From 24b35d0b8950407ce85eefef18576d54f1e2c20e Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Fri, 13 Jan 2012 22:52:44 +0100 Subject: Exceptions support added to hash:*net* types The "nomatch" keyword and option is added to the hash:*net* types, by which one can add exception entries to sets. Example: ipset create test hash:net ipset add test 192.168.0/24 ipset add test 192.168.0/30 nomatch In this case the IP addresses from 192.168.0/24 except 192.168.0/30 match the elements of the set. --- lib/types.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lib/types.c') diff --git a/lib/types.c b/lib/types.c index 0b5826e..2c8e04f 100644 --- a/lib/types.c +++ b/lib/types.c @@ -26,13 +26,17 @@ extern struct ipset_type ipset_bitmap_port0; extern struct ipset_type ipset_hash_ip0; extern struct ipset_type ipset_hash_net0; extern struct ipset_type ipset_hash_net1; +extern struct ipset_type ipset_hash_net2; extern struct ipset_type ipset_hash_netport1; extern struct ipset_type ipset_hash_netport2; +extern struct ipset_type ipset_hash_netport3; extern struct ipset_type ipset_hash_netiface0; +extern struct ipset_type ipset_hash_netiface1; extern struct ipset_type ipset_hash_ipport1; extern struct ipset_type ipset_hash_ipportip1; extern struct ipset_type ipset_hash_ipportnet1; extern struct ipset_type ipset_hash_ipportnet2; +extern struct ipset_type ipset_hash_ipportnet3; extern struct ipset_type ipset_list_set0; /* Userspace cache of sets which exists in the kernel */ @@ -588,13 +592,16 @@ ipset_cache_fini(void) ipset_type_add(&ipset_hash_ip0); ipset_type_add(&ipset_hash_net0); ipset_type_add(&ipset_hash_net1); + ipset_type_add(&ipset_hash_net2); ipset_type_add(&ipset_hash_netport1); ipset_type_add(&ipset_hash_netport2); + ipset_type_add(&ipset_hash_netport3); ipset_type_add(&ipset_hash_netiface0); + ipset_type_add(&ipset_hash_netiface1); ipset_type_add(&ipset_hash_ipport1); ipset_type_add(&ipset_hash_ipportip1); ipset_type_add(&ipset_hash_ipportnet1); ipset_type_add(&ipset_hash_ipportnet2); + ipset_type_add(&ipset_hash_ipportnet3); ipset_type_add(&ipset_list_set0); } - \ No newline at end of file -- cgit v1.2.3