diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-04-08 20:59:15 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-04-09 21:42:16 +0200 |
commit | f2548b41d4e203c5e5b7cd5fab8bc1698000092b (patch) | |
tree | 9c388a1895361141fe5cad7331a3bd7adce24401 /kernel/include/linux/netfilter/ipset/ip_set.h | |
parent | 2ffeb47475ae84f29b0d8e78e43c68ac8d7991d1 (diff) |
Introduce extensions to elements in the core
Introduce extensions to elements in the core and prepare timeout as
the first one.
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'kernel/include/linux/netfilter/ipset/ip_set.h')
-rw-r--r-- | kernel/include/linux/netfilter/ipset/ip_set.h | 46 |
1 files changed, 39 insertions, 7 deletions
diff --git a/kernel/include/linux/netfilter/ipset/ip_set.h b/kernel/include/linux/netfilter/ipset/ip_set.h index bcaa51f..c07224b 100644 --- a/kernel/include/linux/netfilter/ipset/ip_set.h +++ b/kernel/include/linux/netfilter/ipset/ip_set.h @@ -1,7 +1,7 @@ /* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu> * Patrick Schaaf <bof@bof.de> * Martin Josefsson <gandalf@wlug.westbo.se> - * Copyright (C) 2003-2011 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> + * Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as @@ -48,10 +48,30 @@ enum ip_set_feature { IPSET_DUMP_LAST = (1 << IPSET_DUMP_LAST_FLAG), }; +/* Set extensions */ +enum ip_set_extension { + IPSET_EXT_NONE = 0, + IPSET_EXT_BIT_TIMEOUT = 1, + IPSET_EXT_TIMEOUT = (1 << IPSET_EXT_BIT_TIMEOUT), +}; + +/* Extension offsets */ +enum ip_set_offset { + IPSET_OFFSET_TIMEOUT = 0, + IPSET_OFFSET_MAX, +}; + +#define SET_WITH_TIMEOUT(s) ((s)->extensions & IPSET_EXT_TIMEOUT) + +struct ip_set_ext { + unsigned long timeout; +}; + struct ip_set; typedef int (*ipset_adtfn)(struct ip_set *set, void *value, - u32 timeout, u32 flags); + const struct ip_set_ext *ext, + struct ip_set_ext *mext, u32 flags); /* Kernel API function options */ struct ip_set_adt_opt { @@ -59,7 +79,7 @@ struct ip_set_adt_opt { u8 dim; /* Dimension of match/target */ u8 flags; /* Direction and negation flags */ u32 cmdflags; /* Command-like flags */ - u32 timeout; /* Timeout value */ + struct ip_set_ext ext; /* Extensions */ }; /* Set type, variant-specific part */ @@ -70,7 +90,7 @@ struct ip_set_type_variant { * positive for matching element */ int (*kadt)(struct ip_set *set, const struct sk_buff *skb, const struct xt_action_param *par, - enum ipset_adt adt, const struct ip_set_adt_opt *opt); + enum ipset_adt adt, struct ip_set_adt_opt *opt); /* Userspace: test/add/del entries * returns negative error code, @@ -152,6 +172,8 @@ struct ip_set { u8 family; /* The type revision */ u8 revision; + /* Extensions */ + u8 extensions; /* The type specific data */ void *data; }; @@ -168,19 +190,21 @@ extern void ip_set_nfnl_put(ip_set_id_t index); extern int ip_set_add(ip_set_id_t id, const struct sk_buff *skb, const struct xt_action_param *par, - const struct ip_set_adt_opt *opt); + struct ip_set_adt_opt *opt); extern int ip_set_del(ip_set_id_t id, const struct sk_buff *skb, const struct xt_action_param *par, - const struct ip_set_adt_opt *opt); + struct ip_set_adt_opt *opt); extern int ip_set_test(ip_set_id_t id, const struct sk_buff *skb, const struct xt_action_param *par, - const struct ip_set_adt_opt *opt); + struct ip_set_adt_opt *opt); /* Utility functions */ extern void *ip_set_alloc(size_t size); extern void ip_set_free(void *members); extern int ip_set_get_ipaddr4(struct nlattr *nla, __be32 *ipaddr); extern int ip_set_get_ipaddr6(struct nlattr *nla, union nf_inet_addr *ipaddr); +extern int ip_set_get_extensions(struct ip_set *set, struct nlattr *tb[], + struct ip_set_ext *ext); static inline int ip_set_get_hostipaddr4(struct nlattr *nla, u32 *ipaddr) @@ -293,4 +317,12 @@ bitmap_bytes(u32 a, u32 b) return 4 * ((((b - a + 8) / 8) + 3) / 4); } +#include <linux/netfilter/ipset/ip_set_timeout.h> + +#define IP_SET_INIT_KEXT(skb, opt, map) \ + { .timeout = ip_set_adt_opt_timeout(opt, map) } + +#define IP_SET_INIT_UEXT(map) \ + { .timeout = (map)->timeout } + #endif /*_IP_SET_H */ |