diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-05-30 17:48:01 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-05-30 21:30:10 +0200 |
commit | 418a3a4f4d4e38abd1d691f81f2445590f02ecaf (patch) | |
tree | a41ed16b366c854786eea8f3da5c80fa50636dc6 /lib/parse.c | |
parent | 4e21d6b5ce623f7601a872b94f3b88105356e2d3 (diff) |
hash:net,iface type introduced
The hash:net,iface type makes possible to store network address and
interface name pairs in a set. It's mostly suitable for egress
and ingress filtering. Examples:
# ipset create test hash:net,iface
# ipset add test 192.168.0.0/16,eth0
# ipset add test 192.168.0.0/24,eth1
Diffstat (limited to 'lib/parse.c')
-rw-r--r-- | lib/parse.c | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/lib/parse.c b/lib/parse.c index 091fc6d..3d2a12b 100644 --- a/lib/parse.c +++ b/lib/parse.c @@ -12,6 +12,7 @@ #include <sys/types.h> /* getaddrinfo */ #include <sys/socket.h> /* getaddrinfo, AF_ */ #include <net/ethernet.h> /* ETH_ALEN */ +#include <net/if.h> /* IFNAMSIZ */ #include <netinet/in.h> /* IPPROTO_ */ #include <libipset/debug.h> /* D() */ @@ -1395,6 +1396,40 @@ ipset_parse_typename(struct ipset_session *session, } /** + * ipset_parse_iface - parse string as an interface name + * @session: session structure + * @opt: option kind of the data + * @str: string to parse + * + * Parse string as an interface name, optionally with 'physdev:' prefix. + * The value is stored in the data blob of the session. + * + * Returns 0 on success or a negative error code. + */ +int +ipset_parse_iface(struct ipset_session *session, + enum ipset_opt opt, const char *str) +{ + struct ipset_data *data; + int offset = 0, err = 0; + + assert(session); + assert(opt == IPSET_OPT_IFACE); + assert(str); + + data = ipset_session_data(session); + if (STREQ(str, "physdev:")) { + offset = 8; + err = ipset_data_set(data, IPSET_OPT_PHYSDEV, str); + } + if (strlen(str + offset) > IFNAMSIZ - 1) + return syntax_err("interface name '%s' is longer than %u characters", + str + offset, IFNAMSIZ - 1); + + return ipset_data_set(data, opt, str + offset); +} + +/** * ipset_parse_output - parse output format name * @session: session structure * @opt: option kind of the data |