1 ipset add test 9.255.255.255
# Subnets: Try to add element after upper boundary
1 ipset add test 11.0.0.0
-# Subnets: Try to delete element not added to the set
-1 ipset -D test 10.2.0.0
-# Subnets: Add element to the set
-0 ipset -A test 10.2.0.0
-# Subnets: Delete the same element from the set
+# Subnets: Try to delete element not added to the set
+1 ipset -D test 10.2.0.0
+# Subnets: Add element to the set
+0 ipset -A test 10.2.0.0
+# Subnets: Delete the same element from the set
0 ipset -D test 10.2.0.0
# Subnets: Add a subnet of subnets
0 ipset -A test 10.8.0.0/16 timeout 4
0 ipset x test
# Counters: require sendip
skip which sendip
-# Counters: create set
+# Counters: create set
0 ipset n test bitmap:ip range 10.255.0.0/16 counters
# Counters: add elemet with zero counters
0 ipset a test 10.255.255.64
0 ./check_counters test 10.255.255.64 5 $((5*40))
# Counters: destroy set
0 ipset x test
-# Counters and timeout: create set
+# Counters and timeout: create set
0 ipset n test bitmap:ip range 10.255.0.0/16 counters timeout 600
# Counters and timeout: add elemet with zero counters
0 ipset a test 10.255.255.64
Name: test
Type: bitmap:ip
-Header: range 2.0.0.1-2.1.0.0 timeout 5
+Header: range 2.0.0.1-2.1.0.0 timeout 5
Size in memory: 524408
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 2.0.0.0-2.0.255.255 timeout 5
+Header: range 2.0.0.0-2.0.255.255 timeout 5
Size in memory: 524408
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 10.0.0.0-10.255.255.255 netmask 24 timeout 5
+Header: range 10.0.0.0-10.255.255.255 netmask 24 timeout 5
Size in memory: 524408
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 0.0.0.0-255.255.255.255 netmask 16 timeout 5
+Header: range 0.0.0.0-255.255.255.255 netmask 16 timeout 5
Size in memory: 524408
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 2.0.0.1-2.1.0.0 timeout x
+Header: range 2.0.0.1-2.1.0.0 timeout x
Size in memory: 524408
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 2.0.0.0-2.0.255.255 timeout x
+Header: range 2.0.0.0-2.0.255.255 timeout x
Size in memory: 524408
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 10.0.0.0-10.255.255.255 netmask 24 timeout x
+Header: range 10.0.0.0-10.255.255.255 netmask 24 timeout x
Size in memory: 524408
References: 0
Members:
Name: test
Type: hash:ip,port,ip
-Header: family inet hashsize 1024 maxelem 65536 timeout x
+Header: family inet hashsize 1024 maxelem 65536 timeout x
Size in memory: 8720
References: 0
Members:
Name: test
Type: hash:ip,port,ip
-Header: family inet hashsize 1024 maxelem 65536 timeout 5
+Header: family inet hashsize 1024 maxelem 65536 timeout 5
Size in memory: 8304
References: 0
Members:
# Add a non-matching IP address entry
0 ipset -A test 2.2.2.2,80,1.1.1.1 nomatch
# Add an overlapping matching small net
-0 ipset -A test 2.2.2.2,80,1.1.1.0/30
+0 ipset -A test 2.2.2.2,80,1.1.1.0/30
# Add an overlapping non-matching larger net
0 ipset -A test 2.2.2.2,80,1.1.1.0/28 nomatch
# Add an even larger matching net
Name: test
Type: hash:ip,port,net
-Header: family inet hashsize 1024 maxelem 65536 timeout x
+Header: family inet hashsize 1024 maxelem 65536 timeout x
Size in memory: 8720
References: 0
Members:
Name: test
Type: hash:ip,port
-Header: family inet hashsize 1024 maxelem 65536 timeout x
+Header: family inet hashsize 1024 maxelem 65536 timeout x
Size in memory: 8592
References: 0
Members:
Name: test
Type: hash:ip,port
-Header: family inet hashsize 1024 maxelem 65536 timeout 5
+Header: family inet hashsize 1024 maxelem 65536 timeout 5
Size in memory: 8304
References: 0
Members:
Name: test
Type: hash:ip,port
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8432
References: 0
Members:
0 ipset x test
# Counters: require sendip
skip which sendip
-# Counters: create set
+# Counters: create set
0 ipset n test hash:ip counters
# Counters: add elemet with zero counters
0 ipset a test 10.255.255.64
0 ./check_counters test 10.255.255.64 5 $((5*40))
# Counters: destroy set
0 ipset x test
-# Counters and timeout: create set
+# Counters and timeout: create set
0 ipset n test hash:ip counters timeout 600
# Counters and timeout: add elemet with zero counters
0 ipset a test 10.255.255.64
Name: test
Type: hash:ip
-Header: family inet hashsize 128 maxelem 65536 timeout 5
+Header: family inet hashsize 128 maxelem 65536 timeout 5
Size in memory: 1208
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet hashsize 128 maxelem 65536 netmask 24 timeout 5
+Header: family inet hashsize 128 maxelem 65536 netmask 24 timeout 5
Size in memory: 1352
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet hashsize 128 maxelem 65536 timeout x
+Header: family inet hashsize 128 maxelem 65536 timeout x
Size in memory: 1280
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet hashsize 128 maxelem 65536 netmask 24 timeout x
+Header: family inet hashsize 128 maxelem 65536 netmask 24 timeout x
Size in memory: 1352
References: 0
Members:
Name: test
Type: hash:ip,port,ip
-Header: family inet6 hashsize 1024 maxelem 65536 timeout x
+Header: family inet6 hashsize 1024 maxelem 65536 timeout x
Size in memory: 9104
References: 0
Members:
Name: test
Type: hash:ip,port,ip
-Header: family inet6 hashsize 1024 maxelem 65536 timeout 5
+Header: family inet6 hashsize 1024 maxelem 65536 timeout 5
Size in memory: 8304
References: 0
Members:
# Add a non-matching IP address entry
0 ipset -A test 2:2:2::2,80,1:1:1::1 nomatch
# Add an overlapping matching small net
-0 ipset -A test 2:2:2::2,80,1:1:1::/124
+0 ipset -A test 2:2:2::2,80,1:1:1::/124
# Add an overlapping non-matching larger net
0 ipset -A test 2:2:2::2,80,1:1:1::/120 nomatch
# Add an even larger matching net
Name: test
Type: hash:ip,port,net
-Header: family inet6 hashsize 1024 maxelem 65536
+Header: family inet6 hashsize 1024 maxelem 65536
Size in memory: 9928
References: 0
Members:
Name: test
Type: hash:ip,port
-Header: family inet6 hashsize 1024 maxelem 65536 timeout x
+Header: family inet6 hashsize 1024 maxelem 65536 timeout x
Size in memory: 8848
References: 0
Members:
Name: test
Type: hash:ip,port
-Header: family inet6 hashsize 1024 maxelem 65536 timeout 5
+Header: family inet6 hashsize 1024 maxelem 65536 timeout 5
Size in memory: 8304
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet6 hashsize 128 maxelem 65536 timeout 5
+Header: family inet6 hashsize 128 maxelem 65536 timeout 5
Size in memory: 1240
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet6 hashsize 128 maxelem 65536 netmask 64 timeout 5
+Header: family inet6 hashsize 128 maxelem 65536 netmask 64 timeout 5
Size in memory: 1448
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet6 hashsize 128 maxelem 65536 timeout x
+Header: family inet6 hashsize 128 maxelem 65536 timeout x
Size in memory: 1344
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet6 hashsize 128 maxelem 65536 netmask 64 timeout x
+Header: family inet6 hashsize 128 maxelem 65536 netmask 64 timeout x
Size in memory: 1448
References: 0
Members:
Name: test
Type: hash:net,iface
-Header: family inet hashsize 128 maxelem 65536
+Header: family inet hashsize 128 maxelem 65536
Size in memory: 2928
References: 0
Members:
Name: test
Type: hash:net,iface
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 18512
References: 0
Members:
Name: test
Type: hash:net,iface
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 17168
References: 0
Members:
# Add a non-matching IP address entry
0 ipset -A test 1.1.1.1,80 nomatch
# Add an overlapping matching small net
-0 ipset -A test 1.1.1.0/30,80
+0 ipset -A test 1.1.1.0/30,80
# Add an overlapping non-matching larger net
0 ipset -A test 1.1.1.0/28,80 nomatch
# Add an even larger matching net
Name: test
Type: hash:net,port
-Header: family inet hashsize 128 maxelem 65536 timeout x
+Header: family inet hashsize 128 maxelem 65536 timeout x
Size in memory: 2072
References: 0
Members:
Name: test
Type: hash:net,port
-Header: family inet hashsize 128 maxelem 65536 timeout 5
+Header: family inet hashsize 128 maxelem 65536 timeout 5
Size in memory: 2000
References: 0
Members:
# Add a non-matching IP address entry
0 ipset -A test 1.1.1.1 nomatch
# Add an overlapping matching small net
-0 ipset -A test 1.1.1.0/30
+0 ipset -A test 1.1.1.0/30
# Add an overlapping non-matching larger net
0 ipset -A test 1.1.1.0/28 nomatch
# Add an even larger matching net
Name: test
Type: hash:net
-Header: family inet hashsize 128 maxelem 65536 timeout x
+Header: family inet hashsize 128 maxelem 65536 timeout x
Size in memory: 1672
References: 0
Members:
Name: test
Type: hash:net
-Header: family inet hashsize 128 maxelem 65536 timeout 5
+Header: family inet hashsize 128 maxelem 65536 timeout 5
Size in memory: 1672
References: 0
Members:
Name: test
Type: hash:net
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 17016
References: 0
Members:
# Add a non-matching IP address entry
0 ipset -A test 1:1:1::1,80 nomatch
# Add an overlapping matching small net
-0 ipset -A test 1:1:1::/124,80
+0 ipset -A test 1:1:1::/124,80
# Add an overlapping non-matching larger net
0 ipset -A test 1:1:1::/120,80 nomatch
# Add an even larger matching net
Name: test
Type: hash:net,port
-Header: family inet6 hashsize 128 maxelem 65536 timeout x
+Header: family inet6 hashsize 128 maxelem 65536 timeout x
Size in memory: 2328
References: 0
Members:
Name: test
Type: hash:net,port
-Header: family inet6 hashsize 128 maxelem 65536 timeout 5
+Header: family inet6 hashsize 128 maxelem 65536 timeout 5
Size in memory: 2328
References: 0
Members:
# Add a non-matching IP address entry
0 ipset -A test 1:1:1::1 nomatch
# Add an overlapping matching small net
-0 ipset -A test 1:1:1::/124
+0 ipset -A test 1:1:1::/124
# Add an overlapping non-matching larger net
0 ipset -A test 1:1:1::/120 nomatch
# Add an even larger matching net
Name: test
Type: hash:net
-Header: family inet6 hashsize 128 maxelem 65536 timeout x
+Header: family inet6 hashsize 128 maxelem 65536 timeout x
Size in memory: 2696
References: 0
Members:
Name: test
Type: hash:net
-Header: family inet6 hashsize 128 maxelem 65536 timeout 5
+Header: family inet6 hashsize 128 maxelem 65536 timeout 5
Size in memory: 2696
References: 0
Members:
-# IP: Create a set
-0 ipset -N test iphash --hashsize 128
+# IP: Create a set
+0 ipset -N test iphash --hashsize 128
# Range: Add zero valued element
1 ipset -A test 0.0.0.0
# Range: Test zero valued element
0 (sort iphash.t.large > .foo.2) && (cmp .foo.1 .foo.2)
# IP: Delete test set
0 ipset x test
-# Network: Create a set
+# Network: Create a set
0 ipset -N test iphash --hashsize 128 --netmask 24
# Network: Add zero valued element
1 ipset -A test 0.0.0.0
-create test hash:ip family inet hashsize 1024 maxelem 65536
+create test hash:ip family inet hashsize 1024 maxelem 65536
add test 10.10.0.0
add test 10.10.0.1
add test 10.10.0.2
Name: test
Type: hash:ip
-Header: family inet hashsize 128 maxelem 65536
+Header: family inet hashsize 128 maxelem 65536
Size in memory: 1184
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet hashsize 128 maxelem 65536 netmask 24
+Header: family inet hashsize 128 maxelem 65536 netmask 24
Size in memory: 1184
References: 0
Members:
# Range: Restore set and catch error
1 sed 's/2.0.0.131/222.0.0.131/' < ipmap.t.restore | ipset -R
# Range: Check returned error line number
-0 num=`grep 'in line' < .foo.err | sed 's/.* in line //' | cut -d : -f 1` && test $num -eq 6
+0 num=`grep 'in line' < .foo.err | sed 's/.* in line //' | cut -d : -f 1` && test $num -eq 6
# Range: Destroy set
0 ipset -X test
# Range: Restore set
Name: test
Type: bitmap:ip
-Header: range 2.0.0.1-2.1.0.0
+Header: range 2.0.0.1-2.1.0.0
Size in memory: 8232
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 2.0.0.1-2.1.0.0
+Header: range 2.0.0.1-2.1.0.0
Size in memory: 8232
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 2.0.0.0-2.0.255.255
+Header: range 2.0.0.0-2.0.255.255
Size in memory: 8232
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 10.0.0.0-10.255.255.255 netmask 24
+Header: range 10.0.0.0-10.255.255.255 netmask 24
Size in memory: 8232
References: 0
Members:
Name: test
Type: bitmap:ip
-Header: range 0.0.0.0-255.255.255.255 netmask 16
+Header: range 0.0.0.0-255.255.255.255 netmask 16
Size in memory: 8232
References: 0
Members:
Name: test
Type: hash:ip,port
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8464
References: 0
Members:
Name: test
Type: hash:ip,port
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8464
References: 0
Members:
Name: test
Type: hash:ip,port,ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8528
References: 0
Members:
Name: test
Type: hash:ip,port,ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8416
References: 0
Members:
# Add a non-matching IP address entry
0 ipset -A test 2.1.0.0,80,1.1.1.1 nomatch
# Add an overlapping matching small net
-0 ipset -A test 2.1.0.0,80,1.1.1.0/30
+0 ipset -A test 2.1.0.0,80,1.1.1.0/30
# Add an overlapping non-matching larger net
0 ipset -A test 2.1.0.0,80,1.1.1.0/28 nomatch
# Add an even larger matching net
Name: test
Type: hash:ip,port,net
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8776
References: 0
Members:
Name: test
Type: hash:ip,port,net
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8776
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 8352
References: 0
Members:
Name: test
Type: hash:ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 9048
References: 0
Members:
Name: test
Type: bitmap:ip,mac
-Header: range 2.0.0.1-2.1.0.0
+Header: range 2.0.0.1-2.1.0.0
Size in memory: 458864
References: 0
Members:
Name: test
Type: bitmap:ip,mac
-Header: range 2.0.0.0-2.0.255.255
+Header: range 2.0.0.0-2.0.255.255
Size in memory: 458864
References: 0
Members:
Name: test
Type: bitmap:ip,mac
-Header: range 2.0.0.1-2.1.0.0 timeout x
+Header: range 2.0.0.1-2.1.0.0 timeout x
Size in memory: 1048688
References: 0
Members:
Name: test
Type: bitmap:ip,mac
-Header: range 2.0.0.1-2.1.0.0 timeout x
+Header: range 2.0.0.1-2.1.0.0 timeout x
Size in memory: 1048688
References: 0
Members:
0 ipset test ipport 10.255.255.64,tcp:1025
# Check that 10.255.255.64,udp:1025 is not in ipport set
1 ipset test ipport 10.255.255.64,udp:1025
-# Send probe packet from 10.255.255.64,udp:1025
+# Send probe packet from 10.255.255.64,udp:1025
0 sendip -p ipv4 -id 127.0.0.1 -is 10.255.255.64 -p udp -ud 80 -us 1025 127.0.0.1
# Check that proper sets matched and target worked
0 ./check_klog.sh 10.255.255.64 udp 1025 ipport list
# Create set and rules to check --exist and --timeout flags of SET target
0 ./iptables.sh inet timeout
# Add 10.255.255.64,icmp:host-prohibited to the set
-0 ipset add test 10.255.255.64,icmp:host-prohibited
+0 ipset add test 10.255.255.64,icmp:host-prohibited
# Check that 10.255.255.64,icmp:3/10 is in ipport set
0 ipset test test 10.255.255.64,icmp:host-prohibited
# Sleep 3s so that entry can time out
0 ipset test ipport 1002:1002:1002:1002::64,tcp:1025
# Check that 1002:1002:1002:1002::64,udp:1025 is not in ipport set
1 ipset test ipport 1002:1002:1002:1002::64,udp:1025
-# Send probe packet from 1002:1002:1002:1002::64,udp:1025
+# Send probe packet from 1002:1002:1002:1002::64,udp:1025
0 sendip -p ipv6 -6d ::1 -6s 1002:1002:1002:1002::64 -p udp -ud 80 -us 1025 ::1
# Check that proper sets matched and target worked
0 ./check_klog.sh 1002:1002:1002:1002::64 udp 1025 ipport list
-# Create a set
-0 ipset -N test nethash --hashsize 128
+# Create a set
+0 ipset -N test nethash --hashsize 128
# Add zero valued element
1 ipset -A test 0.0.0.0/0
# Test zero valued element
# Add a non-matching IP address entry
0 ipset -A test 1.1.1.1 nomatch
# Add an overlapping matching small net
-0 ipset -A test 1.1.1.0/30
+0 ipset -A test 1.1.1.0/30
# Add an overlapping non-matching larger net
0 ipset -A test 1.1.1.0/28 nomatch
# Add an even larger matching net
Name: test
Type: hash:net
-Header: family inet hashsize 128 maxelem 65536
+Header: family inet hashsize 128 maxelem 65536
Size in memory: 1544
References: 0
Members:
Name: test
Type: bitmap:port
-Header: range 1-1024
+Header: range 1-1024
Size in memory: 152
References: 0
Members:
Name: test
Type: bitmap:port
-Header: range 0-65535
+Header: range 0-65535
Size in memory: 8216
References: 0
Members:
Name: test
Type: bitmap:port
-Header: range 0-65535 timeout 8
+Header: range 0-65535 timeout 8
Elements: 1
Size in memory: 524288
References: 0
Name: test
Type: bitmap:port
-Header: range 0-65535 timeout x
+Header: range 0-65535 timeout x
Size in memory: 524400
References: 0
Members:
Name: a
Type: hash:ip
-Header: family inet6 hashsize 1024 maxelem 65536
+Header: family inet6 hashsize 1024 maxelem 65536
Size in memory: 16704
References: 0
Members:
Name: b
Type: hash:ip
-Header: family inet6 hashsize 1024 maxelem 65536
+Header: family inet6 hashsize 1024 maxelem 65536
Size in memory: 16704
References: 0
Members:
-create priviledged-ports bitmap:port range 1-1023 timeout 0
+create priviledged-ports bitmap:port range 1-1023 timeout 0
add priviledged-ports 1 timeout 0
add priviledged-ports 2 timeout 0
add priviledged-ports 3 timeout 0
add priviledged-ports 1021 timeout 0
add priviledged-ports 1022 timeout 0
add priviledged-ports 1023 timeout 0
-create test-net bitmap:ip range 10.1.1.168-10.1.1.175 timeout 0
+create test-net bitmap:ip range 10.1.1.168-10.1.1.175 timeout 0
add test-net 10.1.1.168 timeout 0
add test-net 10.1.1.169 timeout 0
add test-net 10.1.1.170 timeout 0
add test-net 10.1.1.173 timeout 0
add test-net 10.1.1.174 timeout 0
add test-net 10.1.1.175 timeout 0
-create test-ports bitmap:port range 12770-19999 timeout 0
+create test-ports bitmap:port range 12770-19999 timeout 0
add test-ports 12770 timeout 0
add test-ports 12771 timeout 0
add test-ports 12772 timeout 0
add test-ports 12783 timeout 0
add test-ports 12784 timeout 0
add test-ports 19999 timeout 0
-create test-port bitmap:port range 29950-29950 timeout 0
+create test-port bitmap:port range 29950-29950 timeout 0
add test-port 29950 timeout 0
0 ipset x
# Counters: require sendip
skip which sendip >/dev/null
-# Counters: create set
+# Counters: create set
0 ipset n a hash:ip counters
-# Counters: create list set
+# Counters: create list set
0 ipset n test list:set counters
# Counters: add elemet with zero counters
0 ipset a a 10.255.255.64
0 ipset f
# Counters: destroy sets
0 ipset x
-# Counters and timeout: create set
+# Counters and timeout: create set
0 ipset n a hash:ip counters timeout 600
-# Counters and timeout: create list set
+# Counters and timeout: create list set
0 ipset n test list:set counters timeout 600
# Counters and timeout: add elemet with zero counters
0 ipset a a 10.255.255.64
Name: test
Type: list:set
-Header: size 8
+Header: size 8
Size in memory: 112
References: 0
Members:
Name: test
Type: list:set
-Header: size 8
+Header: size 8
Size in memory: 120
References: 0
Members:
Name: test
Type: list:set
-Header: size 8
+Header: size 8
Size in memory: 120
References: 0
Members:
Name: test
Type: list:set
-Header: size 8
+Header: size 8
Size in memory: 120
References: 0
Members:
Name: a
Type: hash:ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16504
References: 1
Members:
Name: b
Type: hash:ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16504
References: 0
Members:
Name: c
Type: hash:ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16504
References: 0
Members:
Name: d
Type: hash:ip
-Header: family inet hashsize 1024 maxelem 65536
+Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16504
References: 0
Members:
Name: test
Type: list:set
-Header: size 8
+Header: size 8
Size in memory: 112
References: 0
Members:
projects / ipset / commitdiff