| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
"sendip" needs data otherwise ICMP/ICMPv6 gets truncated...
|
| |
|
|
|
|
| |
If resolving is requested and the resolved hostname contains a dash
character, print the unresolved IP address instead in order not to
clash with the IP/hostname range syntax.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
I mistyped the bitwise operator and the network-order conversion was
missing too. Sigh, sendip cannot generate proper packets to check
ICMP and ICMPv6 in the testsuite. :-(
|
| |
|
|
|
|
| |
Some trailing whitespace slipped in, those are removed. With the deleted
ip_set_kernel.h, the pr_* messages lost the trailing "\n" character.
The messages were completed with it.
|
| | |
|
| |
|
|
|
| |
While holding the nfnl_mutex, module loading is not allowed.
Bug spotted by Patrick McHardy in his reviewing.
|
| |
|
|
|
| |
The expire functions of the hash types are called while locked, so
kzalloc must be called with GFP_ATOMIC.
|
| | |
|
| |
|
|
|
| |
We may call ip_set_alloc with GFP_ATOMIC, so we cannot replace __vmalloc
with vzalloc. Missing flag was noticed by Eric Dumazet.
|
| |
|
|
|
|
| |
Allow only network-order data, with NLA_F_NET_BYTEORDER flag.
Sanity checks also added to prevent processing broken messages
where mandatory attributes are missing. (Patrick McHardy's review)
|
| |
|
|
|
|
| |
Annotated types are introduced and sparse warnings fixed.
Two warnings remained in ip_set_core.c but those are false ones.
(Patrick McHardy's review)
|
| |
|
|
|
|
| |
The functions are too large to be inlined, so move them into the core.
Also, fix the unnecessary initializations in ip_set_get_ipaddr*.
(Patrick McHardy's review)
|
| |
|
|
|
| |
NETMASK*, HOSTMASK* macros are rewritten to small inline functions
ip_set_netmask* and ip_set_hostmask* (Patrick McHardy's review)
|
| |
|
|
|
| |
Avoid the need for explicit initialization during runtime
(Patrick McHardy's review)
|
| |
|
|
| |
These macros can be useful in general (Patrick McHardy's review)
|
| |
|
|
| |
Negative set numbers are strange :-) (Patrick McHardy's review)
|
| |
|
|
|
| |
The header file was useful at deep debugging only, we can get rid of now.
(Patrick McHardy's review)
|
| |
|
|
| |
Fix "&&" and "||" continuation style (Patrick McHardy's review)
|
| | |
|
| |
|
|
|
| |
Compiling with debugging can be enabled with the "--enable-debug" option
of the configure script.
|
| |
|
|
|
| |
The testsuite failed incorrectly, because the order of the elements
changed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The usage of the gcc option -Wunused-parameter interferes badly with
the assert() macros. In case -DNDEBUG is specified build fails with:
cc1: warnings being treated as errors
print.c: In function 'ipset_print_family':
print.c:92: error: unused parameter 'opt'
print.c: In function 'ipset_print_port':
print.c:413: error: unused parameter 'opt'
print.c: In function 'ipset_print_proto':
Fix it by taking into accout NDEBUG in the function arguments.
Bug reported by Holger Eitzenberger.
|
| |
|
|
| |
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While the following works for AF_INET:
ipset add foo 192.168.1.1/32
this does not work for AF_INET6:
ipset add foo6 20a1:1:2:3:4:5:6:7/128
ipset v5.2: Syntax error: plain IP address must be supplied: 20a1:1:2:3:4:5:6:7/128
Bug reported by Holger Eitzenberger.
The complete fix is to handle the special host prefixes in the general
IP address parser function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Parser errors are reported by a wrong lineno at restore, bug reported
by Holger Eitzenberger:
create foo6 hash:ip hashsize 64 family inet6
add foo6 20a1:1234:5678::/64
add foo6 20a1:1234:5679::/64
you get:
ipset v5.2: Error in line 1: Syntax error: plain IP address must be supplied: 20a1:1234:5678::/64
Should be line 2 though.
The solution is to set the session lineno before parsing.
|
| |
|
|
|
|
| |
Ongoing add/del can happen to referenced sets and delete can be issued
to unreferenced sets. So the bogus call to synchronize_net() can safely
be removed.
|
| |
|
|
| |
Better add more safety nets against user input.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Separate prefixlens from ip_set core for better readibility and honoring
the independence.
Also, comment that prefixlens were borrowed from Jan Engelhardt.
|
| |
|
|
| |
Some systems do not contain ospf in /etc/protocols but ospfigp only.
|
| |\
| |
| |
| | |
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
|
| |/
|
|
| |
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| |\
| |
| |
| | |
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
|
| | |
| |
| |
| | |
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| |/
|
|
|
|
|
| |
Calculating AC_CANONICAL_TARGET is superfluous, because ipset is not a
code generator.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| | |
|
| | |
|
| |
|
|
| |
Internal printing errors were not reported, handle them by setjmp/longjmp.
|
| |
|
|
|
|
| |
Direct cast results "cast increases required alignment of target type" on
Sparc: use indirect cast to void * instead of memcpy, as Jan Engelhardt
suggested.
|
| |
|
|
|
| |
The wrapper around getnameinfo was not snprintf-compatible and
that could cause broken listing/saving for large sets.
|
| | |
|
| |
|
|
| |
LT_INIT is not present before libtool 2.2. Revert to use AC_PROG_LIBTOOL.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
The set cache stored the default family (INET) instead of the set family,
therefore restore mode for IPv6 did not work. The set cache fixed and
message aggregation reworked.
|
| |
|
|
|
| |
The basic kernel compatibility issues are verified back to 2.6.24.
The minimal supported kernel version had to be bumped from 2.6.31 to 2.6.34.
|
