diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-04-08 23:11:02 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-04-29 20:09:01 +0200 |
commit | 00d71b270eedacd7d3d7b20fb93269853470d18e (patch) | |
tree | 5156cb860788bfd18401f015d83156e25adbdd0d /net/netfilter/ipset/ip_set_hash_net.c | |
parent | f48d19db12e1cde296ce7a13c38303618e38e304 (diff) | |
download | linux-00d71b270eedacd7d3d7b20fb93269853470d18e.tar.bz2 |
netfilter: ipset: The hash types with counter support
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/ipset/ip_set_hash_net.c')
-rw-r--r-- | net/netfilter/ipset/ip_set_hash_net.c | 47 |
1 files changed, 44 insertions, 3 deletions
diff --git a/net/netfilter/ipset/ip_set_hash_net.c b/net/netfilter/ipset/ip_set_hash_net.c index cfbcdd407064..da740ceb56ae 100644 --- a/net/netfilter/ipset/ip_set_hash_net.c +++ b/net/netfilter/ipset/ip_set_hash_net.c @@ -24,7 +24,8 @@ #define REVISION_MIN 0 /* 1 Range as input support for IPv4 added */ -#define REVISION_MAX 2 /* nomatch flag support added */ +/* 2 nomatch flag support added */ +#define REVISION_MAX 3 /* Counters support added */ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); @@ -53,6 +54,23 @@ struct hash_net4t_elem { unsigned long timeout; }; +struct hash_net4c_elem { + __be32 ip; + u16 padding0; + u8 nomatch; + u8 cidr; + struct ip_set_counter counter; +}; + +struct hash_net4ct_elem { + __be32 ip; + u16 padding0; + u8 nomatch; + u8 cidr; + struct ip_set_counter counter; + unsigned long timeout; +}; + /* Common functions */ static inline bool @@ -153,7 +171,9 @@ hash_net4_uadt(struct ip_set *set, struct nlattr *tb[], if (unlikely(!tb[IPSET_ATTR_IP] || !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT) || - !ip_set_optattr_netorder(tb, IPSET_ATTR_CADT_FLAGS))) + !ip_set_optattr_netorder(tb, IPSET_ATTR_CADT_FLAGS) || + !ip_set_optattr_netorder(tb, IPSET_ATTR_PACKETS) || + !ip_set_optattr_netorder(tb, IPSET_ATTR_BYTES))) return -IPSET_ERR_PROTOCOL; if (tb[IPSET_ATTR_LINENO]) @@ -225,6 +245,23 @@ struct hash_net6t_elem { unsigned long timeout; }; +struct hash_net6c_elem { + union nf_inet_addr ip; + u16 padding0; + u8 nomatch; + u8 cidr; + struct ip_set_counter counter; +}; + +struct hash_net6ct_elem { + union nf_inet_addr ip; + u16 padding0; + u8 nomatch; + u8 cidr; + struct ip_set_counter counter; + unsigned long timeout; +}; + /* Common functions */ static inline bool @@ -328,7 +365,9 @@ hash_net6_uadt(struct ip_set *set, struct nlattr *tb[], if (unlikely(!tb[IPSET_ATTR_IP] || !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT) || - !ip_set_optattr_netorder(tb, IPSET_ATTR_CADT_FLAGS))) + !ip_set_optattr_netorder(tb, IPSET_ATTR_CADT_FLAGS) || + !ip_set_optattr_netorder(tb, IPSET_ATTR_PACKETS) || + !ip_set_optattr_netorder(tb, IPSET_ATTR_BYTES))) return -IPSET_ERR_PROTOCOL; if (unlikely(tb[IPSET_ATTR_IP_TO])) return -IPSET_ERR_HASH_RANGE_UNSUPPORTED; @@ -384,6 +423,8 @@ static struct ip_set_type hash_net_type __read_mostly = { [IPSET_ATTR_CIDR] = { .type = NLA_U8 }, [IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 }, [IPSET_ATTR_CADT_FLAGS] = { .type = NLA_U32 }, + [IPSET_ATTR_BYTES] = { .type = NLA_U64 }, + [IPSET_ATTR_PACKETS] = { .type = NLA_U64 }, }, .me = THIS_MODULE, }; |