| /* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu) |
| * |
| * This program is free software; you can redistribute it and/or modify |
| * it under the terms of the GNU General Public License version 2 as |
| * published by the Free Software Foundation. |
| */ |
| #include <libipset/data.h> /* IPSET_OPT_* */ |
| #include <libipset/parse.h> /* parser functions */ |
| #include <libipset/print.h> /* printing functions */ |
| #include <libipset/types.h> /* prototypes */ |
| |
| /* Parse commandline arguments */ |
| static const struct ipset_arg hash_ip_create_args0[] = { |
| { .name = { "family", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, .print = ipset_print_family, |
| }, |
| /* Alias: family inet */ |
| { .name = { "-4", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| /* Alias: family inet6 */ |
| { .name = { "-6", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| { .name = { "hashsize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "maxelem", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "netmask", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_NETMASK, |
| .parse = ipset_parse_netmask, .print = ipset_print_number, |
| }, |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| /* Ignored options: backward compatibilty */ |
| { .name = { "probes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "resize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "gc", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_GC, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| static const struct ipset_arg hash_ip_add_args0[] = { |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| static const char hash_ip_usage0[] = |
| "create SETNAME hash:ip\n" |
| " [family inet|inet6]\n" |
| " [hashsize VALUE] [maxelem VALUE]\n" |
| " [netmask CIDR] [timeout VALUE]\n" |
| "add SETNAME IP [timeout VALUE]\n" |
| "del SETNAME IP\n" |
| "test SETNAME IP\n\n" |
| "where depending on the INET family\n" |
| " IP is a valid IPv4 or IPv6 address (or hostname),\n" |
| " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n" |
| " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" |
| " is supported for IPv4.\n"; |
| |
| static struct ipset_type ipset_hash_ip0 = { |
| .name = "hash:ip", |
| .alias = { "iphash", NULL }, |
| .revision = 0, |
| .family = NFPROTO_IPSET_IPV46, |
| .dimension = IPSET_DIM_ONE, |
| .elem = { |
| [IPSET_DIM_ONE - 1] = { |
| .parse = ipset_parse_ip4_single6, |
| .print = ipset_print_ip, |
| .opt = IPSET_OPT_IP |
| }, |
| }, |
| .args = { |
| [IPSET_CREATE] = hash_ip_create_args0, |
| [IPSET_ADD] = hash_ip_add_args0, |
| }, |
| .mandatory = { |
| [IPSET_CREATE] = 0, |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| .full = { |
| [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE) |
| | IPSET_FLAG(IPSET_OPT_MAXELEM) |
| | IPSET_FLAG(IPSET_OPT_NETMASK) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT), |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| |
| .usage = hash_ip_usage0, |
| .description = "Initial revision", |
| }; |
| |
| /* Parse commandline arguments */ |
| static const struct ipset_arg hash_ip_create_args1[] = { |
| { .name = { "family", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, .print = ipset_print_family, |
| }, |
| /* Alias: family inet */ |
| { .name = { "-4", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| /* Alias: family inet6 */ |
| { .name = { "-6", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| { .name = { "hashsize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "maxelem", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "netmask", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_NETMASK, |
| .parse = ipset_parse_netmask, .print = ipset_print_number, |
| }, |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { .name = { "counters", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| /* Ignored options: backward compatibilty */ |
| { .name = { "probes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "resize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "gc", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_GC, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| static const struct ipset_arg hash_ip_add_args1[] = { |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { .name = { "packets", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PACKETS, |
| .parse = ipset_parse_uint64, .print = ipset_print_number, |
| }, |
| { .name = { "bytes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_BYTES, |
| .parse = ipset_parse_uint64, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| static const char hash_ip_usage1[] = |
| "create SETNAME hash:ip\n" |
| " [family inet|inet6]\n" |
| " [hashsize VALUE] [maxelem VALUE]\n" |
| " [netmask CIDR] [timeout VALUE]\n" |
| " [counters]\n" |
| "add SETNAME IP [timeout VALUE]\n" |
| " [packets VALUE] [bytes VALUE]\n" |
| "del SETNAME IP\n" |
| "test SETNAME IP\n\n" |
| "where depending on the INET family\n" |
| " IP is a valid IPv4 or IPv6 address (or hostname),\n" |
| " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n" |
| " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" |
| " is supported for IPv4.\n"; |
| |
| static struct ipset_type ipset_hash_ip1 = { |
| .name = "hash:ip", |
| .alias = { "iphash", NULL }, |
| .revision = 1, |
| .family = NFPROTO_IPSET_IPV46, |
| .dimension = IPSET_DIM_ONE, |
| .elem = { |
| [IPSET_DIM_ONE - 1] = { |
| .parse = ipset_parse_ip4_single6, |
| .print = ipset_print_ip, |
| .opt = IPSET_OPT_IP |
| }, |
| }, |
| .args = { |
| [IPSET_CREATE] = hash_ip_create_args1, |
| [IPSET_ADD] = hash_ip_add_args1, |
| }, |
| .mandatory = { |
| [IPSET_CREATE] = 0, |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| .full = { |
| [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE) |
| | IPSET_FLAG(IPSET_OPT_MAXELEM) |
| | IPSET_FLAG(IPSET_OPT_NETMASK) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_COUNTERS), |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_PACKETS) |
| | IPSET_FLAG(IPSET_OPT_BYTES), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| |
| .usage = hash_ip_usage1, |
| .description = "counters support", |
| }; |
| |
| /* Parse commandline arguments */ |
| static const struct ipset_arg hash_ip_create_args2[] = { |
| { .name = { "family", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, .print = ipset_print_family, |
| }, |
| /* Alias: family inet */ |
| { .name = { "-4", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| /* Alias: family inet6 */ |
| { .name = { "-6", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| { .name = { "hashsize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "maxelem", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "netmask", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_NETMASK, |
| .parse = ipset_parse_netmask, .print = ipset_print_number, |
| }, |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { .name = { "counters", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| { .name = { "comment", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_CREATE_COMMENT, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| /* Ignored options: backward compatibilty */ |
| { .name = { "probes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "resize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "gc", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_GC, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| static const struct ipset_arg hash_ip_add_args2[] = { |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { .name = { "packets", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PACKETS, |
| .parse = ipset_parse_uint64, .print = ipset_print_number, |
| }, |
| { .name = { "bytes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_BYTES, |
| .parse = ipset_parse_uint64, .print = ipset_print_number, |
| }, |
| { .name = { "comment", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_ADT_COMMENT, |
| .parse = ipset_parse_comment, .print = ipset_print_comment, |
| }, |
| { }, |
| }; |
| |
| static const char hash_ip_usage2[] = |
| "create SETNAME hash:ip\n" |
| " [family inet|inet6]\n" |
| " [hashsize VALUE] [maxelem VALUE]\n" |
| " [netmask CIDR] [timeout VALUE]\n" |
| " [counters] [comment]\n" |
| "add SETNAME IP [timeout VALUE]\n" |
| " [packets VALUE] [bytes VALUE] [comment \"string\"]\n" |
| "del SETNAME IP\n" |
| "test SETNAME IP\n\n" |
| "where depending on the INET family\n" |
| " IP is a valid IPv4 or IPv6 address (or hostname),\n" |
| " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n" |
| " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" |
| " is supported for IPv4.\n"; |
| |
| static struct ipset_type ipset_hash_ip2 = { |
| .name = "hash:ip", |
| .alias = { "iphash", NULL }, |
| .revision = 2, |
| .family = NFPROTO_IPSET_IPV46, |
| .dimension = IPSET_DIM_ONE, |
| .elem = { |
| [IPSET_DIM_ONE - 1] = { |
| .parse = ipset_parse_ip4_single6, |
| .print = ipset_print_ip, |
| .opt = IPSET_OPT_IP |
| }, |
| }, |
| .args = { |
| [IPSET_CREATE] = hash_ip_create_args2, |
| [IPSET_ADD] = hash_ip_add_args2, |
| }, |
| .mandatory = { |
| [IPSET_CREATE] = 0, |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| .full = { |
| [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE) |
| | IPSET_FLAG(IPSET_OPT_MAXELEM) |
| | IPSET_FLAG(IPSET_OPT_NETMASK) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_COUNTERS) |
| | IPSET_FLAG(IPSET_OPT_CREATE_COMMENT), |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_PACKETS) |
| | IPSET_FLAG(IPSET_OPT_BYTES) |
| | IPSET_FLAG(IPSET_OPT_ADT_COMMENT), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| |
| .usage = hash_ip_usage2, |
| .description = "comment support", |
| }; |
| |
| /* Parse commandline arguments */ |
| static const struct ipset_arg hash_ip_create_args3[] = { |
| { .name = { "family", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, .print = ipset_print_family, |
| }, |
| /* Alias: family inet */ |
| { .name = { "-4", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| /* Alias: family inet6 */ |
| { .name = { "-6", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| { .name = { "hashsize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "maxelem", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "netmask", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_NETMASK, |
| .parse = ipset_parse_netmask, .print = ipset_print_number, |
| }, |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { .name = { "counters", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| { .name = { "comment", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_CREATE_COMMENT, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| { .name = { "forceadd", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FORCEADD, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| /* Ignored options: backward compatibilty */ |
| { .name = { "probes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "resize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "gc", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_GC, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| static const char hash_ip_usage3[] = |
| "create SETNAME hash:ip\n" |
| " [family inet|inet6]\n" |
| " [hashsize VALUE] [maxelem VALUE]\n" |
| " [netmask CIDR] [timeout VALUE]\n" |
| " [counters] [comment] [forceadd]\n" |
| "add SETNAME IP [timeout VALUE]\n" |
| " [packets VALUE] [bytes VALUE] [comment \"string\"]\n" |
| "del SETNAME IP\n" |
| "test SETNAME IP\n\n" |
| "where depending on the INET family\n" |
| " IP is a valid IPv4 or IPv6 address (or hostname),\n" |
| " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n" |
| " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" |
| " is supported for IPv4.\n"; |
| |
| static struct ipset_type ipset_hash_ip3 = { |
| .name = "hash:ip", |
| .alias = { "iphash", NULL }, |
| .revision = 3, |
| .family = NFPROTO_IPSET_IPV46, |
| .dimension = IPSET_DIM_ONE, |
| .elem = { |
| [IPSET_DIM_ONE - 1] = { |
| .parse = ipset_parse_ip4_single6, |
| .print = ipset_print_ip, |
| .opt = IPSET_OPT_IP |
| }, |
| }, |
| .args = { |
| [IPSET_CREATE] = hash_ip_create_args3, |
| [IPSET_ADD] = hash_ip_add_args2, |
| }, |
| .mandatory = { |
| [IPSET_CREATE] = 0, |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| .full = { |
| [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE) |
| | IPSET_FLAG(IPSET_OPT_MAXELEM) |
| | IPSET_FLAG(IPSET_OPT_NETMASK) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_COUNTERS) |
| | IPSET_FLAG(IPSET_OPT_CREATE_COMMENT) |
| | IPSET_FLAG(IPSET_OPT_FORCEADD), |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_PACKETS) |
| | IPSET_FLAG(IPSET_OPT_BYTES) |
| | IPSET_FLAG(IPSET_OPT_ADT_COMMENT), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| |
| .usage = hash_ip_usage3, |
| .description = "forceadd support", |
| }; |
| |
| /* Parse commandline arguments */ |
| static const struct ipset_arg hash_ip_create_args4[] = { |
| { .name = { "family", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, .print = ipset_print_family, |
| }, |
| /* Alias: family inet */ |
| { .name = { "-4", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| /* Alias: family inet6 */ |
| { .name = { "-6", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FAMILY, |
| .parse = ipset_parse_family, |
| }, |
| { .name = { "hashsize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_HASHSIZE, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "maxelem", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_MAXELEM, |
| .parse = ipset_parse_uint32, .print = ipset_print_number, |
| }, |
| { .name = { "netmask", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_NETMASK, |
| .parse = ipset_parse_netmask, .print = ipset_print_number, |
| }, |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { .name = { "counters", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_COUNTERS, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| { .name = { "comment", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_CREATE_COMMENT, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| { .name = { "forceadd", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_FORCEADD, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| { .name = { "skbinfo", NULL }, |
| .has_arg = IPSET_NO_ARG, .opt = IPSET_OPT_SKBINFO, |
| .parse = ipset_parse_flag, .print = ipset_print_flag, |
| }, |
| /* Ignored options: backward compatibilty */ |
| { .name = { "probes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PROBES, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "resize", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_RESIZE, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { .name = { "gc", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_GC, |
| .parse = ipset_parse_ignored, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| static const struct ipset_arg hash_ip_add_args4[] = { |
| { .name = { "timeout", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_TIMEOUT, |
| .parse = ipset_parse_timeout, .print = ipset_print_number, |
| }, |
| { .name = { "packets", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_PACKETS, |
| .parse = ipset_parse_uint64, .print = ipset_print_number, |
| }, |
| { .name = { "bytes", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_BYTES, |
| .parse = ipset_parse_uint64, .print = ipset_print_number, |
| }, |
| { .name = { "comment", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_ADT_COMMENT, |
| .parse = ipset_parse_comment, .print = ipset_print_comment, |
| }, |
| { .name = { "skbmark", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_SKBMARK, |
| .parse = ipset_parse_skbmark, .print = ipset_print_skbmark, |
| }, |
| { .name = { "skbprio", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_SKBPRIO, |
| .parse = ipset_parse_skbprio, .print = ipset_print_skbprio, |
| }, |
| { .name = { "skbqueue", NULL }, |
| .has_arg = IPSET_MANDATORY_ARG, .opt = IPSET_OPT_SKBQUEUE, |
| .parse = ipset_parse_uint16, .print = ipset_print_number, |
| }, |
| { }, |
| }; |
| |
| |
| static const char hash_ip_usage4[] = |
| "create SETNAME hash:ip\n" |
| " [family inet|inet6]\n" |
| " [hashsize VALUE] [maxelem VALUE]\n" |
| " [netmask CIDR] [timeout VALUE]\n" |
| " [counters] [comment] [forceadd] [skbinfo]\n" |
| "add SETNAME IP [timeout VALUE]\n" |
| " [packets VALUE] [bytes VALUE] [comment \"string\"]\n" |
| " [skbmark VALUE] [skbprio VALUE] [skbqueue VALUE]\n" |
| "del SETNAME IP\n" |
| "test SETNAME IP\n\n" |
| "where depending on the INET family\n" |
| " IP is a valid IPv4 or IPv6 address (or hostname),\n" |
| " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n" |
| " Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n" |
| " is supported for IPv4.\n"; |
| |
| static struct ipset_type ipset_hash_ip4 = { |
| .name = "hash:ip", |
| .alias = { "iphash", NULL }, |
| .revision = 4, |
| .family = NFPROTO_IPSET_IPV46, |
| .dimension = IPSET_DIM_ONE, |
| .elem = { |
| [IPSET_DIM_ONE - 1] = { |
| .parse = ipset_parse_ip4_single6, |
| .print = ipset_print_ip, |
| .opt = IPSET_OPT_IP |
| }, |
| }, |
| .args = { |
| [IPSET_CREATE] = hash_ip_create_args4, |
| [IPSET_ADD] = hash_ip_add_args4, |
| }, |
| .mandatory = { |
| [IPSET_CREATE] = 0, |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| .full = { |
| [IPSET_CREATE] = IPSET_FLAG(IPSET_OPT_HASHSIZE) |
| | IPSET_FLAG(IPSET_OPT_MAXELEM) |
| | IPSET_FLAG(IPSET_OPT_NETMASK) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_COUNTERS) |
| | IPSET_FLAG(IPSET_OPT_CREATE_COMMENT) |
| | IPSET_FLAG(IPSET_OPT_FORCEADD) |
| | IPSET_FLAG(IPSET_OPT_SKBINFO), |
| [IPSET_ADD] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO) |
| | IPSET_FLAG(IPSET_OPT_TIMEOUT) |
| | IPSET_FLAG(IPSET_OPT_PACKETS) |
| | IPSET_FLAG(IPSET_OPT_BYTES) |
| | IPSET_FLAG(IPSET_OPT_ADT_COMMENT) |
| | IPSET_FLAG(IPSET_OPT_SKBMARK) |
| | IPSET_FLAG(IPSET_OPT_SKBPRIO) |
| | IPSET_FLAG(IPSET_OPT_SKBQUEUE), |
| [IPSET_DEL] = IPSET_FLAG(IPSET_OPT_IP) |
| | IPSET_FLAG(IPSET_OPT_IP_TO), |
| [IPSET_TEST] = IPSET_FLAG(IPSET_OPT_IP), |
| }, |
| |
| .usage = hash_ip_usage4, |
| .description = "skbinfo support", |
| }; |
| |
| void _init(void); |
| void _init(void) |
| { |
| ipset_type_add(&ipset_hash_ip0); |
| ipset_type_add(&ipset_hash_ip1); |
| ipset_type_add(&ipset_hash_ip2); |
| ipset_type_add(&ipset_hash_ip3); |
| ipset_type_add(&ipset_hash_ip4); |
| } |