summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/libipset/data.h16
-rw-r--r--include/libipset/debug.h6
-rw-r--r--include/libipset/errcode.h10
-rw-r--r--include/libipset/icmp.h8
-rw-r--r--include/libipset/icmpv6.h8
-rw-r--r--include/libipset/mnl.h4
-rw-r--r--include/libipset/nf_inet_addr.h4
-rw-r--r--include/libipset/parse.h42
-rw-r--r--include/libipset/pfxlen.h2
-rw-r--r--include/libipset/print.h4
-rw-r--r--include/libipset/session.h22
-rw-r--r--include/libipset/transport.h6
-rw-r--r--include/libipset/types.h15
-rw-r--r--include/libipset/ui.h4
-rw-r--r--include/libipset/utils.h12
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set.h6
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_ahash.h2
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_timeout.h2
-rw-r--r--kernel/include/linux/netfilter/ipset/pfxlen.h2
-rw-r--r--kernel/net/netfilter/ipset/ip_set_bitmap_ipmac.c3
-rw-r--r--kernel/net/netfilter/ipset/ip_set_core.c4
-rw-r--r--kernel/net/netfilter/ipset/ip_set_hash_net.c4
-rw-r--r--kernel/net/netfilter/ipset/ip_set_hash_netiface.c26
-rw-r--r--kernel/net/netfilter/ipset/ip_set_hash_netport.c2
-rw-r--r--kernel/net/netfilter/ipset/pfxlen.c2
-rw-r--r--kernel/net/netfilter/xt_set.c2
-rw-r--r--lib/data.c16
-rw-r--r--lib/debug.c71
-rw-r--r--lib/icmp.c20
-rw-r--r--lib/icmpv6.c23
-rw-r--r--lib/mnl.c29
-rw-r--r--lib/parse.c244
-rw-r--r--lib/print.c165
-rw-r--r--lib/session.c254
-rw-r--r--lib/types.c48
-rw-r--r--src/errcode.c20
-rw-r--r--src/ipset.c102
-rw-r--r--src/ipset_bitmap_ip.c12
-rw-r--r--src/ipset_bitmap_ipmac.c14
-rw-r--r--src/ipset_bitmap_port.c12
-rw-r--r--src/ipset_hash_ip.c10
-rw-r--r--src/ipset_hash_ipport.c14
-rw-r--r--src/ipset_hash_ipportip.c16
-rw-r--r--src/ipset_hash_ipportnet.c24
-rw-r--r--src/ipset_hash_net.c16
-rw-r--r--src/ipset_hash_netiface.c14
-rw-r--r--src/ipset_hash_netport.c20
-rw-r--r--src/ipset_list_set.c12
-rw-r--r--src/ui.c74
49 files changed, 773 insertions, 675 deletions
diff --git a/include/libipset/data.h b/include/libipset/data.h
index 7c7b5e1..3ba6f0a 100644
--- a/include/libipset/data.h
+++ b/include/libipset/data.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_DATA_H
@@ -68,7 +68,7 @@ enum ipset_opt {
#define IPSET_FLAGS_ALL (~0LL)
#define IPSET_CREATE_FLAGS \
- ( IPSET_FLAG(IPSET_OPT_FAMILY) \
+ (IPSET_FLAG(IPSET_OPT_FAMILY) \
| IPSET_FLAG(IPSET_OPT_TYPENAME)\
| IPSET_FLAG(IPSET_OPT_TYPE) \
| IPSET_FLAG(IPSET_OPT_IP) \
@@ -86,7 +86,7 @@ enum ipset_opt {
| IPSET_FLAG(IPSET_OPT_SIZE))
#define IPSET_ADT_FLAGS \
- ( IPSET_FLAG(IPSET_OPT_IP) \
+ (IPSET_FLAG(IPSET_OPT_IP) \
| IPSET_FLAG(IPSET_OPT_IP_TO) \
| IPSET_FLAG(IPSET_OPT_CIDR) \
| IPSET_FLAG(IPSET_OPT_PORT) \
@@ -114,8 +114,8 @@ extern bool ipset_data_ignored(struct ipset_data *data, enum ipset_opt opt);
extern int ipset_data_set(struct ipset_data *data, enum ipset_opt opt,
const void *value);
-extern const void * ipset_data_get(const struct ipset_data *data,
- enum ipset_opt opt);
+extern const void *ipset_data_get(const struct ipset_data *data,
+ enum ipset_opt opt);
static inline bool
ipset_data_test(const struct ipset_data *data, enum ipset_opt opt)
@@ -124,13 +124,13 @@ ipset_data_test(const struct ipset_data *data, enum ipset_opt opt)
}
/* Shortcuts */
-extern const char * ipset_data_setname(const struct ipset_data *data);
+extern const char *ipset_data_setname(const struct ipset_data *data);
extern uint8_t ipset_data_family(const struct ipset_data *data);
extern uint8_t ipset_data_cidr(const struct ipset_data *data);
extern uint64_t ipset_data_flags(const struct ipset_data *data);
extern void ipset_data_reset(struct ipset_data *data);
-extern struct ipset_data * ipset_data_init(void);
+extern struct ipset_data *ipset_data_init(void);
extern void ipset_data_fini(struct ipset_data *data);
extern size_t ipset_data_sizeof(enum ipset_opt opt, uint8_t family);
diff --git a/include/libipset/debug.h b/include/libipset/debug.h
index b0f4dfd..b9d5479 100644
--- a/include/libipset/debug.h
+++ b/include/libipset/debug.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_DEBUG_H
@@ -12,7 +12,7 @@
#include <sys/socket.h>
#include <linux/netlink.h>
#define D(fmt, args...) \
- fprintf(stderr, "%s: %s: " fmt "\n", __FILE__, __FUNCTION__ , ## args)
+ fprintf(stderr, "%s: %s: " fmt "\n", __FILE__, __func__ , ## args)
#define IF_D(test, fmt, args...) \
if (test) \
D(fmt , ## args)
diff --git a/include/libipset/errcode.h b/include/libipset/errcode.h
index ed56eb5..1593d89 100644
--- a/include/libipset/errcode.h
+++ b/include/libipset/errcode.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2008 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_ERRCODE_H
@@ -13,9 +13,9 @@ struct ipset_session;
/* Kernel error code to message table */
struct ipset_errcode_table {
- int errcode; /* error code returned by the kernel */
- enum ipset_cmd cmd; /* issued command */
- const char *message; /* error message the code translated to */
+ int errcode; /* error code returned by the kernel */
+ enum ipset_cmd cmd; /* issued command */
+ const char *message; /* error message the code translated to */
};
extern int ipset_errcode(struct ipset_session *session, enum ipset_cmd cmd,
diff --git a/include/libipset/icmp.h b/include/libipset/icmp.h
index 89604cd..e27fd4a 100644
--- a/include/libipset/icmp.h
+++ b/include/libipset/icmp.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_ICMP_H
@@ -9,8 +9,8 @@
#include <stdint.h> /* uintxx_t */
-extern const char * id_to_icmp(uint8_t id);
-extern const char * icmp_to_name(uint8_t type, uint8_t code);
+extern const char *id_to_icmp(uint8_t id);
+extern const char *icmp_to_name(uint8_t type, uint8_t code);
extern int name_to_icmp(const char *str, uint16_t *typecode);
#endif /* LIBIPSET_ICMP_H */
diff --git a/include/libipset/icmpv6.h b/include/libipset/icmpv6.h
index b23c822..8295445 100644
--- a/include/libipset/icmpv6.h
+++ b/include/libipset/icmpv6.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_ICMPV6_H
@@ -9,8 +9,8 @@
#include <stdint.h> /* uintxx_t */
-extern const char * id_to_icmpv6(uint8_t id);
-extern const char * icmpv6_to_name(uint8_t type, uint8_t code);
+extern const char *id_to_icmpv6(uint8_t id);
+extern const char *icmpv6_to_name(uint8_t type, uint8_t code);
extern int name_to_icmpv6(const char *str, uint16_t *typecode);
#endif /* LIBIPSET_ICMPV6_H */
diff --git a/include/libipset/mnl.h b/include/libipset/mnl.h
index c2b6d4c..0516ec7 100644
--- a/include/libipset/mnl.h
+++ b/include/libipset/mnl.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_MNL_H
diff --git a/include/libipset/nf_inet_addr.h b/include/libipset/nf_inet_addr.h
index 0e0701e..6c94e15 100644
--- a/include/libipset/nf_inet_addr.h
+++ b/include/libipset/nf_inet_addr.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_NF_INET_ADDR_H
diff --git a/include/libipset/parse.h b/include/libipset/parse.h
index 08f1089..9f64a70 100644
--- a/include/libipset/parse.h
+++ b/include/libipset/parse.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_PARSE_H
@@ -23,7 +23,7 @@ typedef int (*ipset_parsefn)(struct ipset_session *s,
enum ipset_opt opt, const char *str);
extern int ipset_parse_ether(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_port(struct ipset_session *session,
enum ipset_opt opt, const char *str,
const char *proto);
@@ -35,23 +35,23 @@ extern int ipset_parse_tcp_port(struct ipset_session *session,
extern int ipset_parse_single_tcp_port(struct ipset_session *session,
enum ipset_opt opt, const char *str);
extern int ipset_parse_proto(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_icmp(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_icmpv6(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_proto_port(struct ipset_session *session,
enum ipset_opt opt, const char *str);
extern int ipset_parse_family(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_ip(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_single_ip(struct ipset_session *session,
enum ipset_opt opt, const char *str);
extern int ipset_parse_net(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_range(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_netrange(struct ipset_session *session,
enum ipset_opt opt, const char *str);
extern int ipset_parse_iprange(struct ipset_session *session,
@@ -63,31 +63,31 @@ extern int ipset_parse_ip4_single6(struct ipset_session *session,
extern int ipset_parse_ip4_net6(struct ipset_session *session,
enum ipset_opt opt, const char *str);
extern int ipset_parse_name(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_before(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_after(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_setname(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_uint32(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_uint8(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_netmask(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_flag(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_typename(struct ipset_session *session,
enum ipset_opt opt, const char *str);
extern int ipset_parse_iface(struct ipset_session *session,
enum ipset_opt opt, const char *str);
extern int ipset_parse_output(struct ipset_session *session,
- int opt, const char *str);
+ int opt, const char *str);
extern int ipset_parse_ignored(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_parse_elem(struct ipset_session *session,
- enum ipset_opt opt, const char *str);
+ enum ipset_opt opt, const char *str);
extern int ipset_call_parser(struct ipset_session *session,
const struct ipset_arg *arg,
const char *str);
diff --git a/include/libipset/pfxlen.h b/include/libipset/pfxlen.h
index ba94dd9..58b4b4f 100644
--- a/include/libipset/pfxlen.h
+++ b/include/libipset/pfxlen.h
@@ -12,7 +12,7 @@
{.ip6 = { \
__constant_htonl(a), __constant_htonl(b), \
__constant_htonl(c), __constant_htonl(d), \
- }}
+ } }
/*
* This table works for both IPv4 and IPv6;
diff --git a/include/libipset/print.h b/include/libipset/print.h
index a3f5b95..1d537bd 100644
--- a/include/libipset/print.h
+++ b/include/libipset/print.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_PRINT_H
diff --git a/include/libipset/session.h b/include/libipset/session.h
index 9301ccd..467bb2f 100644
--- a/include/libipset/session.h
+++ b/include/libipset/session.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_SESSION_H
@@ -21,10 +21,14 @@ struct ipset_session;
struct ipset_data;
struct ipset_handle;
-extern struct ipset_data * ipset_session_data(const struct ipset_session *session);
-extern struct ipset_handle * ipset_session_handle(const struct ipset_session *session);
-extern const struct ipset_type * ipset_saved_type(const struct ipset_session *session);
-extern void ipset_session_lineno(struct ipset_session *session, uint32_t lineno);
+extern struct ipset_data *
+ ipset_session_data(const struct ipset_session *session);
+extern struct ipset_handle *
+ ipset_session_handle(const struct ipset_session *session);
+extern const struct ipset_type *
+ ipset_saved_type(const struct ipset_session *session);
+extern void ipset_session_lineno(struct ipset_session *session,
+ uint32_t lineno);
enum ipset_err_type {
IPSET_ERROR,
@@ -47,8 +51,8 @@ extern int ipset_session_report(struct ipset_session *session,
})
extern void ipset_session_report_reset(struct ipset_session *session);
-extern const char * ipset_session_error(const struct ipset_session *session);
-extern const char * ipset_session_warning(const struct ipset_session *session);
+extern const char *ipset_session_error(const struct ipset_session *session);
+extern const char *ipset_session_warning(const struct ipset_session *session);
#define ipset_session_data_set(session, opt, value) \
ipset_data_set(ipset_session_data(session), opt, value)
@@ -93,7 +97,7 @@ extern int ipset_cmd(struct ipset_session *session, enum ipset_cmd cmd,
typedef int (*ipset_outfn)(const char *fmt, ...)
__attribute__ ((format (printf, 1, 2)));
-extern struct ipset_session * ipset_session_init(ipset_outfn outfn);
+extern struct ipset_session *ipset_session_init(ipset_outfn outfn);
extern int ipset_session_fini(struct ipset_session *session);
extern void ipset_debug_msg(const char *dir, void *buffer, int len);
diff --git a/include/libipset/transport.h b/include/libipset/transport.h
index b22e073..a9209cd 100644
--- a/include/libipset/transport.h
+++ b/include/libipset/transport.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_TRANSPORT_H
@@ -12,7 +12,7 @@
#include <libmnl/libmnl.h> /* mnl_cb_t */
-#include <libipset/linux_ip_set.h> /* enum ipset_cmd */
+#include <libipset/linux_ip_set.h> /* enum ipset_cmd */
struct ipset_handle;
diff --git a/include/libipset/types.h b/include/libipset/types.h
index d8973db..d3a0b4c 100644
--- a/include/libipset/types.h
+++ b/include/libipset/types.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_TYPES_H
@@ -97,13 +97,14 @@ extern int ipset_cache_swap(const char *from, const char *to);
extern int ipset_cache_init(void);
extern void ipset_cache_fini(void);
-extern const struct ipset_type * ipset_type_get(struct ipset_session *session,
- enum ipset_cmd cmd);
-extern const struct ipset_type * ipset_type_check(struct ipset_session *session);
+extern const struct ipset_type *
+ ipset_type_get(struct ipset_session *session, enum ipset_cmd cmd);
+extern const struct ipset_type *
+ ipset_type_check(struct ipset_session *session);
extern int ipset_type_add(struct ipset_type *type);
-extern const struct ipset_type * ipset_types(void);
-extern const char * ipset_typename_resolve(const char *str);
+extern const struct ipset_type *ipset_types(void);
+extern const char *ipset_typename_resolve(const char *str);
extern bool ipset_match_typename(const char *str,
const struct ipset_type *t);
diff --git a/include/libipset/ui.h b/include/libipset/ui.h
index b05b737..4c9a163 100644
--- a/include/libipset/ui.h
+++ b/include/libipset/ui.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_UI_H
diff --git a/include/libipset/utils.h b/include/libipset/utils.h
index 2c88a83..df5b59e 100644
--- a/include/libipset/utils.h
+++ b/include/libipset/utils.h
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#ifndef LIBIPSET_UTILS_H
@@ -11,10 +11,10 @@
#include <netinet/in.h> /* struct in[6]_addr */
/* String equality tests */
-#define STREQ(a,b) (strcmp(a,b) == 0)
-#define STRNEQ(a,b,n) (strncmp(a,b,n) == 0)
-#define STRCASEQ(a,b) (strcasecmp(a,b) == 0)
-#define STRNCASEQ(a,b,n) (strncasecmp(a,b,n) == 0)
+#define STREQ(a, b) (strcmp(a, b) == 0)
+#define STRNEQ(a, b, n) (strncmp(a, b, n) == 0)
+#define STRCASEQ(a, b) (strcasecmp(a, b) == 0)
+#define STRNCASEQ(a, b, n) (strncasecmp(a, b, n) == 0)
/* Stringify tokens */
#define _STR(c) #c
diff --git a/kernel/include/linux/netfilter/ipset/ip_set.h b/kernel/include/linux/netfilter/ipset/ip_set.h
index e409173..3540c6e 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set.h
@@ -331,7 +331,7 @@ struct ip_set {
/* register and unregister set references */
extern ip_set_id_t ip_set_get_byname(const char *name, struct ip_set **set);
extern void ip_set_put_byindex(ip_set_id_t index);
-extern const char * ip_set_name_byindex(ip_set_id_t index);
+extern const char *ip_set_name_byindex(ip_set_id_t index);
extern ip_set_id_t ip_set_nfnl_get(const char *name);
extern ip_set_id_t ip_set_nfnl_get_byindex(ip_set_id_t index);
extern void ip_set_nfnl_put(ip_set_id_t index);
@@ -349,7 +349,7 @@ extern int ip_set_test(ip_set_id_t id, const struct sk_buff *skb,
const struct ip_set_adt_opt *opt);
/* Utility functions */
-extern void * ip_set_alloc(size_t size);
+extern void *ip_set_alloc(size_t size);
extern void ip_set_free(void *members);
extern int ip_set_get_ipaddr4(struct nlattr *nla, __be32 *ipaddr);
extern int ip_set_get_ipaddr6(struct nlattr *nla, union nf_inet_addr *ipaddr);
@@ -359,7 +359,7 @@ ip_set_get_hostipaddr4(struct nlattr *nla, u32 *ipaddr)
{
__be32 ip;
int ret = ip_set_get_ipaddr4(nla, &ip);
-
+
if (ret)
return ret;
*ipaddr = ntohl(ip);
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
index 8a0999a..c5b06aa 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
@@ -43,7 +43,7 @@ struct htable {
struct hbucket bucket[0]; /* hashtable buckets */
};
-#define hbucket(h, i) &((h)->bucket[i])
+#define hbucket(h, i) (&((h)->bucket[i]))
/* Book-keeping of the prefixes added to the set */
struct ip_set_hash_nets {
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_timeout.h b/kernel/include/linux/netfilter/ipset/ip_set_timeout.h
index bae086a..4792320 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_timeout.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set_timeout.h
@@ -78,7 +78,7 @@ ip_set_timeout_set(u32 timeout)
static inline u32
ip_set_timeout_get(unsigned long timeout)
{
- return timeout == IPSET_ELEM_PERMANENT ? 0 :
+ return timeout == IPSET_ELEM_PERMANENT ? 0 :
jiffies_to_msecs(timeout - jiffies)/1000;
}
diff --git a/kernel/include/linux/netfilter/ipset/pfxlen.h b/kernel/include/linux/netfilter/ipset/pfxlen.h
index d55a6cc..199fd11 100644
--- a/kernel/include/linux/netfilter/ipset/pfxlen.h
+++ b/kernel/include/linux/netfilter/ipset/pfxlen.h
@@ -2,7 +2,7 @@
#define _PFXLEN_H
#include <asm/byteorder.h>
-#include <linux/netfilter.h>
+#include <linux/netfilter.h>
#include <net/tcp.h>
/* Prefixlen maps, by Jan Engelhardt */
diff --git a/kernel/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/kernel/net/netfilter/ipset/ip_set_bitmap_ipmac.c
index 51ab664..56096f5 100644
--- a/kernel/net/netfilter/ipset/ip_set_bitmap_ipmac.c
+++ b/kernel/net/netfilter/ipset/ip_set_bitmap_ipmac.c
@@ -635,7 +635,8 @@ static struct ip_set_type bitmap_ipmac_type = {
},
.adt_policy = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
- [IPSET_ATTR_ETHER] = { .type = NLA_BINARY, .len = ETH_ALEN },
+ [IPSET_ATTR_ETHER] = { .type = NLA_BINARY,
+ .len = ETH_ALEN },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
[IPSET_ATTR_LINENO] = { .type = NLA_U32 },
},
diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c
index 297d03b..cb4abbb 100644
--- a/kernel/net/netfilter/ipset/ip_set_core.c
+++ b/kernel/net/netfilter/ipset/ip_set_core.c
@@ -688,8 +688,8 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb,
if (attr[IPSET_ATTR_DATA] &&
nla_parse_nested(tb, IPSET_ATTR_CREATE_MAX, attr[IPSET_ATTR_DATA],
set->type->create_policy)) {
- ret = -IPSET_ERR_PROTOCOL;
- goto put_out;
+ ret = -IPSET_ERR_PROTOCOL;
+ goto put_out;
}
ret = set->type->create(set, tb, flags);
diff --git a/kernel/net/netfilter/ipset/ip_set_hash_net.c b/kernel/net/netfilter/ipset/ip_set_hash_net.c
index 050163f..2d4b1f4 100644
--- a/kernel/net/netfilter/ipset/ip_set_hash_net.c
+++ b/kernel/net/netfilter/ipset/ip_set_hash_net.c
@@ -187,7 +187,7 @@ hash_net4_uadt(struct ip_set *set, struct nlattr *tb[],
return -IPSET_ERR_TIMEOUT;
timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
}
-
+
if (adt == IPSET_TEST || !tb[IPSET_ATTR_IP_TO]) {
data.ip = htonl(ip & ip_set_hostmask(data.cidr));
ret = adtfn(set, &data, timeout, flags);
@@ -205,7 +205,7 @@ hash_net4_uadt(struct ip_set *set, struct nlattr *tb[],
return -IPSET_ERR_HASH_RANGE;
}
if (retried)
- ip = h->next.ip;
+ ip = h->next.ip;
while (!after(ip, ip_to)) {
data.ip = htonl(ip);
last = ip_set_range_to_cidr(ip, ip_to, &data.cidr);
diff --git a/kernel/net/netfilter/ipset/ip_set_hash_netiface.c b/kernel/net/netfilter/ipset/ip_set_hash_netiface.c
index 51e5df1..3d6c53b 100644
--- a/kernel/net/netfilter/ipset/ip_set_hash_netiface.c
+++ b/kernel/net/netfilter/ipset/ip_set_hash_netiface.c
@@ -100,7 +100,7 @@ iface_test(struct rb_root *root, const char **iface)
while (n) {
const char *d = iface_data(n);
int res = ifname_compare(*iface, d);
-
+
if (res < 0)
n = n->rb_left;
else if (res > 0)
@@ -118,7 +118,7 @@ iface_add(struct rb_root *root, const char **iface)
{
struct rb_node **n = &(root->rb_node), *p = NULL;
struct iface_node *d;
-
+
while (*n) {
char *ifname = iface_data(*n);
int res = ifname_compare(*iface, ifname);
@@ -296,10 +296,10 @@ hash_netiface4_kadt(struct ip_set *set, const struct sk_buff *skb,
if (opt->cmdflags & IPSET_FLAG_PHYSDEV) {
#ifdef CONFIG_BRIDGE_NETFILTER
const struct nf_bridge_info *nf_bridge = skb->nf_bridge;
-
+
if (!nf_bridge)
return -EINVAL;
- data.iface = SRCDIR ? PHYSDEV(physindev): PHYSDEV(physoutdev);
+ data.iface = SRCDIR ? PHYSDEV(physindev) : PHYSDEV(physoutdev);
data.physdev = 1;
#else
data.iface = NULL;
@@ -350,7 +350,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
if (tb[IPSET_ATTR_CIDR]) {
data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
if (!data.cidr)
- return -IPSET_ERR_INVALID_CIDR;
+ return -IPSET_ERR_INVALID_CIDR;
}
if (tb[IPSET_ATTR_TIMEOUT]) {
@@ -359,7 +359,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
}
- strcpy(iface, nla_data(tb[IPSET_ATTR_IFACE]));
+ strcpy(iface, nla_data(tb[IPSET_ATTR_IFACE]));
data.iface = iface;
ret = iface_test(&h->rbtree, &data.iface);
if (adt == IPSET_ADD) {
@@ -372,8 +372,8 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
return ret;
if (tb[IPSET_ATTR_CADT_FLAGS]) {
- u32 flags = ip_set_get_h32(tb[IPSET_ATTR_CADT_FLAGS]);
- if (flags & IPSET_FLAG_PHYSDEV)
+ u32 cadt_flags = ip_set_get_h32(tb[IPSET_ATTR_CADT_FLAGS]);
+ if (cadt_flags & IPSET_FLAG_PHYSDEV)
data.physdev = 1;
}
@@ -559,10 +559,10 @@ hash_netiface6_kadt(struct ip_set *set, const struct sk_buff *skb,
if (opt->cmdflags & IPSET_FLAG_PHYSDEV) {
#ifdef CONFIG_BRIDGE_NETFILTER
const struct nf_bridge_info *nf_bridge = skb->nf_bridge;
-
+
if (!nf_bridge)
return -EINVAL;
- data.iface = SRCDIR ? PHYSDEV(physindev): PHYSDEV(physoutdev);
+ data.iface = SRCDIR ? PHYSDEV(physindev) : PHYSDEV(physoutdev);
data.physdev = 1;
#else
data.iface = NULL;
@@ -623,7 +623,7 @@ hash_netiface6_uadt(struct ip_set *set, struct nlattr *tb[],
timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
}
- strcpy(iface, nla_data(tb[IPSET_ATTR_IFACE]));
+ strcpy(iface, nla_data(tb[IPSET_ATTR_IFACE]));
data.iface = iface;
ret = iface_test(&h->rbtree, &data.iface);
if (adt == IPSET_ADD) {
@@ -636,8 +636,8 @@ hash_netiface6_uadt(struct ip_set *set, struct nlattr *tb[],
return ret;
if (tb[IPSET_ATTR_CADT_FLAGS]) {
- u32 flags = ip_set_get_h32(tb[IPSET_ATTR_CADT_FLAGS]);
- if (flags & IPSET_FLAG_PHYSDEV)
+ u32 cadt_flags = ip_set_get_h32(tb[IPSET_ATTR_CADT_FLAGS]);
+ if (cadt_flags & IPSET_FLAG_PHYSDEV)
data.physdev = 1;
}
diff --git a/kernel/net/netfilter/ipset/ip_set_hash_netport.c b/kernel/net/netfilter/ipset/ip_set_hash_netport.c
index d7710a9..fe203d1 100644
--- a/kernel/net/netfilter/ipset/ip_set_hash_netport.c
+++ b/kernel/net/netfilter/ipset/ip_set_hash_netport.c
@@ -199,7 +199,7 @@ hash_netport4_uadt(struct ip_set *set, struct nlattr *tb[],
if (tb[IPSET_ATTR_CIDR]) {
data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
if (!data.cidr)
- return -IPSET_ERR_INVALID_CIDR;
+ return -IPSET_ERR_INVALID_CIDR;
}
if (tb[IPSET_ATTR_PORT])
diff --git a/kernel/net/netfilter/ipset/pfxlen.c b/kernel/net/netfilter/ipset/pfxlen.c
index b57a856..bd13d66 100644
--- a/kernel/net/netfilter/ipset/pfxlen.c
+++ b/kernel/net/netfilter/ipset/pfxlen.c
@@ -148,7 +148,7 @@ const union nf_inet_addr ip_set_netmask_map[] = {
EXPORT_SYMBOL_GPL(ip_set_netmask_map);
#undef E
-#define E(a, b, c, d) \
+#define E(a, b, c, d) \
{.ip6 = { (__force __be32) a, (__force __be32) b, \
(__force __be32) c, (__force __be32) d, \
} }
diff --git a/kernel/net/netfilter/xt_set.c b/kernel/net/netfilter/xt_set.c
index 453847f..19461c4 100644
--- a/kernel/net/netfilter/xt_set.c
+++ b/kernel/net/netfilter/xt_set.c
@@ -37,7 +37,7 @@ match_set(ip_set_id_t index, const struct sk_buff *skb,
return inv;
}
-#define ADT_OPT(n, f, d, fs, cfs, t) \
+#define ADT_OPT(n, f, d, fs, cfs, t) \
const struct ip_set_adt_opt n = { \
.family = f, \
.dim = d, \
diff --git a/lib/data.c b/lib/data.c
index 9663efb..dfae6aa 100644
--- a/lib/data.c
+++ b/lib/data.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -18,7 +18,7 @@
#include <libipset/utils.h> /* inXcpy */
#include <libipset/data.h> /* prototypes */
-/* Internal data structure to hold
+/* Internal data structure to hold
* a) input data entered by the user or
* b) data received from kernel
*
@@ -174,7 +174,7 @@ ipset_data_ignored(struct ipset_data *data, enum ipset_opt opt)
{
bool ignored;
assert(data);
-
+
ignored = data->ignored & IPSET_FLAG(opt);
data->ignored |= IPSET_FLAG(opt);
@@ -329,7 +329,7 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
default:
return -1;
};
-
+
ipset_data_flags_set(data, IPSET_FLAG(opt));
return 0;
}
@@ -348,7 +348,7 @@ ipset_data_get(const struct ipset_data *data, enum ipset_opt opt)
{
assert(data);
assert(opt != IPSET_OPT_NONE);
-
+
if (!(opt == IPSET_OPT_TYPENAME || ipset_data_test(data, opt)))
return NULL;
@@ -533,8 +533,8 @@ uint8_t
ipset_data_cidr(const struct ipset_data *data)
{
assert(data);
- return ipset_data_test(data, IPSET_OPT_CIDR) ? data->cidr :
- data->family == AF_INET ? 32 :
+ return ipset_data_test(data, IPSET_OPT_CIDR) ? data->cidr :
+ data->family == AF_INET ? 32 :
data->family == AF_INET6 ? 128 : 0;
}
diff --git a/lib/debug.c b/lib/debug.c
index 5b97e6e..931b0c1 100644
--- a/lib/debug.c
+++ b/lib/debug.c
@@ -1,12 +1,12 @@
/* Copyright 2011 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <arpa/inet.h> /* inet_ntop */
-#include <libmnl/libmnl.h> /* libmnl backend */
+#include <libmnl/libmnl.h> /* libmnl backend */
struct ipset_attrname {
const char *name;
@@ -74,23 +74,24 @@ debug_cadt_attrs(int max, const struct ipset_attr_policy *policy,
uint32_t v;
int i;
- fprintf(stderr,"\t\t%s attributes:\n", policy == create_attrs ? "CREATE" : "ADT");
+ fprintf(stderr, "\t\t%s attributes:\n",
+ policy == create_attrs ? "CREATE" : "ADT");
for (i = IPSET_ATTR_UNSPEC + 1; i <= max; i++) {
if (!nla[i])
continue;
switch (policy[i].type) {
case MNL_TYPE_U8:
- v = * (uint8_t *) mnl_attr_get_payload(nla[i]);
+ v = *(uint8_t *) mnl_attr_get_payload(nla[i]);
fprintf(stderr, "\t\t%s: %u\n",
attr2name[i].name, v);
break;
case MNL_TYPE_U16:
- v = * (uint16_t *) mnl_attr_get_payload(nla[i]);
+ v = *(uint16_t *) mnl_attr_get_payload(nla[i]);
fprintf(stderr, "\t\t%s: %u\n",
attr2name[i].name, ntohs(v));
break;
case MNL_TYPE_U32:
- v = * (uint32_t *) mnl_attr_get_payload(nla[i]);
+ v = *(uint32_t *) mnl_attr_get_payload(nla[i]);
fprintf(stderr, "\t\t%s: %u\n",
attr2name[i].name, ntohl(v));
break;
@@ -104,18 +105,23 @@ debug_cadt_attrs(int max, const struct ipset_attr_policy *policy,
char addr[INET6_ADDRSTRLEN];
void *d;
- if (mnl_attr_parse_nested(nla[i], ipaddr_attr_cb, ipattr) < 0) {
- fprintf(stderr, "\t\tIPADDR: cannot validate and parse attributes\n");
+ if (mnl_attr_parse_nested(nla[i], ipaddr_attr_cb,
+ ipattr) < 0) {
+ fprintf(stderr,
+ "\t\tIPADDR: cannot validate "
+ "and parse attributes\n");
continue;
}
if (ipattr[IPSET_ATTR_IPADDR_IPV4]) {
- d = mnl_attr_get_payload(ipattr[IPSET_ATTR_IPADDR_IPV4]);
+ d = mnl_attr_get_payload(
+ ipattr[IPSET_ATTR_IPADDR_IPV4]);
inet_ntop(AF_INET, d, addr, INET6_ADDRSTRLEN);
fprintf(stderr, "\t\t%s: %s\n",
attr2name[i].name, addr);
} else if (ipattr[IPSET_ATTR_IPADDR_IPV6]) {
- d = mnl_attr_get_payload(ipattr[IPSET_ATTR_IPADDR_IPV6]);
+ d = mnl_attr_get_payload(
+ ipattr[IPSET_ATTR_IPADDR_IPV6]);
inet_ntop(AF_INET6, d, addr, INET6_ADDRSTRLEN);
fprintf(stderr, "\t\t%s: %s\n",
@@ -138,23 +144,23 @@ debug_cmd_attrs(int cmd, struct nlattr *nla[])
uint32_t v;
int i;
- fprintf(stderr,"\tCommand attributes:\n");
+ fprintf(stderr, "\tCommand attributes:\n");
for (i = IPSET_ATTR_UNSPEC + 1; i <= IPSET_ATTR_CMD_MAX; i++) {
if (!nla[i])
continue;
switch (cmd_attrs[i].type) {
case MNL_TYPE_U8:
- v = * (uint8_t *) mnl_attr_get_payload(nla[i]);
+ v = *(uint8_t *) mnl_attr_get_payload(nla[i]);
fprintf(stderr, "\t%s: %u\n",
cmdattr2name[i].name, v);
break;
case MNL_TYPE_U16:
- v = * (uint16_t *) mnl_attr_get_payload(nla[i]);
+ v = *(uint16_t *) mnl_attr_get_payload(nla[i]);
fprintf(stderr, "\t%s: %u\n",
cmdattr2name[i].name, ntohs(v));
break;
case MNL_TYPE_U32:
- v = * (uint32_t *) mnl_attr_get_payload(nla[i]);
+ v = *(uint32_t *) mnl_attr_get_payload(nla[i]);
fprintf(stderr, "\t%s: %u\n",
cmdattr2name[i].name, ntohl(v));
break;
@@ -169,8 +175,11 @@ debug_cmd_attrs(int cmd, struct nlattr *nla[])
case IPSET_CMD_ADD:
case IPSET_CMD_DEL:
case IPSET_CMD_TEST:
- if (mnl_attr_parse_nested(nla[i], adt_attr_cb, adt) < 0) {
- fprintf(stderr, "\tADT: cannot validate and parse attributes\n");
+ if (mnl_attr_parse_nested(nla[i],
+ adt_attr_cb, adt) < 0) {
+ fprintf(stderr,
+ "\tADT: cannot validate "
+ "and parse attributes\n");
continue;
}
debug_cadt_attrs(IPSET_ATTR_ADT_MAX,
@@ -179,8 +188,12 @@ debug_cmd_attrs(int cmd, struct nlattr *nla[])
adt);
break;
default:
- if (mnl_attr_parse_nested(nla[i], create_attr_cb, cattr) < 0) {
- fprintf(stderr, "\tCREATE: cannot validate and parse attributes\n");
+ if (mnl_attr_parse_nested(nla[i],
+ create_attr_cb,
+ cattr) < 0) {
+ fprintf(stderr,
+ "\tCREATE: cannot validate "
+ "and parse attributes\n");
continue;
}
debug_cadt_attrs(IPSET_ATTR_CREATE_MAX,
@@ -192,15 +205,18 @@ debug_cmd_attrs(int cmd, struct nlattr *nla[])
struct nlattr *tb;
mnl_attr_for_each_nested(tb, nla[i]) {
memset(adt, 0, sizeof(adt));
- if (mnl_attr_parse_nested(tb, adt_attr_cb, adt) < 0) {
- fprintf(stderr, "\tADT: cannot validate and parse attributes\n");
+ if (mnl_attr_parse_nested(tb,
+ adt_attr_cb, adt) < 0) {
+ fprintf(stderr,
+ "\tADT: cannot validate "
+ "and parse attributes\n");
continue;
}
debug_cadt_attrs(IPSET_ATTR_ADT_MAX,
adt_attrs,
adtattr2name,
adt);
- }
+ }
}
break;
default:
@@ -227,8 +243,9 @@ ipset_debug_msg(const char *dir, void *buffer, int len)
"\tlen %d\n"
"\tseq %u\n",
dir,
- nlh->nlmsg_type == NLMSG_NOOP ? "NOOP" :
- nlh->nlmsg_type == NLMSG_DONE ? "DONE" : "OVERRUN",
+ nlh->nlmsg_type == NLMSG_NOOP ? "NOOP" :
+ nlh->nlmsg_type == NLMSG_DONE ? "DONE" :
+ "OVERRUN",
len, nlh->nlmsg_seq);
goto next_msg;
case NLMSG_ERROR: {
@@ -257,8 +274,10 @@ ipset_debug_msg(const char *dir, void *buffer, int len)
if (cmd <= IPSET_CMD_NONE || cmd >= IPSET_CMD_MAX)
goto next_msg;
memset(nla, 0, sizeof(nla));
- if (mnl_attr_parse(nlh, nfmsglen, cmd_attr_cb, nla) < MNL_CB_STOP) {
- fprintf(stderr, "\tcannot validate and parse attributes\n");
+ if (mnl_attr_parse(nlh, nfmsglen,
+ cmd_attr_cb, nla) < MNL_CB_STOP) {
+ fprintf(stderr, "\tcannot validate "
+ "and parse attributes\n");
goto next_msg;
}
debug_cmd_attrs(cmd, nla);
diff --git a/lib/icmp.c b/lib/icmp.c
index c749272..c50be7e 100644
--- a/lib/icmp.c
+++ b/lib/icmp.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/utils.h> /* STRNEQ */
@@ -49,19 +49,20 @@ static const struct icmp_names icmp_typecodes[] = {
{ "address-mask-reply", 18, 0 },
};
-const char * id_to_icmp(uint8_t id)
+const char *id_to_icmp(uint8_t id)
{
return id < ARRAY_SIZE(icmp_typecodes) ? icmp_typecodes[id].name : NULL;
}
-const char * icmp_to_name(uint8_t type, uint8_t code)
+const char *icmp_to_name(uint8_t type, uint8_t code)
{
unsigned int i;
-
+
for (i = 0; i < ARRAY_SIZE(icmp_typecodes); i++)
- if (icmp_typecodes[i].type == type && icmp_typecodes[i].code == code)
+ if (icmp_typecodes[i].type == type &&
+ icmp_typecodes[i].code == code)
return icmp_typecodes[i].name;
-
+
return NULL;
}
@@ -71,9 +72,10 @@ int name_to_icmp(const char *str, uint16_t *typecode)
for (i = 0; i < ARRAY_SIZE(icmp_typecodes); i++)
if (STRNCASEQ(icmp_typecodes[i].name, str, strlen(str))) {
- *typecode = (icmp_typecodes[i].type << 8) | icmp_typecodes[i].code;
+ *typecode = (icmp_typecodes[i].type << 8) |
+ icmp_typecodes[i].code;
return 0;
}
-
+
return -1;
}
diff --git a/lib/icmpv6.c b/lib/icmpv6.c
index 5ba93ca..82234da 100644
--- a/lib/icmpv6.c
+++ b/lib/icmpv6.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/utils.h> /* STRNEQ */
@@ -36,19 +36,21 @@ static const struct icmpv6_names icmpv6_typecodes[] = {
{ "redirect", 137, 0 },
};
-const char * id_to_icmpv6(uint8_t id)
+const char *id_to_icmpv6(uint8_t id)
{
- return id < ARRAY_SIZE(icmpv6_typecodes) ? icmpv6_typecodes[id].name : NULL;
+ return id < ARRAY_SIZE(icmpv6_typecodes) ?
+ icmpv6_typecodes[id].name : NULL;
}
-const char * icmpv6_to_name(uint8_t type, uint8_t code)
+const char *icmpv6_to_name(uint8_t type, uint8_t code)
{
unsigned int i;
-
+
for (i = 0; i < ARRAY_SIZE(icmpv6_typecodes); i++)
- if (icmpv6_typecodes[i].type == type && icmpv6_typecodes[i].code == code)
+ if (icmpv6_typecodes[i].type == type &&
+ icmpv6_typecodes[i].code == code)
return icmpv6_typecodes[i].name;
-
+
return NULL;
}
@@ -58,9 +60,10 @@ int name_to_icmpv6(const char *str, uint16_t *typecode)
for (i = 0; i < ARRAY_SIZE(icmpv6_typecodes); i++)
if (STRNCASEQ(icmpv6_typecodes[i].name, str, strlen(str))) {
- *typecode = (icmpv6_typecodes[i].type << 8) | icmpv6_typecodes[i].code;
+ *typecode = (icmpv6_typecodes[i].type << 8) |
+ icmpv6_typecodes[i].code;
return 0;
}
-
+
return -1;
}
diff --git a/lib/mnl.c b/lib/mnl.c
index 9b7267c..786c9e5 100644
--- a/lib/mnl.c
+++ b/lib/mnl.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -32,13 +32,16 @@ struct ipset_handle {
/* Netlink flags of the commands */
static const uint16_t cmdflags[] = {
- [IPSET_CMD_CREATE-1] = NLM_F_REQUEST|NLM_F_ACK|NLM_F_CREATE|NLM_F_EXCL,
+ [IPSET_CMD_CREATE-1] = NLM_F_REQUEST|NLM_F_ACK|
+ NLM_F_CREATE|NLM_F_EXCL,
[IPSET_CMD_DESTROY-1] = NLM_F_REQUEST|NLM_F_ACK,
[IPSET_CMD_FLUSH-1] = NLM_F_REQUEST|NLM_F_ACK,
[IPSET_CMD_RENAME-1] = NLM_F_REQUEST|NLM_F_ACK,
[IPSET_CMD_SWAP-1] = NLM_F_REQUEST|NLM_F_ACK,
- [IPSET_CMD_LIST-1] = NLM_F_REQUEST|NLM_F_ACK|NLM_F_ROOT|NLM_F_MATCH|NLM_F_DUMP,
- [IPSET_CMD_SAVE-1] = NLM_F_REQUEST|NLM_F_ACK|NLM_F_ROOT|NLM_F_MATCH|NLM_F_DUMP,
+ [IPSET_CMD_LIST-1] = NLM_F_REQUEST|NLM_F_ACK|
+ NLM_F_ROOT|NLM_F_MATCH|NLM_F_DUMP,
+ [IPSET_CMD_SAVE-1] = NLM_F_REQUEST|NLM_F_ACK|
+ NLM_F_ROOT|NLM_F_MATCH|NLM_F_DUMP,
[IPSET_CMD_ADD-1] = NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL,
[IPSET_CMD_DEL-1] = NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL,
[IPSET_CMD_TEST-1] = NLM_F_REQUEST|NLM_F_ACK,
@@ -74,7 +77,7 @@ ipset_mnl_fill_hdr(struct ipset_handle *handle, enum ipset_cmd cmd,
nlh->nlmsg_type = cmd | (NFNL_SUBSYS_IPSET << 8);
nlh->nlmsg_flags = cmdflags[cmd - 1];
if (envflags & IPSET_ENV_EXIST)
- nlh->nlmsg_flags &= ~NLM_F_EXCL;
+ nlh->nlmsg_flags &= ~NLM_F_EXCL;
nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(struct nfgenmsg));
nfg->nfgen_family = AF_INET;
@@ -119,28 +122,28 @@ ipset_mnl_query(struct ipset_handle *handle, void *buffer, size_t len)
static struct ipset_handle *
ipset_mnl_init(mnl_cb_t *cb_ctl, void *data)
-{
+{
struct ipset_handle *handle;
-
+
assert(cb_ctl);
assert(data);
handle = calloc(1, sizeof(*handle));
if (!handle)
return NULL;
-
+
handle->h = mnl_socket_open(NETLINK_NETFILTER);
if (!handle->h)
goto free_handle;
-
+
if (mnl_socket_bind(handle->h, 0, MNL_SOCKET_AUTOPID) < 0)
goto close_nl;
-
+
handle->portid = mnl_socket_get_portid(handle->h);
handle->cb_ctl = cb_ctl;
handle->data = data;
handle->seq = time(NULL);
-
+
return handle;
close_nl:
@@ -148,7 +151,7 @@ close_nl:
free_handle:
free(handle);
- return NULL;
+ return NULL;
}
static int
diff --git a/lib/parse.c b/lib/parse.c
index 3d2a12b..2bb0601 100644
--- a/lib/parse.c
+++ b/lib/parse.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -44,21 +44,23 @@ static char *
ipset_strchr(const char *str, const char *sep)
{
char *match;
-
+
assert(str);
assert(sep);
-
- for (; *sep != '\0'; sep++)
- if ((match = strchr(str, sep[0])) != NULL
- && str[0] != sep[0]
- && str[strlen(str)-1] != sep[0])
+
+ for (; *sep != '\0'; sep++) {
+ match = strchr(str, sep[0]);
+ if (match != NULL &&
+ str[0] != sep[0] &&
+ str[strlen(str)-1] != sep[0])
return match;
-
+ }
+
return NULL;
}
-/*
- * Parser functions, shamelessly taken from iptables.c, ip6tables.c
+/*
+ * Parser functions, shamelessly taken from iptables.c, ip6tables.c
* and parser.c from libnetfilter_conntrack.
*/
@@ -67,7 +69,7 @@ ipset_strchr(const char *str, const char *sep)
*/
static int
string_to_number_ll(struct ipset_session *session,
- const char *str,
+ const char *str,
unsigned long long min,
unsigned long long max,
unsigned long long *ret)
@@ -114,7 +116,7 @@ string_to_cidr(struct ipset_session *session,
const char *str, uint8_t min, uint8_t max, uint8_t *ret)
{
int err = string_to_u8(session, str, ret);
-
+
if (!err && (*ret < min || *ret > max))
return syntax_err("'%s' is out of range %u-%u",
str, min, max);
@@ -165,7 +167,7 @@ ipset_parse_ether(struct ipset_session *session,
{
unsigned int i = 0;
unsigned char ether[ETH_ALEN];
-
+
assert(session);
assert(opt == IPSET_OPT_ETHER);
assert(str);
@@ -179,9 +181,9 @@ ipset_parse_ether(struct ipset_session *session,
number = strtol(str + i * 3, &end, 16);
- if (end == str + i * 3 + 2
- && (*end == ':' || *end == '\0')
- && number >= 0 && number <= 255)
+ if (end == str + i * 3 + 2 &&
+ (*end == ':' || *end == '\0') &&
+ number >= 0 && number <= 255)
ether[i] = number;
else
goto error;
@@ -199,13 +201,13 @@ static int
parse_portname(struct ipset_session *session, const char *str,
uint16_t *port, const char *proto)
{
- struct servent *service;
+ struct servent *service = getservbyname(str, proto);
- if ((service = getservbyname(str, proto)) != NULL) {
+ if (service != NULL) {
*port = ntohs((uint16_t) service->s_port);
return 0;
}
-
+
return syntax_err("cannot parse '%s' as a %s port", str, proto);
}
@@ -233,8 +235,8 @@ ipset_parse_port(struct ipset_session *session,
assert(opt == IPSET_OPT_PORT || opt == IPSET_OPT_PORT_TO);
assert(str);
- if ((err = string_to_u16(session, str, &port)) == 0
- || (err = parse_portname(session, str, &port, proto)) == 0)
+ if ((err = string_to_u16(session, str, &port)) == 0 ||
+ (err = parse_portname(session, str, &port, proto)) == 0)
err = ipset_session_data_set(session, opt, &port);
if (!err)
@@ -352,7 +354,7 @@ ipset_parse_proto(struct ipset_session *session,
assert(session);
assert(opt == IPSET_OPT_PROTO);
assert(str);
-
+
protoent = getprotobyname(strcasecmp(str, "icmpv6") == 0
? "ipv6-icmp" : str);
if (protoent == NULL)
@@ -361,7 +363,7 @@ ipset_parse_proto(struct ipset_session *session,
proto = protoent->p_proto;
if (!proto)
return syntax_err("Unsupported protocol '%s'", str);
-
+
return ipset_session_data_set(session, opt, &proto);
}
@@ -375,7 +377,7 @@ parse_icmp_typecode(struct ipset_session *session,
uint8_t type, code;
char *a, *saved, *tmp;
int err;
-
+
saved = tmp = strdup(str);
if (tmp == NULL)
return ipset_err(session,
@@ -385,13 +387,14 @@ parse_icmp_typecode(struct ipset_session *session,
if (a == NULL) {
free(saved);
return ipset_err(session,
- "Cannot parse %s as an %s type/code.", str, family);
+ "Cannot parse %s as an %s type/code.",
+ str, family);
}
*a++ = '\0';
- if ((err = string_to_u8(session, a, &type)) != 0
- || (err = string_to_u8(session, tmp, &code)) != 0)
- goto error;
-
+ if ((err = string_to_u8(session, a, &type)) != 0 ||
+ (err = string_to_u8(session, tmp, &code)) != 0)
+ goto error;
+
typecode = (type << 8) | code;
err = ipset_session_data_set(session, opt, &typecode);
@@ -497,7 +500,7 @@ ipset_parse_proto_port(struct ipset_session *session,
err = ipset_parse_proto(session, IPSET_OPT_PROTO, tmp);
if (err)
goto error;
-
+
p = *(const uint8_t *) ipset_data_get(data, IPSET_OPT_PROTO);
switch (p) {
case IPPROTO_TCP:
@@ -509,28 +512,31 @@ ipset_parse_proto_port(struct ipset_session *session,
goto parse_port;
case IPPROTO_ICMP:
if (family != AF_INET) {
- syntax_err("Protocol ICMP can be used with family INET only");
+ syntax_err("Protocol ICMP can be used "
+ "with family INET only");
goto error;
}
err = ipset_parse_icmp(session, opt, a);
break;
case IPPROTO_ICMPV6:
if (family != AF_INET6) {
- syntax_err("Protocol ICMPv6 can be used with family INET6 only");
+ syntax_err("Protocol ICMPv6 can be used "
+ "with family INET6 only");
goto error;
}
err = ipset_parse_icmpv6(session, opt, a);
break;
default:
if (!STREQ(a, "0")) {
- syntax_err("Protocol %s can be used with pseudo port value 0 only.");
+ syntax_err("Protocol %s can be used "
+ "with pseudo port value 0 only.");
goto error;
}
ipset_data_flags_set(data, IPSET_FLAG(opt));
}
goto error;
} else {
- proto = "TCP";
+ proto = "TCP";
err = ipset_data_set(data, IPSET_OPT_PROTO, &p);
if (err)
goto error;
@@ -560,7 +566,7 @@ ipset_parse_family(struct ipset_session *session,
{
struct ipset_data *data;
uint8_t family;
-
+
assert(session);
assert(opt == IPSET_OPT_FAMILY);
assert(str);
@@ -578,7 +584,7 @@ ipset_parse_family(struct ipset_session *session,
family = AF_UNSPEC;
else
return syntax_err("unknown INET family %s", str);
-
+
return ipset_data_set(data, opt, &family);
}
@@ -586,27 +592,27 @@ ipset_parse_family(struct ipset_session *session,
* Parse IPv4/IPv6 addresses, networks and ranges.
* We resolve hostnames but just the first IP address is used.
*/
-
+
static struct addrinfo *
call_getaddrinfo(struct ipset_session *session, const char *str,
uint8_t family)
{
struct addrinfo hints;
- struct addrinfo *res;
+ struct addrinfo *res;
int err;
memset(&hints, 0, sizeof(hints));
hints.ai_flags = AI_CANONNAME;
- hints.ai_family = family;
- hints.ai_socktype = SOCK_RAW;
- hints.ai_protocol = 0;
- hints.ai_next = NULL;
-
- if ((err = getaddrinfo(str, NULL, &hints, &res)) != 0) {
- syntax_err("cannot resolve '%s' to an %s address: %s",
- str, family == AF_INET6 ? "IPv6" : "IPv4",
- gai_strerror(err));
- return NULL;
+ hints.ai_family = family;
+ hints.ai_socktype = SOCK_RAW;
+ hints.ai_protocol = 0;
+ hints.ai_next = NULL;
+
+ if ((err = getaddrinfo(str, NULL, &hints, &res)) != 0) {
+ syntax_err("cannot resolve '%s' to an %s address: %s",
+ str, family == AF_INET6 ? "IPv6" : "IPv4",
+ gai_strerror(err));
+ return NULL;
} else
return res;
}
@@ -618,10 +624,10 @@ get_addrinfo(struct ipset_session *session,
struct addrinfo **info,
uint8_t family)
{
- struct addrinfo *i;
+ struct addrinfo *i;
size_t addrlen = family == AF_INET ? sizeof(struct sockaddr_in)
: sizeof(struct sockaddr_in6);
- int found, err = 0;
+ int found, err = 0;
if ((*info = call_getaddrinfo(session, str, family)) == NULL) {
syntax_err("cannot parse %s: resolving to %s address failed",
@@ -634,13 +640,21 @@ get_addrinfo(struct ipset_session *session,
continue;
if (found == 0) {
if (family == AF_INET) {
- /* Workaround: direct cast increases required alignment on Sparc */
- const struct sockaddr_in *saddr = (void *)i->ai_addr;
- err = ipset_session_data_set(session, opt, &saddr->sin_addr);
+ /* Workaround: direct cast increases
+ * required alignment on Sparc
+ */
+ const struct sockaddr_in *saddr =
+ (void *)i->ai_addr;
+ err = ipset_session_data_set(session,
+ opt, &saddr->sin_addr);
} else {
- /* Workaround: direct cast increases required alignment on Sparc */
- const struct sockaddr_in6 *saddr = (void *)i->ai_addr;
- err = ipset_session_data_set(session, opt, &saddr->sin6_addr);
+ /* Workaround: direct cast increases
+ * required alignment on Sparc
+ */
+ const struct sockaddr_in6 *saddr =
+ (void *)i->ai_addr;
+ err = ipset_session_data_set(session,
+ opt, &saddr->sin6_addr);
}
} else if (found == 1) {
ipset_warn(session,
@@ -663,12 +677,12 @@ parse_ipaddr(struct ipset_session *session,
enum ipset_opt opt, const char *str,
uint8_t family)
{
- uint8_t m = family == AF_INET ? 32 : 128;
- int aerr = EINVAL, err = 0, range = 0;
- char *saved = strdup(str);
- char *a, *tmp = saved;
- struct addrinfo *info;
- enum ipset_opt copt, opt2;
+ uint8_t m = family == AF_INET ? 32 : 128;
+ int aerr = EINVAL, err = 0, range = 0;
+ char *saved = strdup(str);
+ char *a, *tmp = saved;
+ struct addrinfo *info;
+ enum ipset_opt copt, opt2;
if (opt == IPSET_OPT_IP) {
copt = IPSET_OPT_CIDR;
@@ -686,8 +700,8 @@ parse_ipaddr(struct ipset_session *session,
/* IP/mask */
*a++ = '\0';
- if ((err = string_to_cidr(session, a, 0, m, &m)) != 0
- || (err = ipset_session_data_set(session, copt, &m)) != 0)
+ if ((err = string_to_cidr(session, a, 0, m, &m)) != 0 ||
+ (err = ipset_session_data_set(session, copt, &m)) != 0)
goto out;
} else if ((a = range_separator(tmp)) != NULL) {
/* IP-IP */
@@ -695,8 +709,8 @@ parse_ipaddr(struct ipset_session *session,
D("range %s", a);
range++;
}
- if ((aerr = get_addrinfo(session, opt, tmp, &info, family)) != 0
- || !range)
+ if ((aerr = get_addrinfo(session, opt, tmp, &info, family)) != 0 ||
+ !range)
goto out;
freeaddrinfo(info);
aerr = get_addrinfo(session, opt2, a, &info, family);
@@ -709,7 +723,7 @@ out:
err = -1;
free(saved);
return err;
-}
+}
enum ipaddr_type {
IPADDR_ANY,
@@ -722,7 +736,7 @@ static inline bool
cidr_hostaddr(const char *str, uint8_t family)
{
char *a = cidr_separator(str);
-
+
return family == AF_INET ? STREQ(a, "/32") : STREQ(a, "/128");
}
@@ -740,10 +754,10 @@ parse_ip(struct ipset_session *session,
switch (addrtype) {
case IPADDR_PLAIN:
- if (range_separator(str)
- || (cidr_separator(str) && !cidr_hostaddr(str, family)))
- return syntax_err("plain IP address must be supplied: %s",
- str);
+ if (range_separator(str) ||
+ (cidr_separator(str) && !cidr_hostaddr(str, family)))
+ return syntax_err("plain IP address must be supplied: "
+ "%s", str);
break;
case IPADDR_NET:
if (!cidr_separator(str) || range_separator(str))
@@ -796,7 +810,7 @@ ipset_parse_ip(struct ipset_session *session,
* @opt: option kind of the data
* @str: string to parse
*
- * Parse string as an IPv4|IPv6 address or hostname. If family
+ * Parse string as an IPv4|IPv6 address or hostname. If family
* is not set yet in the data blob, INET is assumed.
* The value is stored in the data blob of the session.
*
@@ -807,9 +821,9 @@ ipset_parse_single_ip(struct ipset_session *session,
enum ipset_opt opt, const char *str)
{
assert(session);
- assert(opt == IPSET_OPT_IP
- || opt == IPSET_OPT_IP_TO
- || opt == IPSET_OPT_IP2);
+ assert(opt == IPSET_OPT_IP ||
+ opt == IPSET_OPT_IP_TO ||
+ opt == IPSET_OPT_IP2);
assert(str);
return parse_ip(session, opt, str, IPADDR_PLAIN);
@@ -821,7 +835,7 @@ ipset_parse_single_ip(struct ipset_session *session,
* @opt: option kind of the data
* @str: string to parse
*
- * Parse string as an IPv4|IPv6 address/cidr pattern. If family
+ * Parse string as an IPv4|IPv6 address/cidr pattern. If family
* is not set yet in the data blob, INET is assumed.
* The value is stored in the data blob of the session.
*
@@ -883,8 +897,8 @@ ipset_parse_netrange(struct ipset_session *session,
assert(str);
if (!(range_separator(str) || cidr_separator(str)))
- return syntax_err("IP/cidr or IP-IP range must be specified: %s",
- str);
+ return syntax_err("IP/cidr or IP-IP range must be specified: "
+ "%s", str);
return parse_ip(session, opt, str, IPADDR_ANY);
}
@@ -910,8 +924,8 @@ ipset_parse_iprange(struct ipset_session *session,
assert(str);
if (cidr_separator(str))
- return syntax_err("IP address or IP-IP range must be specified: %s",
- str);
+ return syntax_err("IP address or IP-IP range must be "
+ "specified: %s", str);
return parse_ip(session, opt, str, IPADDR_ANY);
}
@@ -967,15 +981,15 @@ ipset_parse_ip4_single6(struct ipset_session *session,
assert(session);
assert(opt == IPSET_OPT_IP || opt == IPSET_OPT_IP2);
assert(str);
-
+
data = ipset_session_data(session);
family = ipset_data_family(data);
-
+
if (family == AF_UNSPEC) {
family = AF_INET;
ipset_data_set(data, IPSET_OPT_FAMILY, &family);
}
-
+
return family == AF_INET ? ipset_parse_ip(session, opt, str)
: ipset_parse_single_ip(session, opt, str);
@@ -1007,15 +1021,15 @@ ipset_parse_ip4_net6(struct ipset_session *session,
assert(session);
assert(opt == IPSET_OPT_IP || opt == IPSET_OPT_IP2);
assert(str);
-
+
data = ipset_session_data(session);
family = ipset_data_family(data);
-
+
if (family == AF_UNSPEC) {
family = AF_INET;
ipset_data_set(data, IPSET_OPT_FAMILY, &family);
}
-
+
return family == AF_INET ? parse_ip(session, opt, str, IPADDR_ANY)
: ipset_parse_ipnet(session, opt, str);
@@ -1050,8 +1064,8 @@ ipset_parse_iptimeout(struct ipset_session *session,
if (ipset_data_flags_test(ipset_session_data(session),
IPSET_FLAG(IPSET_OPT_TIMEOUT)))
return syntax_err("mixed syntax, timeout already specified");
-
- tmp = saved = strdup(str);
+
+ tmp = saved = strdup(str);
if (saved == NULL)
return ipset_err(session,
"Cannot allocate memory to duplicate %s.",
@@ -1073,12 +1087,12 @@ ipset_parse_iptimeout(struct ipset_session *session,
#define check_setname(str, saved) \
do { \
- if (strlen(str) > IPSET_MAXNAMELEN - 1) { \
- if (saved != NULL) \
- free(saved); \
- return syntax_err("setname '%s' is longer than %u characters", \
- str, IPSET_MAXNAMELEN - 1); \
- } \
+ if (strlen(str) > IPSET_MAXNAMELEN - 1) { \
+ if (saved != NULL) \
+ free(saved); \
+ return syntax_err("setname '%s' is longer than %u characters",\
+ str, IPSET_MAXNAMELEN - 1); \
+ } \
} while (0)
@@ -1113,7 +1127,7 @@ ipset_parse_name_compat(struct ipset_session *session,
if (ipset_data_flags_test(data, IPSET_FLAG(IPSET_OPT_NAMEREF)))
syntax_err("mixed syntax, before|after option already used");
- tmp = saved = strdup(str);
+ tmp = saved = strdup(str);
if (saved == NULL)
return ipset_err(session,
"Cannot allocate memory to duplicate %s.",
@@ -1123,8 +1137,8 @@ ipset_parse_name_compat(struct ipset_session *session,
*a++ = '\0';
if ((b = elem_separator(a)) != NULL)
*b++ = '\0';
- if (b == NULL
- || !(STREQ(a, "before") || STREQ(a, "after"))) {
+ if (b == NULL ||
+ !(STREQ(a, "before") || STREQ(a, "after"))) {
err = ipset_err(session, "you must specify elements "
"as setname%s[before|after]%ssetname",
sep, sep);
@@ -1165,9 +1179,9 @@ ipset_parse_setname(struct ipset_session *session,
enum ipset_opt opt, const char *str)
{
assert(session);
- assert(opt == IPSET_SETNAME
- || opt == IPSET_OPT_NAME
- || opt == IPSET_OPT_SETNAME2);
+ assert(opt == IPSET_SETNAME ||
+ opt == IPSET_OPT_NAME ||
+ opt == IPSET_OPT_SETNAME2);
assert(str);
check_setname(str, NULL);
@@ -1253,13 +1267,13 @@ ipset_parse_uint32(struct ipset_session *session,
{
uint32_t value;
int err;
-
+
assert(session);
assert(str);
if ((err = string_to_u32(session, str, &value)) == 0)
return ipset_session_data_set(session, opt, &value);
-
+
return err;
}
@@ -1280,7 +1294,7 @@ ipset_parse_uint8(struct ipset_session *session,
{
uint8_t value;
int err;
-
+
assert(session);
assert(str);
@@ -1309,7 +1323,7 @@ ipset_parse_netmask(struct ipset_session *session,
uint8_t family, cidr;
struct ipset_data *data;
int err = 0;
-
+
assert(session);
assert(opt == IPSET_OPT_NETMASK);
assert(str);
@@ -1322,7 +1336,7 @@ ipset_parse_netmask(struct ipset_session *session,
}
err = string_to_cidr(session, str,
- family == AF_INET ? 1 : 4,
+ family == AF_INET ? 1 : 4,
family == AF_INET ? 31 : 124,
&cidr);
@@ -1351,7 +1365,7 @@ ipset_parse_flag(struct ipset_session *session,
enum ipset_opt opt, const char *str UNUSED)
{
assert(session);
-
+
return ipset_session_data_set(session, opt, NULL);
}
@@ -1391,7 +1405,7 @@ ipset_parse_typename(struct ipset_session *session,
if (type == NULL)
return -1;
-
+
return ipset_session_data_set(session, IPSET_OPT_TYPE, type);
}
@@ -1423,7 +1437,8 @@ ipset_parse_iface(struct ipset_session *session,
err = ipset_data_set(data, IPSET_OPT_PHYSDEV, str);
}
if (strlen(str + offset) > IFNAMSIZ - 1)
- return syntax_err("interface name '%s' is longer than %u characters",
+ return syntax_err("interface name '%s' is longer "
+ "than %u characters",
str + offset, IFNAMSIZ - 1);
return ipset_data_set(data, opt, str + offset);
@@ -1477,7 +1492,8 @@ ipset_parse_ignored(struct ipset_session *session,
if (!ipset_data_ignored(ipset_session_data(session), opt))
ipset_warn(session,
- "Option %s is ignored. Please upgrade your syntax.", str);
+ "Option %s is ignored. "
+ "Please upgrade your syntax.", str);
return 0;
}
@@ -1508,7 +1524,7 @@ ipset_call_parser(struct ipset_session *session,
}
#define parse_elem(s, t, d, str) \
-do { \
+do { \
if (!(t)->elem[d].parse) \
goto internal; \
ret = (t)->elem[d].parse(s, (t)->elem[d].opt, str); \
@@ -1566,8 +1582,8 @@ ipset_parse_elem(struct ipset_session *session,
} else if (a != NULL) {
if (type->compat_parse_elem) {
ret = type->compat_parse_elem(session,
- type->elem[IPSET_DIM_ONE].opt,
- saved);
+ type->elem[IPSET_DIM_ONE].opt,
+ saved);
goto out;
}
elem_syntax_err("Elem separator in %s, "
diff --git a/lib/print.c b/lib/print.c
index bcccd3f..6452ab5 100644
--- a/lib/print.c
+++ b/lib/print.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -54,15 +54,15 @@ ipset_print_ether(char *buf, unsigned int len,
{
const unsigned char *ether;
int i, size, offset = 0;
-
+
assert(buf);
assert(len > 0);
assert(data);
assert(opt == IPSET_OPT_ETHER);
-
+
if (len < ETH_ALEN*3)
return -1;
-
+
ether = ipset_data_get(data, opt);
assert(ether);
@@ -72,7 +72,7 @@ ipset_print_ether(char *buf, unsigned int len,
size = snprintf(buf + offset, len, ":%02X", ether[i]);
SNPRINTF_FAILURE(size, len, offset);
}
-
+
return offset;
}
@@ -139,35 +139,60 @@ ipset_print_type(char *buf, unsigned int len,
assert(type);
if (len < strlen(type->name) + 1)
return -1;
-
+
return snprintf(buf, len, "%s", type->name);
}
-#define GETNAMEINFO(family, f, n) \
-static inline int \
-__getnameinfo##f(char *buf, unsigned int len, \
- int flags, const union nf_inet_addr *addr) \
-{ \
- struct sockaddr_in##n saddr; \
- int err; \
- \
- memset(&saddr, 0, sizeof(saddr)); \
- in##f##cpy(&saddr.sin##n##_addr, &addr->in##n); \
- saddr.sin##n##_family = family; \
- \
- err = getnameinfo((const struct sockaddr *)&saddr, \
- sizeof(saddr), \
- buf, len, NULL, 0, flags); \
- \
- if (!(flags & NI_NUMERICHOST) && \
- (err == EAI_AGAIN || (err == 0 && strchr(buf, '-') != NULL))) \
- err = getnameinfo((const struct sockaddr *)&saddr, \
- sizeof(saddr), \
- buf, len, NULL, 0, \
- flags | NI_NUMERICHOST); \
- D("getnameinfo err: %i, errno %i", err, errno); \
- return (err == 0 ? (int)strlen(buf) : \
- (err == EAI_OVERFLOW || err == EAI_SYSTEM) ? (int)len : -1);\
+static inline int
+__getnameinfo4(char *buf, unsigned int len,
+ int flags, const union nf_inet_addr *addr)
+{
+ struct sockaddr_in saddr;
+ int err;
+
+ memset(&saddr, 0, sizeof(saddr));
+ in4cpy(&saddr.sin_addr, &addr->in);
+ saddr.sin_family = AF_INET;
+
+ err = getnameinfo((const struct sockaddr *)&saddr,
+ sizeof(saddr),
+ buf, len, NULL, 0, flags);
+
+ if (!(flags & NI_NUMERICHOST) &&
+ (err == EAI_AGAIN || (err == 0 && strchr(buf, '-') != NULL)))
+ err = getnameinfo((const struct sockaddr *)&saddr,
+ sizeof(saddr),
+ buf, len, NULL, 0,
+ flags | NI_NUMERICHOST);
+ D("getnameinfo err: %i, errno %i", err, errno);
+ return (err == 0 ? (int)strlen(buf) :
+ (err == EAI_OVERFLOW || err == EAI_SYSTEM) ? (int)len : -1);
+}
+
+static inline int
+__getnameinfo6(char *buf, unsigned int len,
+ int flags, const union nf_inet_addr *addr)
+{
+ struct sockaddr_in6 saddr;
+ int err;
+
+ memset(&saddr, 0, sizeof(saddr));
+ in6cpy(&saddr.sin6_addr, &addr->in6);
+ saddr.sin6_family = AF_INET6;
+
+ err = getnameinfo((const struct sockaddr *)&saddr,
+ sizeof(saddr),
+ buf, len, NULL, 0, flags);
+
+ if (!(flags & NI_NUMERICHOST) &&
+ (err == EAI_AGAIN || (err == 0 && strchr(buf, '-') != NULL)))
+ err = getnameinfo((const struct sockaddr *)&saddr,
+ sizeof(saddr),
+ buf, len, NULL, 0,
+ flags | NI_NUMERICHOST);
+ D("getnameinfo err: %i, errno %i", err, errno);
+ return (err == 0 ? (int)strlen(buf) :
+ (err == EAI_OVERFLOW || err == EAI_SYSTEM) ? (int)len : -1);
}
#define SNPRINTF_IP(mask, f) \
@@ -190,10 +215,8 @@ snprintf_ipv##f(char *buf, unsigned int len, int flags, \
return offset; \
}
-GETNAMEINFO(AF_INET, 4, )
SNPRINTF_IP(32, 4)
-GETNAMEINFO(AF_INET6, 6, 6)
SNPRINTF_IP(128, 6)
/**
@@ -232,7 +255,7 @@ ipset_print_ip(char *buf, unsigned int len,
} else
cidr = family == AF_INET6 ? 128 : 32;
flags = (env & IPSET_ENV_RESOLVE) ? 0 : NI_NUMERICHOST;
-
+
ip = ipset_data_get(data, opt);
assert(ip);
if (family == AF_INET)
@@ -258,8 +281,8 @@ ipset_print_ip(char *buf, unsigned int len,
size = snprintf_ipv6(buf + offset, len, flags, ip, cidr);
else
return -1;
-
- SNPRINTF_FAILURE(size, len, offset);
+
+ SNPRINTF_FAILURE(size, len, offset);
return offset;
}
@@ -288,9 +311,9 @@ ipset_print_ipaddr(char *buf, unsigned int len,
assert(buf);
assert(len > 0);
assert(data);
- assert(opt == IPSET_OPT_IP
- || opt == IPSET_OPT_IP_TO
- || opt == IPSET_OPT_IP2);
+ assert(opt == IPSET_OPT_IP ||
+ opt == IPSET_OPT_IP_TO ||
+ opt == IPSET_OPT_IP2);
family = ipset_data_family(data);
cidropt = opt == IPSET_OPT_IP ? IPSET_OPT_CIDR : IPSET_OPT_CIDR2;
@@ -333,7 +356,7 @@ ipset_print_number(char *buf, unsigned int len,
assert(buf);
assert(len > 0);
assert(data);
-
+
number = ipset_data_get(data, opt);
maxsize = ipset_data_sizeof(opt, AF_INET);
D("opt: %u, maxsize %zu", opt, maxsize);
@@ -380,7 +403,7 @@ ipset_print_name(char *buf, unsigned int len,
name = ipset_data_get(data, opt);
assert(name);
size = snprintf(buf, len, "%s", name);
- SNPRINTF_FAILURE(size, len, offset);
+ SNPRINTF_FAILURE(size, len, offset);
if (ipset_data_test(data, IPSET_OPT_NAMEREF)) {
bool before = false;
@@ -390,10 +413,10 @@ ipset_print_name(char *buf, unsigned int len,
before = (*flags) & IPSET_FLAG_BEFORE;
}
size = snprintf(buf + offset, len,
- " %s %s", before ? "before" : "after",
- (const char *) ipset_data_get(data,
- IPSET_OPT_NAMEREF));
- SNPRINTF_FAILURE(size, len, offset);
+ " %s %s", before ? "before" : "after",
+ (const char *) ipset_data_get(data,
+ IPSET_OPT_NAMEREF));
+ SNPRINTF_FAILURE(size, len, offset);
}
return offset;
@@ -431,13 +454,13 @@ ipset_print_port(char *buf, unsigned int len,
port = ipset_data_get(data, IPSET_OPT_PORT);
assert(port);
size = snprintf(buf, len, "%u", *port);
- SNPRINTF_FAILURE(size, len, offset);
-
+ SNPRINTF_FAILURE(size, len, offset);
+
if (ipset_data_test(data, IPSET_OPT_PORT_TO)) {
port = ipset_data_get(data, IPSET_OPT_PORT_TO);
size = snprintf(buf + offset, len,
- "%s%u",
- IPSET_RANGE_SEPARATOR, *port);
+ "%s%u",
+ IPSET_RANGE_SEPARATOR, *port);
SNPRINTF_FAILURE(size, len, offset);
}
@@ -479,7 +502,7 @@ ipset_print_iface(char *buf, unsigned int len,
name = ipset_data_get(data, opt);
assert(name);
size = snprintf(buf, len, "%s", name);
- SNPRINTF_FAILURE(size, len, offset);
+ SNPRINTF_FAILURE(size, len, offset);
return offset;
}
@@ -511,12 +534,12 @@ ipset_print_proto(char *buf, unsigned int len,
proto = *(const uint8_t *) ipset_data_get(data, IPSET_OPT_PROTO);
assert(proto);
-
+
protoent = getprotobynumber(proto);
if (protoent)
return snprintf(buf, len, "%s", protoent->p_name);
- /* Should not happen */
+ /* Should not happen */
return snprintf(buf, len, "%u", proto);
}
@@ -551,7 +574,8 @@ ipset_print_icmp(char *buf, unsigned int len,
if (name != NULL)
return snprintf(buf, len, "%s", name);
else
- return snprintf(buf, len, "%u/%u", typecode >> 8, typecode & 0xFF);
+ return snprintf(buf, len, "%u/%u",
+ typecode >> 8, typecode & 0xFF);
}
/**
@@ -585,7 +609,8 @@ ipset_print_icmpv6(char *buf, unsigned int len,
if (name != NULL)
return snprintf(buf, len, "%s", name);
else
- return snprintf(buf, len, "%u/%u", typecode >> 8, typecode & 0xFF);
+ return snprintf(buf, len, "%u/%u",
+ typecode >> 8, typecode & 0xFF);
}
/**
@@ -614,8 +639,8 @@ ipset_print_proto_port(char *buf, unsigned int len,
assert(opt == IPSET_OPT_PORT);
if (ipset_data_flags_test(data, IPSET_FLAG(IPSET_OPT_PROTO))) {
- uint8_t proto = *(const uint8_t *) ipset_data_get(data,
- IPSET_OPT_PROTO);
+ uint8_t proto = *(const uint8_t *) ipset_data_get(data,
+ IPSET_OPT_PROTO);
size = ipset_print_proto(buf, len, data, IPSET_OPT_PROTO, env);
SNPRINTF_FAILURE(size, len, offset);
if (len < 2)
@@ -641,16 +666,16 @@ ipset_print_proto_port(char *buf, unsigned int len,
}
size = ipset_print_port(buf + offset, len, data, IPSET_OPT_PORT, env);
SNPRINTF_FAILURE(size, len, offset);
-
+
return offset;
}
#define print_second(data) \
ipset_data_flags_test(data, \
- IPSET_FLAG(IPSET_OPT_PORT)|IPSET_FLAG(IPSET_OPT_ETHER))
+ IPSET_FLAG(IPSET_OPT_PORT)|IPSET_FLAG(IPSET_OPT_ETHER))
#define print_third(data) \
-ipset_data_flags_test(data, IPSET_FLAG(IPSET_OPT_IP2))
+ipset_data_flags_test(data, IPSET_FLAG(IPSET_OPT_IP2))
/**
* ipset_print_elem - print ADT elem according to settype
@@ -679,25 +704,25 @@ ipset_print_elem(char *buf, unsigned int len,
type = ipset_data_get(data, IPSET_OPT_TYPE);
if (!type)
return -1;
-
+
size = type->elem[IPSET_DIM_ONE].print(buf, len, data,
type->elem[IPSET_DIM_ONE].opt, env);
SNPRINTF_FAILURE(size, len, offset);
IF_D(ipset_data_test(data, type->elem[IPSET_DIM_TWO].opt),
"print second elem");
- if (type->dimension == IPSET_DIM_ONE
- || (type->last_elem_optional
- && !ipset_data_test(data, type->elem[IPSET_DIM_TWO].opt)))
+ if (type->dimension == IPSET_DIM_ONE ||
+ (type->last_elem_optional &&
+ !ipset_data_test(data, type->elem[IPSET_DIM_TWO].opt)))
return offset;
-
+
size = snprintf(buf + offset, len, IPSET_ELEM_SEPARATOR);
SNPRINTF_FAILURE(size, len, offset);
size = type->elem[IPSET_DIM_TWO].print(buf + offset, len, data,
type->elem[IPSET_DIM_TWO].opt, env);
SNPRINTF_FAILURE(size, len, offset);
- if (type->dimension == IPSET_DIM_TWO
- || (type->last_elem_optional
- && !ipset_data_test(data, type->elem[IPSET_DIM_THREE].opt)))
+ if (type->dimension == IPSET_DIM_TWO ||
+ (type->last_elem_optional &&
+ !ipset_data_test(data, type->elem[IPSET_DIM_THREE].opt)))
return offset;
size = snprintf(buf + offset, len, IPSET_ELEM_SEPARATOR);
@@ -725,7 +750,7 @@ int
ipset_print_flag(char *buf UNUSED, unsigned int len UNUSED,
const struct ipset_data *data UNUSED,
enum ipset_opt opt UNUSED, uint8_t env UNUSED)
-{
+{
return 0;
}
@@ -790,6 +815,6 @@ ipset_print_data(char *buf, unsigned int len,
return -1;
}
SNPRINTF_FAILURE(size, len, offset);
-
+
return offset;
}
diff --git a/lib/session.c b/lib/session.c
index 93d33ff..9e36efd 100644
--- a/lib/session.c
+++ b/lib/session.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -198,14 +198,14 @@ ipset_session_output(struct ipset_session *session,
*
* Returns -1.
*/
-int __attribute__((format(printf,3,4)))
+int __attribute__((format(printf, 3, 4)))
ipset_session_report(struct ipset_session *session,
- enum ipset_err_type type,
+ enum ipset_err_type type,
const char *fmt, ...)
{
int len, offset = 0;
va_list args;
-
+
assert(session);
assert(fmt);
@@ -214,13 +214,13 @@ ipset_session_report(struct ipset_session *session,
session->lineno);
}
offset = strlen(session->report);
-
+
va_start(args, fmt);
len = vsnprintf(session->report + offset,
- IPSET_ERRORBUFLEN - 1 - offset,
- fmt, args);
+ IPSET_ERRORBUFLEN - 1 - offset,
+ fmt, args);
va_end(args);
-
+
if (len >= IPSET_ERRORBUFLEN - 1 - offset)
session->report[IPSET_ERRORBUFLEN - 1] = '\0';
if (strlen(session->report) < IPSET_ERRORBUFLEN - 1)
@@ -501,7 +501,7 @@ generic_data_attr_cb(const struct nlattr *attr, void *data,
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
-
+
IF_D(debug, "attr type: %u, len %u", type, attr->nla_len);
if (mnl_attr_type_valid(attr, attr_max) < 0) {
IF_D(debug, "attr type: %u INVALID", type);
@@ -512,9 +512,9 @@ generic_data_attr_cb(const struct nlattr *attr, void *data,
mnl_attr_get_payload_len(attr));
return MNL_CB_ERROR;
}
- if (policy[type].type == MNL_TYPE_NUL_STRING
- && mnl_attr_get_payload_len(attr) > IPSET_MAXNAMELEN)
- return MNL_CB_ERROR;
+ if (policy[type].type == MNL_TYPE_NUL_STRING &&
+ mnl_attr_get_payload_len(attr) > IPSET_MAXNAMELEN)
+ return MNL_CB_ERROR;
tb[type] = attr;
return MNL_CB_OK;
}
@@ -598,7 +598,7 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
switch (attr->type) {
case MNL_TYPE_U32: {
uint32_t value;
-
+
value = ntohl(*(const uint32_t *)d);
d = &value;
@@ -606,7 +606,7 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
}
case MNL_TYPE_U16: {
uint16_t value;
-
+
value = ntohs(*(const uint16_t *)d);
d = &value;
@@ -617,15 +617,15 @@ attr2data(struct ipset_session *session, struct nlattr *nla[],
}
}
#ifdef IPSET_DEBUG
- if (type == IPSET_ATTR_TYPENAME)
+ if (type == IPSET_ATTR_TYPENAME)
D("nla typename %s", (const char *) d);
#endif
ret = ipset_data_set(data, attr->opt, d);
#ifdef IPSET_DEBUG
- if (type == IPSET_ATTR_TYPENAME)
+ if (type == IPSET_ATTR_TYPENAME)
D("nla typename %s",
(const char *) ipset_data_get(data, IPSET_OPT_TYPENAME));
-#endif
+#endif
return ret;
}
@@ -654,16 +654,16 @@ static inline int
call_outfn(struct ipset_session *session)
{
int ret = session->outfn("%s", session->outbuf);
-
+
session->outbuf[0] = '\0';
-
+
return ret < 0 ? ret : 0;
}
/* Handle printing failures */
static jmp_buf printf_failure;
-static int __attribute__((format(printf,2,3)))
+static int __attribute__((format(printf, 2, 3)))
safe_snprintf(struct ipset_session *session, const char *fmt, ...)
{
va_list args;
@@ -676,7 +676,7 @@ retry:
ret = vsnprintf(session->outbuf + len, IPSET_OUTBUFLEN - len,
fmt, args);
va_end(args);
-
+
if (ret < 0) {
ipset_err(session,
"Internal error at printing to output buffer");
@@ -710,7 +710,7 @@ retry:
D("len: %u, retry %u", len, loop);
ret = fn(session->outbuf + len, IPSET_OUTBUFLEN - len,
session->data, opt, session->envopts);
-
+
if (ret < 0) {
ipset_err(session,
"Internal error at printing to output buffer");
@@ -732,7 +732,7 @@ retry:
}
return ret;
}
-
+
static int
list_adt(struct ipset_session *session, struct nlattr *nla[])
{
@@ -742,7 +742,7 @@ list_adt(struct ipset_session *session, struct nlattr *nla[])
uint8_t family;
int i, found = 0;
- D("enter");
+ D("enter");
/* Check and load type, family */
if (!ipset_data_test(data, IPSET_OPT_TYPE))
type = ipset_type_get(session, IPSET_CMD_ADD);
@@ -773,7 +773,7 @@ list_adt(struct ipset_session *session, struct nlattr *nla[])
default:
break;
}
-
+
safe_dprintf(session, ipset_print_elem, IPSET_OPT_ELEM);
for (arg = type->args[IPSET_ADD]; arg != NULL && arg->print; arg++) {
@@ -804,7 +804,7 @@ list_adt(struct ipset_session *session, struct nlattr *nla[])
break;
}
}
-
+
if (session->mode == IPSET_LIST_XML)
safe_snprintf(session, "</member>\n");
else
@@ -863,10 +863,10 @@ list_create(struct ipset_session *session, struct nlattr *nla[])
}
for (arg = type->args[IPSET_CREATE]; arg != NULL && arg->opt; arg++) {
- if (!arg->print
- || !ipset_data_test(data, arg->opt)
- || (arg->opt == IPSET_OPT_FAMILY
- && family == type->family))
+ if (!arg->print ||
+ !ipset_data_test(data, arg->opt) ||
+ (arg->opt == IPSET_OPT_FAMILY &&
+ family == type->family))
continue;
switch (session->mode) {
case IPSET_LIST_SAVE:
@@ -979,15 +979,15 @@ callback_list(struct ipset_session *session, struct nlattr *nla[],
if (STREQ(ipset_data_setname(data), session->saved_setname)) {
/* Header part already seen */
- if (ipset_data_test(data, IPSET_OPT_TYPE)
- && nla[IPSET_ATTR_DATA] != NULL)
+ if (ipset_data_test(data, IPSET_OPT_TYPE) &&
+ nla[IPSET_ATTR_DATA] != NULL)
FAILURE("Broken %s kernel message: "
"extra DATA received!", cmd2name[cmd]);
} else {
if (nla[IPSET_ATTR_DATA] == NULL)
FAILURE("Broken %s kernel message: "
"missing DATA part!", cmd2name[cmd]);
-
+
/* Close previous set printing */
if (session->saved_setname[0] != '\0')
print_set_done(session);
@@ -996,13 +996,14 @@ callback_list(struct ipset_session *session, struct nlattr *nla[],
if (nla[IPSET_ATTR_DATA] != NULL) {
struct nlattr *cattr[IPSET_ATTR_CREATE_MAX+1] = {};
- if (!(nla[IPSET_ATTR_TYPENAME]
- && nla[IPSET_ATTR_FAMILY]
- && nla[IPSET_ATTR_REVISION]))
+ if (!(nla[IPSET_ATTR_TYPENAME] &&
+ nla[IPSET_ATTR_FAMILY] &&
+ nla[IPSET_ATTR_REVISION]))
FAILURE("Broken %s kernel message: missing %s!",
cmd2name[cmd],
- !nla[IPSET_ATTR_TYPENAME] ? "typename" :
- !nla[IPSET_ATTR_FAMILY] ? "family" : "revision");
+ !nla[IPSET_ATTR_TYPENAME] ? "typename" :
+ !nla[IPSET_ATTR_FAMILY] ? "family" :
+ "revision");
/* Reset CREATE specific flags */
ipset_data_flags_unset(data, IPSET_CREATE_FLAGS);
@@ -1025,7 +1026,7 @@ callback_list(struct ipset_session *session, struct nlattr *nla[],
return MNL_CB_ERROR;
strcpy(session->saved_setname, ipset_data_setname(data));
}
-
+
if (nla[IPSET_ATTR_ADT] != NULL) {
struct nlattr *tb, *adt[IPSET_ATTR_ADT_MAX+1];
@@ -1057,7 +1058,7 @@ static int
callback_version(struct ipset_session *session, struct nlattr *nla[])
{
uint8_t min, max;
-
+
min = max = mnl_attr_get_u8(nla[IPSET_ATTR_PROTOCOL]);
if (nla[IPSET_ATTR_PROTOCOL_MIN]) {
@@ -1071,8 +1072,8 @@ callback_version(struct ipset_session *session, struct nlattr *nla[])
"while userspace supports protocol versions %u-%u",
min, max, IPSET_PROTOCOL_MIN, IPSET_PROTOCOL_MAX);
- if (!(session->envopts & IPSET_ENV_QUIET)
- && max != IPSET_PROTOCOL_MAX)
+ if (!(session->envopts & IPSET_ENV_QUIET) &&
+ max != IPSET_PROTOCOL_MAX)
ipset_warn(session,
"Kernel support protocol versions %u-%u "
"while userspace supports protocol versions %u-%u",
@@ -1088,7 +1089,7 @@ callback_header(struct ipset_session *session, struct nlattr *nla[])
{
const char *setname;
const struct ipset_data *data = session->data;
-
+
if (!nla[IPSET_ATTR_SETNAME])
FAILURE("Broken HEADER kernel message: missing setname!");
@@ -1097,10 +1098,10 @@ callback_header(struct ipset_session *session, struct nlattr *nla[])
FAILURE("Broken HEADER kernel message: sent setname `%s' "
"does not match with received one `%s'!",
ipset_data_setname(data), setname);
-
- if (!(nla[IPSET_ATTR_TYPENAME]
- && nla[IPSET_ATTR_REVISION]
- && nla[IPSET_ATTR_FAMILY]))
+
+ if (!(nla[IPSET_ATTR_TYPENAME] &&
+ nla[IPSET_ATTR_REVISION] &&
+ nla[IPSET_ATTR_FAMILY]))
FAILURE("Broken HEADER kernel message: "
"missing attribute '%s'!",
!nla[IPSET_ATTR_TYPENAME] ? "typename" :
@@ -1120,10 +1121,10 @@ callback_type(struct ipset_session *session, struct nlattr *nla[])
{
const struct ipset_data *data = session->data;
const char *typename, *orig;
-
- if (!(nla[IPSET_ATTR_TYPENAME]
- && nla[IPSET_ATTR_REVISION]
- && nla[IPSET_ATTR_FAMILY]))
+
+ if (!(nla[IPSET_ATTR_TYPENAME] &&
+ nla[IPSET_ATTR_REVISION] &&
+ nla[IPSET_ATTR_FAMILY]))
FAILURE("Broken TYPE kernel message: "
"missing attribute '%s'!",
!nla[IPSET_ATTR_TYPENAME] ? "typename" :
@@ -1136,7 +1137,7 @@ callback_type(struct ipset_session *session, struct nlattr *nla[])
FAILURE("Broken TYPE kernel message: sent typename `%s' "
"does not match with received one `%s'!",
orig, typename);
-
+
ATTR2DATA(session, nla, IPSET_ATTR_TYPENAME, cmd_attrs);
ATTR2DATA(session, nla, IPSET_ATTR_REVISION, cmd_attrs);
ATTR2DATA(session, nla, IPSET_ATTR_FAMILY, cmd_attrs);
@@ -1160,7 +1161,7 @@ mnl_attr_parse_dbg(const struct nlmsghdr *nlh, int offset,
int ret = MNL_CB_OK;
struct nlattr *attr = mnl_nlmsg_get_payload_offset(nlh, offset);
int len = nlh->nlmsg_len - MNL_NLMSG_HDRLEN - MNL_ALIGN(offset);
-
+
while (mnl_attr_ok(attr, len)) {
D("attr: type %u, attrlen %u, len %u",
mnl_attr_get_type(attr), attr->nla_len, len);
@@ -1179,7 +1180,7 @@ callback_data(const struct nlmsghdr *nlh, void *data)
struct nlattr *nla[IPSET_ATTR_CMD_MAX+1] = {};
uint8_t proto, cmd;
int ret = MNL_CB_OK, nfmsglen = MNL_ALIGN(sizeof(struct nfgenmsg));
-
+
D("called, nlmsg_len %u", nlh->nlmsg_len);
cmd = ipset_get_nlmsg_type(nlh);
if (cmd == IPSET_CMD_LIST && session->cmd == IPSET_CMD_SAVE)
@@ -1199,8 +1200,8 @@ callback_data(const struct nlmsghdr *nlh, void *data)
if (!nla[IPSET_ATTR_PROTOCOL])
FAILURE("Sad, sad day: kernel message %s "
- "does not carry the protocol version.",
- cmd2name[cmd]);
+ "does not carry the protocol version.",
+ cmd2name[cmd]);
proto = mnl_attr_get_u8(nla[IPSET_ATTR_PROTOCOL]);
@@ -1245,8 +1246,8 @@ callback_done(const struct nlmsghdr *nlh UNUSED, void *data)
D(" called");
if (session->cmd == IPSET_CMD_LIST || session->cmd == IPSET_CMD_SAVE)
- return print_set_done(session);
-
+ return print_set_done(session);
+
FAILURE("Invalid message received in non LIST or SAVE state.");
}
@@ -1258,10 +1259,10 @@ decode_errmsg(struct ipset_session *session, const struct nlmsghdr *nlh)
struct nlattr *nla[IPSET_ATTR_CMD_MAX+1] = {};
enum ipset_cmd cmd;
int nfmsglen = MNL_ALIGN(sizeof(struct nfgenmsg));
-
- if (nlh->nlmsg_len < (uint32_t) MNL_ALIGN(sizeof(struct nlmsgerr))
- || nlh->nlmsg_len < MNL_ALIGN(sizeof(struct nlmsgerr))
- + msg->nlmsg_len)
+
+ if (nlh->nlmsg_len < (uint32_t) MNL_ALIGN(sizeof(struct nlmsgerr)) ||
+ nlh->nlmsg_len < MNL_ALIGN(sizeof(struct nlmsgerr))
+ + msg->nlmsg_len)
FAILURE("Broken error report message received.");
cmd = ipset_get_nlmsg_type(msg);
@@ -1281,15 +1282,15 @@ decode_errmsg(struct ipset_session *session, const struct nlmsghdr *nlh)
FAILURE("Broken %s error report message: "
"missing protocol attribute",
cmd2name[cmd]);
-
+
if (nla[IPSET_ATTR_LINENO]) {
session->lineno = mnl_attr_get_u32(nla[IPSET_ATTR_LINENO]);
if (nla[IPSET_ATTR_LINENO]->nla_type & NLA_F_NET_BYTEORDER)
session->lineno = ntohl(session->lineno);
}
-
+
return ipset_errcode(session, cmd, -err->error);
-}
+}
static int
callback_error(const struct nlmsghdr *nlh, void *cbdata)
@@ -1322,16 +1323,20 @@ callback_error(const struct nlmsghdr *nlh, void *cbdata)
break;
case IPSET_CMD_RENAME:
ipset_cache_rename(ipset_data_setname(data),
- ipset_data_get(data, IPSET_OPT_SETNAME2));
+ ipset_data_get(data,
+ IPSET_OPT_SETNAME2));
break;
case IPSET_CMD_SWAP:
ipset_cache_swap(ipset_data_setname(data),
- ipset_data_get(data, IPSET_OPT_SETNAME2));
+ ipset_data_get(data,
+ IPSET_OPT_SETNAME2));
break;
case IPSET_CMD_TEST:
if (!(session->envopts & IPSET_ENV_QUIET)) {
- ipset_print_elem(session->report, IPSET_ERRORBUFLEN,
- session->data, IPSET_OPT_NONE, 0);
+ ipset_print_elem(session->report,
+ IPSET_ERRORBUFLEN,
+ session->data,
+ IPSET_OPT_NONE, 0);
ipset_warn(session, " is in set %s.",
ipset_data_setname(data));
}
@@ -1345,7 +1350,8 @@ callback_error(const struct nlmsghdr *nlh, void *cbdata)
print_set_done(session);
break;
default:
- FAILURE("ACK message received to command %s[%u], which is not expected",
+ FAILURE("ACK message received to command %s[%u], "
+ "which is not expected",
session->cmd < IPSET_MSG_MAX
? cmd2name[session->cmd] : "unknown",
session->cmd);
@@ -1355,10 +1361,10 @@ callback_error(const struct nlmsghdr *nlh, void *cbdata)
D("nlmsgerr error: %u", -err->error);
/* Error messages */
-
+
/* Special case for IPSET_CMD_TEST */
- if (session->cmd == IPSET_CMD_TEST
- && err->error == -IPSET_ERR_EXIST) {
+ if (session->cmd == IPSET_CMD_TEST &&
+ err->error == -IPSET_ERR_EXIST) {
if (!(session->envopts & IPSET_ENV_QUIET)) {
ipset_print_elem(session->report, IPSET_ERRORBUFLEN,
session->data, IPSET_OPT_NONE, 0);
@@ -1369,7 +1375,7 @@ callback_error(const struct nlmsghdr *nlh, void *cbdata)
}
decode_errmsg(session, nlh);
-
+
return ret;
}
@@ -1423,7 +1429,8 @@ attr_len(const struct ipset_attr_policy *attr, uint8_t family, uint16_t *flags)
}
#define BUFFER_FULL(bufsize, nlmsg_len, nestlen, attrlen) \
-(nlmsg_len + nestlen + MNL_ATTR_HDRLEN + MNL_ALIGN(alen) + MNL_ALIGN(sizeof(struct nlmsgerr)) > bufsize)
+(nlmsg_len + nestlen + MNL_ATTR_HDRLEN + MNL_ALIGN(alen) + \
+ MNL_ALIGN(sizeof(struct nlmsgerr)) > bufsize)
static int
rawdata2attr(struct ipset_session *session, struct nlmsghdr *nlh,
@@ -1443,14 +1450,15 @@ rawdata2attr(struct ipset_session *session, struct nlmsghdr *nlh,
: IPSET_ATTR_IPADDR_IPV6;
alen = attr_len(attr, family, &flags);
- if (BUFFER_FULL(session->bufsize, nlh->nlmsg_len, MNL_ATTR_HDRLEN, alen))
+ if (BUFFER_FULL(session->bufsize, nlh->nlmsg_len,
+ MNL_ATTR_HDRLEN, alen))
return 1;
nested = mnl_attr_nest_start(nlh, type);
D("family: %s", family == AF_INET ? "INET" :
family == AF_INET6 ? "INET6" : "UNSPEC");
mnl_attr_put(nlh, atype | flags, alen, d);
mnl_attr_nest_end(nlh, nested);
-
+
return 0;
}
@@ -1464,20 +1472,20 @@ rawdata2attr(struct ipset_session *session, struct nlmsghdr *nlh,
break;
case MNL_TYPE_U32: {
uint32_t value = htonl(*(const uint32_t *)d);
-
+
d = &value;
break;
}
case MNL_TYPE_U16: {
uint16_t value = htons(*(const uint16_t *)d);
-
+
d = &value;
break;
}
default:
break;
}
-
+
mnl_attr_put(nlh, type | flags, alen, d);
return 0;
@@ -1504,7 +1512,7 @@ data2attr(struct ipset_session *session, struct nlmsghdr *nlh,
data2attr(session, nlh, data, IPSET_ATTR_SETNAME, AF_INET, cmd_attrs)
#define ADDATTR_IF(session, nlh, data, type, family, attrs) \
- ipset_data_test(data, attrs[type].opt) ? \
+ ipset_data_test(data, attrs[type].opt) ? \
data2attr(session, nlh, data, type, family, attrs) : 0
#define ADDATTR_RAW(session, nlh, data, type, attrs) \
@@ -1525,7 +1533,7 @@ addattr_adt(struct ipset_session *session,
struct nlmsghdr *nlh, struct ipset_data *data, uint8_t family)
{
int i;
-
+
for (i = IPSET_ATTR_UNSPEC + 1; i <= IPSET_ATTR_ADT_MAX; i++)
if (ADDATTR_IF(session, nlh, data, i, family, adt_attrs))
return 1;
@@ -1545,7 +1553,7 @@ build_send_private_msg(struct ipset_session *session, enum ipset_cmd cmd)
/* Initialize header */
session->transport->fill_hdr(session->handle, cmd, buffer, len, 0);
-
+
ADDATTR_PROTOCOL(nlh);
switch (cmd) {
@@ -1563,9 +1571,11 @@ build_send_private_msg(struct ipset_session *session, enum ipset_cmd cmd)
return ipset_err(session,
"Invalid internal TYPE command: "
"missing settype");
- ADDATTR(session, nlh, data, IPSET_ATTR_TYPENAME, AF_INET, cmd_attrs);
+ ADDATTR(session, nlh, data, IPSET_ATTR_TYPENAME,
+ AF_INET, cmd_attrs);
if (ipset_data_test(data, IPSET_OPT_FAMILY))
- ADDATTR(session, nlh, data, IPSET_ATTR_FAMILY, AF_INET, cmd_attrs);
+ ADDATTR(session, nlh, data, IPSET_ATTR_FAMILY,
+ AF_INET, cmd_attrs);
else
/* bitmap:port and list:set types */
mnl_attr_put_u8(nlh, IPSET_ATTR_FAMILY, AF_UNSPEC);
@@ -1586,10 +1596,10 @@ build_send_private_msg(struct ipset_session *session, enum ipset_cmd cmd)
static inline bool
may_aggregate_ad(struct ipset_session *session, enum ipset_cmd cmd)
{
- return session->lineno != 0
- && (cmd == IPSET_CMD_ADD || cmd == IPSET_CMD_DEL)
- && cmd == session->cmd
- && STREQ(ipset_data_setname(session->data), session->saved_setname);
+ return session->lineno != 0 &&
+ (cmd == IPSET_CMD_ADD || cmd == IPSET_CMD_DEL) &&
+ cmd == session->cmd &&
+ STREQ(ipset_data_setname(session->data), session->saved_setname);
}
static int
@@ -1622,12 +1632,13 @@ build_msg(struct ipset_session *session, bool aggregate)
if (!ipset_data_test(data, IPSET_OPT_TYPE))
return ipset_err(session,
"Invalid create command: missing settype");
-
+
type = ipset_data_get(data, IPSET_OPT_TYPE);
/* Core attributes:
* setname, typename, revision, family, flags (optional) */
ADDATTR_SETNAME(session, nlh, data);
- ADDATTR(session, nlh, data, IPSET_ATTR_TYPENAME, AF_INET, cmd_attrs);
+ ADDATTR(session, nlh, data, IPSET_ATTR_TYPENAME,
+ AF_INET, cmd_attrs);
ADDATTR_RAW(session, nlh, &type->revision,
IPSET_ATTR_REVISION, cmd_attrs);
D("family: %u, type family %u",
@@ -1655,7 +1666,7 @@ build_msg(struct ipset_session *session, bool aggregate)
break;
case IPSET_CMD_LIST: {
uint32_t flags = 0;
-
+
if (session->envopts & IPSET_ENV_LIST_SETNAME)
flags |= IPSET_FLAG_LIST_SETNAME;
if (session->envopts & IPSET_ENV_LIST_HEADER)
@@ -1674,13 +1685,16 @@ build_msg(struct ipset_session *session, bool aggregate)
if (!ipset_data_test(data, IPSET_SETNAME))
return ipset_err(session,
"Invalid %s command: missing from-setname",
- session->cmd == IPSET_CMD_SWAP ? "swap" : "rename");
+ session->cmd == IPSET_CMD_SWAP ? "swap" :
+ "rename");
if (!ipset_data_test(data, IPSET_OPT_SETNAME2))
return ipset_err(session,
"Invalid %s command: missing to-setname",
- session->cmd == IPSET_CMD_SWAP ? "swap" : "rename");
+ session->cmd == IPSET_CMD_SWAP ? "swap" :
+ "rename");
ADDATTR_SETNAME(session, nlh, data);
- ADDATTR_RAW(session, nlh, ipset_data_get(data, IPSET_OPT_SETNAME2),
+ ADDATTR_RAW(session, nlh,
+ ipset_data_get(data, IPSET_OPT_SETNAME2),
IPSET_ATTR_SETNAME2, cmd_attrs);
break;
case IPSET_CMD_ADD:
@@ -1692,12 +1706,14 @@ build_msg(struct ipset_session *session, bool aggregate)
if (!ipset_data_test(data, IPSET_SETNAME))
return ipset_err(session,
"Invalid %s command: missing setname",
- session->cmd == IPSET_CMD_ADD ? "add" : "del");
+ session->cmd == IPSET_CMD_ADD ? "add" :
+ "del");
if (!ipset_data_test(data, IPSET_OPT_TYPE))
return ipset_err(session,
"Invalid %s command: missing settype",
- session->cmd == IPSET_CMD_ADD ? "add" : "del");
+ session->cmd == IPSET_CMD_ADD ? "add" :
+ "del");
/* Core options: setname */
ADDATTR_SETNAME(session, nlh, data);
@@ -1715,11 +1731,12 @@ build_msg(struct ipset_session *session, bool aggregate)
D("open_nested failed");
return 1;
}
- if (addattr_adt(session, nlh, data, ipset_data_family(data))
- || ADDATTR_RAW(session, nlh, &session->lineno,
- IPSET_ATTR_LINENO, cmd_attrs)) {
+ if (addattr_adt(session, nlh, data, ipset_data_family(data)) ||
+ ADDATTR_RAW(session, nlh, &session->lineno,
+ IPSET_ATTR_LINENO, cmd_attrs)) {
/* Cancel last, unfinished nested attribute */
- mnl_attr_nest_cancel(nlh, session->nested[session->nestid-1]);
+ mnl_attr_nest_cancel(nlh,
+ session->nested[session->nestid-1]);
session->nested[--session->nestid] = NULL;
return 1;
}
@@ -1731,7 +1748,7 @@ build_msg(struct ipset_session *session, bool aggregate)
/* Return codes are not aggregated, so tests cannot be either */
/* Setname, type not checked/added yet */
-
+
if (!ipset_data_test(data, IPSET_SETNAME))
return ipset_err(session,
"Invalid test command: missing setname");
@@ -1739,7 +1756,7 @@ build_msg(struct ipset_session *session, bool aggregate)
if (!ipset_data_test(data, IPSET_OPT_TYPE))
return ipset_err(session,
"Invalid test command: missing settype");
-
+
type = ipset_data_get(data, IPSET_OPT_TYPE);
D("family: %u, type family %u",
ipset_data_family(data), type->family);
@@ -1773,7 +1790,8 @@ ipset_commit(struct ipset_session *session)
assert(session);
nlh = session->buffer;
- D("send buffer: len %u, cmd %s", nlh->nlmsg_len, cmd2name[session->cmd]);
+ D("send buffer: len %u, cmd %s",
+ nlh->nlmsg_len, cmd2name[session->cmd]);
if (nlh->nlmsg_len == 0)
/* Nothing to do */
return 0;
@@ -1802,7 +1820,7 @@ ipset_commit(struct ipset_session *session)
return -1;
else
return ipset_err(session,
- "Internal protocol error");
+ "Internal protocol error");
}
return 0;
}
@@ -1814,7 +1832,7 @@ static mnl_cb_t cb_ctl[] = {
[NLMSG_OVERRUN] = callback_noop,
[NLMSG_MIN_TYPE] = callback_data,
};
-
+
static inline struct ipset_handle *
init_transport(struct ipset_session *session)
{
@@ -1843,7 +1861,7 @@ ipset_cmd(struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno)
struct ipset_data *data;
bool aggregate = false;
int ret = -1;
-
+
assert(session);
if (cmd <= IPSET_CMD_NONE || cmd >= IPSET_MSG_MAX)
@@ -1863,9 +1881,9 @@ ipset_cmd(struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno)
}
/* Private commands */
- if (cmd == IPSET_CMD_TYPE || cmd == IPSET_CMD_HEADER)
+ if (cmd == IPSET_CMD_TYPE || cmd == IPSET_CMD_HEADER)
return build_send_private_msg(session, cmd);
-
+
/* Check aggregatable commands */
aggregate = may_aggregate_ad(session, cmd);
if (!aggregate) {
@@ -1878,7 +1896,7 @@ ipset_cmd(struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno)
/* Real command: update lineno too */
session->cmd = cmd;
session->lineno = lineno;
-
+
/* Set default output mode */
if (cmd == IPSET_CMD_LIST) {
if (session->mode == IPSET_LIST_NONE)
@@ -1906,8 +1924,8 @@ ipset_cmd(struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno)
/* We have to save the type for error handling */
session->saved_type = ipset_data_get(data, IPSET_OPT_TYPE);
- if (session->lineno != 0
- && (cmd == IPSET_CMD_ADD || cmd == IPSET_CMD_DEL)) {
+ if (session->lineno != 0 &&
+ (cmd == IPSET_CMD_ADD || cmd == IPSET_CMD_DEL)) {
/* Save setname for the next possible aggregated restore line */
strcpy(session->saved_setname, ipset_data_setname(data));
ipset_data_reset(data);
@@ -1916,7 +1934,7 @@ ipset_cmd(struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno)
goto cleanup;
}
- D("call commit");
+ D("call commit");
ret = ipset_commit(session);
cleanup:
@@ -1948,10 +1966,10 @@ ipset_session_init(ipset_outfn outfn)
/* The single transport method yet */
session->transport = &ipset_mnl_transport;
-
+
/* Output function */
session->outfn = outfn;
-
+
/* Initialize data structures */
session->data = ipset_data_init();
if (session->data == NULL)
@@ -1961,8 +1979,8 @@ ipset_session_init(ipset_outfn outfn)
return session;
free_session:
- free(session);
- return NULL;
+ free(session);
+ return NULL;
}
/**
diff --git a/lib/types.c b/lib/types.c
index c440993..7c16a30 100644
--- a/lib/types.c
+++ b/lib/types.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -28,8 +28,8 @@ struct ipset {
struct ipset *next;
};
-static struct ipset_type *typelist = NULL; /* registered set types */
-static struct ipset *setlist = NULL; /* cached sets */
+static struct ipset_type *typelist; /* registered set types */
+static struct ipset *setlist; /* cached sets */
/**
* ipset_cache_add - add a set to the cache
@@ -57,7 +57,7 @@ ipset_cache_add(const char *name, const struct ipset_type *type,
ipset_strlcpy(n->name, name, IPSET_MAXNAMELEN);
n->type = type;
n->family = family;
- n->next = NULL;
+ n->next = NULL;
if (setlist == NULL) {
setlist = n;
@@ -109,7 +109,7 @@ ipset_cache_del(const char *name)
}
if (match == NULL)
return -EEXIST;
-
+
free(match);
return 0;
}
@@ -168,7 +168,7 @@ ipset_cache_swap(const char *from, const char *to)
ipset_strlcpy(b->name, from, IPSET_MAXNAMELEN);
return 0;
}
-
+
return -EEXIST;
}
@@ -178,7 +178,7 @@ ipset_cache_swap(const char *from, const char *to)
bool
ipset_match_typename(const char *name, const struct ipset_type *type)
{
- const char * const * alias = type->alias;
+ const char * const *alias = type->alias;
if (STREQ(name, type->name))
return true;
@@ -189,7 +189,7 @@ ipset_match_typename(const char *name, const struct ipset_type *type)
alias++;
}
return false;
-}
+}
static inline const struct ipset_type *
create_type_get(struct ipset_session *session)
@@ -215,17 +215,17 @@ create_type_get(struct ipset_session *session)
if (ipset_match_typename(typename, t)
&& MATCH_FAMILY(t, family)) {
if (match == NULL) {
- match = t;
- tmin = tmax = t->revision;
+ match = t;
+ tmin = tmax = t->revision;
} else if (t->family == match->family)
tmin = t->revision;
- }
+ }
}
if (!match)
return ipset_errptr(session,
"Syntax error: unknown settype %s",
typename);
-
+
/* Family is unspecified yet: set from matching set type */
if (family == AF_UNSPEC && match->family != AF_UNSPEC) {
family = match->family == AF_INET46 ? AF_INET : match->family;
@@ -240,9 +240,11 @@ create_type_get(struct ipset_session *session)
if (ret != 0)
return NULL;
- kmin = kmax = *(const uint8_t *)ipset_data_get(data, IPSET_OPT_REVISION);
+ kmin = kmax = *(const uint8_t *)ipset_data_get(data,
+ IPSET_OPT_REVISION);
if (ipset_data_test(data, IPSET_OPT_REVISION_MIN))
- kmin = *(const uint8_t *)ipset_data_get(data, IPSET_OPT_REVISION_MIN);
+ kmin = *(const uint8_t *)ipset_data_get(data,
+ IPSET_OPT_REVISION_MIN);
if (MAX(tmin, kmin) > MIN(tmax, kmax)) {
if (kmin > tmax)
@@ -266,7 +268,7 @@ create_type_get(struct ipset_session *session)
family == AF_INET6 ? "INET6" : "UNSPEC",
kmax, tmin);
}
-
+
/* Disable unsupported revisions */
for (match = NULL, t = typelist; t != NULL; t = t->next) {
/* Skip revisions which are unsupported by the kernel */
@@ -274,16 +276,16 @@ create_type_get(struct ipset_session *session)
continue;
if (ipset_match_typename(typename, t)
&& MATCH_FAMILY(t, family)) {
- if (t->revision < kmin || t->revision > kmax)
- t->kernel_check = IPSET_KERNEL_MISMATCH;
+ if (t->revision < kmin || t->revision > kmax)
+ t->kernel_check = IPSET_KERNEL_MISMATCH;
else if (match == NULL)
- match = t;
- }
+ match = t;
+ }
}
match->kernel_check = IPSET_KERNEL_OK;
found:
ipset_data_set(data, IPSET_OPT_TYPE, match);
-
+
return match;
}
@@ -327,7 +329,7 @@ adt_type_get(struct ipset_session *session)
return NULL;
typename = ipset_data_get(data, IPSET_OPT_TYPENAME);
- revision = ipset_data_get(data, IPSET_OPT_REVISION);
+ revision = ipset_data_get(data, IPSET_OPT_REVISION);
family = ipset_data_family(data);
/* Check registered types */
@@ -542,7 +544,7 @@ void
ipset_cache_fini(void)
{
struct ipset *set;
-
+
while (setlist) {
set = setlist;
setlist = setlist->next;
diff --git a/src/errcode.c b/src/errcode.c
index 9d5f226..1ce5c00 100644
--- a/src/errcode.c
+++ b/src/errcode.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -70,7 +70,7 @@ static const struct ipset_errcode_table core_errcode_table[] = {
"An IPv4 address is expected, but not received" },
{ IPSET_ERR_IPADDR_IPV6, 0,
"An IPv6 address is expected, but not received" },
-
+
/* ADD specific error codes */
{ IPSET_ERR_EXIST, IPSET_CMD_ADD,
"Element cannot be added to the set: it's already added" },
@@ -157,10 +157,10 @@ ipset_errcode(struct ipset_session *session, enum ipset_cmd cmd, int errcode)
{
const struct ipset_errcode_table *table = core_errcode_table;
int i, generic;
-
+
if (errcode >= IPSET_ERR_TYPE_SPECIFIC) {
const struct ipset_type *type;
-
+
type = ipset_saved_type(session);
if (type) {
if (MATCH_TYPENAME(type->name, "bitmap:"))
@@ -174,11 +174,11 @@ ipset_errcode(struct ipset_session *session, enum ipset_cmd cmd, int errcode)
retry:
for (i = 0, generic = -1; table[i].errcode; i++) {
- if (table[i].errcode == errcode
- && (table[i].cmd == cmd || table[i].cmd == 0)) {
- if (table[i].cmd == 0) {
- generic = i;
- continue;
+ if (table[i].errcode == errcode &&
+ (table[i].cmd == cmd || table[i].cmd == 0)) {
+ if (table[i].cmd == 0) {
+ generic = i;
+ continue;
}
return ipset_err(session, table[i].message);
}
diff --git a/src/ipset.c b/src/ipset.c
index 032564c..358befe 100644
--- a/src/ipset.c
+++ b/src/ipset.c
@@ -2,8 +2,8 @@
* Patrick Schaaf (bof@bof.de)
* Copyright 2003-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <ctype.h> /* isspace */
@@ -26,12 +26,12 @@
static char program_name[] = PACKAGE;
static char program_version[] = PACKAGE_VERSION;
-static struct ipset_session *session = NULL;
-static uint32_t restore_line = 0;
-static bool interactive = false;
+static struct ipset_session *session;
+static uint32_t restore_line;
+static bool interactive;
static char cmdline[1024];
static char *newargv[255];
-static int newargc = 0;
+static int newargc;
/* The known set types: (typename, revision, family) is unique */
extern struct ipset_type ipset_bitmap_ip0;
@@ -57,12 +57,12 @@ enum exittype {
SESSION_PROBLEM,
};
-static int __attribute__((format(printf,2,3)))
+static int __attribute__((format(printf, 2, 3)))
exit_error(int status, const char *msg, ...)
{
- bool quiet = !interactive
- && session
- && ipset_envopt_test(session, IPSET_ENV_QUIET);
+ bool quiet = !interactive &&
+ session &&
+ ipset_envopt_test(session, IPSET_ENV_QUIET);
if (status && msg && !quiet) {
va_list args;
@@ -98,8 +98,8 @@ exit_error(int status, const char *msg, ...)
static int
handle_error(void)
{
- if (ipset_session_warning(session)
- && !ipset_envopt_test(session, IPSET_ENV_QUIET))
+ if (ipset_session_warning(session) &&
+ !ipset_envopt_test(session, IPSET_ENV_QUIET))
fprintf(stderr, "Warning: %s\n",
ipset_session_warning(session));
if (ipset_session_error(session))
@@ -111,7 +111,7 @@ handle_error(void)
exit(OTHER_PROBLEM);
}
- ipset_session_report_reset(session);
+ ipset_session_report_reset(session);
return -1;
}
@@ -120,16 +120,15 @@ help(void)
{
const struct ipset_commands *c;
const struct ipset_envopts *opt = ipset_envopts;
-
+
printf("%s v%s\n\n"
"Usage: %s [options] COMMAND\n\nCommands:\n",
program_name, program_version, program_name);
- for (c = ipset_commands; c->cmd; c++) {
+ for (c = ipset_commands; c->cmd; c++)
printf("%s %s\n", c->name[0], c->help);
- }
printf("\nOptions:\n");
-
+
while (opt->flag) {
if (opt->help)
printf("%s %s\n", opt->name[0], opt->help);
@@ -144,7 +143,7 @@ build_argv(char *buffer)
char *ptr;
int i;
- /* Reset */
+ /* Reset */
for (i = 1; i < newargc; i++)
newargv[i] = NULL;
newargc = 1;
@@ -173,7 +172,7 @@ restore(char *argv0)
{
int ret = 0;
char *c;
-
+
/* Initialize newargv/newargc */
newargc = 0;
newargv[newargc++] = argv0;
@@ -193,7 +192,7 @@ restore(char *argv0)
}
/* Build faked argv, argc */
build_argv(c);
-
+
/* Execute line */
ret = parse_commandline(newargc, newargv);
if (ret < 0)
@@ -213,7 +212,7 @@ call_parser(int *argc, char *argv[], const struct ipset_arg *args)
int ret = 0;
const struct ipset_arg *arg;
const char *optstr;
-
+
/* Currently CREATE and ADT may have got additional arguments */
if (!args && *argc > 1)
goto err_unknown;
@@ -237,7 +236,8 @@ call_parser(int *argc, char *argv[], const struct ipset_arg *args)
/* Fall through */
case IPSET_OPTIONAL_ARG:
if (*argc >= 2) {
- ret = ipset_call_parser(session, arg, argv[1]);
+ ret = ipset_call_parser(session,
+ arg, argv[1]);
if (ret < 0)
return ret;
ipset_shift_argv(argc, argv, 1);
@@ -263,7 +263,7 @@ err_unknown:
static enum ipset_adt
cmd2cmd(int cmd)
{
- switch(cmd) {
+ switch (cmd) {
case IPSET_CMD_ADD:
return IPSET_ADD;
case IPSET_CMD_DEL:
@@ -343,15 +343,15 @@ check_allowed(const struct ipset_type *type, enum ipset_cmd command)
? IPSET_CREATE_FLAGS : IPSET_ADT_FLAGS;
const struct ipset_arg *arg = type->args[cmd];
enum ipset_opt i;
-
+
/* Range can be expressed by ip/cidr or from-to */
if (allowed & IPSET_FLAG(IPSET_OPT_IP_TO))
allowed |= IPSET_FLAG(IPSET_OPT_CIDR);
for (i = IPSET_OPT_IP; i < IPSET_OPT_FLAGS; i++) {
- if (!(cmdflags & IPSET_FLAG(i))
- || (allowed & IPSET_FLAG(i))
- || !(flags & IPSET_FLAG(i)))
+ if (!(cmdflags & IPSET_FLAG(i)) ||
+ (allowed & IPSET_FLAG(i)) ||
+ !(flags & IPSET_FLAG(i)))
continue;
/* Not allowed element-expressions */
switch (i) {
@@ -359,19 +359,22 @@ check_allowed(const struct ipset_type *type, enum ipset_cmd command)
exit_error(OTHER_PROBLEM,
"IP/CIDR range is not allowed in command %s "
"with set type %s and family %s",
- cmd2name(command), type->name, session_family());
+ cmd2name(command), type->name,
+ session_family());
return;
case IPSET_OPT_IP_TO:
exit_error(OTHER_PROBLEM,
"FROM-TO IP range is not allowed in command %s "
"with set type %s and family %s",
- cmd2name(command), type->name, session_family());
+ cmd2name(command), type->name,
+ session_family());
return;
case IPSET_OPT_PORT_TO:
exit_error(OTHER_PROBLEM,
"FROM-TO port range is not allowed in command %s "
"with set type %s and family %s",
- cmd2name(command), type->name, session_family());
+ cmd2name(command), type->name,
+ session_family());
return;
default:
break;
@@ -391,7 +394,8 @@ check_allowed(const struct ipset_type *type, enum ipset_cmd command)
"%s parameter is not allowed in command %s "
"with set type %s and family %s",
arg->name[0],
- cmd2name(command), type->name, session_family());
+ cmd2name(command), type->name,
+ session_family());
return;
}
exit_error(OTHER_PROBLEM,
@@ -406,7 +410,7 @@ static const struct ipset_type *
type_find(const char *name)
{
const struct ipset_type *t = ipset_types();
-
+
while (t) {
if (ipset_match_typename(name, t))
return t;
@@ -477,10 +481,10 @@ parse_commandline(int argc, char *argv[])
if (!ipset_match_cmd(argv[1], command->name))
continue;
- if (restore_line != 0
- && (command->cmd == IPSET_CMD_RESTORE
- || command->cmd == IPSET_CMD_VERSION
- || command->cmd == IPSET_CMD_HELP))
+ if (restore_line != 0 &&
+ (command->cmd == IPSET_CMD_RESTORE ||
+ command->cmd == IPSET_CMD_VERSION ||
+ command->cmd == IPSET_CMD_HELP))
return exit_error(PARAMETER_PROBLEM,
"Command `%s' is invalid "
"in restore mode.",
@@ -565,9 +569,9 @@ parse_commandline(int argc, char *argv[])
case IPSET_CMD_HELP:
help();
- if (interactive
- || !ipset_envopt_test(session, IPSET_ENV_QUIET)) {
- if (arg0) {
+ if (interactive ||
+ !ipset_envopt_test(session, IPSET_ENV_QUIET)) {
+ if (arg0) {
/* Type-specific help, without kernel checking */
type = type_find(arg0);
if (!type)
@@ -597,7 +601,7 @@ parse_commandline(int argc, char *argv[])
printf(" %s\n", type->name);
type = type->next;
}
- }
+ }
}
if (interactive)
return 0;
@@ -607,7 +611,7 @@ parse_commandline(int argc, char *argv[])
default:
break;
}
-
+
/* Forth: parse command args and issue the command */
switch (cmd) {
case IPSET_CMD_CREATE:
@@ -630,11 +634,11 @@ parse_commandline(int argc, char *argv[])
return handle_error();
else if (ret)
return ret;
-
+
/* Check mandatory, then allowed options */
check_mandatory(type, cmd);
check_allowed(type, cmd);
-
+
break;
case IPSET_CMD_DESTROY:
case IPSET_CMD_FLUSH:
@@ -678,22 +682,22 @@ parse_commandline(int argc, char *argv[])
type = ipset_type_get(session, cmd);
if (type == NULL)
return handle_error();
-
+
ret = ipset_parse_elem(session, type->last_elem_optional, arg1);
if (ret < 0)
return handle_error();
-
+
/* Parse additional ADT options */
ret = call_parser(&argc, argv, type->args[cmd2cmd(cmd)]);
if (ret < 0)
return handle_error();
else if (ret)
return ret;
-
+
/* Check mandatory, then allowed options */
check_mandatory(type, cmd);
check_allowed(type, cmd);
-
+
break;
default:
break;
@@ -744,8 +748,8 @@ main(int argc, char *argv[])
"Cannot initialize ipset session, aborting.");
ret = parse_commandline(argc, argv);
-
+
ipset_session_fini(session);
-
+
return ret;
}
diff --git a/src/ipset_bitmap_ip.c b/src/ipset_bitmap_ip.c
index 4194875..e73bc7c 100644
--- a/src/ipset_bitmap_ip.c
+++ b/src/ipset_bitmap_ip.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -37,7 +37,7 @@ static const struct ipset_arg bitmap_ip_create_args[] = {
.parse = ipset_parse_net,
},
{ },
-};
+};
static const struct ipset_arg bitmap_ip_add_args[] = {
{ .name = { "timeout", NULL },
@@ -45,7 +45,7 @@ static const struct ipset_arg bitmap_ip_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char bitmap_ip_usage[] =
"create SETNAME bitmap:ip range IP/CIDR|FROM-TO\n"
@@ -62,8 +62,8 @@ struct ipset_type ipset_bitmap_ip0 = {
.revision = 0,
.family = AF_INET,
.dimension = IPSET_DIM_ONE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
diff --git a/src/ipset_bitmap_ipmac.c b/src/ipset_bitmap_ipmac.c
index 8f2cb72..f47f25d 100644
--- a/src/ipset_bitmap_ipmac.c
+++ b/src/ipset_bitmap_ipmac.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -33,7 +33,7 @@ static const struct ipset_arg bitmap_ipmac_create_args[] = {
.parse = ipset_parse_net,
},
{ },
-};
+};
static const struct ipset_arg bitmap_ipmac_add_args[] = {
{ .name = { "timeout", NULL },
@@ -41,7 +41,7 @@ static const struct ipset_arg bitmap_ipmac_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char bitmap_ipmac_usage[] =
"create SETNAME bitmap:ip,mac range IP/CIDR|FROM-TO\n"
@@ -60,13 +60,13 @@ struct ipset_type ipset_bitmap_ipmac0 = {
.family = AF_INET,
.dimension = IPSET_DIM_TWO,
.last_elem_optional = true,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_single_ip,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_ether,
.print = ipset_print_ether,
.opt = IPSET_OPT_ETHER
diff --git a/src/ipset_bitmap_port.c b/src/ipset_bitmap_port.c
index 82b98a4..c8c6e1f 100644
--- a/src/ipset_bitmap_port.c
+++ b/src/ipset_bitmap_port.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -29,7 +29,7 @@ static const struct ipset_arg bitmap_port_create_args[] = {
.parse = ipset_parse_single_tcp_port,
},
{ },
-};
+};
static const struct ipset_arg bitmap_port_add_args[] = {
{ .name = { "timeout", NULL },
@@ -37,7 +37,7 @@ static const struct ipset_arg bitmap_port_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char bitmap_port_usage[] =
"create SETNAME bitmap:port range FROM-TO\n"
@@ -53,8 +53,8 @@ struct ipset_type ipset_bitmap_port0 = {
.revision = 0,
.family = AF_UNSPEC,
.dimension = IPSET_DIM_ONE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_tcp_port,
.print = ipset_print_port,
.opt = IPSET_OPT_PORT
diff --git a/src/ipset_hash_ip.c b/src/ipset_hash_ip.c
index 6926644..315804a 100644
--- a/src/ipset_hash_ip.c
+++ b/src/ipset_hash_ip.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -63,7 +63,7 @@ static const struct ipset_arg hash_ip_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char hash_ip_usage[] =
"create SETNAME hash:ip\n"
@@ -85,8 +85,8 @@ struct ipset_type ipset_hash_ip0 = {
.revision = 0,
.family = AF_INET46,
.dimension = IPSET_DIM_ONE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_single6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
diff --git a/src/ipset_hash_ipport.c b/src/ipset_hash_ipport.c
index 58ea76c..b5bd41b 100644
--- a/src/ipset_hash_ipport.c
+++ b/src/ipset_hash_ipport.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -60,7 +60,7 @@ static const struct ipset_arg hash_ipport_create_args[] = {
.parse = ipset_parse_ignored,
},
{ },
-};
+};
static const struct ipset_arg hash_ipport_add_args[] = {
{ .name = { "timeout", NULL },
@@ -68,7 +68,7 @@ static const struct ipset_arg hash_ipport_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char hash_ipport1_usage[] =
"create SETNAME hash:ip,port\n"
@@ -91,13 +91,13 @@ struct ipset_type ipset_hash_ipport1 = {
.revision = 1,
.family = AF_INET46,
.dimension = IPSET_DIM_TWO,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_single6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_proto_port,
.print = ipset_print_proto_port,
.opt = IPSET_OPT_PORT
diff --git a/src/ipset_hash_ipportip.c b/src/ipset_hash_ipportip.c
index 2f310ea..b27cebf 100644
--- a/src/ipset_hash_ipportip.c
+++ b/src/ipset_hash_ipportip.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -60,7 +60,7 @@ static const struct ipset_arg hash_ipportip_create_args[] = {
.parse = ipset_parse_ignored,
},
{ },
-};
+};
static const struct ipset_arg hash_ipportip_add_args[] = {
{ .name = { "timeout", NULL },
@@ -68,7 +68,7 @@ static const struct ipset_arg hash_ipportip_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char hash_ipportip1_usage[] =
"create SETNAME hash:ip,port,ip\n"
@@ -91,18 +91,18 @@ struct ipset_type ipset_hash_ipportip1 = {
.revision = 1,
.family = AF_INET46,
.dimension = IPSET_DIM_THREE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_single6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_proto_port,
.print = ipset_print_proto_port,
.opt = IPSET_OPT_PORT
},
- [IPSET_DIM_THREE] = {
+ [IPSET_DIM_THREE] = {
.parse = ipset_parse_single_ip,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP2
diff --git a/src/ipset_hash_ipportnet.c b/src/ipset_hash_ipportnet.c
index c2eece8..ecab191 100644
--- a/src/ipset_hash_ipportnet.c
+++ b/src/ipset_hash_ipportnet.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -60,7 +60,7 @@ static const struct ipset_arg hash_ipportnet_create_args[] = {
.parse = ipset_parse_ignored,
},
{ },
-};
+};
static const struct ipset_arg hash_ipportnet_add_args[] = {
{ .name = { "timeout", NULL },
@@ -68,7 +68,7 @@ static const struct ipset_arg hash_ipportnet_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char hash_ipportnet1_usage[] =
"create SETNAME hash:ip,port,net\n"
@@ -92,18 +92,18 @@ struct ipset_type ipset_hash_ipportnet1 = {
.revision = 1,
.family = AF_INET46,
.dimension = IPSET_DIM_THREE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_single6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_proto_port,
.print = ipset_print_proto_port,
.opt = IPSET_OPT_PORT
},
- [IPSET_DIM_THREE] = {
+ [IPSET_DIM_THREE] = {
.parse = ipset_parse_ipnet,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP2
@@ -182,18 +182,18 @@ struct ipset_type ipset_hash_ipportnet2 = {
.revision = 2,
.family = AF_INET46,
.dimension = IPSET_DIM_THREE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_single6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_proto_port,
.print = ipset_print_proto_port,
.opt = IPSET_OPT_PORT
},
- [IPSET_DIM_THREE] = {
+ [IPSET_DIM_THREE] = {
.parse = ipset_parse_ip4_net6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP2
diff --git a/src/ipset_hash_net.c b/src/ipset_hash_net.c
index 9c0a6ca..665c398 100644
--- a/src/ipset_hash_net.c
+++ b/src/ipset_hash_net.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -47,7 +47,7 @@ static const struct ipset_arg hash_net_create_args[] = {
.parse = ipset_parse_ignored, .print = ipset_print_number,
},
{ },
-};
+};
static const struct ipset_arg hash_net_add_args[] = {
{ .name = { "timeout", NULL },
@@ -55,7 +55,7 @@ static const struct ipset_arg hash_net_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char hash_net0_usage[] =
"create SETNAME hash:net\n"
@@ -75,8 +75,8 @@ struct ipset_type ipset_hash_net0 = {
.revision = 0,
.family = AF_INET46,
.dimension = IPSET_DIM_ONE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ipnet,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
@@ -127,8 +127,8 @@ struct ipset_type ipset_hash_net1 = {
.revision = 1,
.family = AF_INET46,
.dimension = IPSET_DIM_ONE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_net6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
diff --git a/src/ipset_hash_netiface.c b/src/ipset_hash_netiface.c
index bac860b..2fbe27d 100644
--- a/src/ipset_hash_netiface.c
+++ b/src/ipset_hash_netiface.c
@@ -1,7 +1,7 @@
/* Copyright 2011 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -39,7 +39,7 @@ static const struct ipset_arg hash_netiface_create_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const struct ipset_arg hash_netiface_add_args[] = {
{ .name = { "timeout", NULL },
@@ -47,7 +47,7 @@ static const struct ipset_arg hash_netiface_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char hash_netiface_usage[] =
"create SETNAME hash:net,iface\n"
@@ -68,13 +68,13 @@ struct ipset_type ipset_hash_netiface0 = {
.revision = 0,
.family = AF_INET46,
.dimension = IPSET_DIM_TWO,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_net6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_iface,
.print = ipset_print_iface,
.opt = IPSET_OPT_IFACE
diff --git a/src/ipset_hash_netport.c b/src/ipset_hash_netport.c
index 7964319..480dd84 100644
--- a/src/ipset_hash_netport.c
+++ b/src/ipset_hash_netport.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -39,7 +39,7 @@ static const struct ipset_arg hash_netport_create_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const struct ipset_arg hash_netport_add_args[] = {
{ .name = { "timeout", NULL },
@@ -47,7 +47,7 @@ static const struct ipset_arg hash_netport_add_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const char hash_netport1_usage[] =
"create SETNAME hash:net,port\n"
@@ -69,13 +69,13 @@ struct ipset_type ipset_hash_netport1 = {
.revision = 1,
.family = AF_INET46,
.dimension = IPSET_DIM_TWO,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ipnet,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_proto_port,
.print = ipset_print_proto_port,
.opt = IPSET_OPT_PORT
@@ -143,13 +143,13 @@ struct ipset_type ipset_hash_netport2 = {
.revision = 2,
.family = AF_INET46,
.dimension = IPSET_DIM_TWO,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_ip4_net6,
.print = ipset_print_ip,
.opt = IPSET_OPT_IP
},
- [IPSET_DIM_TWO] = {
+ [IPSET_DIM_TWO] = {
.parse = ipset_parse_proto_port,
.print = ipset_print_proto_port,
.opt = IPSET_OPT_PORT
diff --git a/src/ipset_list_set.c b/src/ipset_list_set.c
index 7e7ddff..f3fa6df 100644
--- a/src/ipset_list_set.c
+++ b/src/ipset_list_set.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <libipset/data.h> /* IPSET_OPT_* */
@@ -20,7 +20,7 @@ static const struct ipset_arg list_set_create_args[] = {
.parse = ipset_parse_uint32, .print = ipset_print_number,
},
{ },
-};
+};
static const struct ipset_arg list_set_adt_args[] = {
{ .name = { "timeout", NULL },
@@ -36,7 +36,7 @@ static const struct ipset_arg list_set_adt_args[] = {
.parse = ipset_parse_after,
},
{ },
-};
+};
static const char list_set_usage[] =
"create SETNAME list:set\n"
@@ -52,8 +52,8 @@ struct ipset_type ipset_list_set0 = {
.revision = 0,
.family = AF_UNSPEC,
.dimension = IPSET_DIM_ONE,
- .elem = {
- [IPSET_DIM_ONE] = {
+ .elem = {
+ [IPSET_DIM_ONE] = {
.parse = ipset_parse_setname,
.print = ipset_print_name,
.opt = IPSET_OPT_NAME
diff --git a/src/ui.c b/src/ui.c
index c603c53..2c4884d 100644
--- a/src/ui.c
+++ b/src/ui.c
@@ -1,7 +1,7 @@
/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <assert.h> /* assert */
@@ -35,91 +35,91 @@ const struct ipset_commands ipset_commands[] = {
.name = { "add", NULL },
.has_arg = IPSET_MANDATORY_ARG2,
.help = "SETNAME ENTRY\n"
- " Add entry to the named set",
+ " Add entry to the named set",
},
{ /* d[el], --del, -D */
.cmd = IPSET_CMD_DEL,
.name = { "del", NULL },
.has_arg = IPSET_MANDATORY_ARG2,
.help = "SETNAME ENTRY\n"
- " Delete entry from the named set",
+ " Delete entry from the named set",
},
{ /* t[est], --test, -T */
.cmd = IPSET_CMD_TEST,
.name = { "test", NULL },
.has_arg = IPSET_MANDATORY_ARG2,
.help = "SETNAME ENTRY\n"
- " Test entry in the named set",
+ " Test entry in the named set",
},
{ /* des[troy], --destroy, x, -X */
.cmd = IPSET_CMD_DESTROY,
.name = { "destroy", "x" },
.has_arg = IPSET_OPTIONAL_ARG,
.help = "[SETNAME]\n"
- " Destroy a named set or all sets",
+ " Destroy a named set or all sets",
},
{ /* l[ist], --list, -L */
.cmd = IPSET_CMD_LIST,
.name = { "list", NULL },
.has_arg = IPSET_OPTIONAL_ARG,
.help = "[SETNAME]\n"
- " List the entries of a named set or all sets",
+ " List the entries of a named set or all sets",
},
{ /* s[save], --save, -S */
.cmd = IPSET_CMD_SAVE,
.name = { "save", NULL },
.has_arg = IPSET_OPTIONAL_ARG,
.help = "[SETNAME]\n"
- " Save the named set or all sets to stdout",
+ " Save the named set or all sets to stdout",
},
{ /* r[estore], --restore, -R */
.cmd = IPSET_CMD_RESTORE,
.name = { "restore", NULL },
.has_arg = IPSET_NO_ARG,
.help = "\n"
- " Restore a saved state",
+ " Restore a saved state",
},
{ /* f[lush], --flush, -F */
.cmd = IPSET_CMD_FLUSH,
.name = { "flush", NULL },
.has_arg = IPSET_OPTIONAL_ARG,
.help = "[SETNAME]\n"
- " Flush a named set or all sets",
+ " Flush a named set or all sets",
},
{ /* ren[ame], --rename, e, -E */
.cmd = IPSET_CMD_RENAME,
.name = { "rename", "e" },
.has_arg = IPSET_MANDATORY_ARG2,
.help = "FROM-SETNAME TO-SETNAME\n"
- " Rename two sets",
+ " Rename two sets",
},
{ /* sw[ap], --swap, w, -W */
.cmd = IPSET_CMD_SWAP,
.name = { "swap", "w" },
.has_arg = IPSET_MANDATORY_ARG2,
.help = "FROM-SETNAME TO-SETNAME\n"
- " Swap the contect of two existing sets",
+ " Swap the contect of two existing sets",
},
{ /* h[elp, --help, -H */
.cmd = IPSET_CMD_HELP,
.name = { "help", NULL },
.has_arg = IPSET_OPTIONAL_ARG,
.help = "[TYPENAME]\n"
- " Print help, and settype specific help",
+ " Print help, and settype specific help",
},
{ /* v[ersion], --version, -V */
.cmd = IPSET_CMD_VERSION,
.name = { "version", NULL },
.has_arg = IPSET_NO_ARG,
.help = "\n"
- " Print version information",
+ " Print version information",
},
{ /* q[uit] */
.cmd = IPSET_CMD_QUIT,
.name = { "quit", NULL },
.has_arg = IPSET_NO_ARG,
.help = "\n"
- " Quit interactive mode",
+ " Quit interactive mode",
},
{ },
};
@@ -149,8 +149,9 @@ ipset_match_cmd(const char *arg, const char * const name[])
return true;
else if (len != 1)
return false;
- else return tolower(arg[0]) == name[0][0] ||
- (name[1] != NULL && tolower(arg[0]) == name[1][0]);
+ else
+ return tolower(arg[0]) == name[0][0] ||
+ (name[1] != NULL && tolower(arg[0]) == name[1][0]);
}
const struct ipset_envopts ipset_envopts[] = {
@@ -158,47 +159,47 @@ const struct ipset_envopts ipset_envopts[] = {
.has_arg = IPSET_MANDATORY_ARG, .flag = IPSET_OPT_MAX,
.parse = ipset_parse_output,
.help = "plain|save|xml\n"
- " Specify output mode for listing sets.\n"
- " Default value for \"list\" command is mode \"plain\"\n"
- " and for \"save\" command is mode \"save\".",
+ " Specify output mode for listing sets.\n"
+ " Default value for \"list\" command is mode \"plain\"\n"
+ " and for \"save\" command is mode \"save\".",
},
{ .name = { "-s", "-sorted" },
.parse = ipset_envopt_parse,
.has_arg = IPSET_NO_ARG, .flag = IPSET_ENV_SORTED,
.help = "\n"
- " Print elements sorted (if supported by the set type).",
+ " Print elements sorted (if supported by the set type).",
},
{ .name = { "-q", "-quiet" },
.parse = ipset_envopt_parse,
.has_arg = IPSET_NO_ARG, .flag = IPSET_ENV_QUIET,
.help = "\n"
- " Suppress any notice or warning message.",
+ " Suppress any notice or warning message.",
},
{ .name = { "-r", "-resolve" },
.parse = ipset_envopt_parse,
.has_arg = IPSET_NO_ARG, .flag = IPSET_ENV_RESOLVE,
.help = "\n"
- " Try to resolve IP addresses in the output (slow!)",
+ " Try to resolve IP addresses in the output (slow!)",
},
{ .name = { "-!", "-exist" },
.parse = ipset_envopt_parse,
.has_arg = IPSET_NO_ARG, .flag = IPSET_ENV_EXIST,
.help = "\n"
- " Ignore errors when creating already created sets,\n"
- " when adding already existing elements\n"
+ " Ignore errors when creating already created sets,\n"
+ " when adding already existing elements\n"
" or when deleting non-existing elements.",
},
{ .name = { "-n", "-name" },
.parse = ipset_envopt_parse,
.has_arg = IPSET_NO_ARG, .flag = IPSET_ENV_LIST_SETNAME,
.help = "\n"
- " When listing, list just setnames from kernel.\n",
+ " When listing, list just setnames from kernel.\n",
},
{ .name = { "-t", "-terse" },
.parse = ipset_envopt_parse,
.has_arg = IPSET_NO_ARG, .flag = IPSET_ENV_LIST_HEADER,
.help = "\n"
- " When listing, list setnames and set headers\n"
+ " When listing, list setnames and set headers\n"
" from kernel only.",
},
{ },
@@ -210,13 +211,13 @@ ipset_match_option(const char *arg, const char * const name[])
{
assert(arg);
assert(name && name[0]);
-
+
/* Skip two leading dashes */
if (arg[0] == '-' && arg[1] == '-')
arg++, arg++;
- return STREQ(arg, name[0])
- || (name[1] != NULL && STREQ(arg, name[1]));
+ return STREQ(arg, name[0]) ||
+ (name[1] != NULL && STREQ(arg, name[1]));
}
/* Strict envopt matching */
@@ -225,13 +226,13 @@ ipset_match_envopt(const char *arg, const char * const name[])
{
assert(arg);
assert(name && name[0]);
-
+
/* Skip one leading dash */
if (arg[0] == '-' && arg[1] == '-')
arg++;
- return STREQ(arg, name[0])
- || (name[1] != NULL && STREQ(arg, name[1]));
+ return STREQ(arg, name[0]) ||
+ (name[1] != NULL && STREQ(arg, name[1]));
}
/**
@@ -247,19 +248,18 @@ void
ipset_shift_argv(int *argc, char *argv[], int from)
{
int i;
-
+
assert(*argc >= from + 1);
- for (i = from + 1; i <= *argc; i++) {
+ for (i = from + 1; i <= *argc; i++)
argv[i-1] = argv[i];
- }
(*argc)--;
return;
}
/**
* ipset_port_usage - prints the usage for the port parameter
- *
+ *
* Print the usage for the port parameter to stdout.
*/
void