summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--Makefile2
-rw-r--r--ipset.h23
-rw-r--r--ipset_iphash.c4
-rw-r--r--ipset_ipmap.c4
-rw-r--r--ipset_ipporthash.c4
-rw-r--r--ipset_ipportiphash.c4
-rw-r--r--ipset_ipportnethash.c4
-rw-r--r--ipset_iptree.c4
-rw-r--r--ipset_iptreemap.c4
-rw-r--r--ipset_macipmap.c10
-rw-r--r--ipset_nethash.c4
-rw-r--r--ipset_portmap.c4
-rw-r--r--ipset_setlist.c4
-rw-r--r--kernel/ChangeLog6
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set.h32
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h8
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_compat.h1
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_hashes.h16
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h2
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h4
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_portmap.h2
-rw-r--r--kernel/ip_set.c71
-rw-r--r--kernel/ip_set_ipportnethash.c2
-rw-r--r--kernel/ip_set_iptree.c8
-rw-r--r--kernel/ip_set_iptreemap.c4
-rw-r--r--kernel/ip_set_macipmap.c16
-rw-r--r--kernel/ip_set_nethash.c2
-rw-r--r--kernel/ip_set_setlist.c8
-rwxr-xr-xtests/runtest.sh10
30 files changed, 143 insertions, 129 deletions
diff --git a/ChangeLog b/ChangeLog
index 7992f81..228925a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+3.0
+ - New kernel-userspace protocol release
+ - Bigendian and 64/32bit fixes (Stefan Gula, bugzilla id 593)
+ - tests/runtests.sh changed to support old bash shells
+
2.5.0
- On parisc architecture cast increases required aligment (bugzilla
id 582), fixed.
diff --git a/Makefile b/Makefile
index c55226d..c3d8385 100644
--- a/Makefile
+++ b/Makefile
@@ -20,7 +20,7 @@ ifndef V
V=0
endif
-IPSET_VERSION:=2.5.0
+IPSET_VERSION:=3.0
PREFIX:=/usr/local
LIBDIR:=$(PREFIX)/lib
diff --git a/ipset.h b/ipset.h
index 2596dfa..e47a480 100644
--- a/ipset.h
+++ b/ipset.h
@@ -95,7 +95,7 @@ struct settype {
*/
/* Size of create data. Will be sent to kernel */
- size_t create_size;
+ u_int32_t create_size;
/* Initialize the create. */
void (*create_init) (void *data);
@@ -115,7 +115,7 @@ struct settype {
*/
/* Size of data. Will be sent to kernel */
- size_t adt_size;
+ u_int32_t adt_size;
/* Function which parses command options */
ip_set_ip_t (*adt_parser) (int cmd, const char *optarg, void *data);
@@ -125,7 +125,7 @@ struct settype {
*/
/* Size of header. */
- size_t header_size;
+ u_int32_t header_size;
/* Initialize the type-header */
void (*initheader) (struct set *set, const void *data);
@@ -134,16 +134,16 @@ struct settype {
void (*printheader) (struct set *set, unsigned options);
/* Pretty print all IPs */
- void (*printips) (struct set *set, void *data, size_t len, unsigned options);
+ void (*printips) (struct set *set, void *data, u_int32_t len, unsigned options);
/* Pretty print all IPs sorted */
- void (*printips_sorted) (struct set *set, void *data, size_t len, unsigned options);
+ void (*printips_sorted) (struct set *set, void *data, u_int32_t len, unsigned options);
/* Print save arguments for creating the set */
void (*saveheader) (struct set *set, unsigned options);
/* Print save for all IPs */
- void (*saveips) (struct set *set, void *data, size_t len, unsigned options);
+ void (*saveips) (struct set *set, void *data, u_int32_t len, unsigned options);
/* Conver a single IP (binding) to string */
char * (*bindip_tostring)(struct set *set, ip_set_ip_t ip, unsigned options);
@@ -189,10 +189,13 @@ extern struct set *set_find_byid(ip_set_id_t id);
extern unsigned warn_once;
-#define BITSPERBYTE (8*sizeof(char))
-#define ID2BYTE(id) ((id)/BITSPERBYTE)
-#define ID2MASK(id) (1 << ((id)%BITSPERBYTE))
-#define test_bit(id, heap) ((((char *)(heap))[ID2BYTE(id)] & ID2MASK(id)) != 0)
+#define BITS_PER_LONG (8*sizeof(unsigned long))
+#define BIT_WORD(nr) ((nr) / BITS_PER_LONG)
+
+static inline int test_bit(int nr, const unsigned long *addr)
+{
+ return 1UL & (addr[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG-1)));
+}
#define UNUSED __attribute__ ((unused))
#define CONSTRUCTOR(module) \
diff --git a/ipset_iphash.c b/ipset_iphash.c
index edc22fb..dc9c89b 100644
--- a/ipset_iphash.c
+++ b/ipset_iphash.c
@@ -192,7 +192,7 @@ printheader(struct set *set, unsigned options UNUSED)
}
static void
-printips(struct set *set UNUSED, void *data, size_t len, unsigned options)
+printips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
@@ -221,7 +221,7 @@ saveheader(struct set *set, unsigned options UNUSED)
/* Print save for an IP */
static void
-saveips(struct set *set UNUSED, void *data, size_t len, unsigned options)
+saveips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
diff --git a/ipset_ipmap.c b/ipset_ipmap.c
index fed93d9..287b057 100644
--- a/ipset_ipmap.c
+++ b/ipset_ipmap.c
@@ -248,7 +248,7 @@ printheader(struct set *set, unsigned options)
static void
printips_sorted(struct set *set, void *data,
- size_t len UNUSED, unsigned options)
+ u_int32_t len UNUSED, unsigned options)
{
struct ip_set_ipmap *mysetdata = set->settype->header;
ip_set_ip_t id;
@@ -279,7 +279,7 @@ saveheader(struct set *set, unsigned options)
}
static void
-saveips(struct set *set, void *data, size_t len UNUSED, unsigned options)
+saveips(struct set *set, void *data, u_int32_t len UNUSED, unsigned options)
{
struct ip_set_ipmap *mysetdata = set->settype->header;
ip_set_ip_t id;
diff --git a/ipset_ipporthash.c b/ipset_ipporthash.c
index fa816c9..0073988 100644
--- a/ipset_ipporthash.c
+++ b/ipset_ipporthash.c
@@ -248,7 +248,7 @@ printheader(struct set *set, unsigned options)
}
static void
-printips(struct set *set, void *data, size_t len, unsigned options)
+printips(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_ipporthash *mysetdata = set->settype->header;
size_t offset = 0;
@@ -284,7 +284,7 @@ saveheader(struct set *set, unsigned options)
/* Print save for an IP */
static void
-saveips(struct set *set, void *data, size_t len, unsigned options)
+saveips(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_ipporthash *mysetdata = set->settype->header;
size_t offset = 0;
diff --git a/ipset_ipportiphash.c b/ipset_ipportiphash.c
index f445d73..22a92ef 100644
--- a/ipset_ipportiphash.c
+++ b/ipset_ipportiphash.c
@@ -253,7 +253,7 @@ printheader(struct set *set, unsigned options)
}
static void
-printips(struct set *set, void *data, size_t len, unsigned options)
+printips(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_ipportiphash *mysetdata = set->settype->header;
size_t offset = 0;
@@ -292,7 +292,7 @@ saveheader(struct set *set, unsigned options)
/* Print save for an IP */
static void
-saveips(struct set *set, void *data, size_t len, unsigned options)
+saveips(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_ipportiphash *mysetdata = set->settype->header;
size_t offset = 0;
diff --git a/ipset_ipportnethash.c b/ipset_ipportnethash.c
index 9184007..a029343 100644
--- a/ipset_ipportnethash.c
+++ b/ipset_ipportnethash.c
@@ -318,7 +318,7 @@ unpack_ip_tostring(ip_set_ip_t ip, unsigned options UNUSED)
}
static void
-printips(struct set *set, void *data, size_t len, unsigned options)
+printips(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_ipportnethash *mysetdata = set->settype->header;
size_t offset = 0;
@@ -357,7 +357,7 @@ saveheader(struct set *set, unsigned options)
/* Print save for an IP */
static void
-saveips(struct set *set, void *data, size_t len, unsigned options)
+saveips(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_ipportnethash *mysetdata = set->settype->header;
size_t offset = 0;
diff --git a/ipset_iptree.c b/ipset_iptree.c
index 09f11db..fbde520 100644
--- a/ipset_iptree.c
+++ b/ipset_iptree.c
@@ -123,7 +123,7 @@ printheader(struct set *set, unsigned options UNUSED)
}
static void
-printips_sorted(struct set *set, void *data, size_t len, unsigned options)
+printips_sorted(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_iptree *mysetdata = set->settype->header;
struct ip_set_req_iptree *req;
@@ -155,7 +155,7 @@ saveheader(struct set *set, unsigned options UNUSED)
}
static void
-saveips(struct set *set, void *data, size_t len, unsigned options)
+saveips(struct set *set, void *data, u_int32_t len, unsigned options)
{
struct ip_set_iptree *mysetdata = set->settype->header;
struct ip_set_req_iptree *req;
diff --git a/ipset_iptreemap.c b/ipset_iptreemap.c
index 81bc8f3..21948d4 100644
--- a/ipset_iptreemap.c
+++ b/ipset_iptreemap.c
@@ -115,7 +115,7 @@ printheader(struct set *set, unsigned int options UNUSED)
static void
printips_sorted(struct set *set UNUSED, void *data,
- size_t len, unsigned int options)
+ u_int32_t len, unsigned int options)
{
struct ip_set_req_iptreemap *req;
size_t offset = 0;
@@ -147,7 +147,7 @@ saveheader(struct set *set, unsigned int options UNUSED)
static void
saveips(struct set *set UNUSED, void *data,
- size_t len, unsigned int options)
+ u_int32_t len, unsigned int options)
{
struct ip_set_req_iptreemap *req;
size_t offset = 0;
diff --git a/ipset_macipmap.c b/ipset_macipmap.c
index 186e68e..3a47e59 100644
--- a/ipset_macipmap.c
+++ b/ipset_macipmap.c
@@ -245,15 +245,14 @@ print_mac(unsigned char macaddress[ETH_ALEN])
static void
printips_sorted(struct set *set, void *data,
- size_t len UNUSED, unsigned options)
+ u_int32_t len UNUSED, unsigned options)
{
struct ip_set_macipmap *mysetdata = set->settype->header;
struct ip_set_macip *table = data;
u_int32_t addr = mysetdata->first_ip;
while (addr <= mysetdata->last_ip) {
- if (test_bit(IPSET_MACIP_ISSET,
- (void *)&table[addr - mysetdata->first_ip].flags)) {
+ if (table[addr - mysetdata->first_ip].match) {
printf("%s,", ip_tostring(addr, options));
print_mac(table[addr - mysetdata->first_ip].
ethernet);
@@ -280,15 +279,14 @@ saveheader(struct set *set, unsigned options)
static void
saveips(struct set *set, void *data,
- size_t len UNUSED, unsigned options)
+ u_int32_t len UNUSED, unsigned options)
{
struct ip_set_macipmap *mysetdata = set->settype->header;
struct ip_set_macip *table = data;
u_int32_t addr = mysetdata->first_ip;
while (addr <= mysetdata->last_ip) {
- if (test_bit(IPSET_MACIP_ISSET,
- (void *)&table[addr - mysetdata->first_ip].flags)) {
+ if (table[addr - mysetdata->first_ip].match) {
printf("-A %s %s,",
set->name, ip_tostring(addr, options));
print_mac(table[addr - mysetdata->first_ip].
diff --git a/ipset_nethash.c b/ipset_nethash.c
index 9c9d6ac..c73e382 100644
--- a/ipset_nethash.c
+++ b/ipset_nethash.c
@@ -224,7 +224,7 @@ unpack_ip_tostring(ip_set_ip_t ip, unsigned options UNUSED)
}
static void
-printips(struct set *set UNUSED, void *data, size_t len, unsigned options)
+printips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
@@ -249,7 +249,7 @@ saveheader(struct set *set, unsigned options UNUSED)
/* Print save for an IP */
static void
-saveips(struct set *set UNUSED, void *data, size_t len, unsigned options)
+saveips(struct set *set UNUSED, void *data, u_int32_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
diff --git a/ipset_portmap.c b/ipset_portmap.c
index b86dbb2..96e87c2 100644
--- a/ipset_portmap.c
+++ b/ipset_portmap.c
@@ -149,7 +149,7 @@ printheader(struct set *set, unsigned options)
static void
printports_sorted(struct set *set, void *data,
- size_t len UNUSED, unsigned options)
+ u_int32_t len UNUSED, unsigned options)
{
struct ip_set_portmap *mysetdata = set->settype->header;
u_int32_t addr = mysetdata->first_ip;
@@ -184,7 +184,7 @@ saveheader(struct set *set, unsigned options)
static void
saveports(struct set *set, void *data,
- size_t len UNUSED, unsigned options)
+ u_int32_t len UNUSED, unsigned options)
{
struct ip_set_portmap *mysetdata = set->settype->header;
u_int32_t addr = mysetdata->first_ip;
diff --git a/ipset_setlist.c b/ipset_setlist.c
index 064d67d..d5d65d7 100644
--- a/ipset_setlist.c
+++ b/ipset_setlist.c
@@ -134,7 +134,7 @@ printheader(struct set *set, unsigned options UNUSED)
static void
printips_sorted(struct set *set, void *data,
- size_t len UNUSED, unsigned options UNUSED)
+ u_int32_t len UNUSED, unsigned options UNUSED)
{
struct ip_set_setlist *mysetdata = set->settype->header;
int i;
@@ -162,7 +162,7 @@ saveheader(struct set *set, unsigned options UNUSED)
static void
saveips(struct set *set, void *data,
- size_t len UNUSED, unsigned options UNUSED)
+ u_int32_t len UNUSED, unsigned options UNUSED)
{
struct ip_set_setlist *mysetdata = set->settype->header;
int i;
diff --git a/kernel/ChangeLog b/kernel/ChangeLog
index eab7310..f8414e1 100644
--- a/kernel/ChangeLog
+++ b/kernel/ChangeLog
@@ -1,3 +1,9 @@
+3.0
+ - New kernel-userspace protocol release
+ - Bigendian and 64/32bit fixes (Stefan Gula, bugzilla id 593)
+ - Support of 2.4.3[67].* kernels fixed
+ - Compiling with debugging enabled fixed
+
2.5.0
- Use the spinlock initiator instead of setting the locks directly
as it causes compilation errors with 2.6.29-rt (Jan Engelhardt).
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set.h b/kernel/include/linux/netfilter_ipv4/ip_set.h
index ec3e59f..3667352 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set.h
@@ -40,7 +40,7 @@
/*
* Used so that the kernel module and ipset-binary can match their versions
*/
-#define IP_SET_PROTOCOL_VERSION 2
+#define IP_SET_PROTOCOL_VERSION 3
#define IP_SET_MAXNAMELEN 32 /* set names and set typenames */
@@ -228,7 +228,7 @@ struct ip_set_req_max_sets {
struct ip_set_req_setnames {
unsigned op;
ip_set_id_t index; /* set to list/save */
- size_t size; /* size to get setdata/bindings */
+ u_int32_t size; /* size to get setdata/bindings */
/* followed by sets number of struct ip_set_name_list */
};
@@ -250,9 +250,9 @@ struct ip_set_list {
ip_set_id_t index;
ip_set_id_t binding;
u_int32_t ref;
- size_t header_size; /* Set header data of header_size */
- size_t members_size; /* Set members data of members_size */
- size_t bindings_size; /* Set bindings data of bindings_size */
+ u_int32_t header_size; /* Set header data of header_size */
+ u_int32_t members_size; /* Set members data of members_size */
+ u_int32_t bindings_size;/* Set bindings data of bindings_size */
};
struct ip_set_hash_list {
@@ -269,8 +269,8 @@ struct ip_set_hash_list {
struct ip_set_save {
ip_set_id_t index;
ip_set_id_t binding;
- size_t header_size; /* Set header data of header_size */
- size_t members_size; /* Set members data of members_size */
+ u_int32_t header_size; /* Set header data of header_size */
+ u_int32_t members_size; /* Set members data of members_size */
};
/* At restoring, ip == 0 means default binding for the given set: */
@@ -290,8 +290,8 @@ struct ip_set_restore {
char name[IP_SET_MAXNAMELEN];
char typename[IP_SET_MAXNAMELEN];
ip_set_id_t index;
- size_t header_size; /* Create data of header_size */
- size_t members_size; /* Set members data of members_size */
+ u_int32_t header_size; /* Create data of header_size */
+ u_int32_t members_size; /* Set members data of members_size */
};
static inline int bitmap_bytes(ip_set_ip_t a, ip_set_ip_t b)
@@ -358,14 +358,14 @@ struct ip_set_type {
* return 0 if not in set, 1 if in set.
*/
int (*testip) (struct ip_set *set,
- const void *data, size_t size,
+ const void *data, u_int32_t size,
ip_set_ip_t *ip);
/*
* Size of the data structure passed by when
* adding/deletin/testing an entry.
*/
- size_t reqsize;
+ u_int32_t reqsize;
/* Add IP into set (userspace: ipset -A set IP)
* Return -EEXIST if the address is already in the set,
@@ -373,7 +373,7 @@ struct ip_set_type {
* If the address was not already in the set, 0 is returned.
*/
int (*addip) (struct ip_set *set,
- const void *data, size_t size,
+ const void *data, u_int32_t size,
ip_set_ip_t *ip);
/* Add IP into set (kernel: iptables ... -j SET set src|dst)
@@ -393,7 +393,7 @@ struct ip_set_type {
* If the address really was in the set, 0 is returned.
*/
int (*delip) (struct ip_set *set,
- const void *data, size_t size,
+ const void *data, u_int32_t size,
ip_set_ip_t *ip);
/* remove IP from set (kernel: iptables ... -j SET --entry x)
@@ -410,7 +410,7 @@ struct ip_set_type {
/* new set creation - allocated type specific items
*/
int (*create) (struct ip_set *set,
- const void *data, size_t size);
+ const void *data, u_int32_t size);
/* retry the operation after successfully tweaking the set
*/
@@ -429,7 +429,7 @@ struct ip_set_type {
/* Listing: size needed for header
*/
- size_t header_size;
+ u_int32_t header_size;
/* Listing: Get the header
*
@@ -515,7 +515,7 @@ extern int ip_set_testip_kernel(ip_set_id_t id,
#define UADT0(type, adt, args...) \
static int \
-FNAME(type,_u,adt)(struct ip_set *set, const void *data, size_t size, \
+FNAME(type,_u,adt)(struct ip_set *set, const void *data, u_int32_t size,\
ip_set_ip_t *hash_ip) \
{ \
const STRUCT(ip_set_req_,type) *req = data; \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
index 2e9293f..d537639 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
@@ -6,7 +6,7 @@
#ifdef __KERNEL__
#define BITMAP_CREATE(type) \
static int \
-type##_create(struct ip_set *set, const void *data, size_t size) \
+type##_create(struct ip_set *set, const void *data, u_int32_t size) \
{ \
int newbytes; \
const struct ip_set_req_##type##_create *req = data; \
@@ -19,8 +19,8 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
\
map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL); \
if (!map) { \
- DP("out of memory for %d bytes", \
- sizeof(struct ip_set_#type)); \
+ DP("out of memory for %lu bytes", \
+ sizeof(struct ip_set_##type)); \
return -ENOMEM; \
} \
map->first_ip = req->from; \
@@ -35,7 +35,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
map->size = newbytes; \
map->members = ip_set_malloc(newbytes); \
if (!map->members) { \
- DP("out of memory for %d bytes", newbytes); \
+ DP("out of memory for %i bytes", newbytes); \
kfree(map); \
return -ENOMEM; \
} \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
index 5695b3b..96c2024 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
@@ -58,6 +58,7 @@ static inline void *kzalloc(size_t size, gfp_t flags)
#endif
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
+#include <linux/netfilter.h>
#define KMEM_CACHE_CREATE(name, size) \
kmem_cache_create(name, size, 0, 0, NULL, NULL)
#else
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
index 6914a12..4ca8431 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
@@ -28,20 +28,22 @@ type##_retry(struct ip_set *set) \
hashsize++; \
\
ip_set_printk("rehashing of set %s triggered: " \
- "hashsize grows from %u to %u", \
- set->name, map->hashsize, hashsize); \
+ "hashsize grows from %lu to %lu", \
+ set->name, \
+ (long unsigned)map->hashsize, \
+ (long unsigned)hashsize); \
\
tmp = kmalloc(sizeof(struct ip_set_##type) \
+ map->probes * sizeof(initval_t), GFP_ATOMIC); \
if (!tmp) { \
- DP("out of memory for %d bytes", \
+ DP("out of memory for %lu bytes", \
sizeof(struct ip_set_##type) \
+ map->probes * sizeof(initval_t)); \
return -ENOMEM; \
} \
tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\
if (!tmp->members) { \
- DP("out of memory for %d bytes", hashsize * sizeof(dtype));\
+ DP("out of memory for %lu bytes", hashsize * sizeof(dtype));\
kfree(tmp); \
return -ENOMEM; \
} \
@@ -88,7 +90,7 @@ type##_retry(struct ip_set *set) \
#define HASH_CREATE(type, dtype) \
static int \
-type##_create(struct ip_set *set, const void *data, size_t size) \
+type##_create(struct ip_set *set, const void *data, u_int32_t size) \
{ \
const struct ip_set_req_##type##_create *req = data; \
struct ip_set_##type *map; \
@@ -107,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
map = kmalloc(sizeof(struct ip_set_##type) \
+ req->probes * sizeof(initval_t), GFP_KERNEL); \
if (!map) { \
- DP("out of memory for %d bytes", \
+ DP("out of memory for %lu bytes", \
sizeof(struct ip_set_##type) \
+ req->probes * sizeof(initval_t)); \
return -ENOMEM; \
@@ -124,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \
} \
map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\
if (!map->members) { \
- DP("out of memory for %d bytes", map->hashsize * sizeof(dtype));\
+ DP("out of memory for %lu bytes", map->hashsize * sizeof(dtype));\
kfree(map); \
return -ENOMEM; \
} \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
index d1381b5..ce4b29b 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
@@ -13,7 +13,7 @@ struct ip_set_ipmap {
ip_set_ip_t netmask; /* subnet netmask */
ip_set_ip_t sizeid; /* size of set in IPs */
ip_set_ip_t hosts; /* number of hosts in a subnet */
- size_t size; /* size of the ipmap proper */
+ u_int32_t size; /* size of the ipmap proper */
};
struct ip_set_req_ipmap_create {
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
index c983214..19418f3 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
@@ -17,7 +17,7 @@ struct ip_set_macipmap {
ip_set_ip_t first_ip; /* host byte order, included in range */
ip_set_ip_t last_ip; /* host byte order, included in range */
u_int32_t flags;
- size_t size; /* size of the ipmap proper */
+ u_int32_t size; /* size of the ipmap proper */
};
struct ip_set_req_macipmap_create {
@@ -32,7 +32,7 @@ struct ip_set_req_macipmap {
};
struct ip_set_macip {
- unsigned short flags;
+ unsigned short match;
unsigned char ethernet[ETH_ALEN];
};
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
index e878327..8ea6ba2 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
@@ -10,7 +10,7 @@ struct ip_set_portmap {
void *members; /* the portmap proper */
ip_set_ip_t first_ip; /* host byte order, included in range */
ip_set_ip_t last_ip; /* host byte order, included in range */
- size_t size; /* size of the ipmap proper */
+ u_int32_t size; /* size of the ipmap proper */
};
struct ip_set_req_portmap_create {
diff --git a/kernel/ip_set.c b/kernel/ip_set.c
index 15e98d0..f94d0e0 100644
--- a/kernel/ip_set.c
+++ b/kernel/ip_set.c
@@ -493,7 +493,7 @@ ip_set_find_byindex(ip_set_id_t index)
static inline int
__ip_set_testip(struct ip_set *set,
const void *data,
- size_t size,
+ u_int32_t size,
ip_set_ip_t *ip)
{
int res;
@@ -508,7 +508,7 @@ __ip_set_testip(struct ip_set *set,
static int
__ip_set_addip(ip_set_id_t index,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set = ip_set_list[index];
ip_set_ip_t ip;
@@ -529,15 +529,15 @@ __ip_set_addip(ip_set_id_t index,
static int
ip_set_addip(ip_set_id_t index,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set = ip_set_list[index];
IP_SET_ASSERT(set);
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
- ip_set_printk("data length wrong (want %zu, have %zu)",
- set->type->reqsize,
+ ip_set_printk("data length wrong (want %lu, have %lu)",
+ (long unsigned)set->type->reqsize,
size - sizeof(struct ip_set_req_adt));
return -EINVAL;
}
@@ -549,7 +549,7 @@ ip_set_addip(ip_set_id_t index,
static int
ip_set_delip(ip_set_id_t index,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set = ip_set_list[index];
ip_set_ip_t ip;
@@ -558,8 +558,8 @@ ip_set_delip(ip_set_id_t index,
IP_SET_ASSERT(set);
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
- ip_set_printk("data length wrong (want %zu, have %zu)",
- set->type->reqsize,
+ ip_set_printk("data length wrong (want %lu, have %lu)",
+ (long unsigned)set->type->reqsize,
size - sizeof(struct ip_set_req_adt));
return -EINVAL;
}
@@ -576,7 +576,7 @@ ip_set_delip(ip_set_id_t index,
static int
ip_set_testip(ip_set_id_t index,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set = ip_set_list[index];
ip_set_ip_t ip;
@@ -585,8 +585,8 @@ ip_set_testip(ip_set_id_t index,
IP_SET_ASSERT(set);
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
- ip_set_printk("data length wrong (want %zu, have %zu)",
- set->type->reqsize,
+ ip_set_printk("data length wrong (want %lu, have %lu)",
+ (long unsigned)set->type->reqsize,
size - sizeof(struct ip_set_req_adt));
return -EINVAL;
}
@@ -601,7 +601,7 @@ ip_set_testip(ip_set_id_t index,
static int
ip_set_bindip(ip_set_id_t index,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set = ip_set_list[index];
const struct ip_set_req_bind *req_bind;
@@ -687,7 +687,7 @@ __unbind_default(struct ip_set *set)
static int
ip_set_unbindip(ip_set_id_t index,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set;
const struct ip_set_req_bind *req_bind;
@@ -760,7 +760,7 @@ ip_set_unbindip(ip_set_id_t index,
static int
ip_set_testbind(ip_set_id_t index,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set = ip_set_list[index];
const struct ip_set_req_bind *req_bind;
@@ -862,7 +862,7 @@ ip_set_create(const char *name,
const char *typename,
ip_set_id_t restore,
const void *data,
- size_t size)
+ u_int32_t size)
{
struct ip_set *set;
ip_set_id_t index = 0, id;
@@ -915,9 +915,9 @@ ip_set_create(const char *name,
/* Check request size */
if (size != set->type->header_size) {
- ip_set_printk("data length wrong (want %zu, have %zu)",
- set->type->header_size,
- size);
+ ip_set_printk("data length wrong (want %lu, have %lu)",
+ (long unsigned)set->type->header_size,
+ (long unsigned)size);
goto put_out;
}
@@ -1109,7 +1109,7 @@ ip_set_swap(ip_set_id_t from_index, ip_set_id_t to_index)
static inline void
__set_hash_bindings_size_list(struct ip_set_hash *set_hash,
- ip_set_id_t id, size_t *size)
+ ip_set_id_t id, u_int32_t *size)
{
if (set_hash->id == id)
*size += sizeof(struct ip_set_hash_list);
@@ -1117,7 +1117,7 @@ __set_hash_bindings_size_list(struct ip_set_hash *set_hash,
static inline void
__set_hash_bindings_size_save(struct ip_set_hash *set_hash,
- ip_set_id_t id, size_t *size)
+ ip_set_id_t id, u_int32_t *size)
{
if (set_hash->id == id)
*size += sizeof(struct ip_set_hash_save);
@@ -1220,7 +1220,7 @@ static int ip_set_save_set(ip_set_id_t index,
*used += sizeof(struct ip_set_save);
set = ip_set_list[index];
- DP("set: %s, used: %u(%u) %p %p", set->name, *used, len,
+ DP("set: %s, used: %i(%i) %p %p", set->name, *used, len,
data, data + *used);
read_lock_bh(&set->lock);
@@ -1237,8 +1237,8 @@ static int ip_set_save_set(ip_set_id_t index,
set->type->list_header(set, data + *used);
*used += set_save->header_size;
- DP("set header filled: %s, used: %u(%u) %p %p", set->name, *used,
- set_save->header_size, data, data + *used);
+ DP("set header filled: %s, used: %i(%lu) %p %p", set->name, *used,
+ (unsigned long)set_save->header_size, data, data + *used);
/* Get and ensure set specific members size */
set_save->members_size = set->type->list_members_size(set);
if (*used + set_save->members_size > len)
@@ -1248,8 +1248,8 @@ static int ip_set_save_set(ip_set_id_t index,
set->type->list_members(set, data + *used);
*used += set_save->members_size;
read_unlock_bh(&set->lock);
- DP("set members filled: %s, used: %u(%u) %p %p", set->name, *used,
- set_save->members_size, data, data + *used);
+ DP("set members filled: %s, used: %i(%lu) %p %p", set->name, *used,
+ (unsigned long)set_save->members_size, data, data + *used);
return 0;
unlock_set:
@@ -1329,7 +1329,7 @@ static int ip_set_restore(void *data,
while (1) {
line++;
- DP("%u %u %u", used, sizeof(struct ip_set_restore), len);
+ DP("%i %lu %i", used, sizeof(struct ip_set_restore), len);
/* Get and ensure header size */
if (used + sizeof(struct ip_set_restore) > len)
return line;
@@ -1367,12 +1367,13 @@ static int ip_set_restore(void *data,
/* Try to restore members data */
set = ip_set_list[index];
members_size = 0;
- DP("members_size %u reqsize %u",
- set_restore->members_size, set->type->reqsize);
+ DP("members_size %lu reqsize %lu",
+ (unsigned long)set_restore->members_size,
+ (unsigned long)set->type->reqsize);
while (members_size + set->type->reqsize <=
set_restore->members_size) {
line++;
- DP("members: %u, line %u", members_size, line);
+ DP("members: %i, line %i", members_size, line);
res = __ip_set_addip(index,
data + used + members_size,
set->type->reqsize);
@@ -1381,8 +1382,8 @@ static int ip_set_restore(void *data,
members_size += set->type->reqsize;
}
- DP("members_size %u %u",
- set_restore->members_size, members_size);
+ DP("members_size %lu %i",
+ (unsigned long)set_restore->members_size, members_size);
if (members_size != set_restore->members_size)
return line++;
used += set_restore->members_size;
@@ -1442,10 +1443,10 @@ ip_set_sockfn_set(struct sock *sk, int optval, void *user, unsigned int len)
struct ip_set_req_adt *req_adt;
ip_set_id_t index = IP_SET_INVALID_ID;
int (*adtfn)(ip_set_id_t index,
- const void *data, size_t size);
+ const void *data, u_int32_t size);
struct fn_table {
int (*fn)(ip_set_id_t index,
- const void *data, size_t size);
+ const void *data, u_int32_t size);
} adtfn_table[] =
{ { ip_set_addip }, { ip_set_delip }, { ip_set_testip},
{ ip_set_bindip}, { ip_set_unbindip }, { ip_set_testbind },
@@ -1938,8 +1939,8 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
if (*len < sizeof(struct ip_set_req_setnames)
|| *len != req_restore->size) {
- ip_set_printk("invalid RESTORE (want =%zu, got %d)",
- req_restore->size, *len);
+ ip_set_printk("invalid RESTORE (want =%lu, got %u)",
+ (long unsigned)req_restore->size, *len);
res = -EINVAL;
goto done;
}
diff --git a/kernel/ip_set_ipportnethash.c b/kernel/ip_set_ipportnethash.c
index fe36c58..45e53ed 100644
--- a/kernel/ip_set_ipportnethash.c
+++ b/kernel/ip_set_ipportnethash.c
@@ -102,7 +102,7 @@ ipportnethash_test(struct ip_set *set, ip_set_ip_t *hash_ip,
}
static int
-ipportnethash_utest(struct ip_set *set, const void *data, size_t size,
+ipportnethash_utest(struct ip_set *set, const void *data, u_int32_t size,
ip_set_ip_t *hash_ip)
{
const struct ip_set_req_ipportnethash *req = data;
diff --git a/kernel/ip_set_iptree.c b/kernel/ip_set_iptree.c
index f51dea1..08b9118 100644
--- a/kernel/ip_set_iptree.c
+++ b/kernel/ip_set_iptree.c
@@ -276,21 +276,21 @@ init_gc_timer(struct ip_set *set)
}
static int
-iptree_create(struct ip_set *set, const void *data, size_t size)
+iptree_create(struct ip_set *set, const void *data, u_int32_t size)
{
const struct ip_set_req_iptree_create *req = data;
struct ip_set_iptree *map;
if (size != sizeof(struct ip_set_req_iptree_create)) {
- ip_set_printk("data length wrong (want %zu, have %zu)",
+ ip_set_printk("data length wrong (want %lu, have %lu)",
sizeof(struct ip_set_req_iptree_create),
- size);
+ (unsigned long)size);
return -EINVAL;
}
map = kmalloc(sizeof(struct ip_set_iptree), GFP_KERNEL);
if (!map) {
- DP("out of memory for %d bytes",
+ DP("out of memory for %lu bytes",
sizeof(struct ip_set_iptree));
return -ENOMEM;
}
diff --git a/kernel/ip_set_iptreemap.c b/kernel/ip_set_iptreemap.c
index 4bf70f7..f62ed19 100644
--- a/kernel/ip_set_iptreemap.c
+++ b/kernel/ip_set_iptreemap.c
@@ -470,7 +470,7 @@ init_gc_timer(struct ip_set *set)
}
static int
-iptreemap_create(struct ip_set *set, const void *data, size_t size)
+iptreemap_create(struct ip_set *set, const void *data, u_int32_t size)
{
const struct ip_set_req_iptreemap_create *req = data;
struct ip_set_iptreemap *map;
@@ -567,7 +567,7 @@ iptreemap_list_members_size(const struct ip_set *set)
return (count * sizeof(struct ip_set_req_iptreemap));
}
-static inline size_t
+static inline u_int32_t
add_member(void *data, size_t offset, ip_set_ip_t start, ip_set_ip_t end)
{
struct ip_set_req_iptreemap *entry = data + offset;
diff --git a/kernel/ip_set_macipmap.c b/kernel/ip_set_macipmap.c
index 61ea6d5..464106e 100644
--- a/kernel/ip_set_macipmap.c
+++ b/kernel/ip_set_macipmap.c
@@ -22,7 +22,7 @@
#include <linux/netfilter_ipv4/ip_set_macipmap.h>
static int
-macipmap_utest(struct ip_set *set, const void *data, size_t size,
+macipmap_utest(struct ip_set *set, const void *data, u_int32_t size,
ip_set_ip_t *hash_ip)
{
const struct ip_set_macipmap *map = set->data;
@@ -35,8 +35,7 @@ macipmap_utest(struct ip_set *set, const void *data, size_t size,
*hash_ip = req->ip;
DP("set: %s, ip:%u.%u.%u.%u, %u.%u.%u.%u",
set->name, HIPQUAD(req->ip), HIPQUAD(*hash_ip));
- if (test_bit(IPSET_MACIP_ISSET,
- (void *) &table[req->ip - map->first_ip].flags)) {
+ if (table[req->ip - map->first_ip].match) {
return (memcmp(req->ethernet,
&table[req->ip - map->first_ip].ethernet,
ETH_ALEN) == 0);
@@ -64,8 +63,7 @@ macipmap_ktest(struct ip_set *set,
*hash_ip = ip;
DP("set: %s, ip:%u.%u.%u.%u, %u.%u.%u.%u",
set->name, HIPQUAD(ip), HIPQUAD(*hash_ip));
- if (test_bit(IPSET_MACIP_ISSET,
- (void *) &table[ip - map->first_ip].flags)) {
+ if (table[ip - map->first_ip].match) {
/* Is mac pointer valid?
* If so, compare... */
return (skb_mac_header(skb) >= skb->head
@@ -88,13 +86,13 @@ macipmap_add(struct ip_set *set, ip_set_ip_t *hash_ip,
if (ip < map->first_ip || ip > map->last_ip)
return -ERANGE;
- if (test_and_set_bit(IPSET_MACIP_ISSET,
- (void *) &table[ip - map->first_ip].flags))
+ if (table[ip - map->first_ip].match)
return -EEXIST;
*hash_ip = ip;
DP("%u.%u.%u.%u, %u.%u.%u.%u", HIPQUAD(ip), HIPQUAD(*hash_ip));
memcpy(&table[ip - map->first_ip].ethernet, ethernet, ETH_ALEN);
+ table[ip - map->first_ip].match = IPSET_MACIP_ISSET;
return 0;
}
@@ -114,11 +112,11 @@ macipmap_del(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip)
if (ip < map->first_ip || ip > map->last_ip)
return -ERANGE;
- if (!test_and_clear_bit(IPSET_MACIP_ISSET,
- (void *)&table[ip - map->first_ip].flags))
+ if (!table[ip - map->first_ip].match)
return -EEXIST;
*hash_ip = ip;
+ table[ip - map->first_ip].match = 0;
DP("%u.%u.%u.%u, %u.%u.%u.%u", HIPQUAD(ip), HIPQUAD(*hash_ip));
return 0;
}
diff --git a/kernel/ip_set_nethash.c b/kernel/ip_set_nethash.c
index 27267d9..d68a015 100644
--- a/kernel/ip_set_nethash.c
+++ b/kernel/ip_set_nethash.c
@@ -80,7 +80,7 @@ nethash_test(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip)
}
static int
-nethash_utest(struct ip_set *set, const void *data, size_t size,
+nethash_utest(struct ip_set *set, const void *data, u_int32_t size,
ip_set_ip_t *hash_ip)
{
const struct ip_set_req_nethash *req = data;
diff --git a/kernel/ip_set_setlist.c b/kernel/ip_set_setlist.c
index 4c9eb59..15a67ba 100644
--- a/kernel/ip_set_setlist.c
+++ b/kernel/ip_set_setlist.c
@@ -32,7 +32,7 @@ next_index_eq(const struct ip_set_setlist *map, int i, ip_set_id_t index)
}
static int
-setlist_utest(struct ip_set *set, const void *data, size_t size,
+setlist_utest(struct ip_set *set, const void *data, u_int32_t size,
ip_set_ip_t *hash_ip)
{
const struct ip_set_setlist *map = set->data;
@@ -113,7 +113,7 @@ insert_setlist(struct ip_set_setlist *map, int i, ip_set_id_t index)
}
static int
-setlist_uadd(struct ip_set *set, const void *data, size_t size,
+setlist_uadd(struct ip_set *set, const void *data, u_int32_t size,
ip_set_ip_t *hash_ip)
{
struct ip_set_setlist *map = set->data;
@@ -188,7 +188,7 @@ unshift_setlist(struct ip_set_setlist *map, int i)
}
static int
-setlist_udel(struct ip_set *set, const void *data, size_t size,
+setlist_udel(struct ip_set *set, const void *data, u_int32_t size,
ip_set_ip_t *hash_ip)
{
struct ip_set_setlist *map = set->data;
@@ -255,7 +255,7 @@ setlist_kdel(struct ip_set *set,
}
static int
-setlist_create(struct ip_set *set, const void *data, size_t size)
+setlist_create(struct ip_set *set, const void *data, u_int32_t size)
{
struct ip_set_setlist *map;
const struct ip_set_req_setlist_create *req = data;
diff --git a/tests/runtest.sh b/tests/runtest.sh
index 4f2a2d2..d063cd7 100755
--- a/tests/runtest.sh
+++ b/tests/runtest.sh
@@ -1,11 +1,11 @@
#!/bin/bash
tests="init"
-tests+=" ipmap macipmap portmap"
-tests+=" iphash nethash ipporthash"
-tests+=" ipportiphash ipportnethash"
-tests+=" iptree iptreemap"
-tests+=" setlist"
+tests="$tests ipmap macipmap portmap"
+tests="$tests iphash nethash ipporthash"
+tests="$tests ipportiphash ipportnethash"
+tests="$tests iptree iptreemap"
+tests="$tests setlist"
if [ "$1" ]; then
tests="init $@"