r7576 - in trunk/ipset: . kernel kernel/include/linux/netfilter_ipv4

kadlec at blackhole.kfki.hu kadlec at blackhole.kfki.hu
Sat Nov 15 21:20:09 CET 2008


Author: kadlec at blackhole.kfki.hu
Date: 2008-11-15 21:20:09 +0100 (Sat, 15 Nov 2008)
New Revision: 7576

Modified:
   trunk/ipset/ChangeLog
   trunk/ipset/Makefile
   trunk/ipset/ipset.c
   trunk/ipset/ipset.h
   trunk/ipset/ipset_iphash.c
   trunk/ipset/ipset_ipmap.c
   trunk/ipset/ipset_ipporthash.c
   trunk/ipset/ipset_ipportiphash.c
   trunk/ipset/ipset_ipportnethash.c
   trunk/ipset/ipset_iptree.c
   trunk/ipset/ipset_iptreemap.c
   trunk/ipset/ipset_macipmap.c
   trunk/ipset/ipset_nethash.c
   trunk/ipset/ipset_portmap.c
   trunk/ipset/ipset_setlist.c
   trunk/ipset/kernel/ChangeLog
   trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h
   trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_setlist.h
   trunk/ipset/kernel/ip_set.c
   trunk/ipset/kernel/ip_set_setlist.c
   trunk/ipset/kernel/ipt_SET.c
   trunk/ipset/kernel/ipt_set.c
Log:
2.4.5
  - setlist type does not work properly together with swapping
    sets, bug reported by Thomas Jacob.
  - Include linux/capability.h explicitly in ip_set.c (Jan Engelhardt)



Modified: trunk/ipset/ChangeLog
===================================================================
--- trunk/ipset/ChangeLog	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ChangeLog	2008-11-15 20:20:09 UTC (rev 7576)
@@ -1,3 +1,7 @@
+2.4.5
+  - Some compiler warning options are too aggressive and
+    therefore disabled.
+
 2.4.4
   - Premature checking prevents to add valid elements to hash
     types, fixed (bug reported by JC Janos).

Modified: trunk/ipset/Makefile
===================================================================
--- trunk/ipset/Makefile	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/Makefile	2008-11-15 20:20:09 UTC (rev 7576)
@@ -20,7 +20,7 @@
 V=0
 endif
 
-IPSET_VERSION:=2.4.4
+IPSET_VERSION:=2.4.5
 
 PREFIX:=/usr/local
 LIBDIR:=$(PREFIX)/lib
@@ -55,6 +55,7 @@
 	-Wswitch-enum \
 	-Wundef \
 	-Wwrite-strings \
+	-Wno-missing-field-initializers \
 	-Werror
 
 CFLAGS:=$(COPT_FLAGS) $(WARN_FLAGS) -Ikernel/include -I. # -g -DIPSET_DEBUG #-pg

Modified: trunk/ipset/ipset.c
===================================================================
--- trunk/ipset/ipset.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -118,7 +118,7 @@
 	{"help",    2, 0, 'H'},
 
 	/* end */
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 static char opts_short[] =
@@ -731,13 +731,13 @@
 static int
 string_to_port(const char *str, ip_set_ip_t *port)
 {
-	struct servent *service = getservbyname(str, "tcp");
+	struct servent *service;
 	
 	if ((service = getservbyname(str, "tcp")) != NULL) {
 		*port = ntohs((uint16_t) service->s_port);
 		return 0;
 	}
-	return - 1;
+	return -1;
 }
 
 /* Fills the 'ip' with the parsed port in host byte order */
@@ -1952,7 +1952,7 @@
 	int i;
 	
 	for (i = 1; i <= NUMBER_OF_CMD; i++)
-		if (cmdflags[i] == (char) option)
+		if (cmdflags[i] == option)
 			return i;
 			
 	return CMD_NONE;

Modified: trunk/ipset/ipset.h
===================================================================
--- trunk/ipset/ipset.h	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset.h	2008-11-15 20:20:09 UTC (rev 7576)
@@ -68,10 +68,11 @@
 	CMD_ADT_GET,
 };
 
-/* Exit codes */
-#define OTHER_PROBLEM		1
-#define PARAMETER_PROBLEM	2
-#define VERSION_PROBLEM		3
+enum exittype {
+	OTHER_PROBLEM = 1,
+	PARAMETER_PROBLEM,
+	VERSION_PROBLEM
+};
 
 /* The view of an ipset in userspace */
 struct set {

Modified: trunk/ipset/ipset_iphash.c
===================================================================
--- trunk/ipset/ipset_iphash.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_iphash.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -127,7 +127,7 @@
 	{.name = "probes",	.has_arg = required_argument,	.val = '2'},
 	{.name = "resize",	.has_arg = required_argument,	.val = '3'},
 	{.name = "netmask",	.has_arg = required_argument,	.val = '4'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_ipmap.c
===================================================================
--- trunk/ipset/ipset_ipmap.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_ipmap.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -183,7 +183,7 @@
 	{.name = "to",		.has_arg = required_argument,	.val = '2'},
 	{.name = "network",	.has_arg = required_argument,	.val = '3'},
 	{.name = "netmask",	.has_arg = required_argument,	.val = '4'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_ipporthash.c
===================================================================
--- trunk/ipset/ipset_ipporthash.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_ipporthash.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -184,7 +184,7 @@
 	{.name = "from",	.has_arg = required_argument,	.val = '4'},
 	{.name = "to",		.has_arg = required_argument,	.val = '5'},
 	{.name = "network",	.has_arg = required_argument,	.val = '6'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_ipportiphash.c
===================================================================
--- trunk/ipset/ipset_ipportiphash.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_ipportiphash.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -184,7 +184,7 @@
 	{.name = "from",	.has_arg = required_argument,	.val = '4'},
 	{.name = "to",		.has_arg = required_argument,	.val = '5'},
 	{.name = "network",	.has_arg = required_argument,	.val = '6'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_ipportnethash.c
===================================================================
--- trunk/ipset/ipset_ipportnethash.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_ipportnethash.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -184,7 +184,7 @@
 	{.name = "from",	.has_arg = required_argument,	.val = '4'},
 	{.name = "to",		.has_arg = required_argument,	.val = '5'},
 	{.name = "network",	.has_arg = required_argument,	.val = '6'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_iptree.c
===================================================================
--- trunk/ipset/ipset_iptree.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_iptree.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -70,7 +70,7 @@
 /* Create commandline options */
 static const struct option create_opts[] = {
 	{.name = "timeout",	.has_arg = required_argument,	.val = '1'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_iptreemap.c
===================================================================
--- trunk/ipset/ipset_iptreemap.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_iptreemap.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -59,7 +59,7 @@
 
 static const struct option create_opts[] = {
 	{.name = "gc",	.has_arg = required_argument,	.val = 'g'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 static ip_set_ip_t

Modified: trunk/ipset/ipset_macipmap.c
===================================================================
--- trunk/ipset/ipset_macipmap.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_macipmap.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -149,7 +149,7 @@
 	{.name = "to",		.has_arg = required_argument,	.val = '2'},
 	{.name = "network",	.has_arg = required_argument,	.val = '3'},
 	{.name = "matchunset",	.has_arg = no_argument,		.val = '4'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 static void

Modified: trunk/ipset/ipset_nethash.c
===================================================================
--- trunk/ipset/ipset_nethash.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_nethash.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -106,7 +106,7 @@
 	{.name = "hashsize",	.has_arg = required_argument,	.val = '1'},
 	{.name = "probes",	.has_arg = required_argument,	.val = '2'},
 	{.name = "resize",	.has_arg = required_argument,	.val = '3'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_portmap.c
===================================================================
--- trunk/ipset/ipset_portmap.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_portmap.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -108,7 +108,7 @@
 static const struct option create_opts[] = {
 	{.name = "from",	.has_arg = required_argument,	.val = '1'},
 	{.name = "to",		.has_arg = required_argument,	.val = '2'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 /* Add, del, test parser */

Modified: trunk/ipset/ipset_setlist.c
===================================================================
--- trunk/ipset/ipset_setlist.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/ipset_setlist.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -64,7 +64,7 @@
 /* Create commandline options */
 static const struct option create_opts[] = {
 	{.name = "size",	.has_arg = required_argument,	.val = '1'},
-	{0, 0, 0, 0},
+	{NULL},
 };
 
 static void check_setname(const char *name)

Modified: trunk/ipset/kernel/ChangeLog
===================================================================
--- trunk/ipset/kernel/ChangeLog	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/kernel/ChangeLog	2008-11-15 20:20:09 UTC (rev 7576)
@@ -1,3 +1,8 @@
+2.4.5
+  - setlist type does not work properly together with swapping
+    sets, bug reported by Thomas Jacob.
+  - Include linux/capability.h explicitly in ip_set.c (Jan Engelhardt)
+
 2.4.4
   - Premature checking prevents to add valid elements to hash
     types, fixed (bug reported by JC Janos).

Modified: trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h
===================================================================
--- trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set.h	2008-11-15 20:20:09 UTC (rev 7576)
@@ -487,11 +487,12 @@
 
 /* register and unregister set references */
 extern ip_set_id_t ip_set_get_byname(const char name[IP_SET_MAXNAMELEN]);
-extern ip_set_id_t ip_set_get_byindex(ip_set_id_t id);
-extern void ip_set_put(ip_set_id_t id);
+extern ip_set_id_t ip_set_get_byindex(ip_set_id_t index);
+extern void ip_set_put_byindex(ip_set_id_t index);
+extern ip_set_id_t ip_set_id(ip_set_id_t index);
 extern ip_set_id_t __ip_set_get_byname(const char name[IP_SET_MAXNAMELEN],
 				       struct ip_set **set);
-extern void __ip_set_put_byid(ip_set_id_t id);
+extern void __ip_set_put_byindex(ip_set_id_t index);
 
 /* API for iptables set match, and SET target */
 extern int ip_set_addip_kernel(ip_set_id_t id,

Modified: trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_setlist.h
===================================================================
--- trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_setlist.h	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/kernel/include/linux/netfilter_ipv4/ip_set_setlist.h	2008-11-15 20:20:09 UTC (rev 7576)
@@ -10,7 +10,7 @@
 
 struct ip_set_setlist {
 	uint8_t size;
-	ip_set_id_t id[0];
+	ip_set_id_t index[0];
 };
 
 struct ip_set_req_setlist_create {

Modified: trunk/ipset/kernel/ip_set.c
===================================================================
--- trunk/ipset/kernel/ip_set.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/kernel/ip_set.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -21,6 +21,7 @@
 #include <linux/random.h>
 #include <linux/jhash.h>
 #include <linux/errno.h>
+#include <linux/capability.h>
 #include <asm/uaccess.h>
 #include <asm/bitops.h>
 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,27)
@@ -378,7 +379,7 @@
 	return index;
 }
 
-void __ip_set_put_byid(ip_set_id_t index)
+void __ip_set_put_byindex(ip_set_id_t index)
 {
 	if (ip_set_list[index])
 		__ip_set_put(index);
@@ -434,11 +435,25 @@
 }
 
 /*
+ * Find the set id belonging to the index.
+ * We are protected by the mutex, so we do not need to use
+ * ip_set_lock. There is no need to reference the sets either.
+ */
+ip_set_id_t
+ip_set_id(ip_set_id_t index)
+{
+	if (index >= ip_set_max || !ip_set_list[index])
+		return IP_SET_INVALID_ID;
+	
+	return ip_set_list[index]->id;
+}
+
+/*
  * If the given set pointer points to a valid set, decrement
  * reference count by 1. The caller shall not assume the index
  * to be valid, after calling this function.
  */
-void ip_set_put(ip_set_id_t index)
+void ip_set_put_byindex(ip_set_id_t index)
 {
 	down(&ip_set_app_mutex);
 	if (ip_set_list[index])
@@ -2037,9 +2052,10 @@
 
 EXPORT_SYMBOL(ip_set_get_byname);
 EXPORT_SYMBOL(ip_set_get_byindex);
-EXPORT_SYMBOL(ip_set_put);
+EXPORT_SYMBOL(ip_set_put_byindex);
+EXPORT_SYMBOL(ip_set_id);
 EXPORT_SYMBOL(__ip_set_get_byname);
-EXPORT_SYMBOL(__ip_set_put_byid);
+EXPORT_SYMBOL(__ip_set_put_byindex);
 
 EXPORT_SYMBOL(ip_set_addip_kernel);
 EXPORT_SYMBOL(ip_set_delip_kernel);

Modified: trunk/ipset/kernel/ip_set_setlist.c
===================================================================
--- trunk/ipset/kernel/ip_set_setlist.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/kernel/ip_set_setlist.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -17,14 +17,14 @@
 #include <linux/netfilter_ipv4/ip_set_setlist.h>
 
 /*
- * before ==> id, ref
- * after  ==> ref, id
+ * before ==> index, ref
+ * after  ==> ref, index
  */
 
 static inline bool
-next_id_eq(const struct ip_set_setlist *map, int i, ip_set_id_t id)
+next_index_eq(const struct ip_set_setlist *map, int i, ip_set_id_t index)
 {
-	return i < map->size && map->id[i] == id;
+	return i < map->size && map->index[i] == index;
 }
 
 static int
@@ -33,15 +33,15 @@
 {
 	const struct ip_set_setlist *map = set->data;
 	const struct ip_set_req_setlist *req = data;
-	ip_set_id_t id, ref = IP_SET_INVALID_ID;
+	ip_set_id_t index, ref = IP_SET_INVALID_ID;
 	int i, res = 0;
 	struct ip_set *s;
 	
 	if (req->before && req->ref[0] == '\0')
 		return -EINVAL;
 
-	id = __ip_set_get_byname(req->name, &s);
-	if (id == IP_SET_INVALID_ID)
+	index = __ip_set_get_byname(req->name, &s);
+	if (index == IP_SET_INVALID_ID)
 		return -EEXIST;
 	if (req->ref[0] != '\0') {
 		ref = __ip_set_get_byname(req->ref, &s);
@@ -51,24 +51,24 @@
 		}
 	}
 	for (i = 0; i < map->size
-		    && map->id[i] != IP_SET_INVALID_ID; i++) {
-		if (req->before && map->id[i] == id) {
-		    	res = next_id_eq(map, i + 1, ref);
+		    && map->index[i] != IP_SET_INVALID_ID; i++) {
+		if (req->before && map->index[i] == index) {
+		    	res = next_index_eq(map, i + 1, ref);
 		    	break;
 		} else if (!req->before) {
 			if ((ref == IP_SET_INVALID_ID
-			     && map->id[i] == id)
-			    || (map->id[i] == ref
-			        && next_id_eq(map, i + 1, id))) {
+			     && map->index[i] == index)
+			    || (map->index[i] == ref
+			        && next_index_eq(map, i + 1, index))) {
 			        res = 1;
 			        break;
 			}
 		}
 	}
 	if (ref != IP_SET_INVALID_ID)
-		__ip_set_put_byid(ref);
+		__ip_set_put_byindex(ref);
 finish:
-	__ip_set_put_byid(id);
+	__ip_set_put_byindex(index);
 	return res;
 }
 
@@ -83,27 +83,27 @@
 	int i, res = 0;
 	
 	for (i = 0; i < map->size
-		    && map->id[i] != IP_SET_INVALID_ID
+		    && map->index[i] != IP_SET_INVALID_ID
 		    && res == 0; i++)
-		res = ip_set_testip_kernel(map->id[i], skb, flags);
+		res = ip_set_testip_kernel(map->index[i], skb, flags);
 	return res;
 }
 
 static inline int
-insert_setlist(struct ip_set_setlist *map, int i, ip_set_id_t id)
+insert_setlist(struct ip_set_setlist *map, int i, ip_set_id_t index)
 {
 	ip_set_id_t tmp;
 	int j;
 
-	printk("i: %u, last %u\n", i, map->id[map->size - 1]);	
-	if (i >= map->size || map->id[map->size - 1] != IP_SET_INVALID_ID)
+	DP("i: %u, last %u\n", i, map->index[map->size - 1]);	
+	if (i >= map->size || map->index[map->size - 1] != IP_SET_INVALID_ID)
 		return -ERANGE;
 	
 	for (j = i; j < map->size
-		    && id != IP_SET_INVALID_ID; j++) {
-		tmp = map->id[j];
-		map->id[j] = id;
-		id = tmp;
+		    && index != IP_SET_INVALID_ID; j++) {
+		tmp = map->index[j];
+		map->index[j] = index;
+		index = tmp;
 	}
 	return 0;
 }
@@ -114,15 +114,15 @@
 {
 	struct ip_set_setlist *map = set->data;
 	const struct ip_set_req_setlist *req = data;
-	ip_set_id_t id, ref = IP_SET_INVALID_ID;
+	ip_set_id_t index, ref = IP_SET_INVALID_ID;
 	int i, res = -ERANGE;
 	struct ip_set *s;
 	
 	if (req->before && req->ref[0] == '\0')
 		return -EINVAL;
 
-	id = __ip_set_get_byname(req->name, &s);
-	if (id == IP_SET_INVALID_ID)
+	index = __ip_set_get_byname(req->name, &s);
+	if (index == IP_SET_INVALID_ID)
 		return -EEXIST;
 	/* "Loop detection" */
 	if (strcmp(s->type->typename, "setlist") == 0)
@@ -136,22 +136,22 @@
 		}
 	}
 	for (i = 0; i < map->size; i++) {
-		if (map->id[i] != ref)
+		if (map->index[i] != ref)
 			continue;
 		if (req->before) 
-			res = insert_setlist(map, i, id);
+			res = insert_setlist(map, i, index);
 		else
 			res = insert_setlist(map,
 				ref == IP_SET_INVALID_ID ? i : i + 1,
-				id);
+				index);
 		break;
 	}
 	if (ref != IP_SET_INVALID_ID)
-		__ip_set_put_byid(ref);
-	/* In case of success, we keep the reference to the id */
+		__ip_set_put_byindex(ref);
+	/* In case of success, we keep the reference to the set */
 finish:
 	if (res != 0)
-		__ip_set_put_byid(id);
+		__ip_set_put_byindex(index);
 	return res;
 }
 
@@ -166,9 +166,9 @@
 	int i, res = -EINVAL;
 	
 	for (i = 0; i < map->size
-		    && map->id[i] != IP_SET_INVALID_ID
+		    && map->index[i] != IP_SET_INVALID_ID
 		    && res != 0; i++)
-		res = ip_set_addip_kernel(map->id[i], skb, flags);
+		res = ip_set_addip_kernel(map->index[i], skb, flags);
 	return res;
 }
 
@@ -178,8 +178,8 @@
 	int j;
 	
 	for (j = i; j < map->size - 1; j++)
-		map->id[j] = map->id[j+1];
-	map->id[map->size-1] = IP_SET_INVALID_ID;
+		map->index[j] = map->index[j+1];
+	map->index[map->size-1] = IP_SET_INVALID_ID;
 	return 0;
 }
 
@@ -189,15 +189,15 @@
 {
 	struct ip_set_setlist *map = set->data;
 	const struct ip_set_req_setlist *req = data;
-	ip_set_id_t id, ref = IP_SET_INVALID_ID;
+	ip_set_id_t index, ref = IP_SET_INVALID_ID;
 	int i, res = -EEXIST;
 	struct ip_set *s;
 	
 	if (req->before && req->ref[0] == '\0')
 		return -EINVAL;
 
-	id = __ip_set_get_byname(req->name, &s);
-	if (id == IP_SET_INVALID_ID)
+	index = __ip_set_get_byname(req->name, &s);
+	if (index == IP_SET_INVALID_ID)
 		return -EEXIST;
 	if (req->ref[0] != '\0') {
 		ref = __ip_set_get_byname(req->ref, &s);
@@ -205,31 +205,31 @@
 			goto finish;
 	}
 	for (i = 0; i < map->size
-	            && map->id[i] != IP_SET_INVALID_ID; i++) {
+	            && map->index[i] != IP_SET_INVALID_ID; i++) {
 		if (req->before) {
-			if (map->id[i] == id
-			    && next_id_eq(map, i + 1, ref)) {
+			if (map->index[i] == index
+			    && next_index_eq(map, i + 1, ref)) {
 				res = unshift_setlist(map, i);
 				break;
 			}
 		} else if (ref == IP_SET_INVALID_ID) {
-			if (map->id[i] == id) {
+			if (map->index[i] == index) {
 				res = unshift_setlist(map, i);
 				break;
 			}
-		} else if (map->id[i] == ref
-			   && next_id_eq(map, i + 1, id)) {
+		} else if (map->index[i] == ref
+			   && next_index_eq(map, i + 1, index)) {
 			res = unshift_setlist(map, i + 1);
 			break;
 		}
 	}
 	if (ref != IP_SET_INVALID_ID)
-		__ip_set_put_byid(ref);
+		__ip_set_put_byindex(ref);
 finish:
-	__ip_set_put_byid(id);
-	/* In case of success, release the reference to the id */
+	__ip_set_put_byindex(index);
+	/* In case of success, release the reference to the set */
 	if (res == 0)
-		__ip_set_put_byid(id);
+		__ip_set_put_byindex(index);
 	return res;
 }
 
@@ -244,9 +244,9 @@
 	int i, res = -EINVAL;
 	
 	for (i = 0; i < map->size
-		    && map->id[i] != IP_SET_INVALID_ID
+		    && map->index[i] != IP_SET_INVALID_ID
 		    && res != 0; i++)
-		res = ip_set_delip_kernel(map->id[i], skb, flags);
+		res = ip_set_delip_kernel(map->index[i], skb, flags);
 	return res;
 }
 
@@ -263,7 +263,7 @@
 		return -ENOMEM;
 	map->size = req->size;
 	for (i = 0; i < map->size; i++)
-		map->id[i] = IP_SET_INVALID_ID;
+		map->index[i] = IP_SET_INVALID_ID;
 	
 	set->data = map;
 	return 0;
@@ -276,8 +276,8 @@
 	int i;
 	
 	for (i = 0; i < map->size
-		    && map->id[i] != IP_SET_INVALID_ID; i++)
-		__ip_set_put_byid(map->id[i]);
+		    && map->index[i] != IP_SET_INVALID_ID; i++)
+		__ip_set_put_byindex(map->index[i]);
 
 	kfree(map);
 	set->data = NULL;
@@ -290,9 +290,9 @@
 	int i;
 	
 	for (i = 0; i < map->size
-		    && map->id[i] != IP_SET_INVALID_ID; i++) {
-		__ip_set_put_byid(map->id[i]);
-		map->id[i] = IP_SET_INVALID_ID;
+		    && map->index[i] != IP_SET_INVALID_ID; i++) {
+		__ip_set_put_byindex(map->index[i]);
+		map->index[i] = IP_SET_INVALID_ID;
 	}
 }
 
@@ -320,7 +320,7 @@
 	int i;
 	
 	for (i = 0; i < map->size; i++)
-		*((ip_set_id_t *)data + i) = map->id[i];
+		*((ip_set_id_t *)data + i) = ip_set_id(map->index[i]);
 }
 
 IP_SET_TYPE(setlist, IPSET_TYPE_SETNAME | IPSET_DATA_SINGLE)

Modified: trunk/ipset/kernel/ipt_SET.c
===================================================================
--- trunk/ipset/kernel/ipt_SET.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/kernel/ipt_SET.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -179,9 +179,9 @@
 	}
 #endif
 	if (info->add_set.index != IP_SET_INVALID_ID)
-		ip_set_put(info->add_set.index);
+		ip_set_put_byindex(info->add_set.index);
 	if (info->del_set.index != IP_SET_INVALID_ID)
-		ip_set_put(info->del_set.index);
+		ip_set_put_byindex(info->del_set.index);
 }
 
 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)

Modified: trunk/ipset/kernel/ipt_set.c
===================================================================
--- trunk/ipset/kernel/ipt_set.c	2008-11-13 19:19:39 UTC (rev 7575)
+++ trunk/ipset/kernel/ipt_set.c	2008-11-15 20:20:09 UTC (rev 7576)
@@ -175,7 +175,7 @@
 		return;
 	}
 #endif
-	ip_set_put(info->match_set.index);
+	ip_set_put_byindex(info->match_set.index);
 }
 
 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)




More information about the netfilter-cvslog mailing list