diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2010-06-29 21:14:40 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2010-06-29 21:14:40 +0200 |
commit | 8dd10256cb24ceade8b40bd1604f03ddac8589e2 (patch) | |
tree | 9b6e5deae0b5d349122c82b63019d6bb36a66aeb /kernel/xt_set.c | |
parent | 780f6384c5c6639da3f5a6ac8d30653e8a26d6c0 (diff) |
ipset 5: Sparc related and compatibility fixesv5.0-pre5
ipset 5 is tested on Sparc, which revealed some compatibility issues
and those are fixed. Kernels from 2.6.31 onward are supported.
The testsuite checkings are completed to run match/target checks.
The README file is updated to reflect the requirements to install
and run ipset 5.
Diffstat (limited to 'kernel/xt_set.c')
-rw-r--r-- | kernel/xt_set.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/kernel/xt_set.c b/kernel/xt_set.c index 344d003..3ed8a6a 100644 --- a/kernel/xt_set.c +++ b/kernel/xt_set.c @@ -13,6 +13,7 @@ #include <linux/module.h> #include <linux/skbuff.h> +#include <linux/version.h> #include <linux/netfilter/x_tables.h> #include <linux/netfilter/xt_set.h> @@ -37,6 +38,16 @@ match_set(ip_set_id_t index, const struct sk_buff *skb, /* Revision 0 interface: backward compatible with netfilter/iptables */ +/* Backward compatibility constrains: + * 2.6.24: [NETLINK]: Introduce nested and byteorder flag to netlink attribute + * 2.6.31: netfilter: passive OS fingerprint xtables match + */ + + +#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,31) +#error "Linux kernel version too old: must be >= 2.6.31" +#endif + static bool set_match_v0(const struct sk_buff *skb, const struct xt_match_param *par) { @@ -93,7 +104,6 @@ set_match_v0_destroy(const struct xt_mtdtor_param *par) { struct xt_set_info_match *info = par->matchinfo; - ip_set_nfnl_put(info->match_set.index); } @@ -200,12 +210,9 @@ set_match_destroy(const struct xt_mtdtor_param *par) { struct xt_set_info_match *info = par->matchinfo; - ip_set_nfnl_put(info->match_set.index); } -/* Set target */ - static unsigned int set_target(struct sk_buff *skb, const struct xt_target_param *par) { |