|
||||
printf("-A %s %s,",
|
||||
set->name, ip_tostring(addr, options));
|
||||
print_mac(table[addr - mysetdata->first_ip].
|
||||
|
||||
@@ -224,7 +224,7 @@ unpack_ip_tostring(ip_set_ip_t ip, unsigned options UNUSED)
|
||||
}
|
||||
|
||||
static void
|
||||
printips(struct set *set UNUSED, void *data, size_t len, unsigned options)
|
||||
printips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
size_t offset = 0;
|
||||
ip_set_ip_t *ip;
|
||||
@@ -249,7 +249,7 @@ saveheader(struct set *set, unsigned options UNUSED)
|
||||
|
||||
/* Print save for an IP */
|
||||
static void
|
||||
saveips(struct set *set UNUSED, void *data, size_t len, unsigned options)
|
||||
saveips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
|
||||
{
|
||||
size_t offset = 0;
|
||||
ip_set_ip_t *ip;
|
||||
|
||||
@@ -149,7 +149,7 @@ printheader(struct set *set, unsigned options)
|
||||
|
||||
static void
|
||||
printports_sorted(struct set *set, void *data,
|
||||
size_t len UNUSED, unsigned options)
|
||||
u_int32_t len UNUSED, unsigned options)
|
||||
{
|
||||
struct ip_set_portmap *mysetdata = set->settype->header;
|
||||
u_int32_t addr = mysetdata->first_ip;
|
||||
@@ -184,7 +184,7 @@ saveheader(struct set *set, unsigned options)
|
||||
|
||||
static void
|
||||
saveports(struct set *set, void *data,
|
||||
size_t len UNUSED, unsigned options)
|
||||
u_int32_t len UNUSED, unsigned options)
|
||||
{
|
||||
struct ip_set_portmap *mysetdata = set->settype->header;
|
||||
u_int32_t addr = mysetdata->first_ip;
|
||||
|
||||
@@ -134,7 +134,7 @@ printheader(struct set *set, unsigned options UNUSED)
|
||||
|
||||
static void
|
||||
printips_sorted(struct set *set, void *data,
|
||||
size_t len UNUSED, unsigned options UNUSED)
|
||||
u_int32_t len UNUSED, unsigned options UNUSED)
|
||||
{
|
||||
struct ip_set_setlist *mysetdata = set->settype->header;
|
||||
int i;
|
||||
@@ -162,7 +162,7 @@ saveheader(struct set *set, unsigned options UNUSED)
|
||||
|
||||
static void
|
||||
saveips(struct set *set, void *data,
|
||||
size_t len UNUSED, unsigned options UNUSED)
|
||||
u_int32_t len UNUSED, unsigned options UNUSED)
|
||||
{
|
||||
struct ip_set_setlist *mysetdata = set->settype->header;
|
||||
int i;
|
||||
|
||||
@@ -70,7 +70,9 @@ static int __init rawpost4_table_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 29)
|
||||
rwlock_init(&rawpost4_itable.lock);
|
||||
#endif
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 25)
|
||||
rawpost4_ptable = ipt_register_table(&init_net, &rawpost4_itable,
|
||||
&rawpost4_initial.repl);
|
||||
|
||||
@@ -143,27 +143,11 @@ ipmark_tg_save(const void *entry, const struct xt_entry_target *target)
|
||||
printf("--or-mask 0x%x ", (unsigned int)info->ormask);
|
||||
}
|
||||
|
||||
static struct xtables_target ipmark_tg4_reg = {
|
||||
static struct xtables_target ipmark_tg_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "IPMARK",
|
||||
.family = PF_INET,
|
||||
.revision = 0,
|
||||
.size = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)),
|
||||
.userspacesize = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)),
|
||||
.help = ipmark_tg_help,
|
||||
.init = ipmark_tg_init,
|
||||
.parse = ipmark_tg_parse,
|
||||
.final_check = ipmark_tg_check,
|
||||
.print = ipmark_tg_print,
|
||||
.save = ipmark_tg_save,
|
||||
.extra_opts = ipmark_tg_opts,
|
||||
};
|
||||
|
||||
static struct xtables_target ipmark_tg6_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "IPMARK",
|
||||
.family = PF_INET6,
|
||||
.revision = 0,
|
||||
.family = PF_UNSPEC,
|
||||
.revision = 1,
|
||||
.size = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)),
|
||||
.userspacesize = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)),
|
||||
.help = ipmark_tg_help,
|
||||
@@ -177,6 +161,5 @@ static struct xtables_target ipmark_tg6_reg = {
|
||||
|
||||
static __attribute__((constructor)) void ipmark_tg_ldr(void)
|
||||
{
|
||||
xtables_register_target(&ipmark_tg4_reg);
|
||||
xtables_register_target(&ipmark_tg6_reg);
|
||||
xtables_register_target(&ipmark_tg_reg);
|
||||
}
|
||||
|
||||
@@ -19,7 +19,7 @@ static void steal_tg_check(unsigned int flags)
|
||||
static struct xtables_target steal_tg_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "STEAL",
|
||||
.family = AF_INET,
|
||||
.family = AF_UNSPEC,
|
||||
.size = XT_ALIGN(0),
|
||||
.userspacesize = XT_ALIGN(0),
|
||||
.help = steal_tg_help,
|
||||
|
||||
@@ -21,21 +21,11 @@ static void sysrq_tg_check(unsigned int flags)
|
||||
{
|
||||
}
|
||||
|
||||
static struct xtables_target sysrq_tg4_reg = {
|
||||
static struct xtables_target sysrq_tg_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "SYSRQ",
|
||||
.family = PF_INET,
|
||||
.size = XT_ALIGN(0),
|
||||
.userspacesize = XT_ALIGN(0),
|
||||
.help = sysrq_tg_help,
|
||||
.parse = sysrq_tg_parse,
|
||||
.final_check = sysrq_tg_check,
|
||||
};
|
||||
|
||||
static struct xtables_target sysrq_tg6_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "SYSRQ",
|
||||
.family = PF_INET6,
|
||||
.revision = 1,
|
||||
.family = PF_UNSPEC,
|
||||
.size = XT_ALIGN(0),
|
||||
.userspacesize = XT_ALIGN(0),
|
||||
.help = sysrq_tg_help,
|
||||
@@ -45,6 +35,5 @@ static struct xtables_target sysrq_tg6_reg = {
|
||||
|
||||
static __attribute__((constructor)) void sysrq_tg_ldr(void)
|
||||
{
|
||||
xtables_register_target(&sysrq_tg4_reg);
|
||||
xtables_register_target(&sysrq_tg6_reg);
|
||||
xtables_register_target(&sysrq_tg_reg);
|
||||
}
|
||||
|
||||
@@ -79,7 +79,7 @@ static void condition_save(const void *ip, const struct xt_entry_match *match)
|
||||
|
||||
static struct xtables_match condition_mt_reg = {
|
||||
.name = "condition",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = PF_UNSPEC,
|
||||
.version = XTABLES_VERSION,
|
||||
.size = XT_ALIGN(sizeof(struct xt_condition_mtinfo)),
|
||||
|
||||
@@ -101,6 +101,7 @@ static void fuzzy_mt_save(const void *ip, const struct xt_entry_match *match)
|
||||
|
||||
static struct xtables_match fuzzy_mt_reg = {
|
||||
.name = "fuzzy",
|
||||
.revision = 1,
|
||||
.version = XTABLES_VERSION,
|
||||
.size = XT_ALIGN(sizeof(struct xt_fuzzy_mtinfo)),
|
||||
.userspacesize = offsetof(struct xt_fuzzy_mtinfo, packets_total),
|
||||
|
||||
@@ -261,6 +261,7 @@ geoip_save(const void *ip, const struct xt_entry_match *match)
|
||||
static struct xtables_match geoip_match = {
|
||||
.family = AF_INET,
|
||||
.name = "geoip",
|
||||
.revision = 1,
|
||||
.version = XTABLES_VERSION,
|
||||
.size = XT_ALIGN(sizeof(struct xt_geoip_match_info)),
|
||||
.userspacesize = offsetof(struct xt_geoip_match_info, mem),
|
||||
|
||||
@@ -200,22 +200,7 @@ static struct xtables_match iface_mt_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "iface",
|
||||
.revision = 0,
|
||||
.family = AF_INET,
|
||||
.size = XT_ALIGN(sizeof(struct xt_iface_mtinfo)),
|
||||
.userspacesize = XT_ALIGN(sizeof(struct xt_iface_mtinfo)),
|
||||
.help = iface_mt_help,
|
||||
.parse = iface_mt_parse,
|
||||
.final_check = iface_mt_check,
|
||||
.print = iface_mt_print,
|
||||
.save = iface_mt_save,
|
||||
.extra_opts = iface_mt_opts,
|
||||
};
|
||||
|
||||
static struct xtables_match iface_mt6_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "iface",
|
||||
.revision = 0,
|
||||
.family = AF_INET6,
|
||||
.family = AF_UNSPEC,
|
||||
.size = XT_ALIGN(sizeof(struct xt_iface_mtinfo)),
|
||||
.userspacesize = XT_ALIGN(sizeof(struct xt_iface_mtinfo)),
|
||||
.help = iface_mt_help,
|
||||
@@ -229,5 +214,4 @@ static struct xtables_match iface_mt6_reg = {
|
||||
static void _init(void)
|
||||
{
|
||||
xtables_register_match(&iface_mt_reg);
|
||||
xtables_register_match(&iface_mt6_reg);
|
||||
}
|
||||
|
||||
@@ -228,7 +228,7 @@ static void ipp2p_mt_save(const void *entry, const struct xt_entry_match *match)
|
||||
static struct xtables_match ipp2p_mt_reg = {
|
||||
.version = XTABLES_VERSION,
|
||||
.name = "ipp2p",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = AF_INET,
|
||||
.size = XT_ALIGN(sizeof(struct ipt_p2p_info)),
|
||||
.userspacesize = XT_ALIGN(sizeof(struct ipt_p2p_info)),
|
||||
|
||||
@@ -82,7 +82,7 @@ ipmark_tg6(struct sk_buff **pskb, const struct xt_target_param *par)
|
||||
static struct xt_target ipmark_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "IPMARK",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV4,
|
||||
.table = "mangle",
|
||||
.target = ipmark_tg4,
|
||||
@@ -91,7 +91,7 @@ static struct xt_target ipmark_tg_reg[] __read_mostly = {
|
||||
},
|
||||
{
|
||||
.name = "IPMARK",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV6,
|
||||
.table = "mangle",
|
||||
.target = ipmark_tg6,
|
||||
|
||||
@@ -272,7 +272,7 @@ static bool sysrq_tg_check(const struct xt_tgchk_param *par)
|
||||
static struct xt_target sysrq_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "SYSRQ",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV4,
|
||||
.target = sysrq_tg4,
|
||||
.checkentry = sysrq_tg_check,
|
||||
@@ -280,7 +280,7 @@ static struct xt_target sysrq_tg_reg[] __read_mostly = {
|
||||
},
|
||||
{
|
||||
.name = "SYSRQ",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV6,
|
||||
.target = sysrq_tg6,
|
||||
.checkentry = sysrq_tg_check,
|
||||
|
||||
@@ -206,7 +206,7 @@ static void condition_mt_destroy(const struct xt_mtdtor_param *par)
|
||||
static struct xt_match condition_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "condition",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV4,
|
||||
.matchsize = XT_ALIGN(sizeof(struct xt_condition_mtinfo)),
|
||||
.match = condition_mt,
|
||||
@@ -216,7 +216,7 @@ static struct xt_match condition_mt_reg[] __read_mostly = {
|
||||
},
|
||||
{
|
||||
.name = "condition",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV6,
|
||||
.matchsize = XT_ALIGN(sizeof(struct xt_condition_mtinfo)),
|
||||
.match = condition_mt,
|
||||
|
||||
@@ -142,7 +142,7 @@ static bool fuzzy_mt_check(const struct xt_mtchk_param *par)
|
||||
static struct xt_match fuzzy_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "fuzzy",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV4,
|
||||
.match = fuzzy_mt,
|
||||
.checkentry = fuzzy_mt_check,
|
||||
@@ -151,7 +151,7 @@ static struct xt_match fuzzy_mt_reg[] __read_mostly = {
|
||||
},
|
||||
{
|
||||
.name = "fuzzy",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV6,
|
||||
.match = fuzzy_mt,
|
||||
.checkentry = fuzzy_mt_check,
|
||||
|
||||
@@ -222,7 +222,7 @@ static void xt_geoip_mt_destroy(const struct xt_mtdtor_param *par)
|
||||
|
||||
static struct xt_match xt_geoip_match __read_mostly = {
|
||||
.name = "geoip",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV4,
|
||||
.match = xt_geoip_mt,
|
||||
.checkentry = xt_geoip_mt_checkentry,
|
||||
|
||||
@@ -890,7 +890,7 @@ ipp2p_mt(const struct sk_buff *skb, const struct xt_match_param *par)
|
||||
|
||||
static struct xt_match ipp2p_mt_reg __read_mostly = {
|
||||
.name = "ipp2p",
|
||||
.revision = 0,
|
||||
.revision = 1,
|
||||
.family = NFPROTO_IPV4,
|
||||
.match = ipp2p_mt,
|
||||
.matchsize = sizeof(struct ipt_p2p_info),
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
.TH xtables\-addons 8 "v1.15 (2009\-04\-30)" "" "v1.15 (2009\-04\-30)"
|
||||
.TH xtables\-addons 8 "v1.16 (2009\-05\-27)" "" "v1.16 (2009\-05\-27)"
|
||||
.SH Name
|
||||
Xtables\-addons - additional extensions for iptables, ip6tables, etc.
|
||||
.SH Targets
|
||||
|
||||
Reference in New Issue
Block a user