summaryrefslogtreecommitdiffstats
path: root/lib/data.c
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2011-05-30 17:48:01 +0200
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2011-05-30 21:30:10 +0200
commit418a3a4f4d4e38abd1d691f81f2445590f02ecaf (patch)
treea41ed16b366c854786eea8f3da5c80fa50636dc6 /lib/data.c
parent4e21d6b5ce623f7601a872b94f3b88105356e2d3 (diff)
hash:net,iface type introduced
The hash:net,iface type makes possible to store network address and interface name pairs in a set. It's mostly suitable for egress and ingress filtering. Examples: # ipset create test hash:net,iface # ipset add test 192.168.0.0/16,eth0 # ipset add test 192.168.0.0/24,eth1
Diffstat (limited to 'lib/data.c')
-rw-r--r--lib/data.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/lib/data.c b/lib/data.c
index 1541728..9663efb 100644
--- a/lib/data.c
+++ b/lib/data.c
@@ -7,6 +7,7 @@
#include <assert.h> /* assert */
#include <arpa/inet.h> /* ntoh* */
#include <net/ethernet.h> /* ETH_ALEN */
+#include <net/if.h> /* IFNAMSIZ */
#include <sys/socket.h> /* AF_ */
#include <stdlib.h> /* malloc, free */
#include <string.h> /* memset */
@@ -72,6 +73,7 @@ struct ipset_data {
char ether[ETH_ALEN];
char name[IPSET_MAXNAMELEN];
char nameref[IPSET_MAXNAMELEN];
+ char iface[IFNAMSIZ];
} adt;
};
};
@@ -301,6 +303,9 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
case IPSET_OPT_PROTO:
data->adt.proto = *(const uint8_t *) value;
break;
+ case IPSET_OPT_IFACE:
+ ipset_strlcpy(data->adt.iface, value, IFNAMSIZ);
+ break;
/* Swap/rename */
case IPSET_OPT_SETNAME2:
ipset_strlcpy(data->setname2, value, IPSET_MAXNAMELEN);
@@ -312,6 +317,9 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
case IPSET_OPT_BEFORE:
cadt_flag_type_attr(data, opt, IPSET_FLAG_BEFORE);
break;
+ case IPSET_OPT_PHYSDEV:
+ cadt_flag_type_attr(data, opt, IPSET_FLAG_PHYSDEV);
+ break;
case IPSET_OPT_FLAGS:
data->flags = *(const uint32_t *)value;
break;
@@ -413,6 +421,8 @@ ipset_data_get(const struct ipset_data *data, enum ipset_opt opt)
return &data->adt.cidr2;
case IPSET_OPT_PROTO:
return &data->adt.proto;
+ case IPSET_OPT_IFACE:
+ return &data->adt.iface;
/* Swap/rename */
case IPSET_OPT_SETNAME2:
return data->setname2;
@@ -422,6 +432,7 @@ ipset_data_get(const struct ipset_data *data, enum ipset_opt opt)
return &data->flags;
case IPSET_OPT_CADT_FLAGS:
case IPSET_OPT_BEFORE:
+ case IPSET_OPT_PHYSDEV:
return &data->cadt_flags;
default:
return NULL;
@@ -472,8 +483,9 @@ ipset_data_sizeof(enum ipset_opt opt, uint8_t family)
return sizeof(uint8_t);
case IPSET_OPT_ETHER:
return ETH_ALEN;
- /* Flags counted once */
+ /* Flags doesn't counted once :-( */
case IPSET_OPT_BEFORE:
+ case IPSET_OPT_PHYSDEV:
return sizeof(uint32_t);
default:
return 0;