From 418a3a4f4d4e38abd1d691f81f2445590f02ecaf Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Mon, 30 May 2011 17:48:01 +0200 Subject: hash:net,iface type introduced The hash:net,iface type makes possible to store network address and interface name pairs in a set. It's mostly suitable for egress and ingress filtering. Examples: # ipset create test hash:net,iface # ipset add test 192.168.0.0/16,eth0 # ipset add test 192.168.0.0/24,eth1 --- lib/parse.c | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'lib/parse.c') diff --git a/lib/parse.c b/lib/parse.c index 091fc6d..3d2a12b 100644 --- a/lib/parse.c +++ b/lib/parse.c @@ -12,6 +12,7 @@ #include /* getaddrinfo */ #include /* getaddrinfo, AF_ */ #include /* ETH_ALEN */ +#include /* IFNAMSIZ */ #include /* IPPROTO_ */ #include /* D() */ @@ -1394,6 +1395,40 @@ ipset_parse_typename(struct ipset_session *session, return ipset_session_data_set(session, IPSET_OPT_TYPE, type); } +/** + * ipset_parse_iface - parse string as an interface name + * @session: session structure + * @opt: option kind of the data + * @str: string to parse + * + * Parse string as an interface name, optionally with 'physdev:' prefix. + * The value is stored in the data blob of the session. + * + * Returns 0 on success or a negative error code. + */ +int +ipset_parse_iface(struct ipset_session *session, + enum ipset_opt opt, const char *str) +{ + struct ipset_data *data; + int offset = 0, err = 0; + + assert(session); + assert(opt == IPSET_OPT_IFACE); + assert(str); + + data = ipset_session_data(session); + if (STREQ(str, "physdev:")) { + offset = 8; + err = ipset_data_set(data, IPSET_OPT_PHYSDEV, str); + } + if (strlen(str + offset) > IFNAMSIZ - 1) + return syntax_err("interface name '%s' is longer than %u characters", + str + offset, IFNAMSIZ - 1); + + return ipset_data_set(data, opt, str + offset); +} + /** * ipset_parse_output - parse output format name * @session: session structure -- cgit v1.2.3