diff options
| author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2017-10-09 18:43:04 +0200 |
|---|---|---|
| committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2018-01-02 21:47:27 +0100 |
| commit | d71dd93599b932693f045301424c2276cd25a87e (patch) | |
| tree | d1779c04b8bb2a44915483751ac33e498b1a2ad9 /lib/ipset_hash_ipmark.c | |
| parent | e2a84a4a7bb8cdebfe4c0990b79179e2fd717a48 (diff) | |
Userspace revision handling is reworked
In order to make it simpler and more straightforward to express
the revisions of the set type, all keywords and their parsing
are separated from the individual set types.
All backward compatibility arguments are recognized and ignored
arguments are supported.
Recognized but ignored arguments will be removed in a later release.
Diffstat (limited to 'lib/ipset_hash_ipmark.c')
| -rw-r--r-- | lib/ipset_hash_ipmark.c | 631 |
1 files changed, 215 insertions, 416 deletions
diff --git a/lib/ipset_hash_ipmark.c b/lib/ipset_hash_ipmark.c index 8e1a596..33009f5 100644 --- a/lib/ipset_hash_ipmark.c +++ b/lib/ipset_hash_ipmark.c @@ -10,106 +10,7 @@ #include <libipset/print.h> /* printing functions */ #include <libipset/types.h> /* prototypes */ -/* Parse commandline arguments */ -static const struct ipset_arg hash_ipmark_create_args0[] = { - { .name = { "family", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, .print = ipset_print_family, - }, - /* Alias: family inet */ - { .name = { "-4", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, - }, - /* Alias: family inet6 */ - { .name = { "-6", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, - }, - { .name = { "markmask", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MARKMASK, - .parse = ipset_parse_uint32, .print = ipset_print_mark, - }, - { .name = { "hashsize", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, - .parse = ipset_parse_uint32, .print = ipset_print_number, - }, - { .name = { "maxelem", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, - .parse = ipset_parse_uint32, .print = ipset_print_number, - }, - { .name = { "timeout", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, - .parse = ipset_parse_timeout, .print = ipset_print_number, - }, - { .name = { "counters", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - { .name = { "comment", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_CREATE_COMMENT, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - /* Backward compatibility */ - { .name = { "probes", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, - .parse = ipset_parse_ignored, .print = ipset_print_number, - }, - { .name = { "resize", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, - .parse = ipset_parse_ignored, .print = ipset_print_number, - }, - { .name = { "from", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP, - .parse = ipset_parse_ignored, - }, - { .name = { "to", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP_TO, - .parse = ipset_parse_ignored, - }, - { .name = { "network", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP, - .parse = ipset_parse_ignored, - }, - { }, -}; - -static const struct ipset_arg hash_ipmark_add_args0[] = { - { .name = { "timeout", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, - .parse = ipset_parse_timeout, .print = ipset_print_number, - }, - { .name = { "packets", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PACKETS, - .parse = ipset_parse_uint64, .print = ipset_print_number, - }, - { .name = { "bytes", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_BYTES, - .parse = ipset_parse_uint64, .print = ipset_print_number, - }, - { .name = { "comment", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_ADT_COMMENT, - .parse = ipset_parse_comment, .print = ipset_print_comment, - }, - { }, -}; - -static const char hash_ipmark_usage0[] = -"create SETNAME hash:ip,mark\n" -" [family inet|inet6] [markmask VALUE]\n" -" [hashsize VALUE] [maxelem VALUE]\n" -" [timeout VALUE] [counters] [comment]\n" -"add SETNAME IP,MARK [timeout VALUE]\n" -" [packets VALUE] [bytes VALUE] [comment \"string\"]\n" -"del SETNAME IP,MARK\n" -"test SETNAME IP,MARK\n\n" -"where depending on the INET family\n" -" IP is a valid IPv4 or IPv6 address (or hostname).\n" -" Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" -" is supported for IPv4.\n" -" Adding/deleting single mark element\n" -" is supported both for IPv4 and IPv6.\n"; - +/* Initial release */ static struct ipset_type ipset_hash_ipmark0 = { .name = "hash:ip,mark", .alias = { "ipmarkhash", NULL }, @@ -128,128 +29,79 @@ static struct ipset_type ipset_hash_ipmark0 = { .opt = IPSET_OPT_MARK }, }, - .args = { - [IPSET_CREATE] = hash_ipmark_create_args0, - [IPSET_ADD] = hash_ipmark_add_args0, - }, - .mandatory = { - [IPSET_CREATE] = 0, - [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - }, - .full = { - [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_MARKMASK) - | IPSET_FLAG(IPSET_OPT_HASHSIZE) - | IPSET_FLAG(IPSET_OPT_MAXELEM) - | IPSET_FLAG(IPSET_OPT_TIMEOUT) - | IPSET_FLAG(IPSET_OPT_COUNTERS) - | IPSET_FLAG(IPSET_OPT_CREATE_COMMENT), - [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_IP_TO) - | IPSET_FLAG(IPSET_OPT_MARK) - | IPSET_FLAG(IPSET_OPT_TIMEOUT) - | IPSET_FLAG(IPSET_OPT_PACKETS) - | IPSET_FLAG(IPSET_OPT_BYTES) - | IPSET_FLAG(IPSET_OPT_ADT_COMMENT), - [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_IP_TO) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), + .cmd = { + [IPSET_CREATE] = { + .args = { + IPSET_ARG_FAMILY, + /* Aliases */ + IPSET_ARG_INET, + IPSET_ARG_INET6, + IPSET_ARG_MARKMASK, + IPSET_ARG_HASHSIZE, + IPSET_ARG_MAXELEM, + IPSET_ARG_TIMEOUT, + IPSET_ARG_COUNTERS, + IPSET_ARG_COMMENT, + /* Ignored options: backward compatibilty */ + IPSET_ARG_PROBES, + IPSET_ARG_RESIZE, + IPSET_ARG_IGNORED_FROM, + IPSET_ARG_IGNORED_TO, + IPSET_ARG_IGNORED_NETWORK, + IPSET_ARG_NONE, + }, + .need = 0, + .full = 0, + .help = "", + }, + [IPSET_ADD] = { + .args = { + IPSET_ARG_TIMEOUT, + IPSET_ARG_PACKETS, + IPSET_ARG_BYTES, + IPSET_ARG_ADT_COMMENT, + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, + [IPSET_DEL] = { + .args = { + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, + [IPSET_TEST] = { + .args = { + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, }, - - .usage = hash_ipmark_usage0, + .usage = "where depending on the INET family\n" + " IP is a valid IPv4 or IPv6 address (or hostname).\n" + " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" + " is supported for IPv4.\n" + " Adding/deleting single mark element\n" + " is supported both for IPv4 and IPv6.", .description = "initial revision", }; -static const struct ipset_arg hash_ipmark_create_args1[] = { - { .name = { "family", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, .print = ipset_print_family, - }, - /* Alias: family inet */ - { .name = { "-4", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, - }, - /* Alias: family inet6 */ - { .name = { "-6", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, - }, - { .name = { "markmask", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MARKMASK, - .parse = ipset_parse_uint32, .print = ipset_print_mark, - }, - { .name = { "hashsize", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, - .parse = ipset_parse_uint32, .print = ipset_print_number, - }, - { .name = { "maxelem", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, - .parse = ipset_parse_uint32, .print = ipset_print_number, - }, - { .name = { "timeout", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, - .parse = ipset_parse_timeout, .print = ipset_print_number, - }, - { .name = { "counters", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - { .name = { "comment", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_CREATE_COMMENT, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - { .name = { "forceadd", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FORCEADD, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - /* Backward compatibility */ - { .name = { "probes", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, - .parse = ipset_parse_ignored, .print = ipset_print_number, - }, - { .name = { "resize", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, - .parse = ipset_parse_ignored, .print = ipset_print_number, - }, - { .name = { "from", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP, - .parse = ipset_parse_ignored, - }, - { .name = { "to", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP_TO, - .parse = ipset_parse_ignored, - }, - { .name = { "network", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP, - .parse = ipset_parse_ignored, - }, - { }, -}; - -static const char hash_ipmark_usage1[] = -"create SETNAME hash:ip,mark\n" -" [family inet|inet6] [markmask VALUE]\n" -" [hashsize VALUE] [maxelem VALUE]\n" -" [timeout VALUE] [counters] [comment]\n" -" [forceadd]\n" -"add SETNAME IP,MARK [timeout VALUE]\n" -" [packets VALUE] [bytes VALUE] [comment \"string\"]\n" -"del SETNAME IP,MARK\n" -"test SETNAME IP,MARK\n\n" -"where depending on the INET family\n" -" IP is a valid IPv4 or IPv6 address (or hostname).\n" -" Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" -" is supported for IPv4.\n" -" Adding/deleting single mark element\n" -" is supported both for IPv4 and IPv6.\n"; - +/* Forceadd support */ static struct ipset_type ipset_hash_ipmark1 = { .name = "hash:ip,mark", .alias = { "ipmarkhash", NULL }, @@ -268,167 +120,80 @@ static struct ipset_type ipset_hash_ipmark1 = { .opt = IPSET_OPT_MARK }, }, - .args = { - [IPSET_CREATE] = hash_ipmark_create_args1, - [IPSET_ADD] = hash_ipmark_add_args0, - }, - .mandatory = { - [IPSET_CREATE] = 0, - [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - }, - .full = { - [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_MARKMASK) - | IPSET_FLAG(IPSET_OPT_HASHSIZE) - | IPSET_FLAG(IPSET_OPT_MAXELEM) - | IPSET_FLAG(IPSET_OPT_TIMEOUT) - | IPSET_FLAG(IPSET_OPT_COUNTERS) - | IPSET_FLAG(IPSET_OPT_CREATE_COMMENT) - | IPSET_FLAG(IPSET_OPT_FORCEADD), - [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_IP_TO) - | IPSET_FLAG(IPSET_OPT_MARK) - | IPSET_FLAG(IPSET_OPT_TIMEOUT) - | IPSET_FLAG(IPSET_OPT_PACKETS) - | IPSET_FLAG(IPSET_OPT_BYTES) - | IPSET_FLAG(IPSET_OPT_ADT_COMMENT), - [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_IP_TO) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - }, - - .usage = hash_ipmark_usage1, - .description = "forceadd support" -}; - -static const struct ipset_arg hash_ipmark_create_args2[] = { - { .name = { "family", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, .print = ipset_print_family, - }, - /* Alias: family inet */ - { .name = { "-4", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, - }, - /* Alias: family inet6 */ - { .name = { "-6", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, - .parse = ipset_parse_family, - }, - { .name = { "markmask", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MARKMASK, - .parse = ipset_parse_uint32, .print = ipset_print_mark, - }, - { .name = { "hashsize", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, - .parse = ipset_parse_uint32, .print = ipset_print_number, - }, - { .name = { "maxelem", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, - .parse = ipset_parse_uint32, .print = ipset_print_number, - }, - { .name = { "timeout", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, - .parse = ipset_parse_timeout, .print = ipset_print_number, - }, - { .name = { "counters", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - { .name = { "comment", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_CREATE_COMMENT, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - { .name = { "forceadd", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FORCEADD, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - { .name = { "skbinfo", NULL }, - .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_SKBINFO, - .parse = ipset_parse_flag, .print = ipset_print_flag, - }, - /* Backward compatibility */ - { .name = { "probes", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, - .parse = ipset_parse_ignored, .print = ipset_print_number, - }, - { .name = { "resize", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, - .parse = ipset_parse_ignored, .print = ipset_print_number, - }, - { .name = { "from", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP, - .parse = ipset_parse_ignored, - }, - { .name = { "to", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP_TO, - .parse = ipset_parse_ignored, - }, - { .name = { "network", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_IP, - .parse = ipset_parse_ignored, - }, - { }, -}; - -static const struct ipset_arg hash_ipmark_add_args2[] = { - { .name = { "timeout", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, - .parse = ipset_parse_timeout, .print = ipset_print_number, - }, - { .name = { "packets", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PACKETS, - .parse = ipset_parse_uint64, .print = ipset_print_number, - }, - { .name = { "bytes", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_BYTES, - .parse = ipset_parse_uint64, .print = ipset_print_number, - }, - { .name = { "comment", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_ADT_COMMENT, - .parse = ipset_parse_comment, .print = ipset_print_comment, - }, - { .name = { "skbmark", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_SKBMARK, - .parse = ipset_parse_skbmark, .print = ipset_print_skbmark, - }, - { .name = { "skbprio", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_SKBPRIO, - .parse = ipset_parse_skbprio, .print = ipset_print_skbprio, - }, - { .name = { "skbqueue", NULL }, - .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_SKBQUEUE, - .parse = ipset_parse_uint16, .print = ipset_print_number, + .cmd = { + [IPSET_CREATE] = { + .args = { + IPSET_ARG_FAMILY, + /* Aliases */ + IPSET_ARG_INET, + IPSET_ARG_INET6, + IPSET_ARG_MARKMASK, + IPSET_ARG_HASHSIZE, + IPSET_ARG_MAXELEM, + IPSET_ARG_TIMEOUT, + IPSET_ARG_COUNTERS, + IPSET_ARG_COMMENT, + IPSET_ARG_FORCEADD, + /* Ignored options: backward compatibilty */ + IPSET_ARG_PROBES, + IPSET_ARG_RESIZE, + IPSET_ARG_IGNORED_FROM, + IPSET_ARG_IGNORED_TO, + IPSET_ARG_IGNORED_NETWORK, + IPSET_ARG_NONE, + }, + .need = 0, + .full = 0, + .help = "", + }, + [IPSET_ADD] = { + .args = { + IPSET_ARG_TIMEOUT, + IPSET_ARG_PACKETS, + IPSET_ARG_BYTES, + IPSET_ARG_ADT_COMMENT, + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, + [IPSET_DEL] = { + .args = { + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, + [IPSET_TEST] = { + .args = { + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, }, - { }, + .usage = "where depending on the INET family\n" + " IP is a valid IPv4 or IPv6 address (or hostname).\n" + " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" + " is supported for IPv4.\n" + " Adding/deleting single mark element\n" + " is supported both for IPv4 and IPv6.", + .description = "forceadd support", }; - -static const char hash_ipmark_usage2[] = -"create SETNAME hash:ip,mark\n" -" [family inet|inet6] [markmask VALUE]\n" -" [hashsize VALUE] [maxelem VALUE]\n" -" [timeout VALUE] [counters] [comment]\n" -" [forceadd] [skbinfo]\n" -"add SETNAME IP,MARK [timeout VALUE]\n" -" [packets VALUE] [bytes VALUE] [comment \"string\"]\n" -" [skbmark VALUE] [skbprio VALUE] [skbqueue VALUE]\n" -"del SETNAME IP,MARK\n" -"test SETNAME IP,MARK\n\n" -"where depending on the INET family\n" -" IP is a valid IPv4 or IPv6 address (or hostname).\n" -" Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" -" is supported for IPv4.\n" -" Adding/deleting single mark element\n" -" is supported both for IPv4 and IPv6.\n"; - +/* skbinfo support */ static struct ipset_type ipset_hash_ipmark2 = { .name = "hash:ip,mark", .alias = { "ipmarkhash", NULL }, @@ -447,47 +212,81 @@ static struct ipset_type ipset_hash_ipmark2 = { .opt = IPSET_OPT_MARK }, }, - .args = { - [IPSET_CREATE] = hash_ipmark_create_args2, - [IPSET_ADD] = hash_ipmark_add_args2, - }, - .mandatory = { - [IPSET_CREATE] = 0, - [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), - }, - .full = { - [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_MARKMASK) - | IPSET_FLAG(IPSET_OPT_HASHSIZE) - | IPSET_FLAG(IPSET_OPT_MAXELEM) - | IPSET_FLAG(IPSET_OPT_TIMEOUT) - | IPSET_FLAG(IPSET_OPT_COUNTERS) - | IPSET_FLAG(IPSET_OPT_CREATE_COMMENT) - | IPSET_FLAG(IPSET_OPT_FORCEADD) - | IPSET_FLAG(IPSET_OPT_SKBINFO), - [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_IP_TO) - | IPSET_FLAG(IPSET_OPT_MARK) - | IPSET_FLAG(IPSET_OPT_TIMEOUT) - | IPSET_FLAG(IPSET_OPT_PACKETS) - | IPSET_FLAG(IPSET_OPT_BYTES) - | IPSET_FLAG(IPSET_OPT_ADT_COMMENT) - | IPSET_FLAG(IPSET_OPT_SKBMARK) - | IPSET_FLAG(IPSET_OPT_SKBPRIO) - | IPSET_FLAG(IPSET_OPT_SKBQUEUE), - [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_IP_TO) - | IPSET_FLAG(IPSET_OPT_MARK), - [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP) - | IPSET_FLAG(IPSET_OPT_MARK), + .cmd = { + [IPSET_CREATE] = { + .args = { + IPSET_ARG_FAMILY, + /* Aliases */ + IPSET_ARG_INET, + IPSET_ARG_INET6, + IPSET_ARG_MARKMASK, + IPSET_ARG_HASHSIZE, + IPSET_ARG_MAXELEM, + IPSET_ARG_TIMEOUT, + IPSET_ARG_COUNTERS, + IPSET_ARG_COMMENT, + IPSET_ARG_FORCEADD, + IPSET_ARG_SKBINFO, + /* Ignored options: backward compatibilty */ + IPSET_ARG_PROBES, + IPSET_ARG_RESIZE, + IPSET_ARG_IGNORED_FROM, + IPSET_ARG_IGNORED_TO, + IPSET_ARG_IGNORED_NETWORK, + IPSET_ARG_NONE, + }, + .need = 0, + .full = 0, + .help = "", + }, + [IPSET_ADD] = { + .args = { + IPSET_ARG_TIMEOUT, + IPSET_ARG_PACKETS, + IPSET_ARG_BYTES, + IPSET_ARG_ADT_COMMENT, + IPSET_ARG_SKBMARK, + IPSET_ARG_SKBPRIO, + IPSET_ARG_SKBQUEUE, + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, + [IPSET_DEL] = { + .args = { + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, + [IPSET_TEST] = { + .args = { + IPSET_ARG_NONE, + }, + .need = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_MARK), + .full = IPSET_FLAG(IPSET_OPT_IP) + | IPSET_FLAG(IPSET_OPT_IP_TO) + | IPSET_FLAG(IPSET_OPT_MARK), + .help = "IP,MARK", + }, }, - - .usage = hash_ipmark_usage2, - .description = "sbkinfo support" + .usage = "where depending on the INET family\n" + " IP is a valid IPv4 or IPv6 address (or hostname).\n" + " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" + " is supported for IPv4.\n" + " Adding/deleting single mark element\n" + " is supported both for IPv4 and IPv6.", + .description = "skbinfo support", }; void _init(void); |