diff options
author | Vytas Dauksa <vytas.dauksa@smoothwall.net> | 2013-12-17 14:01:43 +0000 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2014-01-08 21:02:54 +0100 |
commit | 14ea38fca9e40df4f172a573c222591b5f3cc241 (patch) | |
tree | 5f0e1cd46a19bbb6b54de73494971c35f4c329ae /lib/parse.c | |
parent | 8a88bdf50b448e221a8b0b6a5c8446ebafcefa19 (diff) |
add hash:ip,mark data type to ipset
Introduce packet mark support with new ip,mark hash set. This includes
userspace and kernelspace code, hash:ip,mark set tests and man page
updates.
The intended use of ip,mark set is similar to the ip:port type, but for
protocols which don't use a predictable port number. Instead of port
number it matches a firewall mark determined by a layer 7 filtering
program like opendpi.
As well as allowing or blocking traffic it will also be used for
accounting packets and bytes sent for each protocol.
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'lib/parse.c')
-rw-r--r-- | lib/parse.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/lib/parse.c b/lib/parse.c index 440ef8f..f1c1f0e 100644 --- a/lib/parse.c +++ b/lib/parse.c @@ -328,6 +328,36 @@ ipset_parse_port(struct ipset_session *session, } /** + * ipset_parse_mark - parse a mark + * @session: session structure + * @opt: option kind of the data + * @str: string to parse + * + * Parse string as a mark. The parsed mark number is + * stored in the data blob of the session. + * + * Returns 0 on success or a negative error code. + */ +int +ipset_parse_mark(struct ipset_session *session, + enum ipset_opt opt, const char *str) +{ + uint32_t mark; + int err; + + assert(session); + assert(str); + + if ((err = string_to_u32(session, str, &mark)) == 0) + err = ipset_session_data_set(session, opt, &mark); + + if (!err) + /* No error, so reset false error messages! */ + ipset_session_report_reset(session); + return err; +} + +/** * ipset_parse_tcpudp_port - parse TCP/UDP port name, number, or range of them * @session: session structure * @opt: option kind of the data |