[NETFILTER]: xt_owner: allow matching UID/GID ranges

};

};

struct xt_owner_match_info {

struct xt_owner_match_info {

	u_int32_t uid;

	u_int32_t uid_min, uid_max;

	u_int32_t gid;

	u_int32_t gid_min, gid_max;

	u_int8_t match, invert;

	u_int8_t match, invert;

};

};

 *

 *

 * (C) 2000 Marc Boucher <marc@mbsi.ca>

 * (C) 2000 Marc Boucher <marc@mbsi.ca>

 *

 *

 * Copyright © CC Computer Consultants GmbH, 2007

 * Copyright © CC Computer Consultants GmbH, 2007 - 2008

 * Contact: <jengelh@computergmbh.de>

 * <jengelh@computergmbh.de>

 *

 *

 * This program is free software; you can redistribute it and/or modify

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 2 as

 * it under the terms of the GNU General Public License version 2 as

		       (XT_OWNER_UID | XT_OWNER_GID)) == 0;

		       (XT_OWNER_UID | XT_OWNER_GID)) == 0;

	if (info->match & XT_OWNER_UID)

	if (info->match & XT_OWNER_UID)

		if ((filp->f_uid != info->uid) ^

		if ((filp->f_uid >= info->uid_min &&

		    !!(info->invert & XT_OWNER_UID))

		    filp->f_uid <= info->uid_max) ^

		    !(info->invert & XT_OWNER_UID))

			return false;

			return false;

	if (info->match & XT_OWNER_GID)

	if (info->match & XT_OWNER_GID)

		if ((filp->f_gid != info->gid) ^

		if ((filp->f_gid >= info->gid_min &&

		    !!(info->invert & XT_OWNER_GID))

		    filp->f_gid <= info->gid_max) ^

		    !(info->invert & XT_OWNER_GID))

			return false;

			return false;

	return true;

	return true;