summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2010-01-24 15:49:16 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2010-01-24 15:49:16 +0100
commit584e8d0604a55fcda68848bef82a2954d8af71f5 (patch)
treeaef63f4901d1a68e65d84a23646ac487a809e24f
parentc896b069e6c9cd229119a791c51d19e8f11c853c (diff)
New version 4.2 released:v4.2
kernel: - nethash and ipportnethash types counted every entry twice which could produce bogus entries when listing/saving these types of sets (bug reported by Husnu Demir) userspace: - Checking null entries when listing/saving hash types of sets deleted because it's unnecessary and can mask possible errors.
-rw-r--r--ChangeLog4
-rw-r--r--Makefile2
-rw-r--r--ipset_iphash.c7
-rw-r--r--ipset_ipporthash.c24
-rw-r--r--ipset_ipportiphash.c32
-rw-r--r--ipset_ipportnethash.c32
-rw-r--r--ipset_nethash.c8
-rw-r--r--kernel/ChangeLog5
-rw-r--r--kernel/ip_set_ipportnethash.c1
-rw-r--r--kernel/ip_set_nethash.c1
10 files changed, 53 insertions, 63 deletions
diff --git a/ChangeLog b/ChangeLog
index 13707ed..354df0b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+4.2
+ - Checking null entries when listing/saving hash types of sets
+ deleted because it's unnecessary and can mask possible errors.
+
4.1
- Manpage fixes and corrections (Jan Engelhardt)
diff --git a/Makefile b/Makefile
index b0f337e..bbec449 100644
--- a/Makefile
+++ b/Makefile
@@ -20,7 +20,7 @@ ifndef V
V=0
endif
-IPSET_VERSION:=4.1
+IPSET_VERSION:=4.2
PREFIX:=/usr/local
LIBDIR:=$(PREFIX)/lib
diff --git a/ipset_iphash.c b/ipset_iphash.c
index b352df4..0bc5bd1 100644
--- a/ipset_iphash.c
+++ b/ipset_iphash.c
@@ -200,8 +200,7 @@ iphash_printips(struct set *set UNUSED, void *data, u_int32_t len,
while (offset < len) {
ip = data + offset;
- if (*ip)
- printf("%s\n", ip_tostring(*ip, options));
+ printf("%s\n", ip_tostring(*ip, options));
offset += IPSET_VALIGN(sizeof(ip_set_ip_t), dont_align);
}
}
@@ -230,9 +229,7 @@ iphash_saveips(struct set *set UNUSED, void *data, u_int32_t len,
while (offset < len) {
ip = data + offset;
- if (*ip)
- printf("-A %s %s\n", set->name,
- ip_tostring(*ip, options));
+ printf("-A %s %s\n", set->name, ip_tostring(*ip, options));
offset += IPSET_VALIGN(sizeof(ip_set_ip_t), dont_align);
}
}
diff --git a/ipset_ipporthash.c b/ipset_ipporthash.c
index ce783ee..9249b2a 100644
--- a/ipset_ipporthash.c
+++ b/ipset_ipporthash.c
@@ -259,13 +259,11 @@ ipporthash_printips(struct set *set, void *data, u_int32_t len,
while (offset < len) {
ipptr = data + offset;
- if (*ipptr) {
- ip = (*ipptr>>16) + mysetdata->first_ip;
- port = (uint16_t) *ipptr;
- printf("%s,%s\n",
- ip_tostring(ip, options),
- port_tostring(port, options));
- }
+ ip = (*ipptr>>16) + mysetdata->first_ip;
+ port = (uint16_t) *ipptr;
+ printf("%s,%s\n",
+ ip_tostring(ip, options),
+ port_tostring(port, options));
offset += IPSET_VALIGN(sizeof(ip_set_ip_t), dont_align);
}
}
@@ -296,13 +294,11 @@ ipporthash_saveips(struct set *set, void *data, u_int32_t len,
while (offset < len) {
ipptr = data + offset;
- if (*ipptr) {
- ip = (*ipptr>>16) + mysetdata->first_ip;
- port = (uint16_t) *ipptr;
- printf("-A %s %s,%s\n", set->name,
- ip_tostring(ip, options),
- port_tostring(port, options));
- }
+ ip = (*ipptr>>16) + mysetdata->first_ip;
+ port = (uint16_t) *ipptr;
+ printf("-A %s %s,%s\n", set->name,
+ ip_tostring(ip, options),
+ port_tostring(port, options));
offset += IPSET_VALIGN(sizeof(ip_set_ip_t), dont_align);
}
}
diff --git a/ipset_ipportiphash.c b/ipset_ipportiphash.c
index 95cbcfd..49861bf 100644
--- a/ipset_ipportiphash.c
+++ b/ipset_ipportiphash.c
@@ -265,15 +265,13 @@ ipportiphash_printips(struct set *set, void *data, u_int32_t len,
while (offset < len) {
ipptr = data + offset;
- if (ipptr->ip && ipptr->ip1) {
- ip = (ipptr->ip>>16) + mysetdata->first_ip;
- port = (uint16_t) ipptr->ip;
- printf("%s,%s,",
- ip_tostring(ip, options),
- port_tostring(port, options));
- printf("%s\n",
- ip_tostring(ipptr->ip1, options));
- }
+ ip = (ipptr->ip>>16) + mysetdata->first_ip;
+ port = (uint16_t) ipptr->ip;
+ printf("%s,%s,",
+ ip_tostring(ip, options),
+ port_tostring(port, options));
+ printf("%s\n",
+ ip_tostring(ipptr->ip1, options));
offset += IPSET_VALIGN(sizeof(struct ipportip), dont_align);
}
}
@@ -305,15 +303,13 @@ ipportiphash_saveips(struct set *set, void *data, u_int32_t len,
while (offset < len) {
ipptr = data + offset;
- if (ipptr->ip && ipptr->ip1) {
- ip = (ipptr->ip>>16) + mysetdata->first_ip;
- port = (uint16_t) ipptr->ip;
- printf("-A %s %s,%s,", set->name,
- ip_tostring(ip, options),
- port_tostring(port, options));
- printf("%s\n",
- ip_tostring(ipptr->ip1, options));
- }
+ ip = (ipptr->ip>>16) + mysetdata->first_ip;
+ port = (uint16_t) ipptr->ip;
+ printf("-A %s %s,%s,", set->name,
+ ip_tostring(ip, options),
+ port_tostring(port, options));
+ printf("%s\n",
+ ip_tostring(ipptr->ip1, options));
offset += IPSET_VALIGN(sizeof(struct ipportip), dont_align);
}
}
diff --git a/ipset_ipportnethash.c b/ipset_ipportnethash.c
index 3485711..3a60bf1 100644
--- a/ipset_ipportnethash.c
+++ b/ipset_ipportnethash.c
@@ -330,15 +330,13 @@ ipportnethash_printips(struct set *set, void *data, u_int32_t len,
while (offset < len) {
ipptr = data + offset;
- if (ipptr->ip || ipptr->ip1) {
- ip = (ipptr->ip>>16) + mysetdata->first_ip;
- port = (uint16_t) ipptr->ip;
- printf("%s,%s,",
- ip_tostring(ip, options),
- port_tostring(port, options));
- printf("%s\n",
- unpack_ip_tostring(ipptr->ip1, options));
- }
+ ip = (ipptr->ip>>16) + mysetdata->first_ip;
+ port = (uint16_t) ipptr->ip;
+ printf("%s,%s,",
+ ip_tostring(ip, options),
+ port_tostring(port, options));
+ printf("%s\n",
+ unpack_ip_tostring(ipptr->ip1, options));
offset += IPSET_VALIGN(sizeof(struct ipportip), dont_align);
}
}
@@ -370,15 +368,13 @@ ipportnethash_saveips(struct set *set, void *data, u_int32_t len,
while (offset < len) {
ipptr = data + offset;
- if (ipptr) {
- ip = (ipptr->ip>>16) + mysetdata->first_ip;
- port = (uint16_t) ipptr->ip;
- printf("-A %s %s,%s,", set->name,
- ip_tostring(ip, options),
- port_tostring(port, options));
- printf("%s\n",
- unpack_ip_tostring(ipptr->ip, options));
- }
+ ip = (ipptr->ip>>16) + mysetdata->first_ip;
+ port = (uint16_t) ipptr->ip;
+ printf("-A %s %s,%s,", set->name,
+ ip_tostring(ip, options),
+ port_tostring(port, options));
+ printf("%s\n",
+ unpack_ip_tostring(ipptr->ip, options));
offset += IPSET_VALIGN(sizeof(struct ipportip), dont_align);
}
}
diff --git a/ipset_nethash.c b/ipset_nethash.c
index 50ca1bd..c7891cf 100644
--- a/ipset_nethash.c
+++ b/ipset_nethash.c
@@ -232,8 +232,7 @@ nethash_printips(struct set *set UNUSED, void *data, u_int32_t len,
while (offset < len) {
ip = data + offset;
- if (*ip)
- printf("%s\n", unpack_ip_tostring(*ip, options));
+ printf("%s\n", unpack_ip_tostring(*ip, options));
offset += IPSET_VALIGN(sizeof(ip_set_ip_t), dont_align);
}
}
@@ -258,9 +257,8 @@ nethash_saveips(struct set *set UNUSED, void *data, u_int32_t len,
while (offset < len) {
ip = data + offset;
- if (*ip)
- printf("-A %s %s\n", set->name,
- unpack_ip_tostring(*ip, options));
+ printf("-A %s %s\n", set->name,
+ unpack_ip_tostring(*ip, options));
offset += IPSET_VALIGN(sizeof(ip_set_ip_t), dont_align);
}
}
diff --git a/kernel/ChangeLog b/kernel/ChangeLog
index f613c94..1ad54cd 100644
--- a/kernel/ChangeLog
+++ b/kernel/ChangeLog
@@ -1,3 +1,8 @@
+4.2
+ - nethash and ipportnethash types counted every entry twice
+ which could produce bogus entries when listing/saving these types
+ of sets (bug reported by Husnu Demir)
+
4.1
- Do not use init_MUTEX either (Jan Engelhardt)
- Improve listing/saving hash type of sets by not copying empty
diff --git a/kernel/ip_set_ipportnethash.c b/kernel/ip_set_ipportnethash.c
index f328972..e0bb352 100644
--- a/kernel/ip_set_ipportnethash.c
+++ b/kernel/ip_set_ipportnethash.c
@@ -185,7 +185,6 @@ ipportnethash_add(struct ip_set *set,
if (ret == 0) {
if (!map->nets[cidr-1]++)
add_cidr_size(map->cidr, cidr);
- map->elements++;
}
return ret;
}
diff --git a/kernel/ip_set_nethash.c b/kernel/ip_set_nethash.c
index bf87f5c..e3b09e0 100644
--- a/kernel/ip_set_nethash.c
+++ b/kernel/ip_set_nethash.c
@@ -136,7 +136,6 @@ nethash_add(struct ip_set *set, ip_set_ip_t ip, uint8_t cidr)
if (ret == 0) {
if (!map->nets[cidr-1]++)
add_cidr_size(map->cidr, cidr);
- map->elements++;
}
return ret;