summaryrefslogtreecommitdiffstats
path: root/kernel/include/linux/netfilter
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2011-05-15 12:04:19 +0200
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2011-05-15 12:04:19 +0200
commitbb4f6b818fe371b754abd61cffb97cb5145e8e1d (patch)
tree34fb558facd8bc4ca1f1cdda8cc62eb4fd929e6f /kernel/include/linux/netfilter
parent774c80b578172aa7797ea60264e8a929302d5e83 (diff)
Support range for IPv4 at adding/deleting elements for hash:*net* types
The range internally is converted to the network(s) equal to the range. Example: # ipset new test hash:net # ipset add test 10.2.0.0-10.2.1.12 # ipset list test Name: test Type: hash:net Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16888 References: 0 Members: 10.2.1.12 10.2.1.0/29 10.2.0.0/24 10.2.1.8/30
Diffstat (limited to 'kernel/include/linux/netfilter')
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set.h1
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_ahash.h2
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_hash.h4
-rw-r--r--kernel/include/linux/netfilter/ipset/pfxlen.h3
4 files changed, 9 insertions, 1 deletions
diff --git a/kernel/include/linux/netfilter/ipset/ip_set.h b/kernel/include/linux/netfilter/ipset/ip_set.h
index ac31e38..fd83f4f 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set.h
@@ -104,6 +104,7 @@ enum {
IPSET_ATTR_NAMEREF,
IPSET_ATTR_IP2,
IPSET_ATTR_CIDR2,
+ IPSET_ATTR_IP2_TO,
__IPSET_ATTR_ADT_MAX,
};
#define IPSET_ATTR_ADT_MAX (__IPSET_ATTR_ADT_MAX - 1)
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
index 6a4969d..95f6319 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
@@ -353,7 +353,7 @@ retry:
return 0;
}
-static inline void
+static void
type_pf_data_next(struct ip_set_hash *h, const struct type_pf_elem *d);
/* Add an element to a hash and update the internal counters when succeeded,
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_hash.h b/kernel/include/linux/netfilter/ipset/ip_set_hash.h
index b86f15c..e2a9fae 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_hash.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set_hash.h
@@ -11,6 +11,10 @@ enum {
IPSET_ERR_INVALID_PROTO,
/* Protocol missing but must be specified */
IPSET_ERR_MISSING_PROTO,
+ /* Range not supported */
+ IPSET_ERR_HASH_RANGE_UNSUPPORTED,
+ /* Invalid range */
+ IPSET_ERR_HASH_RANGE,
};
#ifdef __KERNEL__
diff --git a/kernel/include/linux/netfilter/ipset/pfxlen.h b/kernel/include/linux/netfilter/ipset/pfxlen.h
index 0e1fb50..84efa33 100644
--- a/kernel/include/linux/netfilter/ipset/pfxlen.h
+++ b/kernel/include/linux/netfilter/ipset/pfxlen.h
@@ -3,6 +3,7 @@
#include <asm/byteorder.h>
#include <linux/netfilter.h>
+#include <net/tcp.h>
/* Prefixlen maps, by Jan Engelhardt */
extern const union nf_inet_addr ip_set_netmask_map[];
@@ -32,4 +33,6 @@ ip_set_hostmask6(u8 pfxlen)
return &ip_set_hostmask_map[pfxlen].ip6[0];
}
+extern u32 ip_set_range_to_cidr(u32 from, u32 to, u8 *cidr);
+
#endif /*_PFXLEN_H */