[netfilter-cvslog] r4551 - trunk/ipset
kadlec at netfilter.org
kadlec at netfilter.org
Thu Nov 24 10:31:54 CET 2005
Author: kadlec at netfilter.org
Date: 2005-11-24 10:31:53 +0100 (Thu, 24 Nov 2005)
New Revision: 4551
Modified:
trunk/ipset/ChangeLog
trunk/ipset/Makefile
trunk/ipset/ipset.c
trunk/ipset/ipset.h
trunk/ipset/ipset_ipporthash.c
trunk/ipset/ipset_iptree.c
trunk/ipset/ipset_macipmap.c
trunk/ipset/ipset_nethash.c
Log:
Several fixes by Jones Desougi:
missing or confusing error message fixes for ipporthash
minor correction in debugging in nethash
unified memory allocations in ipset
Modified: trunk/ipset/ChangeLog
===================================================================
--- trunk/ipset/ChangeLog 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/ChangeLog 2005-11-24 09:31:53 UTC (rev 4551)
@@ -1,3 +1,11 @@
+2.2.7
+ All patches were submitted by Jones Desougi
+ - missing or confusing error message fixes for ipporthash
+ - minor correction in debugging in nethash
+ - copy-paste bug in kernel set types at memory allocation
+ checking fixed
+ - unified memory allocations in ipset
+
2.2.6
- memory allocation in iptree is changed to GFP_ATOMIC because
we hold a lock (bug reported by Radek Hladik)
Modified: trunk/ipset/Makefile
===================================================================
--- trunk/ipset/Makefile 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/Makefile 2005-11-24 09:31:53 UTC (rev 4551)
@@ -8,7 +8,7 @@
KERNEL_DIR=/usr/src/linux
endif
-IPSET_VERSION:=2.2.6
+IPSET_VERSION:=2.2.7
PREFIX:=/usr/local
LIBDIR:=$(PREFIX)/lib
Modified: trunk/ipset/ipset.c
===================================================================
--- trunk/ipset/ipset.c 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/ipset.c 2005-11-24 09:31:53 UTC (rev 4551)
@@ -417,6 +417,17 @@
return p;
}
+char *ipset_strdup(const char *s)
+{
+ char *p;
+
+ if ((p = strdup(s)) == NULL) {
+ perror("ipset: not enough memory");
+ exit(1);
+ }
+ return p;
+}
+
void ipset_free(void **data)
{
if (*data == NULL)
@@ -439,7 +450,7 @@
global_option_offset += OPTION_OFFSET;
*option_offset = global_option_offset;
- merge = malloc(sizeof(struct option) * (num_new + num_old + 1));
+ merge = ipset_malloc(sizeof(struct option) * (num_new + num_old + 1));
memcpy(merge, oldopts, num_old * sizeof(struct option));
for (i = 0; i < num_new; i++) {
merge[num_old + i] = newopts[i];
@@ -1207,10 +1218,10 @@
newargc = 1;
ptr = strtok(buffer, " \t\n");
- newargv[newargc++] = strdup(ptr);
+ newargv[newargc++] = ipset_strdup(ptr);
while ((ptr = strtok(NULL, " \t\n")) != NULL) {
if ((newargc + 1) < sizeof(newargv)/sizeof(char *))
- newargv[newargc++] = strdup(ptr);
+ newargv[newargc++] = ipset_strdup(ptr);
else
exit_error(PARAMETER_PROBLEM,
"Line %d is too long to restore\n", line);
@@ -1227,11 +1238,9 @@
if (!(tmpdir = getenv("TMPDIR")) && !(tmpdir = getenv("TMP")))
tmpdir = "/tmp";
- filename = malloc(strlen(tmpdir) + strlen(TEMPFILE_PATTERN) + 1);
- if (!filename)
- exit_error(OTHER_PROBLEM, "Could not malloc temporary filename.");
+ filename = ipset_malloc(strlen(tmpdir) + strlen(TEMPFILE_PATTERN) + 1);
strcpy(filename, tmpdir);
- strcpy(filename, TEMPFILE_PATTERN);
+ strcat(filename, TEMPFILE_PATTERN);
(void) umask(077); /* Create with restrictive permissions */
fd = mkstemp(filename);
@@ -1376,7 +1385,7 @@
line = 0;
/* Initialize newargv/newargc */
- newargv[newargc++] = strdup(argv0);
+ newargv[newargc++] = ipset_strdup(argv0);
/* Second pass: build up restore request */
while (fgets(buffer, sizeof(buffer), in)) {
Modified: trunk/ipset/ipset.h
===================================================================
--- trunk/ipset/ipset.h 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/ipset.h 2005-11-24 09:31:53 UTC (rev 4551)
@@ -181,6 +181,7 @@
ip_set_ip_t *port);
extern void *ipset_malloc(size_t size);
+extern char *ipset_strdup(const char *);
extern void ipset_free(void **data);
#endif /* __IPSET_H */
Modified: trunk/ipset/ipset_ipporthash.c
===================================================================
--- trunk/ipset/ipset_ipporthash.c 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/ipset_ipporthash.c 2005-11-24 09:31:53 UTC (rev 4551)
@@ -38,7 +38,7 @@
#define OPT_CREATE_RESIZE 0x04U
#define OPT_CREATE_NETWORK 0x08U
#define OPT_CREATE_FROM 0x10U
-#define OPT_CREATE_TO 0x10U
+#define OPT_CREATE_TO 0x20U
/* Initialize the create. */
void create_init(void *data)
@@ -156,21 +156,20 @@
mydata->hashsize, mydata->probes, mydata->resize);
#endif
- if (flags == 0)
- exit_error(PARAMETER_PROBLEM,
- "Need to specify --from and --to, or --network\n");
-
if (flags & OPT_CREATE_NETWORK) {
/* --network */
if ((flags & OPT_CREATE_FROM) || (flags & OPT_CREATE_TO))
exit_error(PARAMETER_PROBLEM,
"Can't specify --from or --to with --network\n");
- } else {
+ } else if (flags & (OPT_CREATE_FROM | OPT_CREATE_TO)) {
/* --from --to */
- if ((flags & OPT_CREATE_FROM) == 0
- || (flags & OPT_CREATE_TO) == 0)
+ if (!(flags & OPT_CREATE_FROM) || !(flags & OPT_CREATE_TO))
exit_error(PARAMETER_PROBLEM,
"Need to specify both --from and --to\n");
+ } else {
+ exit_error(PARAMETER_PROBLEM,
+ "Need to specify --from and --to, or --network\n");
+
}
DP("from : %x to: %x diff: %x",
@@ -179,7 +178,7 @@
if (mydata->from > mydata->to)
exit_error(PARAMETER_PROBLEM,
- "From can't be lower than to.\n");
+ "From can't be higher than to.\n");
if (mydata->to - mydata->from > MAX_RANGE)
exit_error(PARAMETER_PROBLEM,
@@ -203,7 +202,7 @@
{
struct ip_set_req_ipporthash *mydata =
(struct ip_set_req_ipporthash *) data;
- char *saved = strdup(optarg);
+ char *saved = ipset_strdup(optarg);
char *ptr, *tmp = saved;
DP("ipporthash: %p %p", optarg, data);
@@ -331,9 +330,9 @@
" [--hashsize hashsize] [--probes probes ] [--resize resize]\n"
"-N set ipporthash --network IP/mask\n"
" [--hashsize hashsize] [--probes probes ] [--resize resize]\n"
- "-A set IP\n"
- "-D set IP\n"
- "-T set IP\n");
+ "-A set IP%%port\n"
+ "-D set IP%%port\n"
+ "-T set IP%%port\n");
}
static struct settype settype_ipporthash = {
Modified: trunk/ipset/ipset_iptree.c
===================================================================
--- trunk/ipset/ipset_iptree.c 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/ipset_iptree.c 2005-11-24 09:31:53 UTC (rev 4551)
@@ -79,7 +79,7 @@
{
struct ip_set_req_iptree *mydata =
(struct ip_set_req_iptree *) data;
- char *saved = strdup(optarg);
+ char *saved = ipset_strdup(optarg);
char *ptr, *tmp = saved;
DP("iptree: %p %p", optarg, data);
Modified: trunk/ipset/ipset_macipmap.c
===================================================================
--- trunk/ipset/ipset_macipmap.c 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/ipset_macipmap.c 2005-11-24 09:31:53 UTC (rev 4551)
@@ -180,7 +180,7 @@
{
struct ip_set_req_macipmap *mydata =
(struct ip_set_req_macipmap *) data;
- char *saved = strdup(optarg);
+ char *saved = ipset_strdup(optarg);
char *ptr, *tmp = saved;
DP("macipmap: %p %p", optarg, data);
Modified: trunk/ipset/ipset_nethash.c
===================================================================
--- trunk/ipset/ipset_nethash.c 2005-11-24 09:04:19 UTC (rev 4550)
+++ trunk/ipset/ipset_nethash.c 2005-11-24 09:31:53 UTC (rev 4551)
@@ -130,7 +130,7 @@
{
struct ip_set_req_nethash *mydata =
(struct ip_set_req_nethash *) data;
- char *saved = strdup(optarg);
+ char *saved = ipset_strdup(optarg);
char *ptr, *tmp = saved;
ip_set_ip_t cidr;
@@ -249,7 +249,7 @@
((unsigned char *)&ip)[3],
b);
- DP("%s %s", ip_tostring(htonl(ip), options), buf);
+ DP("%s %s", ip_tostring(ntohl(ip), options), buf);
return buf;
}
More information about the netfilter-cvslog
mailing list