summaryrefslogtreecommitdiffstats
path: root/lib/session.c
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2012-01-13 22:52:44 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2012-01-13 22:52:44 +0100
commit24b35d0b8950407ce85eefef18576d54f1e2c20e (patch)
tree8ecba4e1c02fb03cfab8ae0f37ab60b7455c137f /lib/session.c
parentdd71826fcfcfcc8c36f0508cc183dd222da40452 (diff)
Exceptions support added to hash:*net* types
The "nomatch" keyword and option is added to the hash:*net* types, by which one can add exception entries to sets. Example: ipset create test hash:net ipset add test 192.168.0/24 ipset add test 192.168.0/30 nomatch In this case the IP addresses from 192.168.0/24 except 192.168.0/30 match the elements of the set.
Diffstat (limited to 'lib/session.c')
-rw-r--r--lib/session.c21
1 files changed, 10 insertions, 11 deletions
diff --git a/lib/session.c b/lib/session.c
index 472b974..2ff463e 100644
--- a/lib/session.c
+++ b/lib/session.c
@@ -550,6 +550,8 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
struct ipset_data *data = session->data;
const struct ipset_attr_policy *attr;
const void *d;
+ uint32_t v32;
+ uint16_t v16;
int ret;
attr = &attrs[type];
@@ -560,7 +562,7 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
struct nlattr *ipattr[IPSET_ATTR_IPADDR_MAX+1] = {};
uint8_t family = ipset_data_family(data);
int atype;
- D("attr type %u", type);
+ D("IP attr type %u", type);
if (mnl_attr_parse_nested(nla[type],
ipaddr_attr_cb, ipattr) < 0)
FAILURE("Broken kernel message, cannot validate "
@@ -595,21 +597,16 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
}
d = mnl_attr_get_payload(ipattr[atype]);
} else if (nla[type]->nla_type & NLA_F_NET_BYTEORDER) {
+ D("netorder attr type %u", type);
switch (attr->type) {
case MNL_TYPE_U32: {
- uint32_t value;
-
- value = ntohl(*(const uint32_t *)d);
-
- d = &value;
+ v32 = ntohl(*(const uint32_t *)d);
+ d = &v32;
break;
}
case MNL_TYPE_U16: {
- uint16_t value;
-
- value = ntohs(*(const uint16_t *)d);
-
- d = &value;
+ v16 = ntohs(*(const uint16_t *)d);
+ d = &v16;
break;
}
default:
@@ -617,6 +614,8 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
}
}
#ifdef IPSET_DEBUG
+ else
+ D("hostorder attr type %u", type);
if (type == IPSET_ATTR_TYPENAME)
D("nla typename %s", (const char *) d);
#endif