Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | kernel: use __read_mostly for registration-type structures | Jan Engelhardt | 2010-12-19 | 9 | -10/+10 |
| | | | | Here is where __read_mostly goes :-) | ||||
* | kernel: do not mix const and __read_mostly | Jan Engelhardt | 2010-12-19 | 14 | -51/+40 |
| | | | | | It makes no sense to mix these two. Either it is writable-plus-read-mostly, or it is constant. | ||||
* | xt_set: avoid user types in exported kernel headers | Jan Engelhardt | 2010-12-19 | 1 | -6/+6 |
| | | | | Within isolated code it would be ok, but not so in exported headers. | ||||
* | build: enable parallel building | Jan Engelhardt | 2010-12-19 | 1 | -3/+3 |
| | | | | | | | | | | | | | | $ make modules -j8 cd kernel; make -C /lib/modules/`uname -r`/build M=`pwd` V=0 \ IP_SET_MAX=256 \ NETLINK_DUMP_CONST=const \ NFNL_CB_CONST=const modules make[1]: Entering directory "/usr/src/linux-2.6.36-rc8-34-obj/x86_64/default" make[1]: warning: jobserver unavailable: using -j1. Add '+' to parent make rule. The "fix" here is that we have to use ${MAKE} instead of make. (NB: The extra cd is redundant and can be appended to M=.) | ||||
* | Prevent calling Makefile directly in the kernel/ subdirectory | Jozsef Kadlecsik | 2010-12-19 | 1 | -0/+4 |
| | |||||
* | Put back the Sparc specific workaround at getaddrinfo. | Jozsef Kadlecsik | 2010-12-19 | 1 | -4/+8 |
| | |||||
* | Should have gone to sleep: fix check_allowed. Really. | Jozsef Kadlecsik | 2010-12-19 | 1 | -11/+11 |
| | | | | | | | It's not as nice as I'd like to be: IPSET_CREATE_FLAGS and IPSET_ADT_FLAGS are required elsewhere, but to make life simpler, some flags (like IPSET_OPT_TYPENAME) are *not* added to the types full[] flags. So those must be excluded here. | ||||
* | Check old system kernel header files | Jozsef Kadlecsik | 2010-12-18 | 1 | -0/+6 |
| | |||||
* | Check from `configure` that the kernel source is patched with netlink.patch | Jozsef Kadlecsik | 2010-12-18 | 1 | -0/+5 |
| | |||||
* | Use configure to detect compiler warning flags | Jozsef Kadlecsik | 2010-12-18 | 5 | -52/+262 |
| | | | | | By checking the supported compiler warning flags, different gcc releases are supported without the crude --disable-extra-flags option. | ||||
* | The fix of incorrect comparison in check_allowed completed. | Jozsef Kadlecsik | 2010-12-18 | 1 | -22/+25 |
| | | | | | There was still some other incorrect usage of 'enum ipset_cmd' and 'enum ipset_adt' - corrected. | ||||
* | Try to solve PKG_CHECK_MODULES issue | Jozsef Kadlecsik | 2010-12-18 | 1 | -0/+1 |
| | | | | | | | | | | Rob Sterenborg reported, that on CentOs configure can fail with ./configure: line 11510: syntax error near unexpected token `[libmnl],' ./configure: line 11510: `PKG_CHECK_MODULES([libmnl], [libmnl >= 1])' Therefore I added 'aclocal -I m4' to autogen.sh, hoping that it solves the issue. | ||||
* | Fix incorrect comparison in check_allowed | Jozsef Kadlecsik | 2010-12-18 | 1 | -1/+1 |
| | | | | Wrong enum type was used in the comparison, reported by Jan Engelhardt. | ||||
* | Fix Kbuild for me to delete backup files | Jozsef Kadlecsik | 2010-12-17 | 1 | -1/+1 |
| | |||||
* | Initialize ChangeLog for the new releasev5.0 | Jozsef Kadlecsik | 2010-12-17 | 1 | -0/+3 |
| | |||||
* | Add tests to check hash:ip,port,net type | Jozsef Kadlecsik | 2010-12-17 | 4 | -5/+58 |
| | |||||
* | Match command prefixes | Jozsef Kadlecsik | 2010-12-17 | 1 | -1/+1 |
| | | | | | Match not only the first letter or the full command name, but an arbitrary prefix too. | ||||
* | Add more test to check adding/deleting multiple entries. | Jozsef Kadlecsik | 2010-12-17 | 8 | -0/+46 |
| | |||||
* | Updated manpage to reflect wider input possibilities in the ipset tool. | Jozsef Kadlecsik | 2010-12-17 | 1 | -41/+45 |
| | |||||
* | Updated help texts for the hash:ip and list:set types. | Jozsef Kadlecsik | 2010-12-17 | 2 | -6/+7 |
| | |||||
* | Support adding/deleting multiple entries, userspace part. | Jozsef Kadlecsik | 2010-12-17 | 4 | -7/+34 |
| | | | | | | Support adding/deleting multiple entries in the userspace part of the hash:ip,port, hash:ip,port,ip, hash:ip,port,net and hash:net,port types. | ||||
* | Support adding/deleting multiple entries, kernel part. | Jozsef Kadlecsik | 2010-12-17 | 4 | -16/+261 |
| | | | | | | Support adding/deleting multiple entries in the kernel side of the hash:ip,port, hash:ip,port,ip, hash:ip,port,net and hash:net,port types. | ||||
* | Add ipset_parse_tcpudp_port function | Jozsef Kadlecsik | 2010-12-17 | 2 | -7/+30 |
| | | | | Add new parser function to parse TCP/UDP port name, number, or range of them. | ||||
* | Missing spaces in error strings fixed. | Jozsef Kadlecsik | 2010-12-17 | 1 | -4/+4 |
| | |||||
* | Use the 'full' flags of the types and check not allowed flags. | Jozsef Kadlecsik | 2010-12-17 | 2 | -14/+113 |
| | |||||
* | Remove unnecessary gfp_flags arguments | Jozsef Kadlecsik | 2010-12-16 | 10 | -70/+58 |
| | | | | | Where the argument was used, the set lock was already activated, therefore the argument value was always GFP_ATOMIC. | ||||
* | Add test to check multi-message listing and swapping. | Jozsef Kadlecsik | 2010-12-16 | 2 | -4/+11 |
| | |||||
* | Mistypeing in the hbucket() macro fixed. | Jozsef Kadlecsik | 2010-12-16 | 1 | -2/+6 |
| | |||||
* | Manpage cleanups, so it's more clear and straightforward. | Jozsef Kadlecsik | 2010-12-15 | 2 | -21/+21 |
| | |||||
* | Fix outdated messages in the tests | Jozsef Kadlecsik | 2010-12-14 | 8 | -89/+89 |
| | |||||
* | Document which elements cannot be stored in the different hash types. | Jozsef Kadlecsik | 2010-12-14 | 2 | -6/+15 |
| | | | | And enforce from kernel side as well... | ||||
* | Speed up testing a little bit | Jozsef Kadlecsik | 2010-12-13 | 21 | -65/+65 |
| | | | | Lower timeout values to max 5s, so we can lower sleep values too. | ||||
* | Convert last printks to pr_debug in ip_set_ahash.h | Jozsef Kadlecsik | 2010-12-13 | 1 | -4/+2 |
| | |||||
* | Remove remnants of slist from ip_set_ahash.h | Jozsef Kadlecsik | 2010-12-13 | 1 | -3/+2 |
| | |||||
* | Buffered commands are just ... buffered. | Jozsef Kadlecsik | 2010-12-13 | 3 | -129/+82 |
| | | | | | | | Calculate the free buffer size when adding the existing attributes at the buffered commands. If the buffer is full, cancel the unfinished nested attribute and commit the previously buffered commands. Then restart with the current buffered command. Thus we can get rid of the ugly maxsize parameter of the set types. | ||||
* | Fixing dangling empty line produced backward-incompatible exit codes, fixed. | Jozsef Kadlecsik | 2010-12-13 | 1 | -2/+2 |
| | |||||
* | Support case-insensitive ICMP and ICMPv6 type/code names. | Jozsef Kadlecsik | 2010-12-10 | 3 | -2/+4 |
| | |||||
* | Compiler flag compatibility fix with libmnl | Jozsef Kadlecsik | 2010-12-10 | 1 | -1/+1 |
| | | | | | libmnl now uses void pointer arithmetic, remove -Wpointer-arith from the compiler flags. | ||||
* | Fix dangling empty line at error/warning messages emitted by ipset. | Jozsef Kadlecsik | 2010-12-10 | 1 | -3/+4 |
| | |||||
* | Add proper RCU protection to resizing | Jozsef Kadlecsik | 2010-12-10 | 1 | -18/+38 |
| | | | | | | | Resizing can be triggered by userspace command only, and those are serialized by the nfnl mutex. During resizing the set is read-locked, so the only possible concurrent operations are the kernel side readers. Those must be protected by proper RCU locking. | ||||
* | Convert hash types from chash to ahash. | Jozsef Kadlecsik | 2010-12-10 | 7 | -94/+1127 |
| | | | | | | Instead of the cache friendly hashing, use the array based hashing. According to my tests the latter uses less memory, faster at lookup and deletion, and only slower at insertion. | ||||
* | Strip off ip_set_ prefix from non-ipset specific header files. | Jozsef Kadlecsik | 2010-12-08 | 9 | -8/+8 |
| | |||||
* | Update ip_set_jhash.h | Jozsef Kadlecsik | 2010-12-08 | 1 | -33/+81 |
| | | | | | Update ip_set_jhash.h with the version which was submitted for kernel inclusion. | ||||
* | Create include/linux/netfilter/ipset/ directory | Jozsef Kadlecsik | 2010-12-07 | 23 | -70/+70 |
| | | | | Separate the ipset header files from netfilter header files. | ||||
* | Complete Kconfig.ipset with hash:net,port type. | Jozsef Kadlecsik | 2010-12-07 | 1 | -8/+16 |
| | |||||
* | Remove include/net/pfxlen.h | Jozsef Kadlecsik | 2010-12-07 | 12 | -311/+305 |
| | | | | | Spare some memory by moving the static prefixlen maps to the ipset core. Thus we can get rid of include/net/pfxlen.h too. | ||||
* | Remove command MODIFY | Jozsef Kadlecsik | 2010-12-07 | 3 | -37/+35 |
| | | | | | Modifying a set can be performed by save/modify/restore/swap, without adding kernel part support. | ||||
* | Whitespace, checkpatch.pl cleanups. | Jozsef Kadlecsik | 2010-12-07 | 20 | -375/+376 |
| | |||||
* | The protocol extended with the command MODIFY. | Jozsef Kadlecsik | 2010-11-05 | 3 | -37/+41 |
| | | | | The command is not used yet, but better to reserve it already. | ||||
* | Update README file | Jozsef Kadlecsik | 2010-11-05 | 1 | -6/+23 |
| | | | | | Cleaned up the netlink.patch part: there's no more multiple patches. The incompatibilities against 4.x are listed in details. |