diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-05-30 17:48:01 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-05-30 21:30:10 +0200 |
commit | 418a3a4f4d4e38abd1d691f81f2445590f02ecaf (patch) | |
tree | a41ed16b366c854786eea8f3da5c80fa50636dc6 /lib/session.c | |
parent | 4e21d6b5ce623f7601a872b94f3b88105356e2d3 (diff) |
hash:net,iface type introduced
The hash:net,iface type makes possible to store network address and
interface name pairs in a set. It's mostly suitable for egress
and ingress filtering. Examples:
# ipset create test hash:net,iface
# ipset add test 192.168.0.0/16,eth0
# ipset add test 192.168.0.0/24,eth1
Diffstat (limited to 'lib/session.c')
-rw-r--r-- | lib/session.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/session.c b/lib/session.c index c03ed5d..93d33ff 100644 --- a/lib/session.c +++ b/lib/session.c @@ -13,6 +13,7 @@ #include <string.h> /* str* */ #include <unistd.h> /* getpagesize */ #include <net/ethernet.h> /* ETH_ALEN */ +#include <net/if.h> /* IFNAMSIZ */ #include <libipset/debug.h> /* D() */ #include <libipset/data.h> /* IPSET_OPT_* */ @@ -473,6 +474,11 @@ static const struct ipset_attr_policy adt_attrs[] = { .type = MNL_TYPE_NESTED, .opt = IPSET_OPT_IP2_TO, }, + [IPSET_ATTR_IFACE] = { + .type = MNL_TYPE_NUL_STRING, + .opt = IPSET_OPT_IFACE, + .len = IFNAMSIZ, + }, }; static const struct ipset_attr_policy ipaddr_attrs[] = { |