From 541e328689042fb855ac22903996b67b57e1f15a Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Thu, 25 Aug 2011 11:17:33 +0200 Subject: ipset: use NFPROTO_ constants ipset is actually using NFPROTO values rather than AF (xt_set passes that along). --- src/ipset.c | 10 +++++----- src/ipset_bitmap_ip.c | 2 +- src/ipset_bitmap_ipmac.c | 2 +- src/ipset_bitmap_port.c | 2 +- src/ipset_hash_ip.c | 2 +- src/ipset_hash_ipport.c | 2 +- src/ipset_hash_ipportip.c | 2 +- src/ipset_hash_ipportnet.c | 4 ++-- src/ipset_hash_net.c | 4 ++-- src/ipset_hash_netiface.c | 2 +- src/ipset_hash_netport.c | 4 ++-- src/ipset_list_set.c | 2 +- 12 files changed, 19 insertions(+), 19 deletions(-) (limited to 'src') diff --git a/src/ipset.c b/src/ipset.c index 358befe..e835f06 100644 --- a/src/ipset.c +++ b/src/ipset.c @@ -324,9 +324,9 @@ static const char * session_family(void) { switch (ipset_data_family(ipset_session_data(session))) { - case AF_INET: + case NFPROTO_IPV4: return "inet"; - case AF_INET6: + case NFPROTO_IPV6: return "inet6"; default: return "unspec"; @@ -581,10 +581,10 @@ parse_commandline(int argc, char *argv[]) type->name, type->usage); if (type->usagefn) type->usagefn(); - if (type->family == AF_UNSPEC) + if (type->family == NFPROTO_UNSPEC) printf("\nType %s is family neutral.\n", type->name); - else if (type->family == AF_INET46) + else if (type->family == NFPROTO_IPSET_IPV46) printf("\nType %s supports INET " "and INET6.\n", type->name); @@ -592,7 +592,7 @@ parse_commandline(int argc, char *argv[]) printf("\nType %s supports family " "%s only.\n", type->name, - type->family == AF_INET + type->family == NFPROTO_IPV4 ? "INET" : "INET6"); } else { printf("\nSupported set types:\n"); diff --git a/src/ipset_bitmap_ip.c b/src/ipset_bitmap_ip.c index 89f3002..8b8220d 100644 --- a/src/ipset_bitmap_ip.c +++ b/src/ipset_bitmap_ip.c @@ -60,7 +60,7 @@ struct ipset_type ipset_bitmap_ip0 = { .name = "bitmap:ip", .alias = { "ipmap", NULL }, .revision = 0, - .family = AF_INET, + .family = NFPROTO_IPV4, .dimension = IPSET_DIM_ONE, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_bitmap_ipmac.c b/src/ipset_bitmap_ipmac.c index f8f7495..d822bf6 100644 --- a/src/ipset_bitmap_ipmac.c +++ b/src/ipset_bitmap_ipmac.c @@ -57,7 +57,7 @@ struct ipset_type ipset_bitmap_ipmac0 = { .name = "bitmap:ip,mac", .alias = { "macipmap", NULL }, .revision = 0, - .family = AF_INET, + .family = NFPROTO_IPV4, .dimension = IPSET_DIM_TWO, .last_elem_optional = true, .elem = { diff --git a/src/ipset_bitmap_port.c b/src/ipset_bitmap_port.c index 9acdf23..69be809 100644 --- a/src/ipset_bitmap_port.c +++ b/src/ipset_bitmap_port.c @@ -51,7 +51,7 @@ struct ipset_type ipset_bitmap_port0 = { .name = "bitmap:port", .alias = { "portmap", NULL }, .revision = 0, - .family = AF_UNSPEC, + .family = NFPROTO_UNSPEC, .dimension = IPSET_DIM_ONE, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_hash_ip.c b/src/ipset_hash_ip.c index 7be8e19..912b991 100644 --- a/src/ipset_hash_ip.c +++ b/src/ipset_hash_ip.c @@ -83,7 +83,7 @@ struct ipset_type ipset_hash_ip0 = { .name = "hash:ip", .alias = { "iphash", NULL }, .revision = 0, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_ONE, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_hash_ipport.c b/src/ipset_hash_ipport.c index 3738aa4..748e452 100644 --- a/src/ipset_hash_ipport.c +++ b/src/ipset_hash_ipport.c @@ -89,7 +89,7 @@ struct ipset_type ipset_hash_ipport1 = { .name = "hash:ip,port", .alias = { "ipporthash", NULL }, .revision = 1, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_TWO, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_hash_ipportip.c b/src/ipset_hash_ipportip.c index 9a2c44c..7c046a3 100644 --- a/src/ipset_hash_ipportip.c +++ b/src/ipset_hash_ipportip.c @@ -89,7 +89,7 @@ struct ipset_type ipset_hash_ipportip1 = { .name = "hash:ip,port,ip", .alias = { "ipportiphash", NULL }, .revision = 1, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_THREE, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_hash_ipportnet.c b/src/ipset_hash_ipportnet.c index b7415dc..c4cf97e 100644 --- a/src/ipset_hash_ipportnet.c +++ b/src/ipset_hash_ipportnet.c @@ -90,7 +90,7 @@ struct ipset_type ipset_hash_ipportnet1 = { .name = "hash:ip,port,net", .alias = { "ipportnethash", NULL }, .revision = 1, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_THREE, .elem = { [IPSET_DIM_ONE - 1] = { @@ -180,7 +180,7 @@ struct ipset_type ipset_hash_ipportnet2 = { .name = "hash:ip,port,net", .alias = { "ipportnethash", NULL }, .revision = 2, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_THREE, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_hash_net.c b/src/ipset_hash_net.c index 587f891..76269f0 100644 --- a/src/ipset_hash_net.c +++ b/src/ipset_hash_net.c @@ -73,7 +73,7 @@ struct ipset_type ipset_hash_net0 = { .name = "hash:net", .alias = { "nethash", NULL }, .revision = 0, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_ONE, .elem = { [IPSET_DIM_ONE - 1] = { @@ -125,7 +125,7 @@ struct ipset_type ipset_hash_net1 = { .name = "hash:net", .alias = { "nethash", NULL }, .revision = 1, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_ONE, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_hash_netiface.c b/src/ipset_hash_netiface.c index d1f5f7e..51d9cad 100644 --- a/src/ipset_hash_netiface.c +++ b/src/ipset_hash_netiface.c @@ -66,7 +66,7 @@ struct ipset_type ipset_hash_netiface0 = { .name = "hash:net,iface", .alias = { "netifacehash", NULL }, .revision = 0, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_TWO, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_hash_netport.c b/src/ipset_hash_netport.c index acf4a29..af6adf1 100644 --- a/src/ipset_hash_netport.c +++ b/src/ipset_hash_netport.c @@ -67,7 +67,7 @@ struct ipset_type ipset_hash_netport1 = { .name = "hash:net,port", .alias = { "netporthash", NULL }, .revision = 1, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_TWO, .elem = { [IPSET_DIM_ONE - 1] = { @@ -141,7 +141,7 @@ struct ipset_type ipset_hash_netport2 = { .name = "hash:net,port", .alias = { "netporthash", NULL }, .revision = 2, - .family = AF_INET46, + .family = NFPROTO_IPSET_IPV46, .dimension = IPSET_DIM_TWO, .elem = { [IPSET_DIM_ONE - 1] = { diff --git a/src/ipset_list_set.c b/src/ipset_list_set.c index 68616e8..d95290b 100644 --- a/src/ipset_list_set.c +++ b/src/ipset_list_set.c @@ -50,7 +50,7 @@ struct ipset_type ipset_list_set0 = { .name = "list:set", .alias = { "setlist", NULL }, .revision = 0, - .family = AF_UNSPEC, + .family = NFPROTO_UNSPEC, .dimension = IPSET_DIM_ONE, .elem = { [IPSET_DIM_ONE - 1] = { -- cgit v1.2.3 From 5fccd38bbf4892718e58f0b006aa6724aec4f7f8 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sun, 28 Aug 2011 19:13:47 +0200 Subject: build: move ipset_errcode into library The library cannot stand on its own: 19:13 seven:../ipset/lib > ldd -r .libs/libipset.so.1 linux-vdso.so.1 => (0x00007fff9a569000) libmnl.so.0 => /usr/lib64/libmnl.so.0 (0x00007fd42ae5c000) libc.so.6 => /lib64/libc.so.6 (0x00007fd42aaef000) /lib64/ld-linux-x86-64.so.2 (0x00007fd42b28d000) undefined symbol: ipset_errcode (.libs/libipset.so.1) Resolve this by moving ipset_errcode into the library. Reported-by: Arkadiusz Miskiewicz References: http://marc.info/?l=netfilter-devel&m=131435791514602&w=2 --- src/Makefile.am | 1 - src/errcode.c | 200 -------------------------------------------------------- 2 files changed, 201 deletions(-) delete mode 100644 src/errcode.c (limited to 'src') diff --git a/src/Makefile.am b/src/Makefile.am index f3047f0..8ba441d 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -2,7 +2,6 @@ include $(top_srcdir)/Make_global.am sbin_PROGRAMS = ipset ipset_SOURCES = ipset.c \ - errcode.c \ ipset_bitmap_ip.c \ ipset_bitmap_ipmac.c \ ipset_bitmap_port.c \ diff --git a/src/errcode.c b/src/errcode.c deleted file mode 100644 index 1ce5c00..0000000 --- a/src/errcode.c +++ /dev/null @@ -1,200 +0,0 @@ -/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ -#include /* assert */ -#include /* errno */ -#include /* strerror */ - -#include /* D() */ -#include /* ipset_data_get */ -#include /* ipset_err */ -#include /* struct ipset_type */ -#include /* STRNEQ */ -#include /* prototypes */ -#include /* bitmap specific errcodes */ -#include /* hash specific errcodes */ -#include /* list specific errcodes */ - -/* Core kernel error codes */ -static const struct ipset_errcode_table core_errcode_table[] = { - /* Generic error codes */ - { ENOENT, 0, - "The set with the given name does not exist" }, - { EMSGSIZE, 0, - "Kernel error received: message could not be created" }, - { IPSET_ERR_PROTOCOL, 0, - "Kernel error received: ipset protocol error" }, - - /* CREATE specific error codes */ - { EEXIST, IPSET_CMD_CREATE, - "Set cannot be created: set with the same name already exists" }, - { IPSET_ERR_FIND_TYPE, 0, - "Kernel error received: set type not supported" }, - { IPSET_ERR_MAX_SETS, 0, - "Kernel error received: maximal number of sets reached, " - "cannot create more." }, - { IPSET_ERR_INVALID_NETMASK, 0, - "The value of the netmask parameter is invalid" }, - { IPSET_ERR_INVALID_FAMILY, 0, - "Protocol family not supported by the set type" }, - - /* DESTROY specific error codes */ - { IPSET_ERR_BUSY, IPSET_CMD_DESTROY, - "Set cannot be destroyed: it is in use by a kernel component" }, - - /* FLUSH specific error codes */ - - /* RENAME specific error codes */ - { IPSET_ERR_EXIST_SETNAME2, IPSET_CMD_RENAME, - "Set cannot be renamed: a set with the new name already exists" }, - { IPSET_ERR_REFERENCED, IPSET_CMD_RENAME, - "Set cannot be renamed: it is in use by another system" }, - - /* SWAP specific error codes */ - { IPSET_ERR_EXIST_SETNAME2, IPSET_CMD_SWAP, - "Sets cannot be swapped: the second set does not exist" }, - { IPSET_ERR_TYPE_MISMATCH, IPSET_CMD_SWAP, - "The sets cannot be swapped: they type does not match" }, - - /* LIST/SAVE specific error codes */ - - /* Generic (CADT) error codes */ - { IPSET_ERR_INVALID_CIDR, 0, - "The value of the CIDR parameter of the IP address is invalid" }, - { IPSET_ERR_TIMEOUT, 0, - "Timeout cannot be used: set was created without timeout support" }, - { IPSET_ERR_IPADDR_IPV4, 0, - "An IPv4 address is expected, but not received" }, - { IPSET_ERR_IPADDR_IPV6, 0, - "An IPv6 address is expected, but not received" }, - - /* ADD specific error codes */ - { IPSET_ERR_EXIST, IPSET_CMD_ADD, - "Element cannot be added to the set: it's already added" }, - - /* DEL specific error codes */ - { IPSET_ERR_EXIST, IPSET_CMD_DEL, - "Element cannot be deleted from the set: it's not added" }, - - /* TEST specific error codes */ - - /* HEADER specific error codes */ - - /* TYPE specific error codes */ - { EEXIST, IPSET_CMD_TYPE, - "Kernel error received: set type does not supported" }, - - /* PROTOCOL specific error codes */ - - { }, -}; - -/* Bitmap type-specific error codes */ -static const struct ipset_errcode_table bitmap_errcode_table[] = { - /* Generic (CADT) error codes */ - { IPSET_ERR_BITMAP_RANGE, 0, - "Element is out of the range of the set" }, - { IPSET_ERR_BITMAP_RANGE_SIZE, IPSET_CMD_CREATE, - "The range you specified exceeds the size limit of the set type" }, - { }, -}; - -/* Hash type-specific error codes */ -static const struct ipset_errcode_table hash_errcode_table[] = { - /* Generic (CADT) error codes */ - { IPSET_ERR_HASH_FULL, 0, - "Hash is full, cannot add more elements" }, - { IPSET_ERR_HASH_ELEM, 0, - "Null-valued element, cannot be stored in a hash type of set" }, - { IPSET_ERR_INVALID_PROTO, 0, - "Invalid protocol specified" }, - { IPSET_ERR_MISSING_PROTO, 0, - "Protocol missing, but must be specified" }, - { IPSET_ERR_HASH_RANGE_UNSUPPORTED, 0, - "Range is not supported in the \"net\" component of the element" }, - { IPSET_ERR_HASH_RANGE, 0, - "Invalid range, covers the whole address space" }, - { }, -}; - -/* List type-specific error codes */ -static const struct ipset_errcode_table list_errcode_table[] = { - /* Generic (CADT) error codes */ - { IPSET_ERR_NAME, 0, - "Set to be added/deleted/tested as element does not exist." }, - { IPSET_ERR_LOOP, 0, - "Sets with list:set type cannot be added to the set." }, - { IPSET_ERR_BEFORE, 0, - "No reference set specified." }, - { IPSET_ERR_NAMEREF, 0, - "The set to which you referred with 'before' or 'after' " - "does not exist." }, - { IPSET_ERR_LIST_FULL, 0, - "The set is full, more elements cannot be added." }, - { IPSET_ERR_REF_EXIST, 0, - "The set to which you referred with 'before' or 'after' " - "is not added to the set." }, - { }, -}; - -#define MATCH_TYPENAME(a, b) STRNEQ(a, b, strlen(b)) - -/** - * ipset_errcode - interpret a kernel error code - * @session: session structure - * @errcode: errcode - * - * Find the error code and print the appropriate - * error message into the error buffer. - * - * Returns -1. - */ -int -ipset_errcode(struct ipset_session *session, enum ipset_cmd cmd, int errcode) -{ - const struct ipset_errcode_table *table = core_errcode_table; - int i, generic; - - if (errcode >= IPSET_ERR_TYPE_SPECIFIC) { - const struct ipset_type *type; - - type = ipset_saved_type(session); - if (type) { - if (MATCH_TYPENAME(type->name, "bitmap:")) - table = bitmap_errcode_table; - else if (MATCH_TYPENAME(type->name, "hash:")) - table = hash_errcode_table; - else if (MATCH_TYPENAME(type->name, "list:")) - table = list_errcode_table; - } - } - -retry: - for (i = 0, generic = -1; table[i].errcode; i++) { - if (table[i].errcode == errcode && - (table[i].cmd == cmd || table[i].cmd == 0)) { - if (table[i].cmd == 0) { - generic = i; - continue; - } - return ipset_err(session, table[i].message); - } - } - if (generic != -1) - return ipset_err(session, table[generic].message); - /* Fall back to the core table */ - if (table != core_errcode_table) { - table = core_errcode_table; - goto retry; - } - if (errcode < IPSET_ERR_PRIVATE) - return ipset_err(session, "Kernel error received: %s", - strerror(errcode)); - else - return ipset_err(session, - "Undecoded error %u received from kernel", - errcode); -} -- cgit v1.2.3