From 62f71e22a1db90eee62ea9688f0c77cb6cf5ccae Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Thu, 22 Apr 2010 17:14:21 +0200 Subject: Tenth stage to ipset-5 Add new test files and toplevel files. --- COPYING | 340 +++++++++++++++++++++++++++++++++++++++++++++ INSTALL | 236 +++++++++++++++++++++++++++++++ Make_global.am | 48 +++++++ Makefile.am | 49 +++++++ autogen.sh | 18 +++ configure.ac | 76 ++++++++++ netlink.patch | 86 ++++++++++++ tests/bitmap:ip.t | 151 ++++++++++++++++++++ tests/bitmap:ip.t.list0 | 9 ++ tests/bitmap:ip.t.list1 | 9 ++ tests/bitmap:ip.t.list2 | 9 ++ tests/bitmap:ip.t.list3 | 10 ++ tests/hash:ip.t | 79 +++++++++++ tests/hash:ip.t.list0 | 9 ++ tests/hash:ip.t.list1 | 9 ++ tests/iphash.t.restore.old | 131 +++++++++++++++++ tests/ipmap.t.list4 | 10 ++ tests/macipmap.t.list2 | 9 ++ tests/portmap.t.list2 | 9 ++ update | 9 ++ 20 files changed, 1306 insertions(+) create mode 100644 COPYING create mode 100644 INSTALL create mode 100644 Make_global.am create mode 100644 Makefile.am create mode 100755 autogen.sh create mode 100644 configure.ac create mode 100644 netlink.patch create mode 100644 tests/bitmap:ip.t create mode 100644 tests/bitmap:ip.t.list0 create mode 100644 tests/bitmap:ip.t.list1 create mode 100644 tests/bitmap:ip.t.list2 create mode 100644 tests/bitmap:ip.t.list3 create mode 100644 tests/hash:ip.t create mode 100644 tests/hash:ip.t.list0 create mode 100644 tests/hash:ip.t.list1 create mode 100644 tests/iphash.t.restore.old create mode 100644 tests/ipmap.t.list4 create mode 100644 tests/macipmap.t.list2 create mode 100644 tests/portmap.t.list2 create mode 100755 update diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..623b625 --- /dev/null +++ b/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/INSTALL b/INSTALL new file mode 100644 index 0000000..23e5f25 --- /dev/null +++ b/INSTALL @@ -0,0 +1,236 @@ +Installation Instructions +************************* + +Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005 Free +Software Foundation, Inc. + +This file is free documentation; the Free Software Foundation gives +unlimited permission to copy, distribute and modify it. + +Basic Installation +================== + +These are generic installation instructions. + + The `configure' shell script attempts to guess correct values for +various system-dependent variables used during compilation. It uses +those values to create a `Makefile' in each directory of the package. +It may also create one or more `.h' files containing system-dependent +definitions. Finally, it creates a shell script `config.status' that +you can run in the future to recreate the current configuration, and a +file `config.log' containing compiler output (useful mainly for +debugging `configure'). + + It can also use an optional file (typically called `config.cache' +and enabled with `--cache-file=config.cache' or simply `-C') that saves +the results of its tests to speed up reconfiguring. (Caching is +disabled by default to prevent problems with accidental use of stale +cache files.) + + If you need to do unusual things to compile the package, please try +to figure out how `configure' could check whether to do them, and mail +diffs or instructions to the address given in the `README' so they can +be considered for the next release. If you are using the cache, and at +some point `config.cache' contains results you don't want to keep, you +may remove or edit it. + + The file `configure.ac' (or `configure.in') is used to create +`configure' by a program called `autoconf'. You only need +`configure.ac' if you want to change it or regenerate `configure' using +a newer version of `autoconf'. + +The simplest way to compile this package is: + + 1. `cd' to the directory containing the package's source code and type + `./configure' to configure the package for your system. If you're + using `csh' on an old version of System V, you might need to type + `sh ./configure' instead to prevent `csh' from trying to execute + `configure' itself. + + Running `configure' takes awhile. While running, it prints some + messages telling which features it is checking for. + + 2. Type `make' to compile the package. + + 3. Optionally, type `make check' to run any self-tests that come with + the package. + + 4. Type `make install' to install the programs and any data files and + documentation. + + 5. You can remove the program binaries and object files from the + source code directory by typing `make clean'. To also remove the + files that `configure' created (so you can compile the package for + a different kind of computer), type `make distclean'. There is + also a `make maintainer-clean' target, but that is intended mainly + for the package's developers. If you use it, you may have to get + all sorts of other programs in order to regenerate files that came + with the distribution. + +Compilers and Options +===================== + +Some systems require unusual options for compilation or linking that the +`configure' script does not know about. Run `./configure --help' for +details on some of the pertinent environment variables. + + You can give `configure' initial values for configuration parameters +by setting variables in the command line or in the environment. Here +is an example: + + ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix + + *Note Defining Variables::, for more details. + +Compiling For Multiple Architectures +==================================== + +You can compile the package for more than one kind of computer at the +same time, by placing the object files for each architecture in their +own directory. To do this, you must use a version of `make' that +supports the `VPATH' variable, such as GNU `make'. `cd' to the +directory where you want the object files and executables to go and run +the `configure' script. `configure' automatically checks for the +source code in the directory that `configure' is in and in `..'. + + If you have to use a `make' that does not support the `VPATH' +variable, you have to compile the package for one architecture at a +time in the source code directory. After you have installed the +package for one architecture, use `make distclean' before reconfiguring +for another architecture. + +Installation Names +================== + +By default, `make install' installs the package's commands under +`/usr/local/bin', include files under `/usr/local/include', etc. You +can specify an installation prefix other than `/usr/local' by giving +`configure' the option `--prefix=PREFIX'. + + You can specify separate installation prefixes for +architecture-specific files and architecture-independent files. If you +pass the option `--exec-prefix=PREFIX' to `configure', the package uses +PREFIX as the prefix for installing programs and libraries. +Documentation and other data files still use the regular prefix. + + In addition, if you use an unusual directory layout you can give +options like `--bindir=DIR' to specify different values for particular +kinds of files. Run `configure --help' for a list of the directories +you can set and what kinds of files go in them. + + If the package supports it, you can cause programs to be installed +with an extra prefix or suffix on their names by giving `configure' the +option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. + +Optional Features +================= + +Some packages pay attention to `--enable-FEATURE' options to +`configure', where FEATURE indicates an optional part of the package. +They may also pay attention to `--with-PACKAGE' options, where PACKAGE +is something like `gnu-as' or `x' (for the X Window System). The +`README' should mention any `--enable-' and `--with-' options that the +package recognizes. + + For packages that use the X Window System, `configure' can usually +find the X include and library files automatically, but if it doesn't, +you can use the `configure' options `--x-includes=DIR' and +`--x-libraries=DIR' to specify their locations. + +Specifying the System Type +========================== + +There may be some features `configure' cannot figure out automatically, +but needs to determine by the type of machine the package will run on. +Usually, assuming the package is built to be run on the _same_ +architectures, `configure' can figure that out, but if it prints a +message saying it cannot guess the machine type, give it the +`--build=TYPE' option. TYPE can either be a short name for the system +type, such as `sun4', or a canonical name which has the form: + + CPU-COMPANY-SYSTEM + +where SYSTEM can have one of these forms: + + OS KERNEL-OS + + See the file `config.sub' for the possible values of each field. If +`config.sub' isn't included in this package, then this package doesn't +need to know the machine type. + + If you are _building_ compiler tools for cross-compiling, you should +use the option `--target=TYPE' to select the type of system they will +produce code for. + + If you want to _use_ a cross compiler, that generates code for a +platform different from the build platform, you should specify the +"host" platform (i.e., that on which the generated programs will +eventually be run) with `--host=TYPE'. + +Sharing Defaults +================ + +If you want to set default values for `configure' scripts to share, you +can create a site shell script called `config.site' that gives default +values for variables like `CC', `cache_file', and `prefix'. +`configure' looks for `PREFIX/share/config.site' if it exists, then +`PREFIX/etc/config.site' if it exists. Or, you can set the +`CONFIG_SITE' environment variable to the location of the site script. +A warning: not all `configure' scripts look for a site script. + +Defining Variables +================== + +Variables not defined in a site shell script can be set in the +environment passed to `configure'. However, some packages may run +configure again during the build, and the customized values of these +variables may be lost. In order to avoid this problem, you should set +them in the `configure' command line, using `VAR=value'. For example: + + ./configure CC=/usr/local2/bin/gcc + +causes the specified `gcc' to be used as the C compiler (unless it is +overridden in the site shell script). Here is a another example: + + /bin/bash ./configure CONFIG_SHELL=/bin/bash + +Here the `CONFIG_SHELL=/bin/bash' operand causes subsequent +configuration-related scripts to be executed by `/bin/bash'. + +`configure' Invocation +====================== + +`configure' recognizes the following options to control how it operates. + +`--help' +`-h' + Print a summary of the options to `configure', and exit. + +`--version' +`-V' + Print the version of Autoconf used to generate the `configure' + script, and exit. + +`--cache-file=FILE' + Enable the cache: use and save the results of the tests in FILE, + traditionally `config.cache'. FILE defaults to `/dev/null' to + disable caching. + +`--config-cache' +`-C' + Alias for `--cache-file=config.cache'. + +`--quiet' +`--silent' +`-q' + Do not print messages saying which checks are being made. To + suppress all normal output, redirect it to `/dev/null' (any error + messages will still be shown). + +`--srcdir=DIR' + Look for the package's source code in directory DIR. Usually + `configure' can determine that directory automatically. + +`configure' also accepts some other, not widely useful, options. Run +`configure --help' for more details. + diff --git a/Make_global.am b/Make_global.am new file mode 100644 index 0000000..5c65103 --- /dev/null +++ b/Make_global.am @@ -0,0 +1,48 @@ +# This is _NOT_ the library release version, it's an API version. +# Please read Chapter 6 "Library interface versions" of the libtool +# documentation before making any modification +# http://sources.redhat.com/autobook/autobook/autobook_91.html +LIBVERSION = 1:0:0 + +AM_CPPFLAGS = $(kinclude_CFLAGS) $(all_includes) -I$(top_srcdir)/include \ + -I/usr/local/include + +# -Wconversion -> false warnings +# -Wcast-qual -> false warnings +# -Wpointer-arith -> we need it +# -Wunreachable-code -> fails with ntoh* + +if DISABLE_EXTRA_FLAGS +AM_CFLAGS = +else +AM_CFLAGS = -std=gnu99 \ + -Wall \ + -Wextra \ + -Waggregate-return \ + -Wbad-function-cast \ + -Wcast-align \ + -Wfloat-equal \ + -Winit-self \ + -Winline \ + -Wmissing-declarations \ + -Wmissing-format-attribute \ + -Wmissing-prototypes \ + -Wnested-externs \ + -Wold-style-definition \ + -Wpacked \ + -Wredundant-decls \ + -Wshadow \ + -Wsign-compare \ + -Wstrict-prototypes \ + -Wswitch-default \ + -Wundef \ + -Wwrite-strings \ + -Wno-missing-field-initializers \ + -Werror \ + -g -ggdb +endif + +if ! ENABLE_VERBOSE +AM_VERBOSE_CC = @echo " CC " $@; +AM_VERBOSE_CCLD = @echo " CCLD " $@; +endif diff --git a/Makefile.am b/Makefile.am new file mode 100644 index 0000000..f94689b --- /dev/null +++ b/Makefile.am @@ -0,0 +1,49 @@ +## Process this file with automake to produce Makefile.in + +include $(top_srcdir)/Make_global.am + +if ! WITH_KBUILDDIR +KBUILD_OUTPUT=/lib/modules/`uname -r`/build +else +KBUILD_OUTPUT=$(KBUILDDIR) +endif +if ! WITH_MAXSETS +IP_SET_MAX=256 +else +IP_SET_MAX=$(MAXSETS) +endif +if ENABLE_VERBOSE +V=1 +else +V=0 +endif + +SUBDIRS = lib src + +modules: + cd kernel; make -C $(KBUILD_OUTPUT) M=`pwd` V=$V IP_SET_MAX=$(IP_SET_MAX) modules + +modules_install: + cd kernel; make -C $(KBUILD_OUTPUT) M=`pwd` modules_install + +modules_clean: + cd kernel; make -C $(KBUILD_OUTPUT) M=`pwd` clean + +update_includes: + ./update ip_set.h + ./update ip_set_bitmap.h + ./update ip_set_hash.h + +tests: + cd tests; ./runtest.sh + +cleanup_dirs := . include/libipset lib src tests + +tidy: distclean + rm -rf .deps $(foreach dir,$(cleanup_dirs),$(wildcard $(dir)/*~)) + rm -rf aclocal.m4 autom4te.cache + rm -rf config.* configure depcomp install-sh libtool ltmain.sh + rm -rf Makefile Makefile.in */Makefile */Makefile.in + rm -rf missing stamp-h1 + +.PHONY: modules modules_instal modules_clean update_includes tests diff --git a/autogen.sh b/autogen.sh new file mode 100755 index 0000000..d65b0b7 --- /dev/null +++ b/autogen.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +run () +{ + echo "running: $*" + eval $* + + if test $? != 0 ; then + echo "error: while running '$*'" + exit 1 + fi +} + +run aclocal +run autoheader +run libtoolize -f +run automake -a +run autoconf diff --git a/configure.ac b/configure.ac new file mode 100644 index 0000000..cfffa99 --- /dev/null +++ b/configure.ac @@ -0,0 +1,76 @@ +dnl Boilerplate +AC_INIT([ipset], [5.0], [kadlec@blackhole.kfki.hu]) +AC_CANONICAL_SYSTEM +AC_CONFIG_HEADER([config.h]) +AM_INIT_AUTOMAKE([-Wall -Werror foreign]) + +dnl Shortcut: Linux supported alone +case $target in +*-*-linux*) ;; +*) AC_MSG_ERROR([Linux systems supported exclusively!]);; +esac + +dnl Additional arguments +dnl Kernel build directory or source tree +AC_ARG_WITH([kernel], + AS_HELP_STRING([--with-kernel=PATH], + [Path to kernel source/build directory]), + [KBUILDDOR="$withval";]) +AM_CONDITIONAL(WITH_KBUILDDIR, test "$KBUILDDIR" != "") +AC_SUBST(KBUILDDIR) + +dnl Maximal number of sets supported by the kernel, default 256 +AC_ARG_WITH([maxsets], + AS_HELP_STRING([--with-maxsets=256], + [Maximal numer of sets supported by the kernel]), + [MAXSETS="$withval";]) +AM_CONDITIONAL(WITH_MAXSETS, test "$MAXSETS" != "") +AC_SUBST(MAXSETS) + +dnl Verbose compiling +AC_ARG_ENABLE([verbose], + AS_HELP_STRING([--enable-verbose], + [Enable verbose mode at compiling/linking.]), + [case "${enableval}" in + yes) enable_verbose=yes ;; + no) enable_verbose=no ;; + *) AC_MSG_ERROR([bad value ${enableval} for --enable-verbose]) ;; + esac], [enable_verbose=no]) + +AM_CONDITIONAL([ENABLE_VERBOSE], [test "x$enable_verbose" = xyes]) + +dnl Disable extra warn flags +AC_ARG_ENABLE([extra-flags], + AS_HELP_STRING([--disable-extra-flags], + [Disable extra compiler warning flags.]), + [case "${enableval}" in + yes) extra_flags=yes ;; + no) extra_flags=no ;; + *) AC_MSG_ERROR([bad value ${enableval} for --disable-extra-flags]) ;; + esac], [extra_flags=yes]) + +AM_CONDITIONAL([DISABLE_EXTRA_FLAGS], [test "x$extra_flags" = xno]) + +dnl Checks for programs +AC_PROG_CC +AC_PROG_LIBTOOL +AC_PROG_INSTALL +AC_PROG_LN_S + +dnl Checks for libraries +AC_CHECK_LIB([mnl], [mnl_socket_open]) +if test x"${ac_cv_lib_mnl_mnl_socket_open}" = xno; then + AC_MSG_ERROR(libmnl not found) +fi + +dnl Checks for header files + +dnl Checks for typedefs, structures, and compiler characteristics. +AC_CHECK_TYPES([union nf_inet_addr],,,[#include +#include +#include ]) +dnl Checks for library functions. + +dnl Generate output +AC_CONFIG_FILES([Makefile lib/Makefile src/Makefile]) +AC_OUTPUT diff --git a/netlink.patch b/netlink.patch new file mode 100644 index 0000000..685cd23 --- /dev/null +++ b/netlink.patch @@ -0,0 +1,86 @@ +diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h +index 9f00da2..9f51ff6 100644 +--- a/include/linux/netfilter/nfnetlink.h ++++ b/include/linux/netfilter/nfnetlink.h +@@ -47,7 +47,8 @@ struct nfgenmsg { + #define NFNL_SUBSYS_QUEUE 3 + #define NFNL_SUBSYS_ULOG 4 + #define NFNL_SUBSYS_OSF 5 +-#define NFNL_SUBSYS_COUNT 6 ++#define NFNL_SUBSYS_IPSET 6 ++#define NFNL_SUBSYS_COUNT 7 + + #ifdef __KERNEL__ + +diff --git a/include/linux/netlink.h b/include/linux/netlink.h +index ab5d312..ef8b229 100644 +--- a/include/linux/netlink.h ++++ b/include/linux/netlink.h +@@ -263,11 +263,14 @@ __nlmsg_put(struct sk_buff *skb, u32 pid, u32 seq, int type, int len, int flags) + #define NLMSG_PUT(skb, pid, seq, type, len) \ + NLMSG_NEW(skb, pid, seq, type, len, 0) + +-extern int netlink_dump_start(struct sock *ssk, struct sk_buff *skb, +- const struct nlmsghdr *nlh, +- int (*dump)(struct sk_buff *skb, struct netlink_callback*), +- int (*done)(struct netlink_callback*)); +- ++extern int netlink_dump_init(struct sock *ssk, struct sk_buff *skb, ++ const struct nlmsghdr *nlh, ++ int (*dump)(struct sk_buff *skb, struct netlink_callback*), ++ int (*done)(struct netlink_callback*), ++ unsigned char init, ...); ++ ++#define netlink_dump_start(ssk, skb, nlh, dump, done) \ ++ netlink_dump_init(ssk, skb, nlh, dump, done, 0) + + #define NL_NONROOT_RECV 0x1 + #define NL_NONROOT_SEND 0x2 +diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c +index 19e9800..1b9dbe8 100644 +--- a/net/netlink/af_netlink.c ++++ b/net/netlink/af_netlink.c +@@ -1714,15 +1714,18 @@ errout: + return err; + } + +-int netlink_dump_start(struct sock *ssk, struct sk_buff *skb, +- const struct nlmsghdr *nlh, +- int (*dump)(struct sk_buff *skb, +- struct netlink_callback *), +- int (*done)(struct netlink_callback *)) ++int netlink_dump_init(struct sock *ssk, struct sk_buff *skb, ++ const struct nlmsghdr *nlh, ++ int (*dump)(struct sk_buff *skb, ++ struct netlink_callback *), ++ int (*done)(struct netlink_callback *), ++ unsigned char init, ...) + { + struct netlink_callback *cb; + struct sock *sk; + struct netlink_sock *nlk; ++ va_list args; ++ unsigned char i; + + cb = kzalloc(sizeof(*cb), GFP_KERNEL); + if (cb == NULL) +@@ -1748,6 +1751,10 @@ int netlink_dump_start(struct sock *ssk, struct sk_buff *skb, + sock_put(sk); + return -EBUSY; + } ++ va_start(args, init); ++ for (i = 0; i < init; i++) ++ cb->args[i] = va_arg(args, unsigned long); ++ va_end(args); + nlk->cb = cb; + mutex_unlock(nlk->cb_mutex); + +@@ -1759,7 +1766,7 @@ int netlink_dump_start(struct sock *ssk, struct sk_buff *skb, + */ + return -EINTR; + } +-EXPORT_SYMBOL(netlink_dump_start); ++EXPORT_SYMBOL(netlink_dump_init); + + void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err) + { diff --git a/tests/bitmap:ip.t b/tests/bitmap:ip.t new file mode 100644 index 0000000..b44f5c4 --- /dev/null +++ b/tests/bitmap:ip.t @@ -0,0 +1,151 @@ +# Range: Try to create from an invalid range with timeout +1 ipset create test bitmap:ip range 2.0.0.1-2.1.0.1 timeout 5 +# Range: Create a set from a valid range with timeout +0 ipset create test bitmap:ip range 2.0.0.1-2.1.0.0 timeout 5 +# Range: Add lower boundary +0 ipset add test 2.0.0.1 timeout 10 +# Range: Add upper boundary +0 ipset add test 2.1.0.0 timeout 0 +# Range: Test lower boundary +0 ipset test test 2.0.0.1 +# Range: Test upper boundary +0 ipset test test 2.1.0.0 +# Range: Test element not added to the set +1 ipset test test 2.0.0.2 +# Range: Test element before lower boundary +1 ipset test test 2.0.0.0 +# Range: Test element after upper boundary +1 ipset test test 2.1.0.1 +# Range: Try to add element before lower boundary +1 ipset add test 2.0.0.0 +# Range: Try to add element after upper boundary +1 ipset add test 2.1.0.1 +# Range: Delete element not added to the set +1 ipset -D test 2.0.0.2 +# Range: Delete element not added to the set, with exist flag +0 ipset -x -D test 2.0.0.2 +# Range: Add element in the middle +0 ipset -A test 2.0.0.128 +# Range: Add element in the middle again +1 ipset -A test 2.0.0.128 +# Range: Add element in the middle again, with exist flag +0 ipset -x -A test 2.0.0.128 +# Range: Delete the same element +0 ipset -D test 2.0.0.128 +# Range: Add a range of elements +0 ipset -A test 2.0.0.128-2.0.0.131 timeout 6 +# Range: List set +0 ipset list test > .foo +# Range: Check listing +0 grep '2.0.0.1 timeout' .foo >/dev/null +# Sleep 10s so that entries can time out +0 sleep 10s +# Range: List set after timeout +0 ipset list test > .foo +# Range: Check listing +0 diff .foo bitmap:ip.t.list0 && rm .foo +# Range: Flush test set +0 ipset flush test +# Range: Delete test set +0 ipset destroy test +# Network: Try to create a set from an invalid network with timeout +1 ipset create test bitmap:ip range 2.0.0.0/15 +# Network: Create a set from a valid network with timeout +0 ipset create test bitmap:ip range 2.0.0.0/16 timeout 5 +# Network: Add lower boundary +0 ipset add test 2.0.0.0 timeout 0 +# Network: Add upper boundary +0 ipset add test 2.0.255.255 timeout 10 +# Network: Test lower boundary +0 ipset test test 2.0.0.0 +# Network: Test upper boundary +0 ipset test test 2.0.255.255 +# Network: Test element not added to the set +1 ipset test test 2.0.0.1 +# Network: Test element before lower boundary +1 ipset test test 1.255.255.255 +# Network: Test element after upper boundary +1 ipset test test 2.1.0.0 +# Network: Try to add element before lower boundary +1 ipset add test 1.255.255.255 +# Network: Try to add element after upper boundary +1 ipset add test 2.1.0.0 +# Network: Delete element not added to the set +1 ipset -D test 2.0.0.2 +# Network: Add element in the middle +0 ipset -A test 2.0.0.128 timeout 20 +# Network: Delete the same element +0 ipset -D test 2.0.0.128 +# Network: List set +0 ipset list test > .foo +# Network: Check listing +0 grep '2.0.255.255 timeout' .foo >/dev/null +# Sleep 10s so that entries can time out +0 sleep 10s +# Network: List set +0 ipset list test > .foo +# Network: Check listing +0 diff .foo bitmap:ip.t.list1 && rm .foo +# Network: Flush test set +0 ipset flush test +# Network: Delete test set +0 ipset destroy test +# Subnets: Create a set to store networks with timeout +0 ipset create test bitmap:ip range 10.0.0.0/8 netmask 24 timeout 5 +# Subnets: Add lower boundary +0 ipset add test 10.0.0.0 timeout 10 +# Subnets: Add upper boundary +0 ipset add test 10.255.255.255 timeout 0 +# Subnets: Test lower boundary +0 ipset test test 10.0.0.255 +# Subnets: Test upper boundary +0 ipset test test 10.255.255.0 +# Subnets: Test element not added to the set +1 ipset test test 10.1.0.0 +# Subnets: Test element before lower boundary +1 ipset test test 9.255.255.255 +# Subnets: Test element after upper boundary +1 ipset test test 11.0.0.0 +# Subnets: Try to add element before lower boundary +1 ipset add test 9.255.255.255 +# Subnets: Try to add element after upper boundary +1 ipset add test 11.0.0.0 +# Subnets: Try to delete element not added to the set +1 ipset -D test 10.2.0.0 +# Subnets: Add element to the set +0 ipset -A test 10.2.0.0 +# Subnets: Delete the same element from the set +0 ipset -D test 10.2.0.0 +# Subnets: Add a subnet of subnets +0 ipset -A test 10.8.0.0/16 timeout 8 +# Subnets: Check listing +0 ipset list test | grep '10.0.0.0 timeout' >/dev/null +# Sleep 10s so that entries can time out +0 sleep 10s +# Subnets: List set +0 ipset list test > .foo +# Subnets: Check listing +0 diff .foo bitmap:ip.t.list2 && rm .foo +# Subnets: Flush test set +0 ipset flush test +# Subnets: Delete test set +0 ipset destroy test +# Full: Create full IPv4 space with /16 networks and timeout +0 ipset create test bitmap:ip range 0.0.0.0/0 netmask 16 timeout 5 +# Full: Add lower boundary +0 ipset add test 0.0.255.255 timeout 0 +# Full: Add upper boundary +0 ipset add test 255.255.0.0 timeout 0 +# Full: Test lower boundary +0 ipset test test 0.0.0.0 +# Full: Test upper boundary +0 ipset test test 255.255.255.255 +# Full: Test element not added to the set +1 ipset test test 0.1.0.0 +# Full: List set +0 ipset list test > .foo +# Full: Check listing +0 diff .foo bitmap:ip.t.list3 && rm .foo +# Full: Delete test set +0 ipset destroy test +# eof diff --git a/tests/bitmap:ip.t.list0 b/tests/bitmap:ip.t.list0 new file mode 100644 index 0000000..0be60c0 --- /dev/null +++ b/tests/bitmap:ip.t.list0 @@ -0,0 +1,9 @@ +Name: test +Type: bitmap:ip +Header: range 2.0.0.1-2.1.0.0 timeout 5 +Elements: 1 +Size in memory: 524288 +References: 0 +Members: +2.1.0.0 timeout 0 + diff --git a/tests/bitmap:ip.t.list1 b/tests/bitmap:ip.t.list1 new file mode 100644 index 0000000..02ccdaa --- /dev/null +++ b/tests/bitmap:ip.t.list1 @@ -0,0 +1,9 @@ +Name: test +Type: bitmap:ip +Header: range 2.0.0.0-2.0.255.255 timeout 5 +Elements: 1 +Size in memory: 524288 +References: 0 +Members: +2.0.0.0 timeout 0 + diff --git a/tests/bitmap:ip.t.list2 b/tests/bitmap:ip.t.list2 new file mode 100644 index 0000000..7b17999 --- /dev/null +++ b/tests/bitmap:ip.t.list2 @@ -0,0 +1,9 @@ +Name: test +Type: bitmap:ip +Header: range 10.0.0.0-10.255.255.255 netmask 24 timeout 5 +Elements: 1 +Size in memory: 524288 +References: 0 +Members: +10.255.255.0 timeout 0 + diff --git a/tests/bitmap:ip.t.list3 b/tests/bitmap:ip.t.list3 new file mode 100644 index 0000000..677bb2a --- /dev/null +++ b/tests/bitmap:ip.t.list3 @@ -0,0 +1,10 @@ +Name: test +Type: bitmap:ip +Header: range 0.0.0.0-255.255.255.255 netmask 16 timeout 5 +Elements: 2 +Size in memory: 524288 +References: 0 +Members: +0.0.0.0 timeout 0 +255.255.0.0 timeout 0 + diff --git a/tests/hash:ip.t b/tests/hash:ip.t new file mode 100644 index 0000000..de6b0df --- /dev/null +++ b/tests/hash:ip.t @@ -0,0 +1,79 @@ +# IP: Create a set with timeout +0 ipset -N test iphash --hashsize 128 timeout 5 +# Range: Add zero valued element +1 ipset -A test 0.0.0.0 +# Range: Test zero valued element +1 ipset -T test 0.0.0.0 +# IP: Add first random value +0 ipset -A test 2.0.0.1 timeout 5 +# IP: Add second random value +0 ipset -A test 192.168.68.69 timeout 0 +# IP: Test first random value +0 ipset -T test 2.0.0.1 +# IP: Test second random value +0 ipset -T test 192.168.68.69 +# IP: Test value not added to the set +1 ipset -T test 2.0.0.2 +# IP: Add third random value +0 ipset -A test 200.100.0.12 +# IP: Delete the same value +0 ipset -D test 200.100.0.12 +# Sleep 6s so that element can time out +0 sleep 6 +# IP: List set +0 ipset -L test 2>/dev/null > .foo0 && ./sort.sh .foo0 +# IP: Check listing +0 diff .foo hash:ip.t.list0 && rm .foo +# IP: Flush test set +0 ipset -F test +# IP: Delete test set +0 ipset -X test +# IP: Restore values so that rehashing is triggered +0 sed 's/hashsize 128/hashsize 128 timeout 6/' iphash.t.restore | ipset -R +# IP: Check that the values are restored +0 test `ipset -S test| grep add| wc -l` -eq 129 +# Sleep 8s so that elements can time out +0 sleep 8 +# IP: check that elements timed out +0 test `ipset -S test| grep add| wc -l` -eq 0 +# IP: Flush test set +0 ipset -F test +# IP: Delete test set +0 ipset -X test +# Network: Create a set with timeout +0 ipset -N test iphash --hashsize 128 --netmask 24 timeout 6 +# Network: Add zero valued element +1 ipset -A test 0.0.0.0 +# Network: Test zero valued element +1 ipset -T test 0.0.0.0 +# Network: Delete zero valued element +1 ipset -D test 0.0.0.0 +# Network: Add first random network +0 ipset -A test 2.0.0.1 +# Network: Add second random network +0 ipset -A test 192.168.68.69 +# Network: Test first random value +0 ipset -T test 2.0.0.255 +# Network: Test second random value +0 ipset -T test 192.168.68.95 +# Network: Test value not added to the set +1 ipset -T test 2.0.1.0 +# Network: List set +0 ipset -L test > .foo && grep '2.0.0.0 timeout' .foo >/dev/null && grep '192.168.68.0 timeout' .foo >/dev/null && rm .foo +# Network: Add third element +0 ipset -A test 200.100.10.1 timeout 0 +# Network: Add third random network +0 ipset -A test 200.100.0.12 +# Network: Delete the same network +0 ipset -D test 200.100.0.12 +# Sleep 6s so that elements can time out +0 sleep 6 +# Network: List set +0 ipset -L test > .foo +# Network: Check listing +0 diff .foo hash:ip.t.list1 && rm .foo +# Network: Flush test set +0 ipset -F test +# Network: Delete test set +0 ipset -X test +# eof diff --git a/tests/hash:ip.t.list0 b/tests/hash:ip.t.list0 new file mode 100644 index 0000000..cf2ecac --- /dev/null +++ b/tests/hash:ip.t.list0 @@ -0,0 +1,9 @@ +Name: test +Type: hash:ip +Header: hashsize 128 maxelem 65536 probes 4 resize 50 timeout 5 +Elements: 1 +Size in memory: 2048 +References: 0 +Members: +192.168.68.69 timeout 0 + diff --git a/tests/hash:ip.t.list1 b/tests/hash:ip.t.list1 new file mode 100644 index 0000000..c564ba0 --- /dev/null +++ b/tests/hash:ip.t.list1 @@ -0,0 +1,9 @@ +Name: test +Type: hash:ip +Header: hashsize 128 maxelem 65536 probes 4 resize 50 netmask 24 timeout 6 +Elements: 1 +Size in memory: 2048 +References: 0 +Members: +200.100.10.0 timeout 0 + diff --git a/tests/iphash.t.restore.old b/tests/iphash.t.restore.old new file mode 100644 index 0000000..fd915cc --- /dev/null +++ b/tests/iphash.t.restore.old @@ -0,0 +1,131 @@ +-N test iphash --hashsize 128 +-A test 10.0.0.0 +-A test 10.0.0.1 +-A test 10.0.0.10 +-A test 10.0.0.100 +-A test 10.0.0.101 +-A test 10.0.0.102 +-A test 10.0.0.103 +-A test 10.0.0.104 +-A test 10.0.0.105 +-A test 10.0.0.106 +-A test 10.0.0.107 +-A test 10.0.0.108 +-A test 10.0.0.109 +-A test 10.0.0.11 +-A test 10.0.0.110 +-A test 10.0.0.111 +-A test 10.0.0.112 +-A test 10.0.0.113 +-A test 10.0.0.114 +-A test 10.0.0.115 +-A test 10.0.0.116 +-A test 10.0.0.117 +-A test 10.0.0.118 +-A test 10.0.0.119 +-A test 10.0.0.12 +-A test 10.0.0.120 +-A test 10.0.0.121 +-A test 10.0.0.122 +-A test 10.0.0.123 +-A test 10.0.0.124 +-A test 10.0.0.125 +-A test 10.0.0.126 +-A test 10.0.0.127 +-A test 10.0.0.128 +-A test 10.0.0.13 +-A test 10.0.0.14 +-A test 10.0.0.15 +-A test 10.0.0.16 +-A test 10.0.0.17 +-A test 10.0.0.18 +-A test 10.0.0.19 +-A test 10.0.0.2 +-A test 10.0.0.20 +-A test 10.0.0.21 +-A test 10.0.0.22 +-A test 10.0.0.23 +-A test 10.0.0.24 +-A test 10.0.0.25 +-A test 10.0.0.26 +-A test 10.0.0.27 +-A test 10.0.0.28 +-A test 10.0.0.29 +-A test 10.0.0.3 +-A test 10.0.0.30 +-A test 10.0.0.31 +-A test 10.0.0.32 +-A test 10.0.0.33 +-A test 10.0.0.34 +-A test 10.0.0.35 +-A test 10.0.0.36 +-A test 10.0.0.37 +-A test 10.0.0.38 +-A test 10.0.0.39 +-A test 10.0.0.4 +-A test 10.0.0.40 +-A test 10.0.0.41 +-A test 10.0.0.42 +-A test 10.0.0.43 +-A test 10.0.0.44 +-A test 10.0.0.45 +-A test 10.0.0.46 +-A test 10.0.0.47 +-A test 10.0.0.48 +-A test 10.0.0.49 +-A test 10.0.0.5 +-A test 10.0.0.50 +-A test 10.0.0.51 +-A test 10.0.0.52 +-A test 10.0.0.53 +-A test 10.0.0.54 +-A test 10.0.0.55 +-A test 10.0.0.56 +-A test 10.0.0.57 +-A test 10.0.0.58 +-A test 10.0.0.59 +-A test 10.0.0.6 +-A test 10.0.0.60 +-A test 10.0.0.61 +-A test 10.0.0.62 +-A test 10.0.0.63 +-A test 10.0.0.64 +-A test 10.0.0.65 +-A test 10.0.0.66 +-A test 10.0.0.67 +-A test 10.0.0.68 +-A test 10.0.0.69 +-A test 10.0.0.7 +-A test 10.0.0.70 +-A test 10.0.0.71 +-A test 10.0.0.72 +-A test 10.0.0.73 +-A test 10.0.0.74 +-A test 10.0.0.75 +-A test 10.0.0.76 +-A test 10.0.0.77 +-A test 10.0.0.78 +-A test 10.0.0.79 +-A test 10.0.0.8 +-A test 10.0.0.80 +-A test 10.0.0.81 +-A test 10.0.0.82 +-A test 10.0.0.83 +-A test 10.0.0.84 +-A test 10.0.0.85 +-A test 10.0.0.86 +-A test 10.0.0.87 +-A test 10.0.0.88 +-A test 10.0.0.89 +-A test 10.0.0.9 +-A test 10.0.0.90 +-A test 10.0.0.91 +-A test 10.0.0.92 +-A test 10.0.0.93 +-A test 10.0.0.94 +-A test 10.0.0.95 +-A test 10.0.0.96 +-A test 10.0.0.97 +-A test 10.0.0.98 +-A test 10.0.0.99 +COMMIT diff --git a/tests/ipmap.t.list4 b/tests/ipmap.t.list4 new file mode 100644 index 0000000..f498ba9 --- /dev/null +++ b/tests/ipmap.t.list4 @@ -0,0 +1,10 @@ +Name: test +Type: bitmap:ip +Header: range 0.0.0.0-255.255.255.255 netmask 16 +Elements: 2 +Size in memory: 8192 +References: 0 +Members: +0.0.0.0 +255.255.0.0 + diff --git a/tests/macipmap.t.list2 b/tests/macipmap.t.list2 new file mode 100644 index 0000000..9d0413e --- /dev/null +++ b/tests/macipmap.t.list2 @@ -0,0 +1,9 @@ +Name: test +Type: bitmap:ip,mac +Header: range 2.0.0.1-2.1.0.0 timeout 10 +Elements: 1 +Size in memory: 1048576 +References: 0 +Members: +2.1.0.0 timeout 5 + diff --git a/tests/portmap.t.list2 b/tests/portmap.t.list2 new file mode 100644 index 0000000..66e06b8 --- /dev/null +++ b/tests/portmap.t.list2 @@ -0,0 +1,9 @@ +Name: test +Type: bitmap:port +Header: range 0-65535 timeout 8 +Elements: 1 +Size in memory: 524288 +References: 0 +Members: +65535 timeout 0 + diff --git a/update b/update new file mode 100755 index 0000000..494485c --- /dev/null +++ b/update @@ -0,0 +1,9 @@ +#!/bin/sh + +NAME=`echo $1 | sed 's/\.h//' | tr a-z A-Z` + +awk "BEGIN { userspace=1 } +/ifdef __KERNEL__/ { userspace = !userspace } +{ if (userspace == 1) print } +END { print \"#endif /* __${NAME}_H */\" }" \ + < kernel/include/linux/netfilter/$1 > include/libipset/linux_$1 -- cgit v1.2.3