From: Jozsef Kadlecsik Date: Wed, 31 Aug 2011 13:56:34 +0000 (+0200) Subject: Propagate "expose userspace-relevant parts in ip_set.h" to ipset source X-Git-Tag: v6.9~5 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=20a52295775126d1bd5740b6543d1ea8ea239b1b;p=ipset Propagate "expose userspace-relevant parts in ip_set.h" to ipset source With the header file restructuring, the ipset userspace enums IPSET_DIM_* clash with the kernel ones. In this patch the userspace is converted to use the kernel part enums and thus we got rid of userspace enums IPSET_DIM_*. --- diff --git a/include/libipset/linux_ip_set.h b/include/libipset/linux_ip_set.h index fb4b69e..b336d43 100644 --- a/include/libipset/linux_ip_set.h +++ b/include/libipset/linux_ip_set.h @@ -11,6 +11,8 @@ * published by the Free Software Foundation. */ +#include + /* The protocol version */ #define IPSET_PROTOCOL 6 @@ -168,4 +170,30 @@ enum ipset_adt { IPSET_CADT_MAX, }; +/* Sets are identified by an index in kernel space. Tweak with ip_set_id_t + * and IPSET_INVALID_ID if you want to increase the max number of sets. + */ +typedef __u16 ip_set_id_t; + +#define IPSET_INVALID_ID 65535 + +enum ip_set_dim { + IPSET_DIM_ZERO = 0, + IPSET_DIM_ONE, + IPSET_DIM_TWO, + IPSET_DIM_THREE, + /* Max dimension in elements. + * If changed, new revision of iptables match/target is required. + */ + IPSET_DIM_MAX = 6, +}; + +/* Option flags for kernel operations */ +enum ip_set_kopt { + IPSET_INV_MATCH = (1 << IPSET_DIM_ZERO), + IPSET_DIM_ONE_SRC = (1 << IPSET_DIM_ONE), + IPSET_DIM_TWO_SRC = (1 << IPSET_DIM_TWO), + IPSET_DIM_THREE_SRC = (1 << IPSET_DIM_THREE), +}; + #endif /* __IP_SET_H */ diff --git a/include/libipset/types.h b/include/libipset/types.h index d3a0b4c..d2801f1 100644 --- a/include/libipset/types.h +++ b/include/libipset/types.h @@ -24,13 +24,8 @@ * - AF_INET46: type supports both IPv4 and IPv6 */ -/* Set dimensions */ -enum { - IPSET_DIM_ONE, /* foo */ - IPSET_DIM_TWO, /* foo,bar */ - IPSET_DIM_THREE, /* foo,bar,fie */ - IPSET_DIM_MAX, -}; +/* The maximal type dimension userspace supports */ +#define IPSET_DIM_UMAX 3 /* Parser options */ enum { @@ -76,7 +71,7 @@ struct ipset_type { uint8_t dimension; /* elem dimension */ int8_t kernel_check; /* kernel check */ bool last_elem_optional; /* last element optional */ - struct ipset_elem elem[IPSET_DIM_MAX]; /* parse elem */ + struct ipset_elem elem[IPSET_DIM_UMAX]; /* parse elem */ ipset_parsefn compat_parse_elem; /* compatibility parser */ const struct ipset_arg *args[IPSET_CADT_MAX]; /* create/ADT args besides elem */ uint64_t mandatory[IPSET_CADT_MAX]; /* create/ADT mandatory flags */ diff --git a/lib/parse.c b/lib/parse.c index 2bb0601..1aaf072 100644 --- a/lib/parse.c +++ b/lib/parse.c @@ -1525,9 +1525,9 @@ ipset_call_parser(struct ipset_session *session, #define parse_elem(s, t, d, str) \ do { \ - if (!(t)->elem[d].parse) \ + if (!(t)->elem[d - 1].parse) \ goto internal; \ - ret = (t)->elem[d].parse(s, (t)->elem[d].opt, str); \ + ret = (t)->elem[d - 1].parse(s, (t)->elem[d - 1].opt, str); \ if (ret) \ goto out; \ } while (0) @@ -1582,7 +1582,7 @@ ipset_parse_elem(struct ipset_session *session, } else if (a != NULL) { if (type->compat_parse_elem) { ret = type->compat_parse_elem(session, - type->elem[IPSET_DIM_ONE].opt, + type->elem[IPSET_DIM_ONE - 1].opt, saved); goto out; } diff --git a/lib/print.c b/lib/print.c index 6452ab5..96c19a1 100644 --- a/lib/print.c +++ b/lib/print.c @@ -705,30 +705,30 @@ ipset_print_elem(char *buf, unsigned int len, if (!type) return -1; - size = type->elem[IPSET_DIM_ONE].print(buf, len, data, - type->elem[IPSET_DIM_ONE].opt, env); + size = type->elem[IPSET_DIM_ONE - 1].print(buf, len, data, + type->elem[IPSET_DIM_ONE - 1].opt, env); SNPRINTF_FAILURE(size, len, offset); - IF_D(ipset_data_test(data, type->elem[IPSET_DIM_TWO].opt), + IF_D(ipset_data_test(data, type->elem[IPSET_DIM_TWO - 1].opt), "print second elem"); if (type->dimension == IPSET_DIM_ONE || (type->last_elem_optional && - !ipset_data_test(data, type->elem[IPSET_DIM_TWO].opt))) + !ipset_data_test(data, type->elem[IPSET_DIM_TWO - 1].opt))) return offset; size = snprintf(buf + offset, len, IPSET_ELEM_SEPARATOR); SNPRINTF_FAILURE(size, len, offset); - size = type->elem[IPSET_DIM_TWO].print(buf + offset, len, data, - type->elem[IPSET_DIM_TWO].opt, env); + size = type->elem[IPSET_DIM_TWO - 1].print(buf + offset, len, data, + type->elem[IPSET_DIM_TWO - 1].opt, env); SNPRINTF_FAILURE(size, len, offset); if (type->dimension == IPSET_DIM_TWO || (type->last_elem_optional && - !ipset_data_test(data, type->elem[IPSET_DIM_THREE].opt))) + !ipset_data_test(data, type->elem[IPSET_DIM_THREE - 1].opt))) return offset; size = snprintf(buf + offset, len, IPSET_ELEM_SEPARATOR); SNPRINTF_FAILURE(size, len, offset); - size = type->elem[IPSET_DIM_THREE].print(buf + offset, len, data, - type->elem[IPSET_DIM_THREE].opt, env); + size = type->elem[IPSET_DIM_THREE - 1].print(buf + offset, len, data, + type->elem[IPSET_DIM_THREE - 1].opt, env); SNPRINTF_FAILURE(size, len, offset); return offset; diff --git a/src/ipset_bitmap_ip.c b/src/ipset_bitmap_ip.c index e73bc7c..89f3002 100644 --- a/src/ipset_bitmap_ip.c +++ b/src/ipset_bitmap_ip.c @@ -63,7 +63,7 @@ struct ipset_type ipset_bitmap_ip0 = { .family = AF_INET, .dimension = IPSET_DIM_ONE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip, .print = ipset_print_ip, .opt = IPSET_OPT_IP diff --git a/src/ipset_bitmap_ipmac.c b/src/ipset_bitmap_ipmac.c index f47f25d..f8f7495 100644 --- a/src/ipset_bitmap_ipmac.c +++ b/src/ipset_bitmap_ipmac.c @@ -61,12 +61,12 @@ struct ipset_type ipset_bitmap_ipmac0 = { .dimension = IPSET_DIM_TWO, .last_elem_optional = true, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_single_ip, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_ether, .print = ipset_print_ether, .opt = IPSET_OPT_ETHER diff --git a/src/ipset_bitmap_port.c b/src/ipset_bitmap_port.c index c8c6e1f..9acdf23 100644 --- a/src/ipset_bitmap_port.c +++ b/src/ipset_bitmap_port.c @@ -54,7 +54,7 @@ struct ipset_type ipset_bitmap_port0 = { .family = AF_UNSPEC, .dimension = IPSET_DIM_ONE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_tcp_port, .print = ipset_print_port, .opt = IPSET_OPT_PORT diff --git a/src/ipset_hash_ip.c b/src/ipset_hash_ip.c index 315804a..7be8e19 100644 --- a/src/ipset_hash_ip.c +++ b/src/ipset_hash_ip.c @@ -86,7 +86,7 @@ struct ipset_type ipset_hash_ip0 = { .family = AF_INET46, .dimension = IPSET_DIM_ONE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_single6, .print = ipset_print_ip, .opt = IPSET_OPT_IP diff --git a/src/ipset_hash_ipport.c b/src/ipset_hash_ipport.c index b5bd41b..3738aa4 100644 --- a/src/ipset_hash_ipport.c +++ b/src/ipset_hash_ipport.c @@ -92,12 +92,12 @@ struct ipset_type ipset_hash_ipport1 = { .family = AF_INET46, .dimension = IPSET_DIM_TWO, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_single6, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_proto_port, .print = ipset_print_proto_port, .opt = IPSET_OPT_PORT diff --git a/src/ipset_hash_ipportip.c b/src/ipset_hash_ipportip.c index b27cebf..9a2c44c 100644 --- a/src/ipset_hash_ipportip.c +++ b/src/ipset_hash_ipportip.c @@ -92,17 +92,17 @@ struct ipset_type ipset_hash_ipportip1 = { .family = AF_INET46, .dimension = IPSET_DIM_THREE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_single6, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_proto_port, .print = ipset_print_proto_port, .opt = IPSET_OPT_PORT }, - [IPSET_DIM_THREE] = { + [IPSET_DIM_THREE - 1] = { .parse = ipset_parse_single_ip, .print = ipset_print_ip, .opt = IPSET_OPT_IP2 diff --git a/src/ipset_hash_ipportnet.c b/src/ipset_hash_ipportnet.c index ecab191..b7415dc 100644 --- a/src/ipset_hash_ipportnet.c +++ b/src/ipset_hash_ipportnet.c @@ -93,17 +93,17 @@ struct ipset_type ipset_hash_ipportnet1 = { .family = AF_INET46, .dimension = IPSET_DIM_THREE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_single6, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_proto_port, .print = ipset_print_proto_port, .opt = IPSET_OPT_PORT }, - [IPSET_DIM_THREE] = { + [IPSET_DIM_THREE - 1] = { .parse = ipset_parse_ipnet, .print = ipset_print_ip, .opt = IPSET_OPT_IP2 @@ -183,17 +183,17 @@ struct ipset_type ipset_hash_ipportnet2 = { .family = AF_INET46, .dimension = IPSET_DIM_THREE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_single6, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_proto_port, .print = ipset_print_proto_port, .opt = IPSET_OPT_PORT }, - [IPSET_DIM_THREE] = { + [IPSET_DIM_THREE - 1] = { .parse = ipset_parse_ip4_net6, .print = ipset_print_ip, .opt = IPSET_OPT_IP2 diff --git a/src/ipset_hash_net.c b/src/ipset_hash_net.c index 665c398..587f891 100644 --- a/src/ipset_hash_net.c +++ b/src/ipset_hash_net.c @@ -76,7 +76,7 @@ struct ipset_type ipset_hash_net0 = { .family = AF_INET46, .dimension = IPSET_DIM_ONE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ipnet, .print = ipset_print_ip, .opt = IPSET_OPT_IP @@ -128,7 +128,7 @@ struct ipset_type ipset_hash_net1 = { .family = AF_INET46, .dimension = IPSET_DIM_ONE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_net6, .print = ipset_print_ip, .opt = IPSET_OPT_IP diff --git a/src/ipset_hash_netiface.c b/src/ipset_hash_netiface.c index 2fbe27d..d1f5f7e 100644 --- a/src/ipset_hash_netiface.c +++ b/src/ipset_hash_netiface.c @@ -69,12 +69,12 @@ struct ipset_type ipset_hash_netiface0 = { .family = AF_INET46, .dimension = IPSET_DIM_TWO, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_net6, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_iface, .print = ipset_print_iface, .opt = IPSET_OPT_IFACE diff --git a/src/ipset_hash_netport.c b/src/ipset_hash_netport.c index 480dd84..acf4a29 100644 --- a/src/ipset_hash_netport.c +++ b/src/ipset_hash_netport.c @@ -70,12 +70,12 @@ struct ipset_type ipset_hash_netport1 = { .family = AF_INET46, .dimension = IPSET_DIM_TWO, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ipnet, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_proto_port, .print = ipset_print_proto_port, .opt = IPSET_OPT_PORT @@ -144,12 +144,12 @@ struct ipset_type ipset_hash_netport2 = { .family = AF_INET46, .dimension = IPSET_DIM_TWO, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_ip4_net6, .print = ipset_print_ip, .opt = IPSET_OPT_IP }, - [IPSET_DIM_TWO] = { + [IPSET_DIM_TWO - 1] = { .parse = ipset_parse_proto_port, .print = ipset_print_proto_port, .opt = IPSET_OPT_PORT diff --git a/src/ipset_list_set.c b/src/ipset_list_set.c index f3fa6df..68616e8 100644 --- a/src/ipset_list_set.c +++ b/src/ipset_list_set.c @@ -53,7 +53,7 @@ struct ipset_type ipset_list_set0 = { .family = AF_UNSPEC, .dimension = IPSET_DIM_ONE, .elem = { - [IPSET_DIM_ONE] = { + [IPSET_DIM_ONE - 1] = { .parse = ipset_parse_setname, .print = ipset_print_name, .opt = IPSET_OPT_NAME