From e1cc3d782f3bca89c8d8f2ca6b0fd7885fc91cf8 Mon Sep 17 00:00:00 2001 From: Oliver Smith Date: Sun, 22 Sep 2013 20:56:35 +0200 Subject: ipset: Support comments in the userspace library. This adds support to the userspace portion of ipset for handling ipsets with the comment extension enabled. The library revision has been raised accordingly. Signed-off-by: Oliver Smith Signed-off-by: Jozsef Kadlecsik --- include/libipset/data.h | 9 +++++++-- include/libipset/linux_ip_set.h | 15 +++++++++++++++ include/libipset/parse.h | 2 ++ include/libipset/print.h | 3 +++ 4 files changed, 27 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/libipset/data.h b/include/libipset/data.h index 2b6b8cd..b6e75e8 100644 --- a/include/libipset/data.h +++ b/include/libipset/data.h @@ -57,6 +57,8 @@ enum ipset_opt { IPSET_OPT_COUNTERS, IPSET_OPT_PACKETS, IPSET_OPT_BYTES, + IPSET_OPT_CREATE_COMMENT, + IPSET_OPT_ADT_COMMENT, /* Internal options */ IPSET_OPT_FLAGS = 48, /* IPSET_FLAG_EXIST| */ IPSET_OPT_CADT_FLAGS, /* IPSET_FLAG_BEFORE| */ @@ -87,7 +89,8 @@ enum ipset_opt { | IPSET_FLAG(IPSET_OPT_NETMASK) \ | IPSET_FLAG(IPSET_OPT_PROBES) \ | IPSET_FLAG(IPSET_OPT_RESIZE) \ - | IPSET_FLAG(IPSET_OPT_SIZE)) + | IPSET_FLAG(IPSET_OPT_SIZE) \ + | IPSET_FLAG(IPSET_OPT_CREATE_COMMENT)) #define IPSET_ADT_FLAGS \ (IPSET_FLAG(IPSET_OPT_IP) \ @@ -106,11 +109,13 @@ enum ipset_opt { | IPSET_FLAG(IPSET_OPT_CADT_FLAGS)\ | IPSET_FLAG(IPSET_OPT_BEFORE) \ | IPSET_FLAG(IPSET_OPT_PHYSDEV) \ - | IPSET_FLAG(IPSET_OPT_NOMATCH)) + | IPSET_FLAG(IPSET_OPT_NOMATCH) \ + | IPSET_FLAG(IPSET_OPT_ADT_COMMENT)) struct ipset_data; extern void ipset_strlcpy(char *dst, const char *src, size_t len); +extern void ipset_strlcat(char *dst, const char *src, size_t len); extern bool ipset_data_flags_test(const struct ipset_data *data, uint64_t flags); extern void ipset_data_flags_set(struct ipset_data *data, uint64_t flags); diff --git a/include/libipset/linux_ip_set.h b/include/libipset/linux_ip_set.h index 8024cdf..847bbff 100644 --- a/include/libipset/linux_ip_set.h +++ b/include/libipset/linux_ip_set.h @@ -19,6 +19,9 @@ /* The max length of strings including NUL: set and type identifiers */ #define IPSET_MAXNAMELEN 32 +/* The maximum permissible length we will accept over netlink (inc. comments) */ +#define IPSET_MAX_COMMENT_SIZE 255 + /* Message types and commands */ enum ipset_cmd { IPSET_CMD_NONE, @@ -110,6 +113,7 @@ enum { IPSET_ATTR_IFACE, IPSET_ATTR_BYTES, IPSET_ATTR_PACKETS, + IPSET_ATTR_COMMENT, __IPSET_ATTR_ADT_MAX, }; #define IPSET_ATTR_ADT_MAX (__IPSET_ATTR_ADT_MAX - 1) @@ -140,6 +144,7 @@ enum ipset_errno { IPSET_ERR_IPADDR_IPV4, IPSET_ERR_IPADDR_IPV6, IPSET_ERR_COUNTER, + IPSET_ERR_COMMENT, /* Type specific error codes */ IPSET_ERR_TYPE_SPECIFIC = 4352, @@ -176,6 +181,8 @@ enum ipset_cadt_flags { IPSET_FLAG_NOMATCH = (1 << IPSET_FLAG_BIT_NOMATCH), IPSET_FLAG_BIT_WITH_COUNTERS = 3, IPSET_FLAG_WITH_COUNTERS = (1 << IPSET_FLAG_BIT_WITH_COUNTERS), + IPSET_FLAG_BIT_WITH_COMMENT = 4, + IPSET_FLAG_WITH_COMMENT = (1 << IPSET_FLAG_BIT_WITH_COMMENT), IPSET_FLAG_CADT_MAX = 15, }; @@ -250,6 +257,14 @@ struct ip_set_req_get_set { #define IP_SET_OP_GET_BYINDEX 0x00000007 /* Get set name by index */ /* Uses ip_set_req_get_set */ +#define IP_SET_OP_GET_FNAME 0x00000008 /* Get set index and family */ +struct ip_set_req_get_set_family { + unsigned int op; + unsigned int version; + unsigned int family; + union ip_set_name_index set; +}; + #define IP_SET_OP_VERSION 0x00000100 /* Ask kernel version */ struct ip_set_req_version { unsigned int op; diff --git a/include/libipset/parse.h b/include/libipset/parse.h index 014c62f..5c46a88 100644 --- a/include/libipset/parse.h +++ b/include/libipset/parse.h @@ -90,6 +90,8 @@ extern int ipset_parse_typename(struct ipset_session *session, enum ipset_opt opt, const char *str); extern int ipset_parse_iface(struct ipset_session *session, enum ipset_opt opt, const char *str); +extern int ipset_parse_comment(struct ipset_session *session, + enum ipset_opt opt, const char *str); extern int ipset_parse_output(struct ipset_session *session, int opt, const char *str); extern int ipset_parse_ignored(struct ipset_session *session, diff --git a/include/libipset/print.h b/include/libipset/print.h index 1d537bd..f2a6095 100644 --- a/include/libipset/print.h +++ b/include/libipset/print.h @@ -40,6 +40,9 @@ extern int ipset_print_port(char *buf, unsigned int len, extern int ipset_print_iface(char *buf, unsigned int len, const struct ipset_data *data, enum ipset_opt opt, uint8_t env); +extern int ipset_print_comment(char *buf, unsigned int len, + const struct ipset_data *data, + enum ipset_opt opt, uint8_t env); extern int ipset_print_proto(char *buf, unsigned int len, const struct ipset_data *data, enum ipset_opt opt, uint8_t env); -- cgit v1.2.1