summaryrefslogtreecommitdiffstats
path: root/include/libipset
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2017-10-09 18:43:04 +0200
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2018-01-02 21:47:27 +0100
commitd71dd93599b932693f045301424c2276cd25a87e (patch)
treed1779c04b8bb2a44915483751ac33e498b1a2ad9 /include/libipset
parente2a84a4a7bb8cdebfe4c0990b79179e2fd717a48 (diff)
Userspace revision handling is reworked
In order to make it simpler and more straightforward to express the revisions of the set type, all keywords and their parsing are separated from the individual set types. All backward compatibility arguments are recognized and ignored arguments are supported. Recognized but ignored arguments will be removed in a later release.
Diffstat (limited to 'include/libipset')
-rw-r--r--include/libipset/args.h71
-rw-r--r--include/libipset/types.h16
2 files changed, 84 insertions, 3 deletions
diff --git a/include/libipset/args.h b/include/libipset/args.h
new file mode 100644
index 0000000..cdec180
--- /dev/null
+++ b/include/libipset/args.h
@@ -0,0 +1,71 @@
+/* Copyright 2017 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+#ifndef LIBIPSET_ARGS_H
+#define LIBIPSET_ARGS_H
+
+/* Keywords */
+enum ipset_keywords {
+ IPSET_ARG_NONE = 0,
+ /* Family and aliases */
+ IPSET_ARG_FAMILY, /* family */
+ IPSET_ARG_INET, /* -4 */
+ IPSET_ARG_INET6, /* -6 */
+ /* Hash types */
+ IPSET_ARG_HASHSIZE, /* hashsize */
+ IPSET_ARG_MAXELEM, /* maxelem */
+ /* Ignored options: backward compatibilty */
+ IPSET_ARG_PROBES, /* probes */
+ IPSET_ARG_RESIZE, /* resize */
+ IPSET_ARG_GC, /* gc */
+ IPSET_ARG_IGNORED_FROM, /* from */
+ IPSET_ARG_IGNORED_TO, /* to */
+ IPSET_ARG_IGNORED_NETWORK, /* network */
+ /* List type */
+ IPSET_ARG_SIZE, /* size */
+ /* IP-type elements */
+ IPSET_ARG_IPRANGE, /* range */
+ IPSET_ARG_NETMASK, /* netmask */
+ /* Port-type elements */
+ IPSET_ARG_PORTRANGE, /* range */
+ /* Setname type elements */
+ IPSET_ARG_BEFORE, /* before */
+ IPSET_ARG_AFTER, /* after */
+ /* Backward compatibility */
+ IPSET_ARG_FROM_IP, /* from */
+ IPSET_ARG_TO_IP, /* to */
+ IPSET_ARG_NETWORK, /* network */
+ IPSET_ARG_FROM_PORT, /* from */
+ IPSET_ARG_TO_PORT, /* to */
+ /* Extra flags, options */
+ IPSET_ARG_FORCEADD, /* forceadd */
+ IPSET_ARG_MARKMASK, /* markmask */
+ IPSET_ARG_NOMATCH, /* nomatch */
+ /* Extensions */
+ IPSET_ARG_TIMEOUT, /* timeout */
+ IPSET_ARG_COUNTERS, /* counters */
+ IPSET_ARG_PACKETS, /* packets */
+ IPSET_ARG_BYTES, /* bytes */
+ IPSET_ARG_COMMENT, /* comment */
+ IPSET_ARG_ADT_COMMENT, /* comment */
+ IPSET_ARG_SKBINFO, /* skbinfo */
+ IPSET_ARG_SKBMARK, /* skbmark */
+ IPSET_ARG_SKBPRIO, /* skbprio */
+ IPSET_ARG_SKBQUEUE, /* skbqueue */
+ IPSET_ARG_MAX,
+};
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern const struct ipset_arg * ipset_keyword(enum ipset_keywords i);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LIBIPSET_ARGS_H */
diff --git a/include/libipset/types.h b/include/libipset/types.h
index 137d7ec..bb71d88 100644
--- a/include/libipset/types.h
+++ b/include/libipset/types.h
@@ -10,6 +10,7 @@
#include <stddef.h> /* NULL */
#include <stdint.h> /* uintxx_t */
+#include <libipset/args.h> /* enum ipset_keywords */
#include <libipset/data.h> /* enum ipset_opt */
#include <libipset/parse.h> /* ipset_parsefn */
#include <libipset/print.h> /* ipset_printfn */
@@ -47,6 +48,7 @@ struct ipset_arg {
enum ipset_opt opt; /* argumentum type */
ipset_parsefn parse; /* parser function */
ipset_printfn print; /* printing function */
+ const char *help; /* help text */
};
/* Type check against the kernel */
@@ -63,6 +65,16 @@ struct ipset_elem {
enum ipset_opt opt; /* elem option */
};
+#define IPSET_OPTARG_MAX 24
+
+/* How other CADT args are parsed */
+struct ipset_optarg {
+ enum ipset_keywords args[IPSET_OPTARG_MAX];/* args */
+ uint64_t need; /* needed flags */
+ uint64_t full; /* all possible flags */
+ const char *help; /* help text */
+};
+
/* The set types in userspace
* we could collapse 'args' and 'mandatory' to two-element lists
* but for the readability the full list is supported.
@@ -76,9 +88,7 @@ struct ipset_type {
bool last_elem_optional; /* last element optional */
struct ipset_elem elem[IPSET_DIM_UMAX]; /* parse elem */
ipset_parsefn compat_parse_elem; /* compatibility parser */
- const struct ipset_arg *args[IPSET_CADT_MAX]; /* create/ADT args besides elem */
- uint64_t mandatory[IPSET_CADT_MAX]; /* create/ADT mandatory flags */
- uint64_t full[IPSET_CADT_MAX]; /* full args flags */
+ struct ipset_optarg cmd[IPSET_CADT_MAX];/* optional arguments */
const char *usage; /* terse usage */
void (*usagefn)(void); /* additional usage */
const char *description; /* short revision description */