diff options
| author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2005-03-07 14:02:02 +0000 |
|---|---|---|
| committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2005-03-07 14:02:02 +0000 |
| commit | e2fdaf010723b476331232b6ebfb61a266c7862f (patch) | |
| tree | 7ed5e2e85d939448376a3c5bc89d6d844a9492fe | |
| parent | 6b08b0d31723e80a749aa26e5f2ae1374e45febe (diff) | |
This fixes rule deletion in CLUSTERIP in iptables (Pablo Neira)
| -rw-r--r-- | extensions/libipt_CLUSTERIP.c | 5 | ||||
| -rw-r--r-- | include/linux/netfilter_ipv4/ipt_CLUSTERIP.h | 37 |
2 files changed, 40 insertions, 2 deletions
diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c index e4ab918..d2bee97 100644 --- a/extensions/libipt_CLUSTERIP.c +++ b/extensions/libipt_CLUSTERIP.c @@ -7,6 +7,7 @@ #include <string.h> #include <stdlib.h> #include <getopt.h> +#include <stddef.h> #if defined(__GLIBC__) && __GLIBC__ == 2 #include <net/ethernet.h> @@ -16,7 +17,7 @@ #include <iptables.h> #include <linux/netfilter_ipv4/ip_tables.h> -#include <linux/netfilter_ipv4/ipt_CLUSTERIP.h> +#include "../include/linux/netfilter_ipv4/ipt_CLUSTERIP.h" static void help(void) @@ -242,7 +243,7 @@ static struct iptables_target clusterip = { .name = "CLUSTERIP", .version = IPTABLES_VERSION, .size = IPT_ALIGN(sizeof(struct ipt_clusterip_tgt_info)), - .userspacesize = IPT_ALIGN(sizeof(struct ipt_clusterip_tgt_info)), + .userspacesize = offsetof(struct ipt_clusterip_tgt_info, config), .help = &help, .init = &init, .parse = &parse, diff --git a/include/linux/netfilter_ipv4/ipt_CLUSTERIP.h b/include/linux/netfilter_ipv4/ipt_CLUSTERIP.h new file mode 100644 index 0000000..6f76060 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_CLUSTERIP.h @@ -0,0 +1,37 @@ +#ifndef _IPT_CLUSTERIP_H_target +#define _IPT_CLUSTERIP_H_target + +enum clusterip_hashmode { + CLUSTERIP_HASHMODE_SIP = 0, + CLUSTERIP_HASHMODE_SIP_SPT, + CLUSTERIP_HASHMODE_SIP_SPT_DPT, +}; + +#define CLUSTERIP_HASHMODE_MAX CLUSTERIP_HASHMODE_SIP_SPT_DPT + +#define CLUSTERIP_MAX_NODES 16 + +#define CLUSTERIP_FLAG_NEW 0x00000001 + +struct clusterip_config; + +struct ipt_clusterip_tgt_info { + + u_int32_t flags; + + /* only relevant for new ones */ + u_int8_t clustermac[6]; + u_int16_t num_total_nodes; + u_int16_t num_local_nodes; + u_int16_t local_nodes[CLUSTERIP_MAX_NODES]; + enum clusterip_hashmode hash_mode; + u_int32_t hash_initval; + +#ifdef KERNEL_64_USERSPACE_32 + u_int64_t config; +#else + struct clusterip_config *config; +#endif +}; + +#endif /*_IPT_CLUSTERIP_H_target*/ |