summaryrefslogtreecommitdiffstats
path: root/kernel/include/linux/netfilter/ipset
Commit message (Collapse)AuthorAgeFilesLines
* Correct the error codes: use ENOENT and EMSGSIZEJozsef Kadlecsik2011-01-261-5/+7
| | | | Use correct error codes (Patrick McHardy's review)
* Fix trailing whitespaces and pr_* messagesJozsef Kadlecsik2011-01-212-15/+13
| | | | | | Some trailing whitespace slipped in, those are removed. With the deleted ip_set_kernel.h, the pr_* messages lost the trailing "\n" character. The messages were completed with it.
* Un-inline functions which are not small enoughJozsef Kadlecsik2011-01-201-7/+7
|
* Fix module loading at create/header commandsJozsef Kadlecsik2011-01-201-1/+1
| | | | | While holding the nfnl_mutex, module loading is not allowed. Bug spotted by Patrick McHardy in his reviewing.
* Fix wrong kzalloc flag in type_pf_expireJozsef Kadlecsik2011-01-201-1/+1
| | | | | The expire functions of the hash types are called while locked, so kzalloc must be called with GFP_ATOMIC.
* The get_ip*_port functions are too large to be inlined, moved into the core.Jozsef Kadlecsik2011-01-201-119/+6
|
* Enforce network-order data in the netlink protocolJozsef Kadlecsik2011-01-201-5/+17
| | | | | | Allow only network-order data, with NLA_F_NET_BYTEORDER flag. Sanity checks also added to prevent processing broken messages where mandatory attributes are missing. (Patrick McHardy's review)
* Use annotated types and fix sparse warningsJozsef Kadlecsik2011-01-203-33/+25
| | | | | | Annotated types are introduced and sparse warnings fixed. Two warnings remained in ip_set_core.c but those are false ones. (Patrick McHardy's review)
* Move ip_set_alloc, ip_set_free and ip_set_get_ipaddr* into coreJozsef Kadlecsik2011-01-201-77/+6
| | | | | | The functions are too large to be inlined, so move them into the core. Also, fix the unnecessary initializations in ip_set_get_ipaddr*. (Patrick McHardy's review)
* NETMASK*, HOSTMASK* macros are too genericJozsef Kadlecsik2011-01-201-6/+25
| | | | | NETMASK*, HOSTMASK* macros are rewritten to small inline functions ip_set_netmask* and ip_set_hostmask* (Patrick McHardy's review)
* Move NLA_PUT_NET* macros to include/net/netlink.hJozsef Kadlecsik2011-01-201-6/+0
| | | | These macros can be useful in general (Patrick McHardy's review)
* Get rid of ip_set_kernel.hJozsef Kadlecsik2011-01-201-15/+0
| | | | | The header file was useful at deep debugging only, we can get rid of now. (Patrick McHardy's review)
* Fix the placement style of boolean operators at continued linesJozsef Kadlecsik2011-01-202-12/+12
| | | | Fix "&&" and "||" continuation style (Patrick McHardy's review)
* Update copyright date and some style changes.Jozsef Kadlecsik2011-01-142-2/+3
|
* Use jhash.h accepted in kernel, with backward compatibility.Jozsef Kadlecsik2011-01-132-170/+1
|
* Separate prefixlens from ip_set core.Jozsef Kadlecsik2011-01-132-9/+16
| | | | | | Separate prefixlens from ip_set core for better readibility and honoring the independence. Also, comment that prefixlens were borrowed from Jan Engelhardt.
* Comment the possible return values of the add/del/test type-functionsJozsef Kadlecsik2010-12-231-2/+8
|
* Kernel version compatibility: support from 2.6.34Jozsef Kadlecsik2010-12-211-4/+4
| | | | | The basic kernel compatibility issues are verified back to 2.6.24. The minimal supported kernel version had to be bumped from 2.6.31 to 2.6.34.
* kernel: const annotationsJan Engelhardt2010-12-192-3/+3
|
* kernel: do not mix const and __read_mostlyJan Engelhardt2010-12-193-6/+5
| | | | | It makes no sense to mix these two. Either it is writable-plus-read-mostly, or it is constant.
* Remove unnecessary gfp_flags argumentsJozsef Kadlecsik2010-12-162-29/+24
| | | | | Where the argument was used, the set lock was already activated, therefore the argument value was always GFP_ATOMIC.
* Mistypeing in the hbucket() macro fixed.Jozsef Kadlecsik2010-12-161-2/+6
|
* Document which elements cannot be stored in the different hash types.Jozsef Kadlecsik2010-12-141-2/+2
| | | | And enforce from kernel side as well...
* Convert last printks to pr_debug in ip_set_ahash.hJozsef Kadlecsik2010-12-131-4/+2
|
* Remove remnants of slist from ip_set_ahash.hJozsef Kadlecsik2010-12-131-3/+2
|
* Add proper RCU protection to resizingJozsef Kadlecsik2010-12-101-18/+38
| | | | | | | Resizing can be triggered by userspace command only, and those are serialized by the nfnl mutex. During resizing the set is read-locked, so the only possible concurrent operations are the kernel side readers. Those must be protected by proper RCU locking.
* Convert hash types from chash to ahash.Jozsef Kadlecsik2010-12-101-0/+1057
| | | | | | Instead of the cache friendly hashing, use the array based hashing. According to my tests the latter uses less memory, faster at lookup and deletion, and only slower at insertion.
* Strip off ip_set_ prefix from non-ipset specific header files.Jozsef Kadlecsik2010-12-083-2/+2
|
* Update ip_set_jhash.hJozsef Kadlecsik2010-12-081-33/+81
| | | | | Update ip_set_jhash.h with the version which was submitted for kernel inclusion.
* Create include/linux/netfilter/ipset/ directoryJozsef Kadlecsik2010-12-0710-0/+2252
Separate the ipset header files from netfilter header files.