diff options
| author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-05-27 21:06:04 +0200 |
|---|---|---|
| committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-05-27 21:06:04 +0200 |
| commit | 000b9b7946f41bf7da58969d793ae53275da690e (patch) | |
| tree | e03fd1b4a210b67416e49f3879647177de227d38 /kernel/include/linux | |
| parent | 49ee984320b7665fdd9e65c6f576c4908f0bcf20 (diff) | |
Add xt_action_param to the variant level kadt functions, ipset API change
With the change the sets can use any parameter available for the match
and target extensions, like input/output interface. It's required for
the hash:net,iface set type.
Diffstat (limited to 'kernel/include/linux')
| -rw-r--r-- | kernel/include/linux/netfilter/ipset/ip_set.h | 5 | ||||
| -rw-r--r-- | kernel/include/linux/netfilter/ipset/ip_set_ahash.h | 1 |
2 files changed, 6 insertions, 0 deletions
diff --git a/kernel/include/linux/netfilter/ipset/ip_set.h b/kernel/include/linux/netfilter/ipset/ip_set.h index fd83f4f..8955165 100644 --- a/kernel/include/linux/netfilter/ipset/ip_set.h +++ b/kernel/include/linux/netfilter/ipset/ip_set.h @@ -170,6 +170,7 @@ enum ipset_adt { #include <linux/ipv6.h> #include <linux/netlink.h> #include <linux/netfilter.h> +#include <linux/netfilter/x_tables.h> #include <linux/vmalloc.h> #include <net/netlink.h> @@ -238,6 +239,7 @@ struct ip_set_type_variant { * zero for no match/success to add/delete * positive for matching element */ int (*kadt)(struct ip_set *set, const struct sk_buff * skb, + const struct xt_action_param *par, enum ipset_adt adt, const struct ip_set_adt_opt *opt); /* Userspace: test/add/del entries @@ -332,10 +334,13 @@ extern void ip_set_nfnl_put(ip_set_id_t index); /* API for iptables set match, and SET target */ extern int ip_set_add(ip_set_id_t id, const struct sk_buff *skb, + const struct xt_action_param *par, const struct ip_set_adt_opt *opt); extern int ip_set_del(ip_set_id_t id, const struct sk_buff *skb, + const struct xt_action_param *par, const struct ip_set_adt_opt *opt); extern int ip_set_test(ip_set_id_t id, const struct sk_buff *skb, + const struct xt_action_param *par, const struct ip_set_adt_opt *opt); /* Utility functions */ diff --git a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h index a099d40..1c977e1 100644 --- a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h +++ b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h @@ -599,6 +599,7 @@ nla_put_failure: static int type_pf_kadt(struct ip_set *set, const struct sk_buff * skb, + const struct xt_action_param *par, enum ipset_adt adt, const struct ip_set_adt_opt *opt); static int type_pf_uadt(struct ip_set *set, struct nlattr *tb[], |