add markmask for hash:ip,mark data type

Introduce packet mark mask for hash:ip,mark data type. This allows to
set mark bit filter for the ip set.

Change-Id: Id8dd9ca7e64477c4f7b022a1d9c1a5b187f1c96e

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>

1 files changed, 5 insertions, 1 deletions

diff --git a/src/ipset.8 b/src/ipset.8
index e2b39fd..eeda9e7 100644
--- a/src/ipset.8
+++ b/src/ipset.8
@@ -881,7 +881,7 @@ ipset test foo 192.168.1,80.10.0.0/24
 .SS hash:ip,mark
 The \fBhash:ip,mark\fR set type uses a hash to store IP address and packet mark pairs.
 .PP
-\fICREATE\-OPTIONS\fR := [ \fBfamily\fR { \fBinet\fR | \fBinet6\fR } ] | [ \fBhashsize\fR \fIvalue\fR ] [ \fBmaxelem\fR \fIvalue\fR ] [ \fBtimeout\fR \fIvalue\fR ] [ \fBcounters\fP ] [ \fBcomment\fP ]
+\fICREATE\-OPTIONS\fR := [ \fBfamily\fR { \fBinet\fR | \fBinet6\fR } ] | [ \fBmarkmask\fR \fIvalue\fR ] [ \fBhashsize\fR \fIvalue\fR ] [ \fBmaxelem\fR \fIvalue\fR ] [ \fBtimeout\fR \fIvalue\fR ] [ \fBcounters\fP ] [ \fBcomment\fP ]
 .PP
 \fIADD\-ENTRY\fR := \fIipaddr\fR,\fImark\fR
 .PP
@@ -897,6 +897,10 @@ Optional \fBcreate\fR options:
 The protocol family of the IP addresses to be stored in the set. The default is
 \fBinet\fR, i.e IPv4.
 .TP
+\fBmarkmask\fR \fIvalue\fR
+Allows to set bits you are interested in the packet mark. This values is then used to perform bitwise AND operation for every mark added.
+markmask can be any value between 1 and 4294967295, by default all 32 bits are set.
+.TP
 \fBhashsize\fR \fIvalue\fR
 The initial hash size for the set, default is 1024. The hash size must be a power
 of two, the kernel automatically rounds up non power of two hash sizes to the first