From 418a3a4f4d4e38abd1d691f81f2445590f02ecaf Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Mon, 30 May 2011 17:48:01 +0200
Subject: hash:net,iface type introduced

The hash:net,iface type makes possible to store network address and
interface name pairs in a set. It's mostly suitable for egress
and ingress filtering. Examples:

	# ipset create test hash:net,iface
	# ipset add test 192.168.0.0/16,eth0
	# ipset add test 192.168.0.0/24,eth1
---
 lib/session.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'lib/session.c')

diff --git a/lib/session.c b/lib/session.c
index c03ed5d..93d33ff 100644
--- a/lib/session.c
+++ b/lib/session.c
@@ -13,6 +13,7 @@
 #include <string.h>				/* str* */
 #include <unistd.h>				/* getpagesize */
 #include <net/ethernet.h>			/* ETH_ALEN */
+#include <net/if.h>				/* IFNAMSIZ */
 
 #include <libipset/debug.h>			/* D() */
 #include <libipset/data.h>			/* IPSET_OPT_* */
@@ -473,6 +474,11 @@ static const struct ipset_attr_policy adt_attrs[] = {
 		.type = MNL_TYPE_NESTED,
 		.opt = IPSET_OPT_IP2_TO,
 	},
+	[IPSET_ATTR_IFACE] = {
+		.type = MNL_TYPE_NUL_STRING,
+		.opt = IPSET_OPT_IFACE,
+		.len  = IFNAMSIZ,
+	},
 };
 
 static const struct ipset_attr_policy ipaddr_attrs[] = {
-- 
cgit v1.2.3