Userspace revision handling is reworked

In order to make it simpler and more straightforward to express the revisions of the set type, all keywords and their parsing are separated from the individual set types. All backward compatibility arguments are recognized and ignored arguments are supported. Recognized but ignored arguments will be removed in a later release.
author: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2017-10-09 18:43:04 +0200
committer: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2018-01-02 21:47:27 +0100
commit: d71dd93599b932693f045301424c2276cd25a87e (patch)
tree: d1779c04b8bb2a44915483751ac33e498b1a2ad9 /lib/ipset_hash_netiface.c
parent: e2a84a4a7bb8cdebfe4c0990b79179e2fd717a48 (diff)
1 files changed, 456 insertions, 679 deletions
diff --git a/lib/ipset_hash_netiface.c b/lib/ipset_hash_netiface.c
index abf286c..9a4e7fa 100644
--- a/lib/ipset_hash_netiface.c
+++ b/lib/ipset_hash_netiface.c
@@ -10,58 +10,7 @@
 #include <libipset/ui.h>			/* ipset_port_usage */
 #include <libipset/types.h>			/* prototypes */
 
-/* Parse commandline arguments */
-static const struct ipset_arg hash_netiface_create_args0[] = {
-	{ .name = { "family", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,		.print = ipset_print_family,
-	},
-	/* Alias: family inet */
-	{ .name = { "-4", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	/* Alias: family inet6 */
-	{ .name = { "-6", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	{ .name = { "hashsize", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_HASHSIZE,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "maxelem", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_MAXELEM,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ },
-};
-
-static const struct ipset_arg hash_netiface_add_args0[] = {
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ },
-};
-
-static const char hash_netiface_usage0[] =
-"create SETNAME hash:net,iface\n"
-"		[family inet|inet6]\n"
-"               [hashsize VALUE] [maxelem VALUE]\n"
-"               [timeout VALUE]\n"
-"add    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE [timeout VALUE]\n"
-"del    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE\n"
-"test   SETNAME IP[/CIDR],[physdev:]IFACE\n\n"
-"where depending on the INET family\n"
-"      IP is a valid IPv4 or IPv6 address (or hostname),\n"
-"      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
-"      Adding/deleting multiple elements with IPv4 is supported.\n";
-
+/* Initial revision */
 static struct ipset_type ipset_hash_netiface0 = {
 	.name = "hash:net,iface",
 	.alias = { "netifacehash", NULL },
@@ -80,70 +29,70 @@ static struct ipset_type ipset_hash_netiface0 = {
 			.opt = IPSET_OPT_IFACE
 		},
 	},
-	.args = {
-		[IPSET_CREATE] = hash_netiface_create_args0,
-		[IPSET_ADD] = hash_netiface_add_args0,
-	},
-	.mandatory = {
-		[IPSET_CREATE] = 0,
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-	},
-	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
-			| IPSET_FLAG(IPSET_OPT_MAXELEM)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT),
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+	.cmd = {
+		[IPSET_CREATE] = {
+			.args = {
+				IPSET_ARG_FAMILY,
+				/* Aliases */
+				IPSET_ARG_INET,
+				IPSET_ARG_INET6,
+				IPSET_ARG_HASHSIZE,
+				IPSET_ARG_MAXELEM,
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NONE,
+			},
+			.need = 0,
+			.full = 0,
+			.help = "",
+		},
+		[IPSET_ADD] = {
+			.args = {
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_DEL] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_TEST] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR],[physdev:]IFACE",
+		},
 	},
-
-	.usage = hash_netiface_usage0,
+	.usage = "where depending on the INET family\n"
+		 "      IP is a valid IPv4 or IPv6 address (or hostname),\n"
+		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+		 "      Adding/deleting multiple elements with IPv4 is supported.",
 	.description = "Initial revision",
 };
 
-static const struct ipset_arg hash_netiface_add_args1[] = {
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "nomatch", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_NOMATCH,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ },
-};
-
-static const char hash_netiface_usage1[] =
-"create SETNAME hash:net,iface\n"
-"		[family inet|inet6]\n"
-"               [hashsize VALUE] [maxelem VALUE]\n"
-"               [timeout VALUE]\n"
-"add    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE [timeout VALUE] [nomatch]\n"
-"del    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE\n"
-"test   SETNAME IP[/CIDR],[physdev:]IFACE\n\n"
-"where depending on the INET family\n"
-"      IP is a valid IPv4 or IPv6 address (or hostname),\n"
-"      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
-"      Adding/deleting multiple elements with IPv4 is supported.\n";
-
+/* nomatch flag support */
 static struct ipset_type ipset_hash_netiface1 = {
 	.name = "hash:net,iface",
 	.alias = { "netifacehash", NULL },
@@ -162,46 +111,72 @@ static struct ipset_type ipset_hash_netiface1 = {
 			.opt = IPSET_OPT_IFACE
 		},
 	},
-	.args = {
-		[IPSET_CREATE] = hash_netiface_create_args0,
-		[IPSET_ADD] = hash_netiface_add_args1,
-	},
-	.mandatory = {
-		[IPSET_CREATE] = 0,
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-	},
-	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
-			| IPSET_FLAG(IPSET_OPT_MAXELEM)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT),
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+	.cmd = {
+		[IPSET_CREATE] = {
+			.args = {
+				IPSET_ARG_FAMILY,
+				/* Aliases */
+				IPSET_ARG_INET,
+				IPSET_ARG_INET6,
+				IPSET_ARG_HASHSIZE,
+				IPSET_ARG_MAXELEM,
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NONE,
+			},
+			.need = 0,
+			.full = 0,
+			.help = "",
+		},
+		[IPSET_ADD] = {
+			.args = {
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_DEL] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_TEST] = {
+			.args = {
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR],[physdev:]IFACE",
+		},
 	},
-
-	.usage = hash_netiface_usage1,
+	.usage = "where depending on the INET family\n"
+		 "      IP is a valid IPv4 or IPv6 address (or hostname),\n"
+		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+		 "      Adding/deleting multiple elements with IPv4 is supported.",
 	.description = "nomatch flag support",
 };
 
+/* /0 network support */
 static struct ipset_type ipset_hash_netiface2 = {
 	.name = "hash:net,iface",
 	.alias = { "netifacehash", NULL },
@@ -220,123 +195,72 @@ static struct ipset_type ipset_hash_netiface2 = {
 			.opt = IPSET_OPT_IFACE
 		},
 	},
-	.args = {
-		[IPSET_CREATE] = hash_netiface_create_args0,
-		[IPSET_ADD] = hash_netiface_add_args1,
-	},
-	.mandatory = {
-		[IPSET_CREATE] = 0,
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-	},
-	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
-			| IPSET_FLAG(IPSET_OPT_MAXELEM)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT),
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+	.cmd = {
+		[IPSET_CREATE] = {
+			.args = {
+				IPSET_ARG_FAMILY,
+				/* Aliases */
+				IPSET_ARG_INET,
+				IPSET_ARG_INET6,
+				IPSET_ARG_HASHSIZE,
+				IPSET_ARG_MAXELEM,
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NONE,
+			},
+			.need = 0,
+			.full = 0,
+			.help = "",
+		},
+		[IPSET_ADD] = {
+			.args = {
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_DEL] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_TEST] = {
+			.args = {
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR],[physdev:]IFACE",
+		},
 	},
-
-	.usage = hash_netiface_usage1,
+	.usage = "where depending on the INET family\n"
+		 "      IP is a valid IPv4 or IPv6 address (or hostname),\n"
+		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+		 "      Adding/deleting multiple elements with IPv4 is supported.",
 	.description = "/0 network support",
 };
 
-/* Parse commandline arguments */
-static const struct ipset_arg hash_netiface_create_args3[] = {
-	{ .name = { "family", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,		.print = ipset_print_family,
-	},
-	/* Alias: family inet */
-	{ .name = { "-4", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	/* Alias: family inet6 */
-	{ .name = { "-6", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	{ .name = { "hashsize", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_HASHSIZE,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "maxelem", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_MAXELEM,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "counters", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_COUNTERS,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ },
-};
-
-static const struct ipset_arg hash_netiface_add_args3[] = {
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "nomatch", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_NOMATCH,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "packets", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_PACKETS,
-	  .parse = ipset_parse_uint64,		.print = ipset_print_number,
-	},
-	{ .name = { "bytes", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_BYTES,
-	  .parse = ipset_parse_uint64,		.print = ipset_print_number,
-	},
-	{ },
-};
-
-static const struct ipset_arg hash_netiface_test_args3[] = {
-	{ .name = { "nomatch", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_NOMATCH,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ },
-};
-
-static const char hash_netiface_usage3[] =
-"create SETNAME hash:net,iface\n"
-"		[family inet|inet6]\n"
-"               [hashsize VALUE] [maxelem VALUE]\n"
-"               [timeout VALUE] [counters]\n"
-"add    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE [timeout VALUE] [nomatch]\n"
-"               [packets VALUE] [bytes VALUE]\n"
-"del    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE\n"
-"test   SETNAME IP[/CIDR],[physdev:]IFACE\n\n"
-"where depending on the INET family\n"
-"      IP is a valid IPv4 or IPv6 address (or hostname),\n"
-"      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
-"      Adding/deleting multiple elements with IPv4 is supported.\n";
-
+/* counters support */
 static struct ipset_type ipset_hash_netiface3 = {
 	.name = "hash:net,iface",
 	.alias = { "netifacehash", NULL },
@@ -355,136 +279,75 @@ static struct ipset_type ipset_hash_netiface3 = {
 			.opt = IPSET_OPT_IFACE
 		},
 	},
-	.args = {
-		[IPSET_CREATE] = hash_netiface_create_args3,
-		[IPSET_ADD] = hash_netiface_add_args3,
-		[IPSET_TEST] = hash_netiface_test_args3,
-	},
-	.mandatory = {
-		[IPSET_CREATE] = 0,
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-	},
-	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
-			| IPSET_FLAG(IPSET_OPT_MAXELEM)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_COUNTERS),
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH)
-			| IPSET_FLAG(IPSET_OPT_PACKETS)
-			| IPSET_FLAG(IPSET_OPT_BYTES),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH),
+	.cmd = {
+		[IPSET_CREATE] = {
+			.args = {
+				IPSET_ARG_FAMILY,
+				/* Aliases */
+				IPSET_ARG_INET,
+				IPSET_ARG_INET6,
+				IPSET_ARG_HASHSIZE,
+				IPSET_ARG_MAXELEM,
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_COUNTERS,
+				IPSET_ARG_NONE,
+			},
+			.need = 0,
+			.full = 0,
+			.help = "",
+		},
+		[IPSET_ADD] = {
+			.args = {
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_PACKETS,
+				IPSET_ARG_BYTES,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_DEL] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_TEST] = {
+			.args = {
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR],[physdev:]IFACE",
+		},
 	},
-
-	.usage = hash_netiface_usage3,
+	.usage = "where depending on the INET family\n"
+		 "      IP is a valid IPv4 or IPv6 address (or hostname),\n"
+		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+		 "      Adding/deleting multiple elements with IPv4 is supported.",
 	.description = "counters support",
 };
 
-/* Parse commandline arguments */
-static const struct ipset_arg hash_netiface_create_args4[] = {
-	{ .name = { "family", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,		.print = ipset_print_family,
-	},
-	/* Alias: family inet */
-	{ .name = { "-4", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	/* Alias: family inet6 */
-	{ .name = { "-6", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	{ .name = { "hashsize", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_HASHSIZE,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "maxelem", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_MAXELEM,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "counters", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_COUNTERS,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "comment", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_CREATE_COMMENT,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ },
-};
-
-static const struct ipset_arg hash_netiface_add_args4[] = {
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "nomatch", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_NOMATCH,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "packets", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_PACKETS,
-	  .parse = ipset_parse_uint64,		.print = ipset_print_number,
-	},
-	{ .name = { "bytes", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_BYTES,
-	  .parse = ipset_parse_uint64,		.print = ipset_print_number,
-	},
-	{ .name = { "comment", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_ADT_COMMENT,
-	  .parse = ipset_parse_comment,		.print = ipset_print_comment,
-	},
-	{ },
-};
-
-static const struct ipset_arg hash_netiface_test_args4[] = {
-	{ .name = { "nomatch", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_NOMATCH,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ },
-};
-
-static const char hash_netiface_usage4[] =
-"create SETNAME hash:net,iface\n"
-"		[family inet|inet6]\n"
-"               [hashsize VALUE] [maxelem VALUE]\n"
-"               [timeout VALUE] [counters] [comment]\n"
-"add    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE [timeout VALUE] [nomatch]\n"
-"               [packets VALUE] [bytes VALUE] [comment \"string\"]\n"
-"del    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE\n"
-"test   SETNAME IP[/CIDR],[physdev:]IFACE\n\n"
-"where depending on the INET family\n"
-"      IP is a valid IPv4 or IPv6 address (or hostname),\n"
-"      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
-"      Adding/deleting multiple elements with IPv4 is supported.\n";
-
+/* comment support */
 static struct ipset_type ipset_hash_netiface4 = {
 	.name = "hash:net,iface",
 	.alias = { "netifacehash", NULL },
@@ -503,111 +366,77 @@ static struct ipset_type ipset_hash_netiface4 = {
 			.opt = IPSET_OPT_IFACE
 		},
 	},
-	.args = {
-		[IPSET_CREATE] = hash_netiface_create_args4,
-		[IPSET_ADD] = hash_netiface_add_args4,
-		[IPSET_TEST] = hash_netiface_test_args4,
-	},
-	.mandatory = {
-		[IPSET_CREATE] = 0,
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-	},
-	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
-			| IPSET_FLAG(IPSET_OPT_MAXELEM)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_COUNTERS)
-			| IPSET_FLAG(IPSET_OPT_CREATE_COMMENT),
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH)
-			| IPSET_FLAG(IPSET_OPT_PACKETS)
-			| IPSET_FLAG(IPSET_OPT_BYTES)
-			| IPSET_FLAG(IPSET_OPT_ADT_COMMENT),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH),
+	.cmd = {
+		[IPSET_CREATE] = {
+			.args = {
+				IPSET_ARG_FAMILY,
+				/* Aliases */
+				IPSET_ARG_INET,
+				IPSET_ARG_INET6,
+				IPSET_ARG_HASHSIZE,
+				IPSET_ARG_MAXELEM,
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_COUNTERS,
+				IPSET_ARG_COMMENT,
+				IPSET_ARG_NONE,
+			},
+			.need = 0,
+			.full = 0,
+			.help = "",
+		},
+		[IPSET_ADD] = {
+			.args = {
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_PACKETS,
+				IPSET_ARG_BYTES,
+				IPSET_ARG_ADT_COMMENT,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_DEL] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_TEST] = {
+			.args = {
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR],[physdev:]IFACE",
+		},
 	},
-
-	.usage = hash_netiface_usage4,
+	.usage = "where depending on the INET family\n"
+		 "      IP is a valid IPv4 or IPv6 address (or hostname),\n"
+		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+		 "      Adding/deleting multiple elements with IPv4 is supported.",
 	.description = "comment support",
 };
 
-/* Parse commandline arguments */
-static const struct ipset_arg hash_netiface_create_args5[] = {
-	{ .name = { "family", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,		.print = ipset_print_family,
-	},
-	/* Alias: family inet */
-	{ .name = { "-4", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	/* Alias: family inet6 */
-	{ .name = { "-6", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	{ .name = { "hashsize", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_HASHSIZE,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "maxelem", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_MAXELEM,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "counters", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_COUNTERS,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "comment", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_CREATE_COMMENT,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "forceadd", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FORCEADD,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ },
-};
-
-static const char hash_netiface_usage5[] =
-"create SETNAME hash:net,iface\n"
-"		[family inet|inet6]\n"
-"               [hashsize VALUE] [maxelem VALUE]\n"
-"               [timeout VALUE] [counters] [comment]\n"
-"		[forceadd]\n"
-"add    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE [timeout VALUE] [nomatch]\n"
-"               [packets VALUE] [bytes VALUE] [comment \"string\"]\n"
-"del    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE\n"
-"test   SETNAME IP[/CIDR],[physdev:]IFACE\n\n"
-"where depending on the INET family\n"
-"      IP is a valid IPv4 or IPv6 address (or hostname),\n"
-"      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
-"      Adding/deleting multiple elements with IPv4 is supported.\n";
-
+/* forceadd support */
 static struct ipset_type ipset_hash_netiface5 = {
 	.name = "hash:net,iface",
 	.alias = { "netifacehash", NULL },
@@ -626,153 +455,78 @@ static struct ipset_type ipset_hash_netiface5 = {
 			.opt = IPSET_OPT_IFACE
 		},
 	},
-	.args = {
-		[IPSET_CREATE] = hash_netiface_create_args5,
-		[IPSET_ADD] = hash_netiface_add_args4,
-		[IPSET_TEST] = hash_netiface_test_args4,
-	},
-	.mandatory = {
-		[IPSET_CREATE] = 0,
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-	},
-	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
-			| IPSET_FLAG(IPSET_OPT_MAXELEM)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_COUNTERS)
-			| IPSET_FLAG(IPSET_OPT_CREATE_COMMENT)
-			| IPSET_FLAG(IPSET_OPT_FORCEADD),
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH)
-			| IPSET_FLAG(IPSET_OPT_PACKETS)
-			| IPSET_FLAG(IPSET_OPT_BYTES)
-			| IPSET_FLAG(IPSET_OPT_ADT_COMMENT),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH),
+	.cmd = {
+		[IPSET_CREATE] = {
+			.args = {
+				IPSET_ARG_FAMILY,
+				/* Aliases */
+				IPSET_ARG_INET,
+				IPSET_ARG_INET6,
+				IPSET_ARG_HASHSIZE,
+				IPSET_ARG_MAXELEM,
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_COUNTERS,
+				IPSET_ARG_COMMENT,
+				IPSET_ARG_FORCEADD,
+				IPSET_ARG_NONE,
+			},
+			.need = 0,
+			.full = 0,
+			.help = "",
+		},
+		[IPSET_ADD] = {
+			.args = {
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_PACKETS,
+				IPSET_ARG_BYTES,
+				IPSET_ARG_ADT_COMMENT,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_DEL] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_TEST] = {
+			.args = {
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR],[physdev:]IFACE",
+		},
 	},
-
-	.usage = hash_netiface_usage5,
+	.usage = "where depending on the INET family\n"
+		 "      IP is a valid IPv4 or IPv6 address (or hostname),\n"
+		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+		 "      Adding/deleting multiple elements with IPv4 is supported.",
 	.description = "forceadd support",
 };
 
-/* Parse commandline arguments */
-static const struct ipset_arg hash_netiface_create_args6[] = {
-	{ .name = { "family", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,		.print = ipset_print_family,
-	},
-	/* Alias: family inet */
-	{ .name = { "-4", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	/* Alias: family inet6 */
-	{ .name = { "-6", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
-	  .parse = ipset_parse_family,
-	},
-	{ .name = { "hashsize", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_HASHSIZE,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "maxelem", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_MAXELEM,
-	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
-	},
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "counters", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_COUNTERS,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "comment", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_CREATE_COMMENT,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "forceadd", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FORCEADD,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "skbinfo", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_SKBINFO,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ },
-};
-
-static const struct ipset_arg hash_netiface_add_args6[] = {
-	{ .name = { "timeout", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_TIMEOUT,
-	  .parse = ipset_parse_timeout,		.print = ipset_print_number,
-	},
-	{ .name = { "nomatch", NULL },
-	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_NOMATCH,
-	  .parse = ipset_parse_flag,		.print = ipset_print_flag,
-	},
-	{ .name = { "packets", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_PACKETS,
-	  .parse = ipset_parse_uint64,		.print = ipset_print_number,
-	},
-	{ .name = { "bytes", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_BYTES,
-	  .parse = ipset_parse_uint64,		.print = ipset_print_number,
-	},
-	{ .name = { "comment", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_ADT_COMMENT,
-	  .parse = ipset_parse_comment,		.print = ipset_print_comment,
-	},
-	{ .name = { "skbmark", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_SKBMARK,
-	  .parse = ipset_parse_skbmark,		.print = ipset_print_skbmark,
-	},
-	{ .name = { "skbprio", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_SKBPRIO,
-	  .parse = ipset_parse_skbprio,		.print = ipset_print_skbprio,
-	},
-	{ .name = { "skbqueue", NULL },
-	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_SKBQUEUE,
-	  .parse = ipset_parse_uint16,		.print = ipset_print_number,
-	},
-	{ },
-};
-
-static const char hash_netiface_usage6[] =
-"create SETNAME hash:net,iface\n"
-"		[family inet|inet6]\n"
-"               [hashsize VALUE] [maxelem VALUE]\n"
-"               [timeout VALUE] [counters] [comment]\n"
-"		[forceadd] [skbinfo]\n"
-"add    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE [timeout VALUE] [nomatch]\n"
-"               [packets VALUE] [bytes VALUE] [comment \"string\"]\n"
-"		[skbmark VALUE] [skbprip VALUE] [skbqueue VALUE]\n"
-"del    SETNAME IP[/CIDR]|FROM-TO,[physdev:]IFACE\n"
-"test   SETNAME IP[/CIDR],[physdev:]IFACE\n\n"
-"where depending on the INET family\n"
-"      IP is a valid IPv4 or IPv6 address (or hostname),\n"
-"      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
-"      Adding/deleting multiple elements with IPv4 is supported.\n";
-
+/* skbinfo support */
 static struct ipset_type ipset_hash_netiface6 = {
 	.name = "hash:net,iface",
 	.alias = { "netifacehash", NULL },
@@ -791,55 +545,78 @@ static struct ipset_type ipset_hash_netiface6 = {
 			.opt = IPSET_OPT_IFACE
 		},
 	},
-	.args = {
-		[IPSET_CREATE] = hash_netiface_create_args6,
-		[IPSET_ADD] = hash_netiface_add_args6,
-		[IPSET_TEST] = hash_netiface_test_args4,
-	},
-	.mandatory = {
-		[IPSET_CREATE] = 0,
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_IFACE),
-	},
-	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
-			| IPSET_FLAG(IPSET_OPT_MAXELEM)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_COUNTERS)
-			| IPSET_FLAG(IPSET_OPT_CREATE_COMMENT)
-			| IPSET_FLAG(IPSET_OPT_FORCEADD)
-			| IPSET_FLAG(IPSET_OPT_SKBINFO),
-		[IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH)
-			| IPSET_FLAG(IPSET_OPT_PACKETS)
-			| IPSET_FLAG(IPSET_OPT_BYTES)
-			| IPSET_FLAG(IPSET_OPT_ADT_COMMENT)
-			| IPSET_FLAG(IPSET_OPT_SKBMARK)
-			| IPSET_FLAG(IPSET_OPT_SKBPRIO)
-			| IPSET_FLAG(IPSET_OPT_SKBQUEUE),
-		[IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV),
-		[IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP)
-			| IPSET_FLAG(IPSET_OPT_CIDR)
-			| IPSET_FLAG(IPSET_OPT_IP_TO)
-			| IPSET_FLAG(IPSET_OPT_IFACE)
-			| IPSET_FLAG(IPSET_OPT_PHYSDEV)
-			| IPSET_FLAG(IPSET_OPT_NOMATCH),
+	.cmd = {
+		[IPSET_CREATE] = {
+			.args = {
+				IPSET_ARG_FAMILY,
+				/* Aliases */
+				IPSET_ARG_INET,
+				IPSET_ARG_INET6,
+				IPSET_ARG_HASHSIZE,
+				IPSET_ARG_MAXELEM,
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_COUNTERS,
+				IPSET_ARG_COMMENT,
+				IPSET_ARG_FORCEADD,
+				IPSET_ARG_SKBINFO,
+				IPSET_ARG_NONE,
+			},
+			.need = 0,
+			.full = 0,
+			.help = "",
+		},
+		[IPSET_ADD] = {
+			.args = {
+				IPSET_ARG_TIMEOUT,
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_PACKETS,
+				IPSET_ARG_BYTES,
+				IPSET_ARG_ADT_COMMENT,
+				IPSET_ARG_SKBMARK,
+				IPSET_ARG_SKBPRIO,
+				IPSET_ARG_SKBQUEUE,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_DEL] = {
+			.args = {
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IP_TO)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR]|FROM-TO,[physdev:]IFACE",
+		},
+		[IPSET_TEST] = {
+			.args = {
+				IPSET_ARG_NOMATCH,
+				IPSET_ARG_NONE,
+			},
+			.need = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_IFACE),
+			.full = IPSET_FLAG(IPSET_OPT_IP)
+				| IPSET_FLAG(IPSET_OPT_CIDR)
+				| IPSET_FLAG(IPSET_OPT_IFACE)
+				| IPSET_FLAG(IPSET_OPT_PHYSDEV),
+			.help = "IP[/CIDR],[physdev:]IFACE",
+		},
 	},
-
-	.usage = hash_netiface_usage6,
+	.usage = "where depending on the INET family\n"
+		 "      IP is a valid IPv4 or IPv6 address (or hostname),\n"
+		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
+		 "      Adding/deleting multiple elements with IPv4 is supported.",
 	.description = "skbinfo support",
 };
author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2017-10-09 18:43:04 +0200
committer	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2018-01-02 21:47:27 +0100
commit	d71dd93599b932693f045301424c2276cd25a87e (patch)
tree	d1779c04b8bb2a44915483751ac33e498b1a2ad9 /lib/ipset_hash_netiface.c
parent	e2a84a4a7bb8cdebfe4c0990b79179e2fd717a48 (diff)