From a5994c8825512c04372e19226f9cb3f12816f9e5 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Mon, 16 Aug 2010 20:48:09 +0200 Subject: ipset-4.3 released Support of 2.6.35 kernels added. --- kernel/ChangeLog | 3 +++ kernel/ipt_SET.c | 28 +++++++++++++++++++++------- kernel/ipt_set.c | 27 +++++++++++++++++++++------ 3 files changed, 45 insertions(+), 13 deletions(-) (limited to 'kernel') diff --git a/kernel/ChangeLog b/kernel/ChangeLog index 1ad54cd..dd1db22 100644 --- a/kernel/ChangeLog +++ b/kernel/ChangeLog @@ -1,3 +1,6 @@ +4.3 + - Kernel 2.6.35 support added + 4.2 - nethash and ipportnethash types counted every entry twice which could produce bogus entries when listing/saving these types diff --git a/kernel/ipt_SET.c b/kernel/ipt_SET.c index 6009d64..952b5d9 100644 --- a/kernel/ipt_SET.c +++ b/kernel/ipt_SET.c @@ -64,9 +64,12 @@ target(struct sk_buff *skb, unsigned int hooknum, const struct xt_target *target, const void *targinfo) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) target(struct sk_buff *skb, const struct xt_target_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +target(struct sk_buff *skb, + const struct xt_action_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -91,6 +94,14 @@ target(struct sk_buff *skb, return XT_CONTINUE; } +#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) +#define CHECK_OK 1 +#define CHECK_FAIL 0 +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +#define CHECK_OK 0 +#define CHECK_FAIL -EINVAL +#endif + #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16) static int checkentry(const char *tablename, @@ -127,9 +138,12 @@ checkentry(const char *tablename, const struct xt_target *target, void *targinfo, unsigned int hook_mask) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) static bool checkentry(const struct xt_tgchk_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +static int +checkentry(const struct xt_tgchk_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -142,7 +156,7 @@ checkentry(const struct xt_tgchk_param *par) #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) if (targinfosize != IPT_ALIGN(sizeof(*info))) { DP("bad target info size %u", targinfosize); - return 0; + return CHECK_FAIL; } #endif @@ -151,7 +165,7 @@ checkentry(const struct xt_tgchk_param *par) if (index == IP_SET_INVALID_ID) { ip_set_printk("cannot find add_set index %u as target", info->add_set.index); - return 0; /* error */ + return CHECK_FAIL; /* error */ } } @@ -160,16 +174,16 @@ checkentry(const struct xt_tgchk_param *par) if (index == IP_SET_INVALID_ID) { ip_set_printk("cannot find del_set index %u as target", info->del_set.index); - return 0; /* error */ + return CHECK_FAIL; /* error */ } } if (info->add_set.flags[IP_SET_MAX_BINDINGS] != 0 || info->del_set.flags[IP_SET_MAX_BINDINGS] != 0) { ip_set_printk("That's nasty!"); - return 0; /* error */ + return CHECK_FAIL; /* error */ } - return 1; + return CHECK_OK; } #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) diff --git a/kernel/ipt_set.c b/kernel/ipt_set.c index 2f97cbb..3c661be 100644 --- a/kernel/ipt_set.c +++ b/kernel/ipt_set.c @@ -83,10 +83,14 @@ match(const struct sk_buff *skb, int offset, unsigned int protoff, bool *hotdrop) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) static bool match(const struct sk_buff *skb, const struct xt_match_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +static bool +match(const struct sk_buff *skb, + struct xt_action_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -100,6 +104,14 @@ match(const struct sk_buff *skb, info->match_set.flags[0] & IPSET_MATCH_INV); } +#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) +#define CHECK_OK 1 +#define CHECK_FAIL 0 +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +#define CHECK_OK 0 +#define CHECK_FAIL -EINVAL +#endif + #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16) static int checkentry(const char *tablename, @@ -136,9 +148,12 @@ checkentry(const char *tablename, const struct xt_match *match, void *matchinfo, unsigned int hook_mask) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) static bool checkentry(const struct xt_mtchk_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +static int +checkentry(const struct xt_mtchk_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -151,7 +166,7 @@ checkentry(const struct xt_mtchk_param *par) #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) { ip_set_printk("invalid matchsize %d", matchsize); - return 0; + return CHECK_FAIL; } #endif @@ -160,14 +175,14 @@ checkentry(const struct xt_mtchk_param *par) if (index == IP_SET_INVALID_ID) { ip_set_printk("Cannot find set indentified by id %u to match", info->match_set.index); - return 0; /* error */ + return CHECK_FAIL; /* error */ } if (info->match_set.flags[IP_SET_MAX_BINDINGS] != 0) { ip_set_printk("That's nasty!"); - return 0; /* error */ + return CHECK_FAIL; /* error */ } - return 1; + return CHECK_OK; } #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) -- cgit v1.2.3