diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2009-05-16 21:10:02 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2009-05-16 21:10:02 +0200 |
commit | 027dc5fb9021ce3f814a345b17c56d899733569a (patch) | |
tree | 0639dc5b91b3a98036ee7b8122fb508c78a92d7d /kernel/include | |
parent | 40cb9382148104e0f68891b5cb3e5dc1a04250fa (diff) |
ipset 3.0 releasev3.0
The main change is full bigendian and 64/32bit enviroment support - in
consequence the kernel-userspace protocol version was bumped.
Diffstat (limited to 'kernel/include')
7 files changed, 34 insertions, 31 deletions
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set.h b/kernel/include/linux/netfilter_ipv4/ip_set.h index ec3e59f..3667352 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set.h @@ -40,7 +40,7 @@ /* * Used so that the kernel module and ipset-binary can match their versions */ -#define IP_SET_PROTOCOL_VERSION 2 +#define IP_SET_PROTOCOL_VERSION 3 #define IP_SET_MAXNAMELEN 32 /* set names and set typenames */ @@ -228,7 +228,7 @@ struct ip_set_req_max_sets { struct ip_set_req_setnames { unsigned op; ip_set_id_t index; /* set to list/save */ - size_t size; /* size to get setdata/bindings */ + u_int32_t size; /* size to get setdata/bindings */ /* followed by sets number of struct ip_set_name_list */ }; @@ -250,9 +250,9 @@ struct ip_set_list { ip_set_id_t index; ip_set_id_t binding; u_int32_t ref; - size_t header_size; /* Set header data of header_size */ - size_t members_size; /* Set members data of members_size */ - size_t bindings_size; /* Set bindings data of bindings_size */ + u_int32_t header_size; /* Set header data of header_size */ + u_int32_t members_size; /* Set members data of members_size */ + u_int32_t bindings_size;/* Set bindings data of bindings_size */ }; struct ip_set_hash_list { @@ -269,8 +269,8 @@ struct ip_set_hash_list { struct ip_set_save { ip_set_id_t index; ip_set_id_t binding; - size_t header_size; /* Set header data of header_size */ - size_t members_size; /* Set members data of members_size */ + u_int32_t header_size; /* Set header data of header_size */ + u_int32_t members_size; /* Set members data of members_size */ }; /* At restoring, ip == 0 means default binding for the given set: */ @@ -290,8 +290,8 @@ struct ip_set_restore { char name[IP_SET_MAXNAMELEN]; char typename[IP_SET_MAXNAMELEN]; ip_set_id_t index; - size_t header_size; /* Create data of header_size */ - size_t members_size; /* Set members data of members_size */ + u_int32_t header_size; /* Create data of header_size */ + u_int32_t members_size; /* Set members data of members_size */ }; static inline int bitmap_bytes(ip_set_ip_t a, ip_set_ip_t b) @@ -358,14 +358,14 @@ struct ip_set_type { * return 0 if not in set, 1 if in set. */ int (*testip) (struct ip_set *set, - const void *data, size_t size, + const void *data, u_int32_t size, ip_set_ip_t *ip); /* * Size of the data structure passed by when * adding/deletin/testing an entry. */ - size_t reqsize; + u_int32_t reqsize; /* Add IP into set (userspace: ipset -A set IP) * Return -EEXIST if the address is already in the set, @@ -373,7 +373,7 @@ struct ip_set_type { * If the address was not already in the set, 0 is returned. */ int (*addip) (struct ip_set *set, - const void *data, size_t size, + const void *data, u_int32_t size, ip_set_ip_t *ip); /* Add IP into set (kernel: iptables ... -j SET set src|dst) @@ -393,7 +393,7 @@ struct ip_set_type { * If the address really was in the set, 0 is returned. */ int (*delip) (struct ip_set *set, - const void *data, size_t size, + const void *data, u_int32_t size, ip_set_ip_t *ip); /* remove IP from set (kernel: iptables ... -j SET --entry x) @@ -410,7 +410,7 @@ struct ip_set_type { /* new set creation - allocated type specific items */ int (*create) (struct ip_set *set, - const void *data, size_t size); + const void *data, u_int32_t size); /* retry the operation after successfully tweaking the set */ @@ -429,7 +429,7 @@ struct ip_set_type { /* Listing: size needed for header */ - size_t header_size; + u_int32_t header_size; /* Listing: Get the header * @@ -515,7 +515,7 @@ extern int ip_set_testip_kernel(ip_set_id_t id, #define UADT0(type, adt, args...) \ static int \ -FNAME(type,_u,adt)(struct ip_set *set, const void *data, size_t size, \ +FNAME(type,_u,adt)(struct ip_set *set, const void *data, u_int32_t size,\ ip_set_ip_t *hash_ip) \ { \ const STRUCT(ip_set_req_,type) *req = data; \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h index 2e9293f..d537639 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h @@ -6,7 +6,7 @@ #ifdef __KERNEL__ #define BITMAP_CREATE(type) \ static int \ -type##_create(struct ip_set *set, const void *data, size_t size) \ +type##_create(struct ip_set *set, const void *data, u_int32_t size) \ { \ int newbytes; \ const struct ip_set_req_##type##_create *req = data; \ @@ -19,8 +19,8 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ \ map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL); \ if (!map) { \ - DP("out of memory for %d bytes", \ - sizeof(struct ip_set_#type)); \ + DP("out of memory for %lu bytes", \ + sizeof(struct ip_set_##type)); \ return -ENOMEM; \ } \ map->first_ip = req->from; \ @@ -35,7 +35,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ map->size = newbytes; \ map->members = ip_set_malloc(newbytes); \ if (!map->members) { \ - DP("out of memory for %d bytes", newbytes); \ + DP("out of memory for %i bytes", newbytes); \ kfree(map); \ return -ENOMEM; \ } \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h index 5695b3b..96c2024 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h @@ -58,6 +58,7 @@ static inline void *kzalloc(size_t size, gfp_t flags) #endif #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23) +#include <linux/netfilter.h> #define KMEM_CACHE_CREATE(name, size) \ kmem_cache_create(name, size, 0, 0, NULL, NULL) #else diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h index 6914a12..4ca8431 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h @@ -28,20 +28,22 @@ type##_retry(struct ip_set *set) \ hashsize++; \ \ ip_set_printk("rehashing of set %s triggered: " \ - "hashsize grows from %u to %u", \ - set->name, map->hashsize, hashsize); \ + "hashsize grows from %lu to %lu", \ + set->name, \ + (long unsigned)map->hashsize, \ + (long unsigned)hashsize); \ \ tmp = kmalloc(sizeof(struct ip_set_##type) \ + map->probes * sizeof(initval_t), GFP_ATOMIC); \ if (!tmp) { \ - DP("out of memory for %d bytes", \ + DP("out of memory for %lu bytes", \ sizeof(struct ip_set_##type) \ + map->probes * sizeof(initval_t)); \ return -ENOMEM; \ } \ tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\ if (!tmp->members) { \ - DP("out of memory for %d bytes", hashsize * sizeof(dtype));\ + DP("out of memory for %lu bytes", hashsize * sizeof(dtype));\ kfree(tmp); \ return -ENOMEM; \ } \ @@ -88,7 +90,7 @@ type##_retry(struct ip_set *set) \ #define HASH_CREATE(type, dtype) \ static int \ -type##_create(struct ip_set *set, const void *data, size_t size) \ +type##_create(struct ip_set *set, const void *data, u_int32_t size) \ { \ const struct ip_set_req_##type##_create *req = data; \ struct ip_set_##type *map; \ @@ -107,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ map = kmalloc(sizeof(struct ip_set_##type) \ + req->probes * sizeof(initval_t), GFP_KERNEL); \ if (!map) { \ - DP("out of memory for %d bytes", \ + DP("out of memory for %lu bytes", \ sizeof(struct ip_set_##type) \ + req->probes * sizeof(initval_t)); \ return -ENOMEM; \ @@ -124,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ } \ map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\ if (!map->members) { \ - DP("out of memory for %d bytes", map->hashsize * sizeof(dtype));\ + DP("out of memory for %lu bytes", map->hashsize * sizeof(dtype));\ kfree(map); \ return -ENOMEM; \ } \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h index d1381b5..ce4b29b 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h @@ -13,7 +13,7 @@ struct ip_set_ipmap { ip_set_ip_t netmask; /* subnet netmask */ ip_set_ip_t sizeid; /* size of set in IPs */ ip_set_ip_t hosts; /* number of hosts in a subnet */ - size_t size; /* size of the ipmap proper */ + u_int32_t size; /* size of the ipmap proper */ }; struct ip_set_req_ipmap_create { diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h index c983214..19418f3 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h @@ -17,7 +17,7 @@ struct ip_set_macipmap { ip_set_ip_t first_ip; /* host byte order, included in range */ ip_set_ip_t last_ip; /* host byte order, included in range */ u_int32_t flags; - size_t size; /* size of the ipmap proper */ + u_int32_t size; /* size of the ipmap proper */ }; struct ip_set_req_macipmap_create { @@ -32,7 +32,7 @@ struct ip_set_req_macipmap { }; struct ip_set_macip { - unsigned short flags; + unsigned short match; unsigned char ethernet[ETH_ALEN]; }; diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h index e878327..8ea6ba2 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h @@ -10,7 +10,7 @@ struct ip_set_portmap { void *members; /* the portmap proper */ ip_set_ip_t first_ip; /* host byte order, included in range */ ip_set_ip_t last_ip; /* host byte order, included in range */ - size_t size; /* size of the ipmap proper */ + u_int32_t size; /* size of the ipmap proper */ }; struct ip_set_req_portmap_create { |