From d71dd93599b932693f045301424c2276cd25a87e Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Mon, 9 Oct 2017 18:43:04 +0200 Subject: Userspace revision handling is reworked In order to make it simpler and more straightforward to express the revisions of the set type, all keywords and their parsing are separated from the individual set types. All backward compatibility arguments are recognized and ignored arguments are supported. Recognized but ignored arguments will be removed in a later release. --- lib/args.c | 285 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 285 insertions(+) create mode 100644 lib/args.c (limited to 'lib/args.c') diff --git a/lib/args.c b/lib/args.c new file mode 100644 index 0000000..5376ed0 --- /dev/null +++ b/lib/args.c @@ -0,0 +1,285 @@ +/* Copyright 2017 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include /* ipset_args[] */ + +static const struct ipset_arg ipset_args[] = { + [IPSET_ARG_FAMILY] = { + .name = { "family", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_FAMILY, + .parse = ipset_parse_family, + .print = ipset_print_family, + .help = "[family inet|inet6]|[-4|-6]", + }, + /* Alias: family inet */ + [IPSET_ARG_INET] = { + .name = { "-4", NULL }, + .has_arg = IPSET_NO_ARG, + .opt = IPSET_OPT_FAMILY, + .parse = ipset_parse_family, + .help = "", + }, + /* Alias: family inet6 */ + [IPSET_ARG_INET6] = { + .name = { "-6", NULL }, + .has_arg = IPSET_NO_ARG, + .opt = IPSET_OPT_FAMILY, + .parse = ipset_parse_family, + .help = "", + }, + /* Hash types */ + [IPSET_ARG_HASHSIZE] = { + .name = { "hashsize", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_HASHSIZE, + .parse = ipset_parse_uint32, + .print = ipset_print_number, + .help = "[hashsize VALUE]", + }, + [IPSET_ARG_MAXELEM] = { + .name = { "maxelem", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_MAXELEM, + .parse = ipset_parse_uint32, + .print = ipset_print_number, + .help = "[maxelem VALUE]", + }, + /* Ignored options: backward compatibilty */ + [IPSET_ARG_PROBES] = { + .name = { "probes", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_PROBES, + .parse = ipset_parse_ignored, + .print = ipset_print_number, + }, + [IPSET_ARG_RESIZE] = { + .name = { "resize", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_RESIZE, + .parse = ipset_parse_ignored, + .print = ipset_print_number, + }, + [IPSET_ARG_GC] = { + .name = { "gc", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_GC, + .parse = ipset_parse_ignored, + .print = ipset_print_number, + }, + [IPSET_ARG_IGNORED_FROM] = { + .name = { "from", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_IP, + .parse = ipset_parse_ignored, + .print = ipset_print_number, + }, + [IPSET_ARG_IGNORED_TO] = { + .name = { "to", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_IP_TO, + .parse = ipset_parse_ignored, + .print = ipset_print_number, + }, + [IPSET_ARG_IGNORED_NETWORK] = { + .name = { "network", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_IP, + .parse = ipset_parse_ignored, + .print = ipset_print_number, + }, + /* List type */ + [IPSET_ARG_SIZE] = { + .name = { "size", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_SIZE, + .parse = ipset_parse_uint32, + .print = ipset_print_number, + .help = "[size VALUE]", + }, + /* IP-type elements */ + [IPSET_ARG_IPRANGE] = { + .name = { "range", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_IP, + .parse = ipset_parse_netrange, + .print = ipset_print_ip, + }, + [IPSET_ARG_NETMASK] = { + .name = { "netmask", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_NETMASK, + .parse = ipset_parse_netmask, + .print = ipset_print_number, + .help = "[netmask CIDR]", + }, + /* Port-type elements */ + [IPSET_ARG_PORTRANGE] = { + .name = { "range", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_PORT, + .parse = ipset_parse_tcp_udp_port, + .print = ipset_print_port, + }, + /* Setname type elements */ + [IPSET_ARG_BEFORE] = { + .name = { "before", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_NAMEREF, + .parse = ipset_parse_before, + .help = "[before|after NAME]", + }, + [IPSET_ARG_AFTER] = { + .name = { "after", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_NAMEREF, + .parse = ipset_parse_after, + }, + /* Backward compatibility */ + [IPSET_ARG_FROM_IP] = { + .name = { "from", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_IP, + .parse = ipset_parse_single_ip, + }, + [IPSET_ARG_TO_IP] = { + .name = { "to", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_IP_TO, + .parse = ipset_parse_single_ip, + }, + [IPSET_ARG_NETWORK] = { + .name = { "network", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_IP, + .parse = ipset_parse_net, + }, + [IPSET_ARG_FROM_PORT] = { + .name = { "from", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_PORT, + .parse = ipset_parse_single_tcp_port, + }, + [IPSET_ARG_TO_PORT] = { + .name = { "to", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_PORT_TO, + .parse = ipset_parse_single_tcp_port, + }, + /* Extra flags, options */ + [IPSET_ARG_FORCEADD] = { + .name = { "forceadd", NULL }, + .has_arg = IPSET_NO_ARG, + .opt = IPSET_OPT_FORCEADD, + .parse = ipset_parse_flag, + .print = ipset_print_flag, + .help = "[forceadd]", + }, + [IPSET_ARG_MARKMASK] = { + .name = { "markmask", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_MARKMASK, + .parse = ipset_parse_uint32, + .print = ipset_print_mark, + .help = "markmask VALUE", + }, + [IPSET_ARG_NOMATCH] = { + .name = { "nomatch", NULL }, + .has_arg = IPSET_NO_ARG, + .opt = IPSET_OPT_NOMATCH, + .parse = ipset_parse_flag, + .print = ipset_print_flag, + .help = "[nomatch]", + }, + /* Extensions */ + [IPSET_ARG_TIMEOUT] = { + .name = { "timeout", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_TIMEOUT, + .parse = ipset_parse_timeout, + .print = ipset_print_number, + .help = "[timeout VALUE]", + }, + [IPSET_ARG_COUNTERS] = { + .name = { "counters", NULL }, + .has_arg = IPSET_NO_ARG, + .opt = IPSET_OPT_COUNTERS, + .parse = ipset_parse_flag, + .print = ipset_print_flag, + .help = "[counters]", + }, + [IPSET_ARG_PACKETS] = { + .name = { "packets", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_PACKETS, + .parse = ipset_parse_uint64, + .print = ipset_print_number, + .help = "[packets VALUE]", + }, + [IPSET_ARG_BYTES] = { + .name = { "bytes", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_BYTES, + .parse = ipset_parse_uint64, + .print = ipset_print_number, + .help = "[bytes VALUE]", + }, + [IPSET_ARG_COMMENT] = { + .name = { "comment", NULL }, + .has_arg = IPSET_NO_ARG, + .opt = IPSET_OPT_CREATE_COMMENT, + .parse = ipset_parse_flag, + .print = ipset_print_flag, + .help = "[comment]", + }, + [IPSET_ARG_ADT_COMMENT] = { + .name = { "comment", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_ADT_COMMENT, + .parse = ipset_parse_comment, + .print = ipset_print_comment, + .help = "[comment \"string\"]", + }, + [IPSET_ARG_SKBINFO] = { + .name = { "skbinfo", NULL }, + .has_arg = IPSET_NO_ARG, + .opt = IPSET_OPT_SKBINFO, + .parse = ipset_parse_flag, + .print = ipset_print_flag, + .help = "[skbinfo]", + }, + [IPSET_ARG_SKBMARK] = { + .name = { "skbmark", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_SKBMARK, + .parse = ipset_parse_skbmark, + .print = ipset_print_skbmark, + .help = "[skbmark VALUE]", + }, + [IPSET_ARG_SKBPRIO] = { + .name = { "skbprio", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_SKBPRIO, + .parse = ipset_parse_skbprio, + .print = ipset_print_skbprio, + .help = "[skbprio VALUE]", + }, + [IPSET_ARG_SKBQUEUE] = { + .name = { "skbqueue", NULL }, + .has_arg = IPSET_MANDATORY_ARG, + .opt = IPSET_OPT_SKBQUEUE, + .parse = ipset_parse_uint16, + .print = ipset_print_number, + .help = "[skbqueue VALUE]", + }, +}; + +const struct ipset_arg * ipset_keyword(enum ipset_keywords i) +{ + return (i > IPSET_ARG_NONE && i < IPSET_ARG_MAX) + ? &ipset_args[i] : NULL; +} -- cgit v1.2.3