From 2dfb973c0dcc6d22113e2370f461f1733035baaf Mon Sep 17 00:00:00 2001
From: Vytas Dauksa <vytas.dauksa@smoothwall.net>
Date: Tue, 17 Dec 2013 14:01:44 +0000
Subject: add markmask for hash:ip,mark data type

Introduce packet mark mask for hash:ip,mark data type. This allows to
set mark bit filter for the ip set.

Change-Id: Id8dd9ca7e64477c4f7b022a1d9c1a5b187f1c96e

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
---
 lib/data.c              | 7 +++++++
 lib/debug.c             | 1 +
 lib/errcode.c           | 2 ++
 lib/ipset_hash_ipmark.c | 9 +++++++--
 lib/print.c             | 1 +
 lib/session.c           | 4 ++++
 6 files changed, 22 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/data.c b/lib/data.c
index 1f74cd5..48ec98a 100644
--- a/lib/data.c
+++ b/lib/data.c
@@ -54,6 +54,7 @@ struct ipset_data {
 			uint8_t netmask;
 			uint32_t hashsize;
 			uint32_t maxelem;
+			uint32_t markmask;
 			uint32_t gc;
 			uint32_t size;
 			/* Filled out by kernel */
@@ -287,6 +288,9 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
 	case IPSET_OPT_MAXELEM:
 		data->create.maxelem = *(const uint32_t *) value;
 		break;
+	case IPSET_OPT_MARKMASK:
+		data->create.markmask = *(const uint32_t *) value;
+		break;
 	case IPSET_OPT_NETMASK:
 		data->create.netmask = *(const uint8_t *) value;
 		break;
@@ -467,6 +471,8 @@ ipset_data_get(const struct ipset_data *data, enum ipset_opt opt)
 		return &data->create.hashsize;
 	case IPSET_OPT_MAXELEM:
 		return &data->create.maxelem;
+	case IPSET_OPT_MARKMASK:
+		return &data->create.markmask;
 	case IPSET_OPT_NETMASK:
 		return &data->create.netmask;
 	case IPSET_OPT_PROBES:
@@ -561,6 +567,7 @@ ipset_data_sizeof(enum ipset_opt opt, uint8_t family)
 	case IPSET_OPT_GC:
 	case IPSET_OPT_HASHSIZE:
 	case IPSET_OPT_MAXELEM:
+	case IPSET_OPT_MARKMASK:
 	case IPSET_OPT_SIZE:
 	case IPSET_OPT_ELEMENTS:
 	case IPSET_OPT_REFERENCES:
diff --git a/lib/debug.c b/lib/debug.c
index 9a3c6b8..1240e22 100644
--- a/lib/debug.c
+++ b/lib/debug.c
@@ -38,6 +38,7 @@ static const struct ipset_attrname createattr2name[] = {
 	[IPSET_ATTR_GC]		= { .name = "GC" },
 	[IPSET_ATTR_HASHSIZE]	= { .name = "HASHSIZE" },
 	[IPSET_ATTR_MAXELEM]	= { .name = "MAXELEM" },
+	[IPSET_ATTR_MARKMASK]	= { .name = "MARKMASK" },
 	[IPSET_ATTR_NETMASK]	= { .name = "NETMASK" },
 	[IPSET_ATTR_PROBES]	= { .name = "PROBES" },
 	[IPSET_ATTR_RESIZE]	= { .name = "RESIZE" },
diff --git a/lib/errcode.c b/lib/errcode.c
index 160d9ad..86eeabd 100644
--- a/lib/errcode.c
+++ b/lib/errcode.c
@@ -38,6 +38,8 @@ static const struct ipset_errcode_table core_errcode_table[] = {
 	  "cannot create more." },
 	{ IPSET_ERR_INVALID_NETMASK, 0,
 	  "The value of the netmask parameter is invalid" },
+	{ IPSET_ERR_INVALID_MARKMASK, 0,
+	  "The value of the markmask parameter is invalid" },
 	{ IPSET_ERR_INVALID_FAMILY, 0,
 	  "Protocol family not supported by the set type" },
 
diff --git a/lib/ipset_hash_ipmark.c b/lib/ipset_hash_ipmark.c
index 6976371..fdea32f 100644
--- a/lib/ipset_hash_ipmark.c
+++ b/lib/ipset_hash_ipmark.c
@@ -26,6 +26,10 @@ static const struct ipset_arg hash_ipmark_create_args0[] = {
 	  .has_arg = IPSET_NO_ARG,		.opt = IPSET_OPT_FAMILY,
 	  .parse = ipset_parse_family,
 	},
+	{ .name = { "markmask", NULL },
+	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_MARKMASK,
+	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
+	},
 	{ .name = { "hashsize", NULL },
 	  .has_arg = IPSET_MANDATORY_ARG,	.opt = IPSET_OPT_HASHSIZE,
 	  .parse = ipset_parse_uint32,		.print = ipset_print_number,
@@ -92,7 +96,7 @@ static const struct ipset_arg hash_ipmark_add_args0[] = {
 
 static const char hash_ipmark_usage0[] =
 "create SETNAME hash:ip,mark\n"
-"		[family inet|inet6]\n"
+"		[family inet|inet6] [markmask VALUE]\n"
 "               [hashsize VALUE] [maxelem VALUE]\n"
 "               [timeout VALUE] [counters] [comment]\n"
 "add    SETNAME IP,MARK [timeout VALUE]\n"
@@ -138,7 +142,8 @@ static struct ipset_type ipset_hash_ipmark0 = {
 			| IPSET_FLAG(IPSET_OPT_MARK),
 	},
 	.full = {
-		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE)
+		[IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_MARKMASK)
+			| IPSET_FLAG(IPSET_OPT_HASHSIZE)
 			| IPSET_FLAG(IPSET_OPT_MAXELEM)
 			| IPSET_FLAG(IPSET_OPT_TIMEOUT)
 			| IPSET_FLAG(IPSET_OPT_COUNTERS)
diff --git a/lib/print.c b/lib/print.c
index 3c43443..8e2924e 100644
--- a/lib/print.c
+++ b/lib/print.c
@@ -893,6 +893,7 @@ ipset_print_data(char *buf, unsigned int len,
 	case IPSET_OPT_GC:
 	case IPSET_OPT_HASHSIZE:
 	case IPSET_OPT_MAXELEM:
+	case IPSET_OPT_MARKMASK:
 	case IPSET_OPT_NETMASK:
 	case IPSET_OPT_PROBES:
 	case IPSET_OPT_RESIZE:
diff --git a/lib/session.c b/lib/session.c
index cf65960..d2957a5 100644
--- a/lib/session.c
+++ b/lib/session.c
@@ -381,6 +381,10 @@ static const struct ipset_attr_policy create_attrs[] = {
 		.type = MNL_TYPE_U32,
 		.opt = IPSET_OPT_MAXELEM,
 	},
+	[IPSET_ATTR_MARKMASK] = {
+		.type = MNL_TYPE_U32,
+		.opt = IPSET_OPT_MARKMASK,
+	},
 	[IPSET_ATTR_NETMASK] = {
 		.type = MNL_TYPE_U8,
 		.opt = IPSET_OPT_NETMASK,
-- 
cgit v1.2.3