diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2010-06-22 10:49:41 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2010-06-22 10:49:41 +0200 |
commit | 020936c8c3375e1efe44a3087c891a4b2cbfe044 (patch) | |
tree | a94751e6f1f11bcf118129c343d1942bbf53e808 /kernel/ip_set_bitmap_port.c | |
parent | 97a12ba3f184a76c406eb5622ec21a4d4d6fc8bf (diff) |
ipset 5: last new feature addedv5.0-pre3
- the hash types can now store protocol together port, not only port
- lots of fixes everywhere: parser, error reporting, manpage
The last bits on the todo list before announcing ipset 5:
- recheck all the error messages
- add possibly more tests
- polish manpage
Diffstat (limited to 'kernel/ip_set_bitmap_port.c')
-rw-r--r-- | kernel/ip_set_bitmap_port.c | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/kernel/ip_set_bitmap_port.c b/kernel/ip_set_bitmap_port.c index f3e498a..6517252 100644 --- a/kernel/ip_set_bitmap_port.c +++ b/kernel/ip_set_bitmap_port.c @@ -72,9 +72,9 @@ bitmap_port_kadt(struct ip_set *set, const struct sk_buff *skb, enum ipset_adt adt, u8 pf, u8 dim, u8 flags) { struct bitmap_port *map = set->data; - u16 port; + u16 port = 0; - if (!get_port(pf, skb, flags & IPSET_DIM_ONE_SRC, &port)) + if (!get_ip_port(skb, pf, flags & IPSET_DIM_ONE_SRC, &port)) return -EINVAL; port = ntohs(port); @@ -101,6 +101,7 @@ bitmap_port_adt_policy[IPSET_ATTR_ADT_MAX+1] __read_mostly = { [IPSET_ATTR_PORT] = { .type = NLA_U16 }, [IPSET_ATTR_PORT_TO] = { .type = NLA_U16 }, [IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 }, + [IPSET_ATTR_LINENO] = { .type = NLA_U32 }, }; static int @@ -109,7 +110,6 @@ bitmap_port_uadt(struct ip_set *set, struct nlattr *head, int len, { struct bitmap_port *map = set->data; struct nlattr *tb[IPSET_ATTR_ADT_MAX]; - bool eexist = flags & IPSET_FLAG_EXIST; u32 port; /* wraparound */ u16 id, port_to; int ret = 0; @@ -118,6 +118,9 @@ bitmap_port_uadt(struct ip_set *set, struct nlattr *head, int len, bitmap_port_adt_policy)) return -IPSET_ERR_PROTOCOL; + if (tb[IPSET_ATTR_LINENO]) + *lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]); + if (tb[IPSET_ATTR_PORT]) port = ip_set_get_h16(tb[IPSET_ATTR_PORT]); else @@ -150,11 +153,10 @@ bitmap_port_uadt(struct ip_set *set, struct nlattr *head, int len, ret = adt == IPSET_ADD ? bitmap_port_add(map, id) : bitmap_port_del(map, id); - if (ret && !(ret == -IPSET_ERR_EXIST && eexist)) { - if (tb[IPSET_ATTR_LINENO]) - *lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]); + if (ret && !ip_set_eexist(ret, flags)) return ret; - } + else + ret = 0; } return ret; } @@ -313,9 +315,9 @@ bitmap_port_timeout_kadt(struct ip_set *set, const struct sk_buff *skb, enum ipset_adt adt, u8 pf, u8 dim, u8 flags) { struct bitmap_port_timeout *map = set->data; - u16 port; + u16 port = 0; - if (!get_port(pf, skb, flags & IPSET_DIM_ONE_SRC, &port)) + if (!get_ip_port(skb, pf, flags & IPSET_DIM_ONE_SRC, &port)) return -EINVAL; port = ntohs(port); @@ -343,7 +345,6 @@ bitmap_port_timeout_uadt(struct ip_set *set, struct nlattr *head, int len, { const struct bitmap_port_timeout *map = set->data; struct nlattr *tb[IPSET_ATTR_ADT_MAX]; - bool eexist = flags & IPSET_FLAG_EXIST; u16 id, port_to; u32 port, timeout = map->timeout; /* wraparound */ int ret = 0; @@ -352,6 +353,9 @@ bitmap_port_timeout_uadt(struct ip_set *set, struct nlattr *head, int len, bitmap_port_adt_policy)) return -IPSET_ERR_PROTOCOL; + if (tb[IPSET_ATTR_LINENO]) + *lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]); + if (tb[IPSET_ATTR_PORT]) port = ip_set_get_h16(tb[IPSET_ATTR_PORT]); else @@ -385,11 +389,10 @@ bitmap_port_timeout_uadt(struct ip_set *set, struct nlattr *head, int len, ? bitmap_port_timeout_add(map, id, timeout) : bitmap_port_timeout_del(map, id); - if (ret && !(ret == -IPSET_ERR_EXIST && eexist)) { - if (tb[IPSET_ATTR_LINENO]) - *lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]); + if (ret && !ip_set_eexist(ret, flags)) return ret; - } + else + ret = 0; } return ret; } |