summaryrefslogtreecommitdiffstats
path: root/kernel/include
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2009-05-16 21:10:02 +0200
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2009-05-16 21:10:02 +0200
commit027dc5fb9021ce3f814a345b17c56d899733569a (patch)
tree0639dc5b91b3a98036ee7b8122fb508c78a92d7d /kernel/include
parent40cb9382148104e0f68891b5cb3e5dc1a04250fa (diff)
ipset 3.0 releasev3.0
The main change is full bigendian and 64/32bit enviroment support - in consequence the kernel-userspace protocol version was bumped.
Diffstat (limited to 'kernel/include')
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set.h32
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h8
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_compat.h1
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_hashes.h16
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h2
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h4
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_portmap.h2
7 files changed, 34 insertions, 31 deletions
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set.h b/kernel/include/linux/netfilter_ipv4/ip_set.h
index ec3e59f..3667352 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set.h
@@ -40,7 +40,7 @@
/*
* Used so that the kernel module and ipset-binary can match their versions
*/
-#define IP_SET_PROTOCOL_VERSION 2
+#define IP_SET_PROTOCOL_VERSION 3
#define IP_SET_MAXNAMELEN 32 /* set names and set typenames */
@@ -228,7 +228,7 @@ struct ip_set_req_max_sets {
struct ip_set_req_setnames {
unsigned op;
ip_set_id_t index; /* set to list/save */
- size_t size; /* size to get setdata/bindings */
+ u_int32_t size; /* size to get setdata/bindings */
/* followed by sets number of struct ip_set_name_list */
};
@@ -250,9 +250,9 @@ struct ip_set_list {
ip_set_id_t index;
ip_set_id_t binding;
u_int32_t ref;
- size_t header_size; /* Set header data of header_size */
- size_t members_size; /* Set members data of members_size */
- size_t bindings_size; /* Set bindings data of bindings_size */
+ u_int32_t header_size; /* Set header data of header_size */
+ u_int32_t members_size; /* Set members data of members_size */
+ u_int32_t bindings_size;/* Set bindings data of bindings_size */
};
struct ip_set_hash_list {
@@ -269,8 +269,8 @@ struct ip_set_hash_list {
struct ip_set_save {
ip_set_id_t index;
ip_set_id_t binding;
- size_t header_size; /* Set header data of header_size */
- size_t members_size; /* Set members data of members_size */
+ u_int32_t header_size; /* Set header data of header_size */
+ u_int32_t members_size; /* Set members data of members_size */
};
/* At restoring, ip == 0 means default binding for the given set: */
@@ -290,8 +290,8 @@ struct ip_set_restore {
char name[IP_SET_MAXNAMELEN];
char typename[IP_SET_MAXNAMELEN];
ip_set_id_t index;
- size_t header_size; /* Create data of header_size */
- size_t members_size; /* Set members data of members_size */
+ u_int32_t header_size; /* Create data of header_size */
+ u_int32_t members_size; /* Set members data of members_size */
};
static inline int bitmap_bytes(ip_set_ip_t a, ip_set_ip_t b)
@@ -358,14 +358,14 @@ struct ip_set_type {
* return 0 if not in set, 1 if in set.
*/
int (*testip) (struct ip_set *set,
- const void *data, size_t size,
+ const void *data, u_int32_t size,
ip_set_ip_t *ip);
/*
* Size of the data structure passed by when
* adding/deletin/testing an entry.
*/
- size_t reqsize;
+ u_int32_t reqsize;
/* Add IP into set (userspace: ipset -A set IP)
* Return -EEXIST if the address is already in the set,
@@ -373,7 +373,7 @@ struct ip_set_type {
* If the address was not already in the set, 0 is returned.
*/
int (*addip) (struct ip_set *set,
- const void *data, size_t size,
+ const void *data, u_int32_t size,
ip_set_ip_t *ip);
/* Add IP into set (kernel: iptables ... -j SET set src|dst)
@@ -393,7 +393,7 @@ struct ip_set_type {
* If the address really was in the set, 0 is returned.
*/
int (*delip) (struct ip_set *set,
- const void *data, size_t size,
+ const void *data, u_int32_t size,
ip_set_ip_t *ip);
/* remove IP from set (kernel: iptables ... -j SET --entry x)
@@ -410,7 +410,7 @@ struct ip_set_type {
/* new set creation - allocated type specific items
*/
int (*create) (struct ip_set *set,
- const void *data, size_t size);
+ const void *data, u_int32_t size);
/* retry the operation after successfully tweaking the set
*/
@@ -429,7 +429,7 @@ struct ip_set_type {
/* Listing: size needed for header
*/
- size_t header_size;
+ u_int32_t header_size;
/* Listing: Get the header
*
@@ -515,7 +515,7 @@ extern int ip_set_testip_kernel(ip_set_id_t id,
#define UADT0(type, adt, args...) \
static int \
-FNAME(type,_u,adt)(struct ip_set *set, const void *data, size_t size, \
+FNAME(type,_u,adt)(struct ip_set *set, const void *data, u_int32_t size,\
ip_set_ip_t *hash_ip) \
{ \
const STRUCT(ip_set_req_,type) *req = data; \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
index 2e9293f..d537639 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
@@ -6,7 +6,7 @@
#ifdef __KERNEL__
#define BITMAP_CREATE(type) \
static int \
-type##_create(struct ip_set *set, const void *data, size_t size) \
+type##_create(struct ip_set *set, const void *data, u_int32_t size) \
{ \
int newbytes; \
const struct ip_set_req_##type##_create *req = data; \
@@ -19,8 +19,8 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
\
map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL); \
if (!map) { \
- DP("out of memory for %d bytes", \
- sizeof(struct ip_set_#type)); \
+ DP("out of memory for %lu bytes", \
+ sizeof(struct ip_set_##type)); \
return -ENOMEM; \
} \
map->first_ip = req->from; \
@@ -35,7 +35,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
map->size = newbytes; \
map->members = ip_set_malloc(newbytes); \
if (!map->members) { \
- DP("out of memory for %d bytes", newbytes); \
+ DP("out of memory for %i bytes", newbytes); \
kfree(map); \
return -ENOMEM; \
} \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
index 5695b3b..96c2024 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
@@ -58,6 +58,7 @@ static inline void *kzalloc(size_t size, gfp_t flags)
#endif
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
+#include <linux/netfilter.h>
#define KMEM_CACHE_CREATE(name, size) \
kmem_cache_create(name, size, 0, 0, NULL, NULL)
#else
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
index 6914a12..4ca8431 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
@@ -28,20 +28,22 @@ type##_retry(struct ip_set *set) \
hashsize++; \
\
ip_set_printk("rehashing of set %s triggered: " \
- "hashsize grows from %u to %u", \
- set->name, map->hashsize, hashsize); \
+ "hashsize grows from %lu to %lu", \
+ set->name, \
+ (long unsigned)map->hashsize, \
+ (long unsigned)hashsize); \
\
tmp = kmalloc(sizeof(struct ip_set_##type) \
+ map->probes * sizeof(initval_t), GFP_ATOMIC); \
if (!tmp) { \
- DP("out of memory for %d bytes", \
+ DP("out of memory for %lu bytes", \
sizeof(struct ip_set_##type) \
+ map->probes * sizeof(initval_t)); \
return -ENOMEM; \
} \
tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\
if (!tmp->members) { \
- DP("out of memory for %d bytes", hashsize * sizeof(dtype));\
+ DP("out of memory for %lu bytes", hashsize * sizeof(dtype));\
kfree(tmp); \
return -ENOMEM; \
} \
@@ -88,7 +90,7 @@ type##_retry(struct ip_set *set) \
#define HASH_CREATE(type, dtype) \
static int \
-type##_create(struct ip_set *set, const void *data, size_t size) \
+type##_create(struct ip_set *set, const void *data, u_int32_t size) \
{ \
const struct ip_set_req_##type##_create *req = data; \
struct ip_set_##type *map; \
@@ -107,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
map = kmalloc(sizeof(struct ip_set_##type) \
+ req->probes * sizeof(initval_t), GFP_KERNEL); \
if (!map) { \
- DP("out of memory for %d bytes", \
+ DP("out of memory for %lu bytes", \
sizeof(struct ip_set_##type) \
+ req->probes * sizeof(initval_t)); \
return -ENOMEM; \
@@ -124,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
} \
map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\
if (!map->members) { \
- DP("out of memory for %d bytes", map->hashsize * sizeof(dtype));\
+ DP("out of memory for %lu bytes", map->hashsize * sizeof(dtype));\
kfree(map); \
return -ENOMEM; \
} \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
index d1381b5..ce4b29b 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
@@ -13,7 +13,7 @@ struct ip_set_ipmap {
ip_set_ip_t netmask; /* subnet netmask */
ip_set_ip_t sizeid; /* size of set in IPs */
ip_set_ip_t hosts; /* number of hosts in a subnet */
- size_t size; /* size of the ipmap proper */
+ u_int32_t size; /* size of the ipmap proper */
};
struct ip_set_req_ipmap_create {
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
index c983214..19418f3 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
@@ -17,7 +17,7 @@ struct ip_set_macipmap {
ip_set_ip_t first_ip; /* host byte order, included in range */
ip_set_ip_t last_ip; /* host byte order, included in range */
u_int32_t flags;
- size_t size; /* size of the ipmap proper */
+ u_int32_t size; /* size of the ipmap proper */
};
struct ip_set_req_macipmap_create {
@@ -32,7 +32,7 @@ struct ip_set_req_macipmap {
};
struct ip_set_macip {
- unsigned short flags;
+ unsigned short match;
unsigned char ethernet[ETH_ALEN];
};
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
index e878327..8ea6ba2 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
@@ -10,7 +10,7 @@ struct ip_set_portmap {
void *members; /* the portmap proper */
ip_set_ip_t first_ip; /* host byte order, included in range */
ip_set_ip_t last_ip; /* host byte order, included in range */
- size_t size; /* size of the ipmap proper */
+ u_int32_t size; /* size of the ipmap proper */
};
struct ip_set_req_portmap_create {