r7559 - in trunk/ipset: . kernel kernel/include/linux/netfilter_ipv4 tests
kadlec at blackhole.kfki.hu
kadlec at blackhole.kfki.hu
Sat Jul 19 22:48:20 CEST 2008
Author: kadlec at blackhole.kfki.hu
Date: 2008-07-19 22:48:19 +0200 (Sat, 19 Jul 2008)
New Revision: 7559
Added:
trunk/ipset/kernel/Config.in.ipset
trunk/ipset/kernel/Makefile.export.ipset
trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
Modified:
trunk/ipset/ChangeLog
trunk/ipset/Makefile
trunk/ipset/README
trunk/ipset/ipset.c
trunk/ipset/ipset.h
trunk/ipset/ipset_iphash.c
trunk/ipset/ipset_ipmap.c
trunk/ipset/ipset_ipporthash.c
trunk/ipset/ipset_iptree.c
trunk/ipset/ipset_iptreemap.c
trunk/ipset/ipset_macipmap.c
trunk/ipset/ipset_nethash.c
trunk/ipset/ipset_portmap.c
trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h
trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h
trunk/ipset/kernel/ip_set.c
trunk/ipset/kernel/ip_set_iphash.c
trunk/ipset/kernel/ip_set_ipmap.c
trunk/ipset/kernel/ip_set_ipporthash.c
trunk/ipset/kernel/ip_set_iptree.c
trunk/ipset/kernel/ip_set_iptreemap.c
trunk/ipset/kernel/ip_set_macipmap.c
trunk/ipset/kernel/ip_set_nethash.c
trunk/ipset/kernel/ip_set_portmap.c
trunk/ipset/kernel/ipt_SET.c
trunk/ipset/kernel/ipt_set.c
trunk/ipset/kernel/patch_kernel
trunk/ipset/tests/ipmap.t
trunk/ipset/tests/ipporthash.t
trunk/ipset/tests/iptree.t
trunk/ipset/tests/iptreemap.t
trunk/ipset/tests/macipmap.t
trunk/ipset/tests/portmap.t
Log:
Compatibility cleanup release: kernels >= 2.6.16 and 2.4.36.x are supported.
Modified: trunk/ipset/ChangeLog
===================================================================
--- trunk/ipset/ChangeLog 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ChangeLog 2008-07-19 20:48:19 UTC (rev 7559)
@@ -1,3 +1,8 @@
+[2.3.3]
+ - compatibility for the 2.6.x kernel tree improved and compiler warnings
+ fixed (Jan Engelhardt)
+ - compatibility fixes for the 2.4.36.x kernel tree added
+
[2.3.2]
- including limits.h for UINT_MAX is required with glibc-2.8 (pud)
- needless cast from and to void pointers cleanups in iptreemap (Sven Wegener)
Modified: trunk/ipset/Makefile
===================================================================
--- trunk/ipset/Makefile 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/Makefile 2008-07-19 20:48:19 UTC (rev 7559)
@@ -14,7 +14,7 @@
IP_NF_SET_HASHSIZE=1024
endif
-IPSET_VERSION:=2.3.2
+IPSET_VERSION:=2.3.3
PREFIX:=/usr/local
LIBDIR:=$(PREFIX)/lib
@@ -51,9 +51,10 @@
cd kernel; ./patch_kernel $(KERNEL_DIR)
modules:
- @[ -f $(KERNEL_DIR)/net/ipv4/netfilter/Kconfig ] || (echo "Error: the directory '$(KERNEL_DIR)' doesn't look like a Linux 2.6.x kernel source tree." && exit 1)
- @[ -f $(KERNEL_DIR)/.config ] || (echo "Error: the kernel source in '$(KERNEL_DIR)' must be configured" && exit 1)
- @[ -f $(KERNEL_DIR)/Module.symvers ] || echo "Warning: you should run 'make modules' in '$(KERNEL_DIR)' beforehand"
+ @[ ! -f $(KERNEL_DIR)/net/ipv4/netfilter/Config.in ] || (echo "Error: The directory '$(KERNEL_DIR)' looks like a Linux 2.4.x kernel source tree, you have to patch it by 'make patch_kernel'." && exit 1)
+ @[ -f $(KERNEL_DIR)/net/ipv4/netfilter/Kconfig ] || (echo "Error: The directory '$(KERNEL_DIR)' doesn't look like a Linux 2.6.x kernel source tree." && exit 1)
+ @[ -f $(KERNEL_DIR)/.config ] || (echo "Error: The kernel source in '$(KERNEL_DIR)' must be configured" && exit 1)
+ @[ -f $(KERNEL_DIR)/Module.symvers ] || echo "Warning: You should run 'make modules' in '$(KERNEL_DIR)' beforehand"
cd kernel; make -C $(KERNEL_DIR) M=`pwd` IP_NF_SET_MAX=$(IP_NF_SET_MAX) IP_NF_SET_HASHSIZE=$(IP_NF_SET_HASHSIZE) modules
modules_install: modules
@@ -63,7 +64,7 @@
clean: $(EXTRA_CLEANS)
rm -rf $(PROGRAMS) $(SHARED_LIBS) *.o *~
- cd kernel; make -C $(KERNEL_DIR) M=`pwd` clean
+ [ -f $(KERNEL_DIR)/net/ipv4/netfilter/Config.in ] || (cd kernel; make -C $(KERNEL_DIR) M=`pwd` clean)
#The ipset(8) self
ipset.o: ipset.c
Modified: trunk/ipset/README
===================================================================
--- trunk/ipset/README 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/README 2008-07-19 20:48:19 UTC (rev 7559)
@@ -1,7 +1,7 @@
This is the ipset source tree. Follow these steps to install ipset:
-0. You need the source tree of your kernel (version >= 2.6.16) and it have
- to be configured, modules compiled.
+0. You need the source tree of your kernel (version >= 2.6.16 or 2.4.36.x)
+ and it have to be configured, modules compiled.
1. Compile ipset and it's kernel modules
@@ -27,8 +27,8 @@
Read the ipset(8) and iptables(8) manpages on how to use ipset
and its match and target from iptables.
-If you want to build a non-modular kernel, then proceed with the following
-steps:
+If you want to build a non-modular >= 2.6.16 kernel or has got a 2.4.36.x
+kernel tree, then proceed with the following steps:
1. Compile the ipset binaries
Modified: trunk/ipset/ipset.c
===================================================================
--- trunk/ipset/ipset.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -50,7 +50,7 @@
struct ip_set_restore *restore_set = NULL;
size_t restore_offset = 0;
socklen_t restore_size;
-unsigned line = 0;
+unsigned restore_line = 0;
#define TEMPFILE_PATTERN "/ipsetXXXXXX"
@@ -116,7 +116,7 @@
{"help", 2, 0, 'H'},
/* end */
- {0}
+ {NULL},
};
static char opts_short[] =
@@ -152,7 +152,7 @@
/* Main parser function */
int parse_commandline(int argc, char *argv[]);
-void exit_tryhelp(int status)
+static void exit_tryhelp(int status)
{
fprintf(stderr,
"Try `%s -H' or '%s --help' for more information.\n",
@@ -160,7 +160,7 @@
exit(status);
}
-void exit_error(enum exittype status, char *msg, ...)
+void exit_error(enum exittype status, const char *msg, ...)
{
va_list args;
@@ -170,8 +170,8 @@
vfprintf(stderr, msg, args);
va_end(args);
fprintf(stderr, "\n");
- if (line)
- fprintf(stderr, "Restore failed at line %u:\n", line);
+ if (restore_line)
+ fprintf(stderr, "Restore failed at line %u:\n", restore_line);
if (status == PARAMETER_PROBLEM)
exit_tryhelp(status);
if (status == VERSION_PROBLEM)
@@ -183,7 +183,7 @@
exit(status);
}
-void ipset_printf(char *msg, ...)
+static void ipset_printf(char *msg, ...)
{
va_list args;
@@ -893,12 +893,12 @@
static ip_set_id_t set_find_free_index(const char *name)
{
- ip_set_id_t i, index = IP_SET_INVALID_ID;
+ ip_set_id_t i, idx = IP_SET_INVALID_ID;
for (i = 0; i < max_sets; i++) {
- if (index == IP_SET_INVALID_ID
+ if (idx == IP_SET_INVALID_ID
&& set_list[i] == NULL)
- index = i;
+ idx = i;
if (set_list[i] != NULL
&& strncmp(set_list[i]->name, name,
IP_SET_MAXNAMELEN) == 0)
@@ -907,13 +907,13 @@
name);
}
- if (index == IP_SET_INVALID_ID)
+ if (idx == IP_SET_INVALID_ID)
exit_error(PARAMETER_PROBLEM,
"Set %s cannot be restored, "
"max number of set %u reached",
name, max_sets);
- return index;
+ return idx;
}
/*
@@ -1032,7 +1032,7 @@
* Send MAX_SETS, LIST_SIZE and/or SAVE_SIZE orders to kernel
*/
static size_t load_set_list(const char name[IP_SET_MAXNAMELEN],
- ip_set_id_t *index,
+ ip_set_id_t *idx,
unsigned op, unsigned cmd)
{
void *data = NULL;
@@ -1069,7 +1069,7 @@
max_sets = req_max_sets.max_sets;
set_list = ipset_malloc(max_sets * sizeof(struct set *));
memset(set_list, 0, max_sets * sizeof(struct set *));
- *index = req_max_sets.set.index;
+ *idx = req_max_sets.set.index;
if (req_max_sets.sets == 0)
/* No sets in kernel */
@@ -1080,7 +1080,7 @@
+ req_max_sets.sets * sizeof(struct ip_set_name_list);
data = ipset_malloc(size);
((struct ip_set_req_setnames *) data)->op = op;
- ((struct ip_set_req_setnames *) data)->index = *index;
+ ((struct ip_set_req_setnames *) data)->index = *idx;
res = kernel_getfrom_handleerrno(cmd, data, &size);
@@ -1219,12 +1219,12 @@
{
void *data = NULL;
socklen_t size, req_size = 0;
- ip_set_id_t index;
+ ip_set_id_t idx;
int res = 0, bindings = 0;
time_t now = time(NULL);
/* Load set_list from kernel */
- size = load_set_list(name, &index,
+ size = load_set_list(name, &idx,
IP_SET_OP_SAVE_SIZE, CMD_SAVE);
if (size) {
@@ -1233,7 +1233,7 @@
req_size = (size += sizeof(struct ip_set_save));
data = ipset_malloc(size);
((struct ip_set_req_list *) data)->op = IP_SET_OP_SAVE;
- ((struct ip_set_req_list *) data)->index = index;
+ ((struct ip_set_req_list *) data)->index = idx;
res = kernel_getfrom_handleerrno(CMD_SAVE, data, &size);
if (res != 0 || size != req_size) {
@@ -1354,10 +1354,10 @@
char buffer[1024];
char *ptr, *name = NULL;
char cmd = ' ';
- int line = 0, first_pass, i, bindings = 0;
+ int restore_line = 0, first_pass, i, bindings = 0;
struct settype *settype = NULL;
struct ip_set_req_setnames *header;
- ip_set_id_t index;
+ ip_set_id_t idx;
FILE *in;
int res;
@@ -1365,7 +1365,7 @@
in = create_tempfile();
/* Load existing sets from kernel */
- load_set_list(IPSET_TOKEN_ALL, &index,
+ load_set_list(IPSET_TOKEN_ALL, &idx,
IP_SET_OP_LIST_SIZE, CMD_RESTORE);
restore_size = sizeof(struct ip_set_req_setnames)/* header */
@@ -1373,7 +1373,7 @@
DP("restore_size: %u", restore_size);
/* First pass: calculate required amount of data */
while (fgets(buffer, sizeof(buffer), in)) {
- line++;
+ restore_line++;
if (buffer[0] == '\n')
continue;
@@ -1396,7 +1396,7 @@
|| ptr[2] != '\0') {
exit_error(PARAMETER_PROBLEM,
"Line %u does not start as a valid restore command\n",
- line);
+ restore_line);
}
cmd = ptr[1];
/* setname */
@@ -1405,7 +1405,7 @@
if (ptr == NULL)
exit_error(PARAMETER_PROBLEM,
"Missing set name in line %u\n",
- line);
+ restore_line);
DP("cmd %c", cmd);
switch (cmd) {
case 'N': {
@@ -1415,11 +1415,11 @@
if (ptr == NULL)
exit_error(PARAMETER_PROBLEM,
"Missing settype in line %u\n",
- line);
+ restore_line);
if (bindings)
exit_error(PARAMETER_PROBLEM,
"Invalid line %u: create must precede bindings\n",
- line);
+ restore_line);
settype = check_set_typename(ptr);
restore_size += sizeof(struct ip_set_restore)
+ settype->create_size;
@@ -1432,11 +1432,11 @@
exit_error(PARAMETER_PROBLEM,
"Add IP to set %s in line %u without "
"preceding corresponding create set line\n",
- ptr, line);
+ ptr, restore_line);
if (bindings)
exit_error(PARAMETER_PROBLEM,
"Invalid line %u: adding entries must precede bindings\n",
- line);
+ restore_line);
restore_size += settype->adt_size;
DP("restore_size (A): %u", restore_size);
break;
@@ -1450,7 +1450,7 @@
default: {
exit_error(PARAMETER_PROBLEM,
"Unrecognized restore command in line %u\n",
- line);
+ restore_line);
}
} /* end of switch */
}
@@ -1467,15 +1467,15 @@
/* Rewind to scan the file again */
fseek(in, 0L, SEEK_SET);
- first_pass = line;
- line = 0;
+ first_pass = restore_line;
+ restore_line = 0;
/* Initialize newargv/newargc */
newargv[newargc++] = ipset_strdup(argv0);
/* Second pass: build up restore request */
while (fgets(buffer, sizeof(buffer), in)) {
- line++;
+ restore_line++;
if (buffer[0] == '\n')
continue;
@@ -1485,7 +1485,7 @@
goto do_restore;
DP("restoring: %s", buffer);
/* Build faked argv, argc */
- build_argv(line, buffer);
+ build_argv(restore_line, buffer);
for (i = 0; i < newargc; i++)
DP("argv[%u]: %s", i, newargv[i]);
@@ -1794,20 +1794,20 @@
unsigned options)
{
void *data = NULL;
- ip_set_id_t index;
+ ip_set_id_t idx;
socklen_t size, req_size;
int res = 0;
DP("%s", name);
/* Load set_list from kernel */
- size = req_size = load_set_list(name, &index,
+ size = req_size = load_set_list(name, &idx,
IP_SET_OP_LIST_SIZE, CMD_LIST);
if (size) {
/* Get sets and print them */
data = ipset_malloc(size);
((struct ip_set_req_list *) data)->op = IP_SET_OP_LIST;
- ((struct ip_set_req_list *) data)->index = index;
+ ((struct ip_set_req_list *) data)->index = idx;
res = kernel_getfrom_handleerrno(CMD_LIST, data, &size);
DP("get_lists getsockopt() res=%d errno=%d", res, errno);
Modified: trunk/ipset/ipset.h
===================================================================
--- trunk/ipset/ipset.h 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset.h 2008-07-19 20:48:19 UTC (rev 7559)
@@ -108,7 +108,7 @@
void (*create_final) (void *data, unsigned int flags);
/* Pointer to list of extra command-line options for create */
- struct option *create_opts;
+ const struct option *create_opts;
/*
* Add/del/test IP
@@ -165,7 +165,7 @@
/* extern void unregister_settype(set_type_t *set_type); */
-extern void exit_error(enum exittype status, char *msg, ...);
+extern void exit_error(enum exittype status, const char *msg, ...);
extern char *binding_ip_tostring(struct set *set,
ip_set_ip_t ip, unsigned options);
Modified: trunk/ipset/ipset_iphash.c
===================================================================
--- trunk/ipset/ipset_iphash.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_iphash.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -41,7 +41,8 @@
#define OPT_CREATE_NETMASK 0x08U
/* Initialize the create. */
-void create_init(void *data)
+static void
+create_init(void *data)
{
struct ip_set_req_iphash_create *mydata =
(struct ip_set_req_iphash_create *) data;
@@ -57,7 +58,8 @@
}
/* Function which parses command options; returns true if it ate an option */
-int create_parse(int c, char *argv[], void *data, unsigned *flags)
+static int
+create_parse(int c, char *argv[], void *data, unsigned *flags)
{
struct ip_set_req_iphash_create *mydata =
(struct ip_set_req_iphash_create *) data;
@@ -125,7 +127,8 @@
}
/* Final check; exit if not ok. */
-void create_final(void *data, unsigned int flags)
+static void
+create_final(void *data, unsigned int flags)
{
#ifdef IPSET_DEBUG
struct ip_set_req_iphash_create *mydata =
@@ -137,16 +140,17 @@
}
/* Create commandline options */
-static struct option create_opts[] = {
- {"hashsize", 1, 0, '1'},
- {"probes", 1, 0, '2'},
- {"resize", 1, 0, '3'},
- {"netmask", 1, 0, '4'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "hashsize", .has_arg = required_argument, .val = '1'},
+ {.name = "probes", .has_arg = required_argument, .val = '2'},
+ {.name = "resize", .has_arg = required_argument, .val = '3'},
+ {.name = "netmask", .has_arg = required_argument, .val = '4'},
+ {NULL},
};
/* Add, del, test parser */
-ip_set_ip_t adt_parser(unsigned cmd, const char *optarg, void *data)
+static ip_set_ip_t
+adt_parser(unsigned cmd, const char *optarg, void *data)
{
struct ip_set_req_iphash *mydata =
(struct ip_set_req_iphash *) data;
@@ -163,7 +167,8 @@
* Print and save
*/
-void initheader(struct set *set, const void *data)
+static void
+initheader(struct set *set, const void *data)
{
struct ip_set_req_iphash_create *header =
(struct ip_set_req_iphash_create *) data;
@@ -177,7 +182,7 @@
map->netmask = header->netmask;
}
-unsigned int
+static unsigned int
mask_to_bits(ip_set_ip_t mask)
{
unsigned int bits = 32;
@@ -193,7 +198,8 @@
return bits;
}
-void printheader(struct set *set, unsigned options)
+static void
+printheader(struct set *set, unsigned options)
{
struct ip_set_iphash *mysetdata =
(struct ip_set_iphash *) set->settype->header;
@@ -207,7 +213,8 @@
printf(" netmask: %d\n", mask_to_bits(mysetdata->netmask));
}
-void printips(struct set *set, void *data, size_t len, unsigned options)
+static void
+printips(struct set *set, void *data, size_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
@@ -220,7 +227,8 @@
}
}
-void saveheader(struct set *set, unsigned options)
+static void
+saveheader(struct set *set, unsigned options)
{
struct ip_set_iphash *mysetdata =
(struct ip_set_iphash *) set->settype->header;
@@ -235,7 +243,8 @@
}
/* Print save for an IP */
-void saveips(struct set *set, void *data, size_t len, unsigned options)
+static void
+saveips(struct set *set, void *data, size_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
@@ -249,7 +258,7 @@
}
}
-void usage(void)
+static void usage(void)
{
printf
("-N set iphash [--hashsize hashsize] [--probes probes ]\n"
Modified: trunk/ipset/ipset_ipmap.c
===================================================================
--- trunk/ipset/ipset_ipmap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_ipmap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -37,7 +37,8 @@
#define OPT_ADDDEL_IP 0x01U
/* Initialize the create. */
-void create_init(void *data)
+static void
+create_init(void *data)
{
struct ip_set_req_ipmap_create *mydata =
(struct ip_set_req_ipmap_create *) data;
@@ -47,7 +48,8 @@
}
/* Function which parses command options; returns true if it ate an option */
-int create_parse(int c, char *argv[], void *data, unsigned *flags)
+static int
+create_parse(int c, char *argv[], void *data, unsigned *flags)
{
struct ip_set_req_ipmap_create *mydata =
(struct ip_set_req_ipmap_create *) data;
@@ -119,7 +121,8 @@
#define ERRSTRLEN 256
/* Final check; exit if not ok. */
-void create_final(void *data, unsigned int flags)
+static void
+create_final(void *data, unsigned int flags)
{
struct ip_set_req_ipmap_create *mydata =
(struct ip_set_req_ipmap_create *) data;
@@ -196,16 +199,17 @@
}
/* Create commandline options */
-static struct option create_opts[] = {
- {"from", 1, 0, '1'},
- {"to", 1, 0, '2'},
- {"network", 1, 0, '3'},
- {"netmask", 1, 0, '4'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "from", .has_arg = required_argument, .val = '1'},
+ {.name = "to", .has_arg = required_argument, .val = '2'},
+ {.name = "network", .has_arg = required_argument, .val = '3'},
+ {.name = "netmask", .has_arg = required_argument, .val = '4'},
+ {NULL},
};
/* Add, del, test parser */
-ip_set_ip_t adt_parser(unsigned cmd, const char *optarg, void *data)
+static ip_set_ip_t
+adt_parser(unsigned cmd, const char *optarg, void *data)
{
struct ip_set_req_ipmap *mydata =
(struct ip_set_req_ipmap *) data;
@@ -222,7 +226,8 @@
* Print and save
*/
-void initheader(struct set *set, const void *data)
+static void
+initheader(struct set *set, const void *data)
{
struct ip_set_req_ipmap_create *header =
(struct ip_set_req_ipmap_create *) data;
@@ -252,7 +257,8 @@
DP("%i %i", map->hosts, map->sizeid );
}
-void printheader(struct set *set, unsigned options)
+static void
+printheader(struct set *set, unsigned options)
{
struct ip_set_ipmap *mysetdata =
(struct ip_set_ipmap *) set->settype->header;
@@ -265,7 +271,8 @@
printf(" netmask: %d\n", mask_to_bits(mysetdata->netmask));
}
-void printips_sorted(struct set *set, void *data, size_t len, unsigned options)
+static void
+printips_sorted(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_ipmap *mysetdata =
(struct ip_set_ipmap *) set->settype->header;
@@ -279,7 +286,8 @@
options));
}
-void saveheader(struct set *set, unsigned options)
+static void
+saveheader(struct set *set, unsigned options)
{
struct ip_set_ipmap *mysetdata =
(struct ip_set_ipmap *) set->settype->header;
@@ -296,7 +304,8 @@
mask_to_bits(mysetdata->netmask));
}
-void saveips(struct set *set, void *data, size_t len, unsigned options)
+static void
+saveips(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_ipmap *mysetdata =
(struct ip_set_ipmap *) set->settype->header;
@@ -312,7 +321,7 @@
options));
}
-void usage(void)
+static void usage(void)
{
printf
("-N set ipmap --from IP --to IP [--netmask CIDR-netmask]\n"
Modified: trunk/ipset/ipset_ipporthash.c
===================================================================
--- trunk/ipset/ipset_ipporthash.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_ipporthash.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -41,7 +41,8 @@
#define OPT_CREATE_TO 0x20U
/* Initialize the create. */
-void create_init(void *data)
+static void
+create_init(void *data)
{
struct ip_set_req_ipporthash_create *mydata =
(struct ip_set_req_ipporthash_create *) data;
@@ -55,7 +56,8 @@
}
/* Function which parses command options; returns true if it ate an option */
-int create_parse(int c, char *argv[], void *data, unsigned *flags)
+static int
+create_parse(int c, char *argv[], void *data, unsigned *flags)
{
struct ip_set_req_ipporthash_create *mydata =
(struct ip_set_req_ipporthash_create *) data;
@@ -146,7 +148,8 @@
}
/* Final check; exit if not ok. */
-void create_final(void *data, unsigned int flags)
+static void
+create_final(void *data, unsigned int flags)
{
struct ip_set_req_ipporthash_create *mydata =
(struct ip_set_req_ipporthash_create *) data;
@@ -187,18 +190,19 @@
}
/* Create commandline options */
-static struct option create_opts[] = {
- {"hashsize", 1, 0, '1'},
- {"probes", 1, 0, '2'},
- {"resize", 1, 0, '3'},
- {"from", 1, 0, '4'},
- {"to", 1, 0, '5'},
- {"network", 1, 0, '6'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "hashsize", .has_arg = required_argument, .val = '1'},
+ {.name = "probes", .has_arg = required_argument, .val = '2'},
+ {.name = "resize", .has_arg = required_argument, .val = '3'},
+ {.name = "from", .has_arg = required_argument, .val = '4'},
+ {.name = "to", .has_arg = required_argument, .val = '5'},
+ {.name = "network", .has_arg = required_argument, .val = '6'},
+ {NULL},
};
/* Add, del, test parser */
-ip_set_ip_t adt_parser(unsigned cmd, const char *optarg, void *data)
+static ip_set_ip_t
+adt_parser(unsigned cmd, const char *optarg, void *data)
{
struct ip_set_req_ipporthash *mydata =
(struct ip_set_req_ipporthash *) data;
@@ -223,7 +227,8 @@
* Print and save
*/
-void initheader(struct set *set, const void *data)
+static void
+initheader(struct set *set, const void *data)
{
struct ip_set_req_ipporthash_create *header =
(struct ip_set_req_ipporthash_create *) data;
@@ -238,7 +243,8 @@
map->last_ip = header->to;
}
-void printheader(struct set *set, unsigned options)
+static void
+printheader(struct set *set, unsigned options)
{
struct ip_set_ipporthash *mysetdata =
(struct ip_set_ipporthash *) set->settype->header;
@@ -250,7 +256,8 @@
printf(" resize: %u\n", mysetdata->resize);
}
-void printips(struct set *set, void *data, size_t len, unsigned options)
+static void
+printips(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_ipporthash *mysetdata =
(struct ip_set_ipporthash *) set->settype->header;
@@ -271,7 +278,8 @@
}
}
-void saveheader(struct set *set, unsigned options)
+static void
+saveheader(struct set *set, unsigned options)
{
struct ip_set_ipporthash *mysetdata =
(struct ip_set_ipporthash *) set->settype->header;
@@ -286,7 +294,8 @@
}
/* Print save for an IP */
-void saveips(struct set *set, void *data, size_t len, unsigned options)
+static void
+saveips(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_ipporthash *mysetdata =
(struct ip_set_ipporthash *) set->settype->header;
@@ -309,7 +318,8 @@
static char buffer[22];
-static char * unpack_ipport_tostring(struct set *set, ip_set_ip_t bip, unsigned options)
+static char *
+unpack_ipport_tostring(struct set *set, ip_set_ip_t bip, unsigned options)
{
struct ip_set_ipporthash *mysetdata =
(struct ip_set_ipporthash *) set->settype->header;
@@ -323,7 +333,7 @@
return buffer;
}
-void usage(void)
+static void usage(void)
{
printf
("-N set ipporthash --from IP --to IP\n"
Modified: trunk/ipset/ipset_iptree.c
===================================================================
--- trunk/ipset/ipset_iptree.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_iptree.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -31,7 +31,8 @@
#define OPT_CREATE_TIMEOUT 0x01U
/* Initialize the create. */
-void create_init(void *data)
+static void
+create_init(void *data)
{
struct ip_set_req_iptree_create *mydata =
(struct ip_set_req_iptree_create *) data;
@@ -41,7 +42,8 @@
}
/* Function which parses command options; returns true if it ate an option */
-int create_parse(int c, char *argv[], void *data, unsigned *flags)
+static int
+create_parse(int c, char *argv[], void *data, unsigned *flags)
{
struct ip_set_req_iptree_create *mydata =
(struct ip_set_req_iptree_create *) data;
@@ -65,18 +67,20 @@
}
/* Final check; exit if not ok. */
-void create_final(void *data, unsigned int flags)
+static void
+create_final(void *data, unsigned int flags)
{
}
/* Create commandline options */
-static struct option create_opts[] = {
- {"timeout", 1, 0, '1'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "timeout", .has_arg = required_argument, .val = '1'},
+ {NULL},
};
/* Add, del, test parser */
-ip_set_ip_t adt_parser(unsigned cmd, const char *optarg, void *data)
+static ip_set_ip_t
+adt_parser(unsigned cmd, const char *optarg, void *data)
{
struct ip_set_req_iptree *mydata =
(struct ip_set_req_iptree *) data;
@@ -101,7 +105,8 @@
* Print and save
*/
-void initheader(struct set *set, const void *data)
+static void
+initheader(struct set *set, const void *data)
{
struct ip_set_req_iptree_create *header =
(struct ip_set_req_iptree_create *) data;
@@ -111,7 +116,8 @@
map->timeout = header->timeout;
}
-void printheader(struct set *set, unsigned options)
+static void
+printheader(struct set *set, unsigned options)
{
struct ip_set_iptree *mysetdata =
(struct ip_set_iptree *) set->settype->header;
@@ -121,7 +127,8 @@
printf("\n");
}
-void printips_sorted(struct set *set, void *data, size_t len, unsigned options)
+static void
+printips_sorted(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_iptree *mysetdata =
(struct ip_set_iptree *) set->settype->header;
@@ -139,7 +146,8 @@
}
}
-void saveheader(struct set *set, unsigned options)
+static void
+saveheader(struct set *set, unsigned options)
{
struct ip_set_iptree *mysetdata =
(struct ip_set_iptree *) set->settype->header;
@@ -153,7 +161,8 @@
set->name, set->settype->typename);
}
-void saveips(struct set *set, void *data, size_t len, unsigned options)
+static void
+saveips(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_iptree *mysetdata =
(struct ip_set_iptree *) set->settype->header;
@@ -177,7 +186,7 @@
}
}
-void usage(void)
+static void usage(void)
{
printf
("-N set iptree [--timeout value]\n"
Modified: trunk/ipset/ipset_iptreemap.c
===================================================================
--- trunk/ipset/ipset_iptreemap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_iptreemap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -28,7 +28,7 @@
#define OPT_CREATE_GC 0x1
-void
+static void
create_init(void *data)
{
struct ip_set_req_iptreemap_create *mydata = data;
@@ -36,7 +36,7 @@
mydata->gc_interval = 0;
}
-int
+static int
create_parse(int c, char *argv[], void *data, unsigned int *flags)
{
struct ip_set_req_iptreemap_create *mydata = data;
@@ -55,17 +55,17 @@
return 1;
}
-void
+static void
create_final(void *data, unsigned int flags)
{
}
-static struct option create_opts[] = {
- {"gc", 1, 0, 'g'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "gc", .has_arg = required_argument, .val = 'g'},
+ {NULL},
};
-ip_set_ip_t
+static ip_set_ip_t
adt_parser(unsigned int cmd, const char *optarg, void *data)
{
struct ip_set_req_iptreemap *mydata = data;
@@ -91,7 +91,7 @@
return 1;
}
-void
+static void
initheader(struct set *set, const void *data)
{
const struct ip_set_req_iptreemap_create *header = data;
@@ -100,7 +100,7 @@
map->gc_interval = header->gc_interval;
}
-void
+static void
printheader(struct set *set, unsigned int options)
{
struct ip_set_iptreemap *mysetdata = set->settype->header;
@@ -111,7 +111,7 @@
printf("\n");
}
-void
+static void
printips_sorted(struct set *set, void *data, size_t len, unsigned int options)
{
struct ip_set_req_iptreemap *req;
@@ -129,7 +129,7 @@
}
}
-void
+static void
saveheader(struct set *set, unsigned int options)
{
struct ip_set_iptreemap *mysetdata = set->settype->header;
@@ -142,7 +142,7 @@
printf("\n");
}
-void
+static void
saveips(struct set *set, void *data, size_t len, unsigned int options)
{
struct ip_set_req_iptreemap *req;
@@ -162,7 +162,7 @@
}
}
-void
+static void
usage(void)
{
printf(
Modified: trunk/ipset/ipset_macipmap.c
===================================================================
--- trunk/ipset/ipset_macipmap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_macipmap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -40,14 +40,16 @@
#define OPT_ADDDEL_MAC 0x02U
/* Initialize the create. */
-void create_init(void *data)
+static void
+create_init(void *data)
{
DP("create INIT");
/* Nothing */
}
/* Function which parses command options; returns true if it ate an option */
-int create_parse(int c, char *argv[], void *data, unsigned *flags)
+static int
+create_parse(int c, char *argv[], void *data, unsigned *flags)
{
struct ip_set_req_macipmap_create *mydata =
(struct ip_set_req_macipmap_create *) data;
@@ -107,7 +109,8 @@
}
/* Final check; exit if not ok. */
-void create_final(void *data, unsigned int flags)
+static void
+create_final(void *data, unsigned int flags)
{
struct ip_set_req_macipmap_create *mydata =
(struct ip_set_req_macipmap_create *) data;
@@ -145,15 +148,16 @@
}
/* Create commandline options */
-static struct option create_opts[] = {
- {"from", 1, 0, '1'},
- {"to", 1, 0, '2'},
- {"network", 1, 0, '3'},
- {"matchunset", 0, 0, '4'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "from", .has_arg = required_argument, .val = '1'},
+ {.name = "to", .has_arg = required_argument, .val = '2'},
+ {.name = "network", .has_arg = required_argument, .val = '3'},
+ {.name = "matchunset", .has_arg = no_argument, .val = '4'},
+ {NULL},
};
-static void parse_mac(const char *mac, unsigned char *ethernet)
+static void
+parse_mac(const char *mac, unsigned char *ethernet)
{
unsigned int i = 0;
@@ -175,7 +179,8 @@
}
/* Add, del, test parser */
-ip_set_ip_t adt_parser(unsigned cmd, const char *optarg, void *data)
+static ip_set_ip_t
+adt_parser(unsigned cmd, const char *optarg, void *data)
{
struct ip_set_req_macipmap *mydata =
(struct ip_set_req_macipmap *) data;
@@ -200,7 +205,8 @@
* Print and save
*/
-void initheader(struct set *set, const void *data)
+static void
+initheader(struct set *set, const void *data)
{
struct ip_set_req_macipmap_create *header =
(struct ip_set_req_macipmap_create *) data;
@@ -213,7 +219,8 @@
map->flags = header->flags;
}
-void printheader(struct set *set, unsigned options)
+static void
+printheader(struct set *set, unsigned options)
{
struct ip_set_macipmap *mysetdata =
(struct ip_set_macipmap *) set->settype->header;
@@ -226,7 +233,8 @@
printf("\n");
}
-static void print_mac(unsigned char macaddress[ETH_ALEN])
+static void
+print_mac(unsigned char macaddress[ETH_ALEN])
{
unsigned int i;
@@ -235,7 +243,8 @@
printf(":%02X", macaddress[i]);
}
-void printips_sorted(struct set *set, void *data, size_t len, unsigned options)
+static void
+printips_sorted(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_macipmap *mysetdata =
(struct ip_set_macipmap *) set->settype->header;
@@ -255,7 +264,8 @@
}
}
-void saveheader(struct set *set, unsigned options)
+static void
+saveheader(struct set *set, unsigned options)
{
struct ip_set_macipmap *mysetdata =
(struct ip_set_macipmap *) set->settype->header;
@@ -270,7 +280,8 @@
printf("\n");
}
-void saveips(struct set *set, void *data, size_t len, unsigned options)
+static void
+saveips(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_macipmap *mysetdata =
(struct ip_set_macipmap *) set->settype->header;
@@ -291,7 +302,7 @@
}
}
-void usage(void)
+static void usage(void)
{
printf
("-N set macipmap --from IP --to IP [--matchunset]\n"
Modified: trunk/ipset/ipset_nethash.c
===================================================================
--- trunk/ipset/ipset_nethash.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_nethash.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -40,7 +40,8 @@
#define OPT_CREATE_RESIZE 0x04U
/* Initialize the create. */
-void create_init(void *data)
+static void
+create_init(void *data)
{
struct ip_set_req_nethash_create *mydata =
(struct ip_set_req_nethash_create *) data;
@@ -54,7 +55,8 @@
}
/* Function which parses command options; returns true if it ate an option */
-int create_parse(int c, char *argv[], void *data, unsigned *flags)
+static int
+create_parse(int c, char *argv[], void *data, unsigned *flags)
{
struct ip_set_req_nethash_create *mydata =
(struct ip_set_req_nethash_create *) data;
@@ -106,7 +108,8 @@
}
/* Final check; exit if not ok. */
-void create_final(void *data, unsigned int flags)
+static void
+create_final(void *data, unsigned int flags)
{
#ifdef IPSET_DEBUG
struct ip_set_req_nethash_create *mydata =
@@ -118,15 +121,16 @@
}
/* Create commandline options */
-static struct option create_opts[] = {
- {"hashsize", 1, 0, '1'},
- {"probes", 1, 0, '2'},
- {"resize", 1, 0, '3'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "hashsize", .has_arg = required_argument, .val = '1'},
+ {.name = "probes", .has_arg = required_argument, .val = '2'},
+ {.name = "resize", .has_arg = required_argument, .val = '3'},
+ {NULL},
};
/* Add, del, test parser */
-ip_set_ip_t adt_parser(unsigned cmd, const char *optarg, void *data)
+static ip_set_ip_t
+adt_parser(unsigned cmd, const char *optarg, void *data)
{
struct ip_set_req_nethash *mydata =
(struct ip_set_req_nethash *) data;
@@ -161,7 +165,8 @@
* Print and save
*/
-void initheader(struct set *set, const void *data)
+static void
+initheader(struct set *set, const void *data)
{
struct ip_set_req_nethash_create *header =
(struct ip_set_req_nethash_create *) data;
@@ -174,7 +179,8 @@
map->resize = header->resize;
}
-void printheader(struct set *set, unsigned options)
+static void
+printheader(struct set *set, unsigned options)
{
struct ip_set_nethash *mysetdata =
(struct ip_set_nethash *) set->settype->header;
@@ -186,7 +192,8 @@
static char buf[20];
-static char * unpack_ip_tostring(ip_set_ip_t ip, unsigned options)
+static char *
+unpack_ip_tostring(ip_set_ip_t ip, unsigned options)
{
int i, j = 3;
unsigned char a, b;
@@ -237,7 +244,8 @@
return buf;
}
-void printips(struct set *set, void *data, size_t len, unsigned options)
+static void
+printips(struct set *set, void *data, size_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
@@ -250,7 +258,8 @@
}
}
-void saveheader(struct set *set, unsigned options)
+static void
+saveheader(struct set *set, unsigned options)
{
struct ip_set_nethash *mysetdata =
(struct ip_set_nethash *) set->settype->header;
@@ -261,7 +270,8 @@
}
/* Print save for an IP */
-void saveips(struct set *set, void *data, size_t len, unsigned options)
+static void
+saveips(struct set *set, void *data, size_t len, unsigned options)
{
size_t offset = 0;
ip_set_ip_t *ip;
@@ -275,12 +285,14 @@
}
}
-static char * net_tostring(struct set *set, ip_set_ip_t ip, unsigned options)
+static char *
+net_tostring(struct set *set, ip_set_ip_t ip, unsigned options)
{
return unpack_ip_tostring(ip, options);
}
-static void parse_net(const char *str, ip_set_ip_t *ip)
+static void
+parse_net(const char *str, ip_set_ip_t *ip)
{
char *saved = strdup(str);
char *ptr, *tmp = saved;
@@ -302,7 +314,7 @@
*ip = pack(*ip, cidr);
}
-void usage(void)
+static void usage(void)
{
printf
("-N set nethash [--hashsize hashsize] [--probes probes ]\n"
Modified: trunk/ipset/ipset_portmap.c
===================================================================
--- trunk/ipset/ipset_portmap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/ipset_portmap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -34,14 +34,16 @@
#define OPT_ADDDEL_PORT 0x01U
/* Initialize the create. */
-void create_init(void *data)
+static void
+create_init(void *data)
{
DP("create INIT");
/* Nothing */
}
/* Function which parses command options; returns true if it ate an option */
-int create_parse(int c, char *argv[], void *data, unsigned *flags)
+static int
+create_parse(int c, char *argv[], void *data, unsigned *flags)
{
struct ip_set_req_portmap_create *mydata =
(struct ip_set_req_portmap_create *) data;
@@ -77,7 +79,8 @@
}
/* Final check; exit if not ok. */
-void create_final(void *data, unsigned int flags)
+static void
+create_final(void *data, unsigned int flags)
{
struct ip_set_req_portmap_create *mydata =
(struct ip_set_req_portmap_create *) data;
@@ -107,14 +110,15 @@
}
/* Create commandline options */
-static struct option create_opts[] = {
- {"from", 1, 0, '1'},
- {"to", 1, 0, '2'},
- {0}
+static const struct option create_opts[] = {
+ {.name = "from", .has_arg = required_argument, .val = '1'},
+ {.name = "to", .has_arg = required_argument, .val = '2'},
+ {NULL},
};
/* Add, del, test parser */
-ip_set_ip_t adt_parser(unsigned cmd, const char *optarg, void *data)
+static ip_set_ip_t
+adt_parser(unsigned cmd, const char *optarg, void *data)
{
struct ip_set_req_portmap *mydata =
(struct ip_set_req_portmap *) data;
@@ -129,7 +133,8 @@
* Print and save
*/
-void initheader(struct set *set, const void *data)
+static void
+initheader(struct set *set, const void *data)
{
struct ip_set_req_portmap_create *header =
(struct ip_set_req_portmap_create *) data;
@@ -141,7 +146,8 @@
map->last_port = header->to;
}
-void printheader(struct set *set, unsigned options)
+static void
+printheader(struct set *set, unsigned options)
{
struct ip_set_portmap *mysetdata =
(struct ip_set_portmap *) set->settype->header;
@@ -150,7 +156,8 @@
printf(" to: %s\n", port_tostring(mysetdata->last_port, options));
}
-void printports_sorted(struct set *set, void *data, size_t len, unsigned options)
+static void
+printports_sorted(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_portmap *mysetdata =
(struct ip_set_portmap *) set->settype->header;
@@ -164,12 +171,14 @@
}
}
-char * binding_port_tostring(struct set *set, ip_set_ip_t ip, unsigned options)
+static char *
+binding_port_tostring(struct set *set, ip_set_ip_t ip, unsigned options)
{
return port_tostring(ip, options);
}
-void saveheader(struct set *set, unsigned options)
+static void
+saveheader(struct set *set, unsigned options)
{
struct ip_set_portmap *mysetdata =
(struct ip_set_portmap *) set->settype->header;
@@ -182,7 +191,8 @@
port_tostring(mysetdata->last_port, options));
}
-void saveports(struct set *set, void *data, size_t len, unsigned options)
+static void
+saveports(struct set *set, void *data, size_t len, unsigned options)
{
struct ip_set_portmap *mysetdata =
(struct ip_set_portmap *) set->settype->header;
@@ -197,7 +207,7 @@
}
}
-void usage(void)
+static void usage(void)
{
printf
("-N set portmap --from PORT --to PORT\n"
Added: trunk/ipset/kernel/Config.in.ipset
===================================================================
--- trunk/ipset/kernel/Config.in.ipset (rev 0)
+++ trunk/ipset/kernel/Config.in.ipset 2008-07-19 20:48:19 UTC (rev 7559)
@@ -0,0 +1,15 @@
+ dep_tristate ' IP set support' CONFIG_IP_NF_SET $CONFIG_IP_NF_IPTABLES
+ if [ "$CONFIG_IP_NF_SET" != "n" ]; then
+ int ' Maximum number of sets' CONFIG_IP_NF_SET_MAX 256
+ int ' Hash size for bindings of IP sets' CONFIG_IP_NF_SET_HASHSIZE 1024
+ dep_tristate ' set match support' CONFIG_IP_NF_MATCH_SET $CONFIG_IP_NF_SET
+ dep_tristate ' SET target support' CONFIG_IP_NF_TARGET_SET $CONFIG_IP_NF_SET
+ dep_tristate ' ipmap set type support' CONFIG_IP_NF_SET_IPMAP $CONFIG_IP_NF_SET
+ dep_tristate ' macipmap set type support' CONFIG_IP_NF_SET_MACIPMAP $CONFIG_IP_NF_SET
+ dep_tristate ' portmap set type support' CONFIG_IP_NF_SET_PORTMAP $CONFIG_IP_NF_SET
+ dep_tristate ' iphash set type support' CONFIG_IP_NF_SET_IPHASH $CONFIG_IP_NF_SET
+ dep_tristate ' nethash set type support' CONFIG_IP_NF_SET_NETHASH $CONFIG_IP_NF_SET
+ dep_tristate ' ipporthash set type support' CONFIG_IP_NF_SET_IPPORTHASH $CONFIG_IP_NF_SET
+ dep_tristate ' iptree set type support' CONFIG_IP_NF_SET_IPTREE $CONFIG_IP_NF_SET
+ dep_tristate ' iptreemap set type support' CONFIG_IP_NF_SET_IPTREEMAP $CONFIG_IP_NF_SET
+ fi
Added: trunk/ipset/kernel/Makefile.export.ipset
===================================================================
--- trunk/ipset/kernel/Makefile.export.ipset (rev 0)
+++ trunk/ipset/kernel/Makefile.export.ipset 2008-07-19 20:48:19 UTC (rev 7559)
@@ -0,0 +1,3 @@
+ifdef CONFIG_IP_NF_SET
+ export-objs += ip_set.o
+endif
Modified: trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h
===================================================================
--- trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h 2008-07-19 20:48:19 UTC (rev 7559)
@@ -297,6 +297,7 @@
}
#ifdef __KERNEL__
+#include <linux/netfilter_ipv4/ip_set_compat.h>
#define ip_set_printk(format, args...) \
do { \
Added: trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
===================================================================
--- trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_compat.h (rev 0)
+++ trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_compat.h 2008-07-19 20:48:19 UTC (rev 7559)
@@ -0,0 +1,70 @@
+#ifndef _IP_SET_COMPAT_H
+#define _IP_SET_COMPAT_H
+
+#ifdef __KERNEL__
+#include <linux/version.h>
+
+/* Arrgh */
+#ifdef MODULE
+#define __MOD_INC(foo) __MOD_INC_USE_COUNT(foo)
+#define __MOD_DEC(foo) __MOD_DEC_USE_COUNT(foo)
+#else
+#define __MOD_INC(foo)
+#define __MOD_DEC(foo)
+#endif
+
+/* Backward compatibility */
+#ifndef __nocast
+#define __nocast
+#endif
+#ifndef __bitwise__
+#define __bitwise__
+#endif
+
+/* Compatibility glue code */
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
+#include <linux/interrupt.h>
+#define DEFINE_RWLOCK(x) rwlock_t x = RW_LOCK_UNLOCKED
+#define try_module_get(x) (__MOD_INC(x), 1)
+#define module_put(x) __MOD_DEC(x)
+#define __clear_bit(nr, addr) clear_bit(nr, addr)
+#define __set_bit(nr, addr) set_bit(nr, addr)
+#define __test_and_set_bit(nr, addr) test_and_set_bit(nr, addr)
+#define __test_and_clear_bit(nr, addr) test_and_clear_bit(nr, addr)
+
+typedef unsigned __bitwise__ gfp_t;
+
+static inline void *kzalloc(size_t size, gfp_t flags)
+{
+ void *data = kmalloc(size, flags);
+
+ if (data)
+ memset(data, 0, size);
+
+ return data;
+}
+#endif
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20)
+#define __KMEM_CACHE_T__ kmem_cache_t
+#else
+#define __KMEM_CACHE_T__ struct kmem_cache
+#endif
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,22)
+#define ip_hdr(skb) ((skb)->nh.iph)
+#define skb_mac_header(skb) ((skb)->mac.raw)
+#define eth_hdr(skb) ((struct ethhdr *)skb_mac_header(skb))
+#endif
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
+#define KMEM_CACHE_CREATE(name, size) \
+ kmem_cache_create(name, size, 0, 0, NULL, NULL)
+#else
+#define KMEM_CACHE_CREATE(name, size) \
+ kmem_cache_create(name, size, 0, 0, NULL)
+#endif
+
+
+#endif /* __KERNEL__ */
+#endif /* _IP_SET_COMPAT_H */
Modified: trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
===================================================================
--- trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h 2008-07-19 20:48:19 UTC (rev 7559)
@@ -25,7 +25,7 @@
ip_set_ip_t ip;
};
-unsigned int
+static unsigned int
mask_to_bits(ip_set_ip_t mask)
{
unsigned int bits = 32;
@@ -41,7 +41,7 @@
return bits;
}
-ip_set_ip_t
+static ip_set_ip_t
range_to_mask(ip_set_ip_t from, ip_set_ip_t to, unsigned int *bits)
{
ip_set_ip_t mask = 0xFFFFFFFE;
Modified: trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h
===================================================================
--- trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h 2008-07-19 20:48:19 UTC (rev 7559)
@@ -5,10 +5,17 @@
static size_t max_malloc_size = 0, max_page_size = 0;
-static inline bool init_max_page_size(void)
+static inline int init_max_page_size(void)
{
+/* Compatibility glues to support 2.4.36 */
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
+#define __GFP_NOWARN 0
+
+ /* Guaranteed: slab.c */
+ max_malloc_size = max_page_size = 131072;
+#else
size_t page_size = 0;
-
+
#define CACHE(x) if (max_page_size == 0 || x < max_page_size) \
page_size = x;
#include <linux/kmalloc_sizes.h>
@@ -21,6 +28,7 @@
return 1;
}
+#endif
return 0;
}
Modified: trunk/ipset/kernel/ip_set.c
===================================================================
--- trunk/ipset/kernel/ip_set.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -133,7 +133,7 @@
if (set_hash != NULL)
__set_hash_del(set_hash);
- write_unlock_bh(&ip_set_lock);
+ write_unlock_bh(&ip_set_lock);
return 0;
}
Modified: trunk/ipset/kernel/ip_set_iphash.c
===================================================================
--- trunk/ipset/kernel/ip_set_iphash.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_iphash.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -8,6 +8,7 @@
/* Kernel module implementing an ip hash set */
#include <linux/module.h>
+#include <linux/moduleparam.h>
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/version.h>
@@ -88,13 +89,8 @@
{
return __testip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
@@ -149,13 +145,8 @@
{
return __addip((struct ip_set_iphash *) set->data,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
@@ -276,13 +267,8 @@
{
return __delip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
Modified: trunk/ipset/kernel/ip_set_ipmap.c
===================================================================
--- trunk/ipset/kernel/ip_set_ipmap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_ipmap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -66,13 +66,8 @@
{
int res = __testip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
return (res < 0 ? 0 : res);
}
@@ -118,13 +113,8 @@
{
return __addip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
@@ -168,13 +158,8 @@
{
return __delip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
Modified: trunk/ipset/kernel/ip_set_ipporthash.c
===================================================================
--- trunk/ipset/kernel/ip_set_ipporthash.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_ipporthash.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -8,6 +8,7 @@
/* Kernel module implementing an ip+port hash set */
#include <linux/module.h>
+#include <linux/moduleparam.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
@@ -34,11 +35,7 @@
static inline ip_set_ip_t
get_port(const struct sk_buff *skb, u_int32_t flags)
{
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
struct iphdr *iph = ip_hdr(skb);
-#else
- struct iphdr *iph = skb->nh.iph;
-#endif
u_int16_t offset = ntohs(iph->frag_off) & IP_OFFSET;
switch (iph->protocol) {
@@ -49,11 +46,7 @@
if (offset)
return INVALID_PORT;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
if (skb_copy_bits(skb, ip_hdr(skb)->ihl*4, &tcph, sizeof(tcph)) < 0)
-#else
- if (skb_copy_bits(skb, skb->nh.iph->ihl*4, &tcph, sizeof(tcph)) < 0)
-#endif
/* No choice either */
return INVALID_PORT;
@@ -66,11 +59,7 @@
if (offset)
return INVALID_PORT;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
if (skb_copy_bits(skb, ip_hdr(skb)->ihl*4, &udph, sizeof(udph)) < 0)
-#else
- if (skb_copy_bits(skb, skb->nh.iph->ihl*4, &udph, sizeof(udph)) < 0)
-#endif
/* No choice either */
return INVALID_PORT;
@@ -159,13 +148,8 @@
DP("flag: %s src: %u.%u.%u.%u dst: %u.%u.%u.%u",
flags[index] & IPSET_SRC ? "SRC" : "DST",
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
NIPQUAD(ip_hdr(skb)->saddr),
NIPQUAD(ip_hdr(skb)->daddr));
-#else
- NIPQUAD(skb->nh.iph->saddr),
- NIPQUAD(skb->nh.iph->daddr));
-#endif
DP("flag %s port %u",
flags[index+1] & IPSET_SRC ? "SRC" : "DST",
port);
@@ -174,13 +158,8 @@
res = __testip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
port,
hash_ip);
return (res < 0 ? 0 : res);
@@ -254,13 +233,8 @@
DP("flag: %s src: %u.%u.%u.%u dst: %u.%u.%u.%u",
flags[index] & IPSET_SRC ? "SRC" : "DST",
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
NIPQUAD(ip_hdr(skb)->saddr),
NIPQUAD(ip_hdr(skb)->daddr));
-#else
- NIPQUAD(skb->nh.iph->saddr),
- NIPQUAD(skb->nh.iph->daddr));
-#endif
DP("flag %s port %u",
flags[index+1] & IPSET_SRC ? "SRC" : "DST",
port);
@@ -269,13 +243,8 @@
return __addip(set->data,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
port,
hash_ip);
}
@@ -408,13 +377,8 @@
DP("flag: %s src: %u.%u.%u.%u dst: %u.%u.%u.%u",
flags[index] & IPSET_SRC ? "SRC" : "DST",
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
NIPQUAD(ip_hdr(skb)->saddr),
NIPQUAD(ip_hdr(skb)->daddr));
-#else
- NIPQUAD(skb->nh.iph->saddr),
- NIPQUAD(skb->nh.iph->daddr));
-#endif
DP("flag %s port %u",
flags[index+1] & IPSET_SRC ? "SRC" : "DST",
port);
@@ -423,13 +387,8 @@
return __delip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
port,
hash_ip);
}
Modified: trunk/ipset/kernel/ip_set_iptree.c
===================================================================
--- trunk/ipset/kernel/ip_set_iptree.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_iptree.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -9,6 +9,7 @@
#include <linux/version.h>
#include <linux/module.h>
+#include <linux/moduleparam.h>
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/slab.h>
@@ -20,11 +21,6 @@
#include <asm/bitops.h>
#include <linux/spinlock.h>
-/* Backward compatibility */
-#ifndef __nocast
-#define __nocast
-#endif
-
#include <linux/netfilter_ipv4/ip_set_iptree.h>
static int limit = MAX_RANGE;
@@ -35,14 +31,10 @@
* to delete the gc timer at destroying/flushing a set */
#define IPTREE_DESTROY_SLEEP 100
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
-static struct kmem_cache *branch_cachep;
-static struct kmem_cache *leaf_cachep;
-#else
-static kmem_cache_t *branch_cachep;
-static kmem_cache_t *leaf_cachep;
-#endif
+static __KMEM_CACHE_T__ *branch_cachep;
+static __KMEM_CACHE_T__ *leaf_cachep;
+
#if defined(__LITTLE_ENDIAN)
#define ABCD(a,b,c,d,addrp) do { \
a = ((unsigned char *)addrp)[3]; \
@@ -118,23 +110,13 @@
DP("flag: %s src: %u.%u.%u.%u dst: %u.%u.%u.%u",
flags[index] & IPSET_SRC ? "SRC" : "DST",
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
NIPQUAD(ip_hdr(skb)->saddr),
NIPQUAD(ip_hdr(skb)->daddr));
-#else
- NIPQUAD(skb->nh.iph->saddr),
- NIPQUAD(skb->nh.iph->daddr));
-#endif
res = __testip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
return (res < 0 ? 0 : res);
}
@@ -219,13 +201,8 @@
return __addip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
map->timeout,
hash_ip);
}
@@ -287,13 +264,8 @@
{
return __delip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
@@ -556,29 +528,15 @@
{
int ret;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
- branch_cachep = kmem_cache_create("ip_set_iptreeb",
- sizeof(struct ip_set_iptreeb),
- 0, 0, NULL);
-#else
- branch_cachep = kmem_cache_create("ip_set_iptreeb",
- sizeof(struct ip_set_iptreeb),
- 0, 0, NULL, NULL);
-#endif
+ branch_cachep = KMEM_CACHE_CREATE("ip_set_iptreeb",
+ sizeof(struct ip_set_iptreeb));
if (!branch_cachep) {
printk(KERN_ERR "Unable to create ip_set_iptreeb slab cache\n");
ret = -ENOMEM;
goto out;
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
- leaf_cachep = kmem_cache_create("ip_set_iptreed",
- sizeof(struct ip_set_iptreed),
- 0, 0, NULL);
-#else
- leaf_cachep = kmem_cache_create("ip_set_iptreed",
- sizeof(struct ip_set_iptreed),
- 0, 0, NULL, NULL);
-#endif
+ leaf_cachep = KMEM_CACHE_CREATE("ip_set_iptreed",
+ sizeof(struct ip_set_iptreed));
if (!leaf_cachep) {
printk(KERN_ERR "Unable to create ip_set_iptreed slab cache\n");
ret = -ENOMEM;
Modified: trunk/ipset/kernel/ip_set_iptreemap.c
===================================================================
--- trunk/ipset/kernel/ip_set_iptreemap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_iptreemap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -30,15 +30,9 @@
#define IPTREEMAP_DEFAULT_GC_TIME (5 * 60)
#define IPTREEMAP_DESTROY_SLEEP (100)
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
-static struct kmem_cache *cachep_b;
-static struct kmem_cache *cachep_c;
-static struct kmem_cache *cachep_d;
-#else
-static kmem_cache_t *cachep_b;
-static kmem_cache_t *cachep_c;
-static kmem_cache_t *cachep_d;
-#endif
+static __KMEM_CACHE_T__ *cachep_b;
+static __KMEM_CACHE_T__ *cachep_c;
+static __KMEM_CACHE_T__ *cachep_d;
static struct ip_set_iptreemap_d *fullbitmap_d;
static struct ip_set_iptreemap_c *fullbitmap_c;
@@ -295,13 +289,8 @@
res = __testip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
return (res < 0 ? 0 : res);
@@ -384,13 +373,8 @@
return __addip_single(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
@@ -470,13 +454,8 @@
{
return __delip_single(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip,
GFP_ATOMIC);
}
@@ -725,43 +704,22 @@
int ret = -ENOMEM;
int a;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
- cachep_b = kmem_cache_create("ip_set_iptreemap_b",
- sizeof(struct ip_set_iptreemap_b),
- 0, 0, NULL);
-#else
- cachep_b = kmem_cache_create("ip_set_iptreemap_b",
- sizeof(struct ip_set_iptreemap_b),
- 0, 0, NULL, NULL);
-#endif
+ cachep_b = KMEM_CACHE_CREATE("ip_set_iptreemap_b",
+ sizeof(struct ip_set_iptreemap_b));
if (!cachep_b) {
ip_set_printk("Unable to create ip_set_iptreemap_b slab cache");
goto out;
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
- cachep_c = kmem_cache_create("ip_set_iptreemap_c",
- sizeof(struct ip_set_iptreemap_c),
- 0, 0, NULL);
-#else
- cachep_c = kmem_cache_create("ip_set_iptreemap_c",
- sizeof(struct ip_set_iptreemap_c),
- 0, 0, NULL, NULL);
-#endif
+ cachep_c = KMEM_CACHE_CREATE("ip_set_iptreemap_c",
+ sizeof(struct ip_set_iptreemap_c));
if (!cachep_c) {
ip_set_printk("Unable to create ip_set_iptreemap_c slab cache");
goto outb;
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
- cachep_d = kmem_cache_create("ip_set_iptreemap_d",
- sizeof(struct ip_set_iptreemap_d),
- 0, 0, NULL);
-#else
- cachep_d = kmem_cache_create("ip_set_iptreemap_d",
- sizeof(struct ip_set_iptreemap_d),
- 0, 0, NULL, NULL);
-#endif
+ cachep_d = KMEM_CACHE_CREATE("ip_set_iptreemap_d",
+ sizeof(struct ip_set_iptreemap_d));
if (!cachep_d) {
ip_set_printk("Unable to create ip_set_iptreemap_d slab cache");
goto outc;
Modified: trunk/ipset/kernel/ip_set_macipmap.c
===================================================================
--- trunk/ipset/kernel/ip_set_macipmap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_macipmap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -68,13 +68,8 @@
ip_set_ip_t ip;
ip = ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr);
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr);
-#endif
if (ip < map->first_ip || ip > map->last_ip)
return 0;
@@ -86,13 +81,8 @@
(void *) &table[ip - map->first_ip].flags)) {
/* Is mac pointer valid?
* If so, compare... */
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
return (skb_mac_header(skb) >= skb->head
&& (skb_mac_header(skb) + ETH_HLEN) <= skb->data
-#else
- return (skb->mac.raw >= skb->head
- && (skb->mac.raw + ETH_HLEN) <= skb->data
-#endif
&& (memcmp(eth_hdr(skb)->h_source,
&table[ip - map->first_ip].ethernet,
ETH_ALEN) == 0));
@@ -146,21 +136,11 @@
ip_set_ip_t ip;
ip = ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr);
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr);
-#endif
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
if (!(skb_mac_header(skb) >= skb->head
&& (skb_mac_header(skb) + ETH_HLEN) <= skb->data))
-#else
- if (!(skb->mac.raw >= skb->head
- && (skb->mac.raw + ETH_HLEN) <= skb->data))
-#endif
return -EINVAL;
return __addip(set, ip, eth_hdr(skb)->h_source, hash_ip);
@@ -207,13 +187,8 @@
{
return __delip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
Modified: trunk/ipset/kernel/ip_set_nethash.c
===================================================================
--- trunk/ipset/kernel/ip_set_nethash.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_nethash.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -8,6 +8,7 @@
/* Kernel module implementing a cidr nethash set */
#include <linux/module.h>
+#include <linux/moduleparam.h>
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/version.h>
@@ -111,13 +112,8 @@
{
return __testip(set,
ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr),
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr),
-#endif
hash_ip);
}
@@ -206,13 +202,8 @@
struct ip_set_nethash *map = set->data;
int ret = -ERANGE;
ip_set_ip_t ip = ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr);
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr);
-#endif
if (map->cidr[0])
ret = __addip(map, ip, map->cidr[0], hash_ip);
@@ -338,13 +329,8 @@
struct ip_set_nethash *map = set->data;
int ret = -ERANGE;
ip_set_ip_t ip = ntohl(flags[index] & IPSET_SRC
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
? ip_hdr(skb)->saddr
: ip_hdr(skb)->daddr);
-#else
- ? skb->nh.iph->saddr
- : skb->nh.iph->daddr);
-#endif
if (map->cidr[0])
ret = __delip(map, ip, map->cidr[0], hash_ip);
Modified: trunk/ipset/kernel/ip_set_portmap.c
===================================================================
--- trunk/ipset/kernel/ip_set_portmap.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ip_set_portmap.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -28,11 +28,7 @@
static inline ip_set_ip_t
get_port(const struct sk_buff *skb, u_int32_t flags)
{
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
struct iphdr *iph = ip_hdr(skb);
-#else
- struct iphdr *iph = skb->nh.iph;
-#endif
u_int16_t offset = ntohs(iph->frag_off) & IP_OFFSET;
switch (iph->protocol) {
case IPPROTO_TCP: {
@@ -42,11 +38,7 @@
if (offset)
return INVALID_PORT;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
if (skb_copy_bits(skb, ip_hdr(skb)->ihl*4, &tcph, sizeof(tcph)) < 0)
-#else
- if (skb_copy_bits(skb, skb->nh.iph->ihl*4, &tcph, sizeof(tcph)) < 0)
-#endif
/* No choice either */
return INVALID_PORT;
@@ -59,11 +51,7 @@
if (offset)
return INVALID_PORT;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
if (skb_copy_bits(skb, ip_hdr(skb)->ihl*4, &udph, sizeof(udph)) < 0)
-#else
- if (skb_copy_bits(skb, skb->nh.iph->ihl*4, &udph, sizeof(udph)) < 0)
-#endif
/* No choice either */
return INVALID_PORT;
Modified: trunk/ipset/kernel/ipt_SET.c
===================================================================
--- trunk/ipset/kernel/ipt_SET.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ipt_SET.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -22,26 +22,54 @@
#include <net/protocol.h>
#include <net/checksum.h>
#include <linux/netfilter_ipv4.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)
#include <linux/netfilter_ipv4/ip_tables.h>
+#define xt_register_target ipt_register_target
+#define xt_unregister_target ipt_unregister_target
+#define xt_target ipt_target
+#define XT_CONTINUE IPT_CONTINUE
+#else
+#include <linux/netfilter/x_tables.h>
+#endif
#include <linux/netfilter_ipv4/ipt_set.h>
static unsigned int
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
-target(struct sk_buff *skb,
-#else
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
target(struct sk_buff **pskb,
-#endif
+ unsigned int hooknum,
const struct net_device *in,
const struct net_device *out,
+ const void *targinfo,
+ void *userinfo)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+target(struct sk_buff **pskb,
+ const struct net_device *in,
+ const struct net_device *out,
unsigned int hooknum,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const void *targinfo,
+ void *userinfo)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+target(struct sk_buff **pskb,
+ const struct net_device *in,
+ const struct net_device *out,
+ unsigned int hooknum,
const struct xt_target *target,
-#endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
const void *targinfo,
void *userinfo)
-#else
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24)
+target(struct sk_buff **pskb,
+ const struct net_device *in,
+ const struct net_device *out,
+ unsigned int hooknum,
+ const struct xt_target *target,
const void *targinfo)
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24) */
+target(struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ unsigned int hooknum,
+ const struct xt_target *target,
+ const void *targinfo)
#endif
{
const struct ipt_set_info_target *info = targinfo;
@@ -59,33 +87,51 @@
skb,
info->del_set.flags);
- return IPT_CONTINUE;
+ return XT_CONTINUE;
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
-static bool
-#else
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)
static int
-#endif
checkentry(const char *tablename,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+ const struct ipt_entry *e,
+ void *targinfo,
+ unsigned int targinfosize,
+ unsigned int hook_mask)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+static int
+checkentry(const char *tablename,
const void *e,
-#else
- const struct ipt_entry *e,
-#endif
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ void *targinfo,
+ unsigned int targinfosize,
+ unsigned int hook_mask)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+static int
+checkentry(const char *tablename,
+ const void *e,
const struct xt_target *target,
-#endif
void *targinfo,
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
unsigned int targinfosize,
+ unsigned int hook_mask)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
+static int
+checkentry(const char *tablename,
+ const void *e,
+ const struct xt_target *target,
+ void *targinfo,
+ unsigned int hook_mask)
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) */
+static bool
+checkentry(const char *tablename,
+ const void *e,
+ const struct xt_target *target,
+ void *targinfo,
+ unsigned int hook_mask)
#endif
- unsigned int hook_mask)
{
struct ipt_set_info_target *info = targinfo;
ip_set_id_t index;
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
if (targinfosize != IPT_ALIGN(sizeof(*info))) {
DP("bad target info size %u", targinfosize);
return 0;
@@ -118,19 +164,21 @@
return 1;
}
-static void destroy(
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
- const struct xt_target *target,
-#endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
- void *targetinfo, unsigned int targetsize)
-#else
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+static void destroy(void *targetinfo,
+ unsigned int targetsize)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+static void destroy(const struct xt_target *target,
+ void *targetinfo,
+ unsigned int targetsize)
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19) */
+static void destroy(const struct xt_target *target,
void *targetinfo)
#endif
{
struct ipt_set_info_target *info = targetinfo;
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
if (targetsize != IPT_ALIGN(sizeof(struct ipt_set_info_target))) {
ip_set_printk("invalid targetsize %d", targetsize);
return;
@@ -142,37 +190,38 @@
ip_set_put(info->del_set.index);
}
-static struct ipt_target SET_target = {
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+static struct xt_target SET_target = {
.name = "SET",
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+ .target = target,
+ .checkentry = checkentry,
+ .destroy = destroy,
+ .me = THIS_MODULE
+};
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17) */
+static struct xt_target SET_target = {
+ .name = "SET",
.family = AF_INET,
-#endif
.target = target,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
.targetsize = sizeof(struct ipt_set_info_target),
-#endif
.checkentry = checkentry,
.destroy = destroy,
.me = THIS_MODULE
};
+#endif
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec at blackhole.kfki.hu>");
MODULE_DESCRIPTION("iptables IP set target module");
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
-#define ipt_register_target xt_register_target
-#define ipt_unregister_target xt_unregister_target
-#endif
-
static int __init ipt_SET_init(void)
{
- return ipt_register_target(&SET_target);
+ return xt_register_target(&SET_target);
}
static void __exit ipt_SET_fini(void)
{
- ipt_unregister_target(&SET_target);
+ xt_unregister_target(&SET_target);
}
module_init(ipt_SET_init);
Modified: trunk/ipset/kernel/ipt_set.c
===================================================================
--- trunk/ipset/kernel/ipt_set.c 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/ipt_set.c 2008-07-19 20:48:19 UTC (rev 7559)
@@ -15,7 +15,14 @@
#include <linux/skbuff.h>
#include <linux/version.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)
#include <linux/netfilter_ipv4/ip_tables.h>
+#define xt_register_match ipt_register_match
+#define xt_unregister_match ipt_unregister_match
+#define xt_match ipt_match
+#else
+#include <linux/netfilter/x_tables.h>
+#endif
#include <linux/netfilter_ipv4/ip_set.h>
#include <linux/netfilter_ipv4/ipt_set.h>
@@ -29,24 +36,53 @@
return inv;
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
-static bool
-#else
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
static int
-#endif
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const void *matchinfo,
+ int offset,
+ const void *hdr,
+ u_int16_t datalen,
+ int *hotdrop)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)
+static int
+match(const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ const void *matchinfo,
+ int offset,
+ int *hotdrop)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+static int
+match(const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ const void *matchinfo,
+ int offset,
+ unsigned int protoff,
+ int *hotdrop)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
+static int
+match(const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
const struct xt_match *match,
-#endif
const void *matchinfo,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
- int offset, unsigned int protoff, bool *hotdrop)
-#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
- int offset, unsigned int protoff, int *hotdrop)
-#else
- int offset, int *hotdrop)
+ int offset,
+ unsigned int protoff,
+ int *hotdrop)
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) */
+static bool
+match(const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ const struct xt_match *match,
+ const void *matchinfo,
+ int offset,
+ unsigned int protoff,
+ bool *hotdrop)
#endif
{
const struct ipt_set_info_match *info = matchinfo;
@@ -56,30 +92,48 @@
info->match_set.flags[0] & IPSET_MATCH_INV);
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
-static bool
-#else
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16)
static int
-#endif
checkentry(const char *tablename,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+ const struct ipt_ip *ip,
+ void *matchinfo,
+ unsigned int matchsize,
+ unsigned int hook_mask)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+static int
+checkentry(const char *tablename,
const void *inf,
-#else
- const struct ipt_ip *ip,
-#endif
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ void *matchinfo,
+ unsigned int matchsize,
+ unsigned int hook_mask)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+static int
+checkentry(const char *tablename,
+ const void *inf,
const struct xt_match *match,
-#endif
void *matchinfo,
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
unsigned int matchsize,
+ unsigned int hook_mask)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
+static int
+checkentry(const char *tablename,
+ const void *inf,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask)
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) */
+static bool
+checkentry(const char *tablename,
+ const void *inf,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask)
#endif
- unsigned int hook_mask)
{
struct ipt_set_info_match *info = matchinfo;
ip_set_id_t index;
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
ip_set_printk("invalid matchsize %d", matchsize);
return 0;
@@ -101,19 +155,21 @@
return 1;
}
-static void destroy(
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
- const struct xt_match *match,
-#endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
- void *matchinfo, unsigned int matchsize)
-#else
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+static void destroy(void *matchinfo,
+ unsigned int matchsize)
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+static void destroy(const struct xt_match *match,
+ void *matchinfo,
+ unsigned int matchsize)
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19) */
+static void destroy(const struct xt_match *match,
void *matchinfo)
#endif
{
struct ipt_set_info_match *info = matchinfo;
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
ip_set_printk("invalid matchsize %d", matchsize);
return;
@@ -122,37 +178,38 @@
ip_set_put(info->match_set.index);
}
-static struct ipt_match set_match = {
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+static struct xt_match set_match = {
.name = "set",
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+ .match = &match,
+ .checkentry = &checkentry,
+ .destroy = &destroy,
+ .me = THIS_MODULE
+};
+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17) */
+static struct xt_match set_match = {
+ .name = "set",
.family = AF_INET,
-#endif
.match = &match,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
.matchsize = sizeof(struct ipt_set_info_match),
-#endif
.checkentry = &checkentry,
.destroy = &destroy,
.me = THIS_MODULE
};
+#endif
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec at blackhole.kfki.hu>");
MODULE_DESCRIPTION("iptables IP set match module");
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
-#define ipt_register_match xt_register_match
-#define ipt_unregister_match xt_unregister_match
-#endif
-
static int __init ipt_ipset_init(void)
{
- return ipt_register_match(&set_match);
+ return xt_register_match(&set_match);
}
static void __exit ipt_ipset_fini(void)
{
- ipt_unregister_match(&set_match);
+ xt_unregister_match(&set_match);
}
module_init(ipt_ipset_init);
Modified: trunk/ipset/kernel/patch_kernel
===================================================================
--- trunk/ipset/kernel/patch_kernel 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/kernel/patch_kernel 2008-07-19 20:48:19 UTC (rev 7559)
@@ -13,6 +13,17 @@
echo "endmenu" >> $file
}
+config() {
+ file=$1/net/ipv4/netfilter/Config.in
+ if [ "`grep 'CONFIG_IP_NF_SET' $file`" ]; then
+ return
+ fi
+ mv $file $file.orig
+ grep -v endmenu $file.orig > $file
+ cat Config.in.ipset >> $file
+ echo "endmenu" >> $file
+}
+
makefile() {
file=$1/net/ipv4/netfilter/Makefile
if [ "`grep CONFIG_IP_NF_SET $file`" ]; then
@@ -22,6 +33,20 @@
cat Makefile.ipset >> $file
}
+oldmakefile() {
+ file=$1/net/ipv4/netfilter/Makefile
+ if [ "`grep CONFIG_IP_NF_SET $file`" ]; then
+ return
+ fi
+ lineno=`grep -n Rules.make $file | cut -f1 -d:`
+ lineno=$((lineno-1))
+ head -n $lineno $file > $file.head
+ lineno=$((lineno+1))
+ tail +$lineno $file > $file.tail
+ cp $file $file.orig
+ cat $file.head Makefile.ipset Makefile.export.ipset $file.tail > $file
+}
+
tree() {
cp include/linux/netfilter_ipv4/* $1/include/linux/netfilter_ipv4/
cp *.c $1/net/ipv4/netfilter/
@@ -31,11 +56,15 @@
echo "Error: missing kernel directory parameter."
exit 1
fi
-if [ ! -f $1/net/ipv4/netfilter/Kconfig ]; then
- echo "Error: the directory $1 doesn't look like a Linux 2.6.x kernel source tree."
+if [ -f $1/net/ipv4/netfilter/Kconfig ]; then
+ tree $1
+ kconfig $1
+ makefile $1
+elif [ -f $1/net/ipv4/netfilter/Config.in ]; then
+ tree $1
+ config $1
+ oldmakefile $1
+else
+ echo "Error: The directory $1 doesn't look like a Linux 2.4/2.6 kernel source tree."
exit 1
fi
-
-tree $1
-kconfig $1
-makefile $1
Modified: trunk/ipset/tests/ipmap.t
===================================================================
--- trunk/ipset/tests/ipmap.t 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/tests/ipmap.t 2008-07-19 20:48:19 UTC (rev 7559)
@@ -80,6 +80,6 @@
0 ipset -T test 255.255.255.255
# Full: Test value not added to the set
1 ipset -T test 0.1.0.0
-# Full: Delete test test
+# Full: Delete test set
0 ipset -X test
# eof
Modified: trunk/ipset/tests/ipporthash.t
===================================================================
--- trunk/ipset/tests/ipporthash.t 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/tests/ipporthash.t 2008-07-19 20:48:19 UTC (rev 7559)
@@ -48,6 +48,6 @@
1 ipset -A test 1.255.255.255:5
# Network: Try to add value after upper boundary
1 ipset -A test 2.1.0.0:128
-# Network: Delete test test
+# Network: Delete test set
0 ipset -X test
# eof
Modified: trunk/ipset/tests/iptree.t
===================================================================
--- trunk/ipset/tests/iptree.t 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/tests/iptree.t 2008-07-19 20:48:19 UTC (rev 7559)
@@ -38,6 +38,6 @@
1 ipset -T test 2.0.0.2
# Timeout: Test value not added to the set
1 ipset -T test 192.168.68.70
-# Timeout: Delete test test
+# Timeout: Delete test set
0 ipset -X test
# eof
Modified: trunk/ipset/tests/iptreemap.t
===================================================================
--- trunk/ipset/tests/iptreemap.t 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/tests/iptreemap.t 2008-07-19 20:48:19 UTC (rev 7559)
@@ -40,6 +40,6 @@
0 ipset -D test 192.168.68.70/30
# Test element from the middle
1 ipset -T test 192.168.68.71
-# Delete test test
+# Delete test set
0 ipset -X test
# eof
Modified: trunk/ipset/tests/macipmap.t
===================================================================
--- trunk/ipset/tests/macipmap.t 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/tests/macipmap.t 2008-07-19 20:48:19 UTC (rev 7559)
@@ -44,6 +44,6 @@
1 ipset -A test 1.255.255.255
# Network: Try to add value after upper boundary
1 ipset -A test 2.1.0.0
-# Network: Delete test test
+# Network: Delete test set
0 ipset -X test
# eof
Modified: trunk/ipset/tests/portmap.t
===================================================================
--- trunk/ipset/tests/portmap.t 2008-07-11 12:11:59 UTC (rev 7558)
+++ trunk/ipset/tests/portmap.t 2008-07-19 20:48:19 UTC (rev 7559)
@@ -32,6 +32,6 @@
0 ipset -T test 65535
# Full: Test value not added to the set
1 ipset -T test 1
-# Full: Delete test test
+# Full: Delete test set
0 ipset -X test
# eof
More information about the netfilter-cvslog
mailing list