Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b66554cf authored by Jozsef Kadlecsik's avatar Jozsef Kadlecsik Committed by Patrick McHardy
Browse files

netfilter: ipset: add xt_action_param to the variant level kadt functions, ipset API change 



With the change the sets can use any parameter available for the match
and target extensions, like input/output interface. It's required for
the hash:net,iface set type.

Signed-off-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
parent e6146e86

include/linux/netfilter/ipset/ip_set.h

+5 −0
Original line number Diff line number Diff line
@@ -170,6 +170,7 @@ enum ipset_adt { 
#include <linux/ipv6.h>

#include <linux/netlink.h>

#include <linux/netfilter.h>

#include <linux/netfilter/x_tables.h>

#include <linux/vmalloc.h>

#include <net/netlink.h>
@@ -238,6 +239,7 @@ struct ip_set_type_variant { 
	 *			zero for no match/success to add/delete

	 *			positive for matching element */

	int (*kadt)(struct ip_set *set, const struct sk_buff * skb,

		    const struct xt_action_param *par,

		    enum ipset_adt adt, const struct ip_set_adt_opt *opt);



	/* Userspace: test/add/del entries
@@ -332,10 +334,13 @@ extern void ip_set_nfnl_put(ip_set_id_t index); 
/* API for iptables set match, and SET target */



extern int ip_set_add(ip_set_id_t id, const struct sk_buff *skb,

		      const struct xt_action_param *par,

		      const struct ip_set_adt_opt *opt);

extern int ip_set_del(ip_set_id_t id, const struct sk_buff *skb,

		      const struct xt_action_param *par,

		      const struct ip_set_adt_opt *opt);

extern int ip_set_test(ip_set_id_t id, const struct sk_buff *skb,

		       const struct xt_action_param *par,

		       const struct ip_set_adt_opt *opt);



/* Utility functions */

include/linux/netfilter/ipset/ip_set_ahash.h

+1 −0
Original line number Diff line number Diff line
@@ -599,6 +599,7 @@ nla_put_failure: 


static int

type_pf_kadt(struct ip_set *set, const struct sk_buff * skb,

	     const struct xt_action_param *par,

	     enum ipset_adt adt, const struct ip_set_adt_opt *opt);

static int

type_pf_uadt(struct ip_set *set, struct nlattr *tb[],

net/netfilter/ipset/ip_set_bitmap_ip.c

+1 −0
Original line number Diff line number Diff line
@@ -219,6 +219,7 @@ nla_put_failure: 


static int

bitmap_ip_kadt(struct ip_set *set, const struct sk_buff *skb,

	       const struct xt_action_param *par,

	       enum ipset_adt adt, const struct ip_set_adt_opt *opt)

{

	struct bitmap_ip *map = set->data;

net/netfilter/ipset/ip_set_bitmap_ipmac.c

+1 −0
Original line number Diff line number Diff line
@@ -338,6 +338,7 @@ nla_put_failure: 


static int

bitmap_ipmac_kadt(struct ip_set *set, const struct sk_buff *skb,

		  const struct xt_action_param *par,

		  enum ipset_adt adt, const struct ip_set_adt_opt *opt)

{

	struct bitmap_ipmac *map = set->data;

net/netfilter/ipset/ip_set_bitmap_port.c

+1 −0
Original line number Diff line number Diff line
@@ -208,6 +208,7 @@ nla_put_failure: 


static int

bitmap_port_kadt(struct ip_set *set, const struct sk_buff *skb,

		 const struct xt_action_param *par,

		 enum ipset_adt adt, const struct ip_set_adt_opt *opt)

{

	struct bitmap_port *map = set->data;