diff options
| author | Vytas Dauksa <vytas.dauksa@smoothwall.net> | 2013-12-17 14:01:44 +0000 |
|---|---|---|
| committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2014-01-23 07:12:51 +0100 |
| commit | 2dfb973c0dcc6d22113e2370f461f1733035baaf (patch) | |
| tree | f07f9273a8b91c7ec45e871baf914608b8972033 /lib | |
| parent | 14ea38fca9e40df4f172a573c222591b5f3cc241 (diff) | |
add markmask for hash:ip,mark data type
Introduce packet mark mask for hash:ip,mark data type. This allows to
set mark bit filter for the ip set.
Change-Id: Id8dd9ca7e64477c4f7b022a1d9c1a5b187f1c96e
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/data.c | 7 | ||||
| -rw-r--r-- | lib/debug.c | 1 | ||||
| -rw-r--r-- | lib/errcode.c | 2 | ||||
| -rw-r--r-- | lib/ipset_hash_ipmark.c | 9 | ||||
| -rw-r--r-- | lib/print.c | 1 | ||||
| -rw-r--r-- | lib/session.c | 4 |
6 files changed, 22 insertions, 2 deletions
@@ -54,6 +54,7 @@ struct ipset_data { uint8_t netmask; uint32_t hashsize; uint32_t maxelem; + uint32_t markmask; uint32_t gc; uint32_t size; /* Filled out by kernel */ @@ -287,6 +288,9 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value) case IPSET_OPT_MAXELEM: data->create.maxelem = *(const uint32_t *) value; break; + case IPSET_OPT_MARKMASK: + data->create.markmask = *(const uint32_t *) value; + break; case IPSET_OPT_NETMASK: data->create.netmask = *(const uint8_t *) value; break; @@ -467,6 +471,8 @@ ipset_data_get(const struct ipset_data *data, enum ipset_opt opt) return &data->create.hashsize; case IPSET_OPT_MAXELEM: return &data->create.maxelem; + case IPSET_OPT_MARKMASK: + return &data->create.markmask; case IPSET_OPT_NETMASK: return &data->create.netmask; case IPSET_OPT_PROBES: @@ -561,6 +567,7 @@ ipset_data_sizeof(enum ipset_opt opt, uint8_t family) case IPSET_OPT_GC: case IPSET_OPT_HASHSIZE: case IPSET_OPT_MAXELEM: + case IPSET_OPT_MARKMASK: case IPSET_OPT_SIZE: case IPSET_OPT_ELEMENTS: case IPSET_OPT_REFERENCES: diff --git a/lib/debug.c b/lib/debug.c index 9a3c6b8..1240e22 100644 --- a/lib/debug.c +++ b/lib/debug.c @@ -38,6 +38,7 @@ static const struct ipset_attrname createattr2name[] = { [IPSET_ATTR_GC] = { .name = "GC" }, [IPSET_ATTR_HASHSIZE] = { .name = "HASHSIZE" }, [IPSET_ATTR_MAXELEM] = { .name = "MAXELEM" }, + [IPSET_ATTR_MARKMASK] = { .name = "MARKMASK" }, [IPSET_ATTR_NETMASK] = { .name = "NETMASK" }, [IPSET_ATTR_PROBES] = { .name = "PROBES" }, [IPSET_ATTR_RESIZE] = { .name = "RESIZE" }, diff --git a/lib/errcode.c b/lib/errcode.c index 160d9ad..86eeabd 100644 --- a/lib/errcode.c +++ b/lib/errcode.c @@ -38,6 +38,8 @@ static const struct ipset_errcode_table core_errcode_table[] = { "cannot create more." }, { IPSET_ERR_INVALID_NETMASK, 0, "The value of the netmask parameter is invalid" }, + { IPSET_ERR_INVALID_MARKMASK, 0, + "The value of the markmask parameter is invalid" }, { IPSET_ERR_INVALID_FAMILY, 0, "Protocol family not supported by the set type" }, diff --git a/lib/ipset_hash_ipmark.c b/lib/ipset_hash_ipmark.c index 6976371..fdea32f 100644 --- a/lib/ipset_hash_ipmark.c +++ b/lib/ipset_hash_ipmark.c @@ -26,6 +26,10 @@ static const struct ipset_arg hash_ipmark_create_args0[] = { .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, .parse = ipset_parse_family, }, + { .name = { "markmask", NULL }, + .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MARKMASK, + .parse = ipset_parse_uint32, .print = ipset_print_number, + }, { .name = { "hashsize", NULL }, .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, .parse = ipset_parse_uint32, .print = ipset_print_number, @@ -92,7 +96,7 @@ static const struct ipset_arg hash_ipmark_add_args0[] = { static const char hash_ipmark_usage0[] = "create SETNAME hash:ip,mark\n" -" [family inet|inet6]\n" +" [family inet|inet6] [markmask VALUE]\n" " [hashsize VALUE] [maxelem VALUE]\n" " [timeout VALUE] [counters] [comment]\n" "add SETNAME IP,MARK [timeout VALUE]\n" @@ -138,7 +142,8 @@ static struct ipset_type ipset_hash_ipmark0 = { | IPSET_FLAG(IPSET_OPT_MARK), }, .full = { - [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE) + [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_MARKMASK) + | IPSET_FLAG(IPSET_OPT_HASHSIZE) | IPSET_FLAG(IPSET_OPT_MAXELEM) | IPSET_FLAG(IPSET_OPT_TIMEOUT) | IPSET_FLAG(IPSET_OPT_COUNTERS) diff --git a/lib/print.c b/lib/print.c index 3c43443..8e2924e 100644 --- a/lib/print.c +++ b/lib/print.c @@ -893,6 +893,7 @@ ipset_print_data(char *buf, unsigned int len, case IPSET_OPT_GC: case IPSET_OPT_HASHSIZE: case IPSET_OPT_MAXELEM: + case IPSET_OPT_MARKMASK: case IPSET_OPT_NETMASK: case IPSET_OPT_PROBES: case IPSET_OPT_RESIZE: diff --git a/lib/session.c b/lib/session.c index cf65960..d2957a5 100644 --- a/lib/session.c +++ b/lib/session.c @@ -381,6 +381,10 @@ static const struct ipset_attr_policy create_attrs[] = { .type = MNL_TYPE_U32, .opt = IPSET_OPT_MAXELEM, }, + [IPSET_ATTR_MARKMASK] = { + .type = MNL_TYPE_U32, + .opt = IPSET_OPT_MARKMASK, + }, [IPSET_ATTR_NETMASK] = { .type = MNL_TYPE_U8, .opt = IPSET_OPT_NETMASK, |