hash:net,iface type introduced

The hash:net,iface type makes possible to store network address and interface name pairs in a set. It's mostly suitable for egress and ingress filtering. Examples: # ipset create test hash:net,iface # ipset add test 192.168.0.0/16,eth0 # ipset add test 192.168.0.0/24,eth1
author: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2011-05-30 17:48:01 +0200
committer: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2011-05-30 21:30:10 +0200
commit: 418a3a4f4d4e38abd1d691f81f2445590f02ecaf (patch)
tree: a41ed16b366c854786eea8f3da5c80fa50636dc6 /lib/session.c
parent: 4e21d6b5ce623f7601a872b94f3b88105356e2d3 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/session.c b/lib/session.c
index c03ed5d..93d33ff 100644
--- a/lib/session.c
+++ b/lib/session.c
@@ -13,6 +13,7 @@
 #include <string.h>				/* str* */
 #include <unistd.h>				/* getpagesize */
 #include <net/ethernet.h>			/* ETH_ALEN */
+#include <net/if.h>				/* IFNAMSIZ */
 
 #include <libipset/debug.h>			/* D() */
 #include <libipset/data.h>			/* IPSET_OPT_* */
@@ -473,6 +474,11 @@ static const struct ipset_attr_policy adt_attrs[] = {
 		.type = MNL_TYPE_NESTED,
 		.opt = IPSET_OPT_IP2_TO,
 	},
+	[IPSET_ATTR_IFACE] = {
+		.type = MNL_TYPE_NUL_STRING,
+		.opt = IPSET_OPT_IFACE,
+		.len  = IFNAMSIZ,
+	},
 };
 
 static const struct ipset_attr_policy ipaddr_attrs[] = {
author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2011-05-30 17:48:01 +0200
committer	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2011-05-30 21:30:10 +0200
commit	418a3a4f4d4e38abd1d691f81f2445590f02ecaf (patch)
tree	a41ed16b366c854786eea8f3da5c80fa50636dc6 /lib/session.c
parent	4e21d6b5ce623f7601a872b94f3b88105356e2d3 (diff)