| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
SCTP and UDPLITE port support added to the hash:*port* types.
|
| |
|
|
|
| |
Entry to install the manpage was missing from Makefile.am
(reported by Mark A. Ziesemer)
|
| | |
|
| |
|
|
| |
It's too easy to mistype "n" to "new", so just allow it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The number of comparisons for a matching a command name can be
made smaller by just checking on argv[1].
As an example consider the following 'create' arguments 'hashsize',
'family' and 'timeout'. When having the command
create foo hash:ip timeout 60 family inet hashsize 64
it compares without this patch:
strcmp("timeout", "hashsize")
strcmp("64", "hashsize")
strcmp("family", "hashsize")
strcmp("inet", "hashsize")
strcmp("hashsize", "hashsize")
It is worse in practice, as 'create' has more arguments than this.
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
|
| |
|
|
|
|
|
|
| |
After stripping off the global options there simply has to follow
a command name, there is no other syntax possible. Therefore the
argv[] loop is unnecessary.
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
|
| |
|
|
| |
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
|
| |
|
|
| |
Spelling error fixed (Ferenc Wagner)
|
| |
|
|
| |
Use correct error codes (Patrick McHardy's review)
|
| |
|
|
|
| |
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
|
| |
|
|
| |
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Parser errors are reported by a wrong lineno at restore, bug reported
by Holger Eitzenberger:
create foo6 hash:ip hashsize 64 family inet6
add foo6 20a1:1234:5678::/64
add foo6 20a1:1234:5679::/64
you get:
ipset v5.2: Error in line 1: Syntax error: plain IP address must be supplied: 20a1:1234:5678::/64
Should be line 2 though.
The solution is to set the session lineno before parsing.
|
| |
|
|
|
|
|
| |
It's not as nice as I'd like to be: IPSET_CREATE_FLAGS and
IPSET_ADT_FLAGS are required elsewhere, but to make life
simpler, some flags (like IPSET_OPT_TYPENAME) are *not*
added to the types full[] flags. So those must be excluded here.
|
| |
|
|
|
| |
There was still some other incorrect usage of 'enum ipset_cmd' and
'enum ipset_adt' - corrected.
|
| |
|
|
| |
Wrong enum type was used in the comparison, reported by Jan Engelhardt.
|
| |
|
|
|
| |
Match not only the first letter or the full command name, but
an arbitrary prefix too.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Support adding/deleting multiple entries in the userspace part
of the hash:ip,port, hash:ip,port,ip, hash:ip,port,net and
hash:net,port types.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
And enforce from kernel side as well...
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The manpage is updated to reflect the recent modifications and
the addition of the hash:net,port type. The help text of hash:ip
is updated: adding/deleting multiple entries are supported for
IPv4 only.
|
| |
|
|
|
| |
Use the newly added parser function ipset_parse_ip4_single6 instead
of the generic ipset_parse_ip.
|
| |\ |
|
| | |
| |
| |
| | |
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- More comments added to the code
- ICMP and ICMPv6 support added to the hash:ip,port, hash:ip,port,ip
and hash:ip,port,net types
- hash:net and hash:ip,port,net types are reworked
- hash:net,port type added
- Wrong direction parameters fixed in hash:ip,port
- Helps and manpage are updated
- More tests added
- Ugly macros are rewritten to functions in parse.c
(Holger Eitzenberger)
- resize related bug in hash types fixed (Holger Eitzenberger)
- autoreconf patches by Jan Engelhardt applied
- netlink patch minimalized: dumping can be initialized by a second
parsing of the message (thanks to David and Patrick for the suggestion)
- IPv4/IPv6 address attributes are introduced in order to fix the context
(suggested by David)
|
| |
|
|
|
|
|
| |
Makefile fixes: compiler flags
README and manpage fixes
Compatibility with newer gcc releases (4.4.x)
Compatibility with the 2.6.35 kernel tree
|
| |
|
|
|
|
| |
- getting ports for family INET6 fixed
- more manpage polishing
- tests to check the iptables/ip6tables match and target added
|
| |
|
|
|
|
|
|
|
|
|
| |
- the hash types can now store protocol together port, not only port
- lots of fixes everywhere: parser, error reporting, manpage
The last bits on the todo list before announcing ipset 5:
- recheck all the error messages
- add possibly more tests
- polish manpage
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Reworked protocol and internal interfaces, missing set types added,
backward compatibility verified, lots of tests added (and thanks to the tests,
bugs fixed), even the manpage is rewritten ;-). Countless changes everywhere...
The missing bits before announcing ipset 5:
- net namespace support
- new iptables/ip6tables extension library
- iptables/ip6tables match and target tests (backward/forward compatibility)
- tests on catching syntax errors
|
| |
|
|
| |
Add new userspace files: include/, lib/ and plus new files in src/.
|
| |
|
|
| |
Refresh existing files in src/ with the new content.
|
| |
|
|
| |
Rename files in src/ according to the new naming convention.
|
|
|
Create src/ and move ipset source there. Get rid of unnecessary and
outdated files.
|
