summaryrefslogtreecommitdiffstats
path: root/lib/ipset_hash_netiface.c
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2013-04-09 17:17:50 +0200
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2013-04-09 21:42:16 +0200
commit2222b6adb0be1bdffd58875c5c874e89b0aec4cd (patch)
treeef1167f897174d4d758aa67f1dcd25f1062019b7 /lib/ipset_hash_netiface.c
parent5a6021823aa0da24b83f8d03f46ad4202f149fa3 (diff)
Introduce the new set type revisions with counter support
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'lib/ipset_hash_netiface.c')
-rw-r--r--lib/ipset_hash_netiface.c169
1 files changed, 155 insertions, 14 deletions
diff --git a/lib/ipset_hash_netiface.c b/lib/ipset_hash_netiface.c
index c14d4f2..d54b05a 100644
--- a/lib/ipset_hash_netiface.c
+++ b/lib/ipset_hash_netiface.c
@@ -11,7 +11,7 @@
#include <libipset/types.h> /* prototypes */
/* Parse commandline arguments */
-static const struct ipset_arg hash_netiface_create_args[] = {
+static const struct ipset_arg hash_netiface_create_args0[] = {
{ .name = { "family", NULL },
.has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY,
.parse = ipset_parse_family, .print = ipset_print_family,
@@ -41,7 +41,7 @@ static const struct ipset_arg hash_netiface_create_args[] = {
{ },
};
-static const struct ipset_arg hash_netiface_add_args[] = {
+static const struct ipset_arg hash_netiface_add_args0[] = {
{ .name = { "timeout", NULL },
.has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT,
.parse = ipset_parse_timeout, .print = ipset_print_number,
@@ -49,7 +49,7 @@ static const struct ipset_arg hash_netiface_add_args[] = {
{ },
};
-static const char hash_netiface_usage[] =
+static const char hash_netiface_usage0[] =
"create SETNAME hash:net,iface\n"
" [family inet|inet6]\n"
" [hashsize VALUE] [maxelem VALUE]\n"
@@ -81,8 +81,8 @@ static struct ipset_type ipset_hash_netiface0 = {
},
},
.args = {
- [IPSET_CREATE] = hash_netiface_create_args,
- [IPSET_ADD] = hash_netiface_add_args,
+ [IPSET_CREATE] = hash_netiface_create_args0,
+ [IPSET_ADD] = hash_netiface_add_args0,
},
.mandatory = {
[IPSET_CREATE] = 0,
@@ -115,11 +115,11 @@ static struct ipset_type ipset_hash_netiface0 = {
| IPSET_FLAG(IPSET_OPT_PHYSDEV),
},
- .usage = hash_netiface_usage,
+ .usage = hash_netiface_usage0,
.description = "Initial revision",
};
-static const struct ipset_arg hash_netiface1_add_args[] = {
+static const struct ipset_arg hash_netiface_add_args1[] = {
{ .name = { "timeout", NULL },
.has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT,
.parse = ipset_parse_timeout, .print = ipset_print_number,
@@ -131,7 +131,7 @@ static const struct ipset_arg hash_netiface1_add_args[] = {
{ },
};
-static const char hash_netiface1_usage[] =
+static const char hash_netiface_usage1[] =
"create SETNAME hash:net,iface\n"
" [family inet|inet6]\n"
" [hashsize VALUE] [maxelem VALUE]\n"
@@ -163,8 +163,8 @@ static struct ipset_type ipset_hash_netiface1 = {
},
},
.args = {
- [IPSET_CREATE] = hash_netiface_create_args,
- [IPSET_ADD] = hash_netiface1_add_args,
+ [IPSET_CREATE] = hash_netiface_create_args0,
+ [IPSET_ADD] = hash_netiface_add_args1,
},
.mandatory = {
[IPSET_CREATE] = 0,
@@ -198,7 +198,7 @@ static struct ipset_type ipset_hash_netiface1 = {
| IPSET_FLAG(IPSET_OPT_PHYSDEV),
},
- .usage = hash_netiface1_usage,
+ .usage = hash_netiface_usage1,
.description = "nomatch flag support",
};
@@ -221,8 +221,8 @@ static struct ipset_type ipset_hash_netiface2 = {
},
},
.args = {
- [IPSET_CREATE] = hash_netiface_create_args,
- [IPSET_ADD] = hash_netiface1_add_args,
+ [IPSET_CREATE] = hash_netiface_create_args0,
+ [IPSET_ADD] = hash_netiface_add_args1,
},
.mandatory = {
[IPSET_CREATE] = 0,
@@ -256,14 +256,155 @@ static struct ipset_type ipset_hash_netiface2 = {
| IPSET_FLAG(IPSET_OPT_PHYSDEV),
},
- .usage = hash_netiface1_usage,
+ .usage = hash_netiface_usage1,
.description = "/0 network support",
};
+/* Parse commandline arguments */
+static const struct ipset_arg hash_netiface_create_args3[] = {
+ { .name = { "family", NULL },
+ .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY,
+ .parse = ipset_parse_family, .print = ipset_print_family,
+ },
+ /* Alias: family inet */
+ { .name = { "-4", NULL },
+ .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY,
+ .parse = ipset_parse_family,
+ },
+ /* Alias: family inet6 */
+ { .name = { "-6", NULL },
+ .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY,
+ .parse = ipset_parse_family,
+ },
+ { .name = { "hashsize", NULL },
+ .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE,
+ .parse = ipset_parse_uint32, .print = ipset_print_number,
+ },
+ { .name = { "maxelem", NULL },
+ .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM,
+ .parse = ipset_parse_uint32, .print = ipset_print_number,
+ },
+ { .name = { "timeout", NULL },
+ .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT,
+ .parse = ipset_parse_timeout, .print = ipset_print_number,
+ },
+ { .name = { "counters", NULL },
+ .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS,
+ .parse = ipset_parse_flag, .print = ipset_print_flag,
+ },
+ { },
+};
+
+static const struct ipset_arg hash_netiface_add_args3[] = {
+ { .name = { "timeout", NULL },
+ .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT,
+ .parse = ipset_parse_timeout, .print = ipset_print_number,
+ },
+ { .name = { "nomatch", NULL },
+ .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_NOMATCH,
+ .parse = ipset_parse_flag, .print = ipset_print_flag,
+ },
+ { .name = { "packets", NULL },
+ .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PACKETS,
+ .parse = ipset_parse_uint64, .print = ipset_print_number,
+ },
+ { .name = { "bytes", NULL },
+ .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_BYTES,
+ .parse = ipset_parse_uint64, .print = ipset_print_number,
+ },
+ { },
+};
+
+static const struct ipset_arg hash_netiface_test_args3[] = {
+ { .name = { "nomatch", NULL },
+ .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_NOMATCH,
+ .parse = ipset_parse_flag, .print = ipset_print_flag,
+ },
+ { },
+};
+
+static const char hash_netiface_usage3[] =
+"create SETNAME hash:net,iface\n"
+" [family inet|inet6]\n"
+" [hashsize VALUE] [maxelem VALUE]\n"
+" [timeout VALUE] [counters]\n"
+"add SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE [timeout VALUE] [nomatch]\n"
+" [packets VALUE] [bytes VALUE]\n"
+"del SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE\n"
+"test SETNAME IP[/CIDR],[physdev:]IFACE\n\n"
+"where depending on the INET family\n"
+" IP is a valid IPv4 or IPv6 address (or hostname),\n"
+" CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+" Adding/deleting multiple elements with IPv4 is supported.\n";
+
+static struct ipset_type ipset_hash_netiface3 = {
+ .name = "hash:net,iface",
+ .alias = { "netifacehash", NULL },
+ .revision = 3,
+ .family = NFPROTO_IPSET_IPV46,
+ .dimension = IPSET_DIM_TWO,
+ .elem = {
+ [IPSET_DIM_ONE - 1] = {
+ .parse = ipset_parse_ip4_net6,
+ .print = ipset_print_ip,
+ .opt = IPSET_OPT_IP
+ },
+ [IPSET_DIM_TWO - 1] = {
+ .parse = ipset_parse_iface,
+ .print = ipset_print_iface,
+ .opt = IPSET_OPT_IFACE
+ },
+ },
+ .args = {
+ [IPSET_CREATE] = hash_netiface_create_args3,
+ [IPSET_ADD] = hash_netiface_add_args3,
+ [IPSET_TEST] = hash_netiface_test_args3,
+ },
+ .mandatory = {
+ [IPSET_CREATE] = 0,
+ [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
+ | IPSET_FLAG(IPSET_OPT_IFACE),
+ [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
+ | IPSET_FLAG(IPSET_OPT_IFACE),
+ [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
+ | IPSET_FLAG(IPSET_OPT_IFACE),
+ },
+ .full = {
+ [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
+ | IPSET_FLAG(IPSET_OPT_MAXELEM)
+ | IPSET_FLAG(IPSET_OPT_TIMEOUT)
+ | IPSET_FLAG(IPSET_OPT_COUNTERS),
+ [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
+ | IPSET_FLAG(IPSET_OPT_CIDR)
+ | IPSET_FLAG(IPSET_OPT_IP_TO)
+ | IPSET_FLAG(IPSET_OPT_IFACE)
+ | IPSET_FLAG(IPSET_OPT_PHYSDEV)
+ | IPSET_FLAG(IPSET_OPT_TIMEOUT)
+ | IPSET_FLAG(IPSET_OPT_NOMATCH)
+ | IPSET_FLAG(IPSET_OPT_PACKETS)
+ | IPSET_FLAG(IPSET_OPT_BYTES),
+ [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
+ | IPSET_FLAG(IPSET_OPT_CIDR)
+ | IPSET_FLAG(IPSET_OPT_IP_TO)
+ | IPSET_FLAG(IPSET_OPT_IFACE)
+ | IPSET_FLAG(IPSET_OPT_PHYSDEV),
+ [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
+ | IPSET_FLAG(IPSET_OPT_CIDR)
+ | IPSET_FLAG(IPSET_OPT_IP_TO)
+ | IPSET_FLAG(IPSET_OPT_IFACE)
+ | IPSET_FLAG(IPSET_OPT_PHYSDEV)
+ | IPSET_FLAG(IPSET_OPT_NOMATCH),
+ },
+
+ .usage = hash_netiface_usage3,
+ .description = "counters support",
+};
+
void _init(void);
void _init(void)
{
ipset_type_add(&ipset_hash_netiface0);
ipset_type_add(&ipset_hash_netiface1);
ipset_type_add(&ipset_hash_netiface2);
+ ipset_type_add(&ipset_hash_netiface3);
}