]> git.ipfire.org Git - thirdparty/ipset.git/blame - lib/ipset_hash_netnet.c
projects / thirdparty / ipset.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipset 7.19 released
[thirdparty/ipset.git] / lib / ipset_hash_netnet.c
CommitLineData
0fdebb3b 1/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@netfilter.org)
ab7c1721
OS		 2 * Copyright 2013 Oliver Smith (oliver@8.c.9.b.0.7.4.0.1.0.0.2.ip6.arpa)
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8#include <libipset/data.h> /* IPSET_OPT_* */
9#include <libipset/parse.h> /* parser functions */
10#include <libipset/print.h> /* printing functions */
11#include <libipset/types.h> /* prototypes */
12
d71dd935 13/* Initial revision */
ab7c1721
OS		 14static struct ipset_type ipset_hash_netnet0 = {
15 .name = "hash:net,net",
16 .alias = { "netnethash", NULL },
17 .revision = 0,
18 .family = NFPROTO_IPSET_IPV46,
19 .dimension = IPSET_DIM_TWO,
20 .elem = {
21 [IPSET_DIM_ONE - 1] = {
22 .parse = ipset_parse_ip4_net6,
23 .print = ipset_print_ip,
24 .opt = IPSET_OPT_IP
25 },
26 [IPSET_DIM_TWO - 1] = {
27 .parse = ipset_parse_ip4_net6,
28 .print = ipset_print_ip,
29 .opt = IPSET_OPT_IP2
30 },
31 },
d71dd935
JK		 32 .cmd = {
33 [IPSET_CREATE] = {
34 .args = {
35 IPSET_ARG_FAMILY,
36 /* Aliases */
37 IPSET_ARG_INET,
38 IPSET_ARG_INET6,
39 IPSET_ARG_HASHSIZE,
40 IPSET_ARG_MAXELEM,
41 IPSET_ARG_TIMEOUT,
42 IPSET_ARG_COUNTERS,
43 IPSET_ARG_COMMENT,
44 IPSET_ARG_NONE,
45 },
46 .need = 0,
47 .full = 0,
48 .help = "",
49 },
50 [IPSET_ADD] = {
51 .args = {
52 IPSET_ARG_TIMEOUT,
53 IPSET_ARG_NOMATCH,
54 IPSET_ARG_PACKETS,
55 IPSET_ARG_BYTES,
56 IPSET_ARG_ADT_COMMENT,
57 IPSET_ARG_NONE,
58 },
59 .need = IPSET_FLAG(IPSET_OPT_IP)
60 | IPSET_FLAG(IPSET_OPT_IP2),
61 .full = IPSET_FLAG(IPSET_OPT_IP)
62 | IPSET_FLAG(IPSET_OPT_CIDR)
63 | IPSET_FLAG(IPSET_OPT_IP_TO)
64 | IPSET_FLAG(IPSET_OPT_IP2)
65 | IPSET_FLAG(IPSET_OPT_CIDR2)
66 | IPSET_FLAG(IPSET_OPT_IP2_TO),
67 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
68 },
69 [IPSET_DEL] = {
70 .args = {
71 IPSET_ARG_NONE,
72 },
73 .need = IPSET_FLAG(IPSET_OPT_IP)
74 | IPSET_FLAG(IPSET_OPT_IP2),
75 .full = IPSET_FLAG(IPSET_OPT_IP)
76 | IPSET_FLAG(IPSET_OPT_CIDR)
77 | IPSET_FLAG(IPSET_OPT_IP_TO)
78 | IPSET_FLAG(IPSET_OPT_IP2)
79 | IPSET_FLAG(IPSET_OPT_CIDR2)
80 | IPSET_FLAG(IPSET_OPT_IP2_TO),
81 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
82 },
83 [IPSET_TEST] = {
84 .args = {
85 IPSET_ARG_NOMATCH,
86 IPSET_ARG_NONE,
87 },
88 .need = IPSET_FLAG(IPSET_OPT_IP)
89 | IPSET_FLAG(IPSET_OPT_IP2),
90 .full = IPSET_FLAG(IPSET_OPT_IP)
91 | IPSET_FLAG(IPSET_OPT_CIDR)
92 | IPSET_FLAG(IPSET_OPT_IP2)
93 | IPSET_FLAG(IPSET_OPT_CIDR2),
94 .help = "IP[/CIDR],IP[/CIDR]",
95 },
ab7c1721 96 },
d71dd935
JK		 97 .usage = "where depending on the INET family\n"
98 " IP is an IPv4 or IPv6 address (or hostname),\n"
99 " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
100 " IP range is not supported with IPv6.",
ab7c1721
OS		 101 .description = "initial revision",
102};
103
d71dd935 104/* forceadd support */
51ffda2e
JH		 105static struct ipset_type ipset_hash_netnet1 = {
106 .name = "hash:net,net",
107 .alias = { "netnethash", NULL },
108 .revision = 1,
109 .family = NFPROTO_IPSET_IPV46,
110 .dimension = IPSET_DIM_TWO,
111 .elem = {
112 [IPSET_DIM_ONE - 1] = {
113 .parse = ipset_parse_ip4_net6,
114 .print = ipset_print_ip,
115 .opt = IPSET_OPT_IP
116 },
117 [IPSET_DIM_TWO - 1] = {
118 .parse = ipset_parse_ip4_net6,
119 .print = ipset_print_ip,
120 .opt = IPSET_OPT_IP2
121 },
122 },
d71dd935
JK		 123 .cmd = {
124 [IPSET_CREATE] = {
125 .args = {
126 IPSET_ARG_FAMILY,
127 /* Aliases */
128 IPSET_ARG_INET,
129 IPSET_ARG_INET6,
130 IPSET_ARG_HASHSIZE,
131 IPSET_ARG_MAXELEM,
132 IPSET_ARG_TIMEOUT,
133 IPSET_ARG_COUNTERS,
134 IPSET_ARG_COMMENT,
135 IPSET_ARG_FORCEADD,
136 IPSET_ARG_NONE,
137 },
138 .need = 0,
139 .full = 0,
140 .help = "",
141 },
142 [IPSET_ADD] = {
143 .args = {
144 IPSET_ARG_TIMEOUT,
145 IPSET_ARG_NOMATCH,
146 IPSET_ARG_PACKETS,
147 IPSET_ARG_BYTES,
148 IPSET_ARG_ADT_COMMENT,
149 IPSET_ARG_NONE,
150 },
151 .need = IPSET_FLAG(IPSET_OPT_IP)
152 | IPSET_FLAG(IPSET_OPT_IP2),
153 .full = IPSET_FLAG(IPSET_OPT_IP)
154 | IPSET_FLAG(IPSET_OPT_CIDR)
155 | IPSET_FLAG(IPSET_OPT_IP_TO)
156 | IPSET_FLAG(IPSET_OPT_IP2)
157 | IPSET_FLAG(IPSET_OPT_CIDR2)
158 | IPSET_FLAG(IPSET_OPT_IP2_TO),
159 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
160 },
161 [IPSET_DEL] = {
162 .args = {
163 IPSET_ARG_NONE,
164 },
165 .need = IPSET_FLAG(IPSET_OPT_IP)
166 | IPSET_FLAG(IPSET_OPT_IP2),
167 .full = IPSET_FLAG(IPSET_OPT_IP)
168 | IPSET_FLAG(IPSET_OPT_CIDR)
169 | IPSET_FLAG(IPSET_OPT_IP_TO)
170 | IPSET_FLAG(IPSET_OPT_IP2)
171 | IPSET_FLAG(IPSET_OPT_CIDR2)
172 | IPSET_FLAG(IPSET_OPT_IP2_TO),
173 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
174 },
175 [IPSET_TEST] = {
176 .args = {
177 IPSET_ARG_NOMATCH,
178 IPSET_ARG_NONE,
179 },
180 .need = IPSET_FLAG(IPSET_OPT_IP)
181 | IPSET_FLAG(IPSET_OPT_IP2),
182 .full = IPSET_FLAG(IPSET_OPT_IP)
183 | IPSET_FLAG(IPSET_OPT_CIDR)
184 | IPSET_FLAG(IPSET_OPT_IP2)
185 | IPSET_FLAG(IPSET_OPT_CIDR2),
186 .help = "IP[/CIDR],IP[/CIDR]",
187 },
51ffda2e 188 },
d71dd935
JK		 189 .usage = "where depending on the INET family\n"
190 " IP is an IPv4 or IPv6 address (or hostname),\n"
191 " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
192 " IP range is not supported with IPv6.",
51ffda2e
JH		 193 .description = "forceadd support",
194};
195
d71dd935 196/* skbinfo support */
d5835e4b
AD		 197static struct ipset_type ipset_hash_netnet2 = {
198 .name = "hash:net,net",
199 .alias = { "netnethash", NULL },
200 .revision = 2,
201 .family = NFPROTO_IPSET_IPV46,
202 .dimension = IPSET_DIM_TWO,
203 .elem = {
204 [IPSET_DIM_ONE - 1] = {
205 .parse = ipset_parse_ip4_net6,
206 .print = ipset_print_ip,
207 .opt = IPSET_OPT_IP
208 },
209 [IPSET_DIM_TWO - 1] = {
210 .parse = ipset_parse_ip4_net6,
211 .print = ipset_print_ip,
212 .opt = IPSET_OPT_IP2
213 },
214 },
d71dd935
JK		 215 .cmd = {
216 [IPSET_CREATE] = {
217 .args = {
218 IPSET_ARG_FAMILY,
219 /* Aliases */
220 IPSET_ARG_INET,
221 IPSET_ARG_INET6,
222 IPSET_ARG_HASHSIZE,
223 IPSET_ARG_MAXELEM,
224 IPSET_ARG_TIMEOUT,
225 IPSET_ARG_COUNTERS,
226 IPSET_ARG_COMMENT,
227 IPSET_ARG_FORCEADD,
228 IPSET_ARG_SKBINFO,
229 IPSET_ARG_NONE,
230 },
231 .need = 0,
232 .full = 0,
233 .help = "",
234 },
235 [IPSET_ADD] = {
236 .args = {
237 IPSET_ARG_TIMEOUT,
238 IPSET_ARG_NOMATCH,
239 IPSET_ARG_PACKETS,
240 IPSET_ARG_BYTES,
241 IPSET_ARG_ADT_COMMENT,
242 IPSET_ARG_SKBMARK,
243 IPSET_ARG_SKBPRIO,
244 IPSET_ARG_SKBQUEUE,
245 IPSET_ARG_NONE,
246 },
247 .need = IPSET_FLAG(IPSET_OPT_IP)
248 | IPSET_FLAG(IPSET_OPT_IP2),
249 .full = IPSET_FLAG(IPSET_OPT_IP)
250 | IPSET_FLAG(IPSET_OPT_CIDR)
251 | IPSET_FLAG(IPSET_OPT_IP_TO)
252 | IPSET_FLAG(IPSET_OPT_IP2)
253 | IPSET_FLAG(IPSET_OPT_CIDR2)
254 | IPSET_FLAG(IPSET_OPT_IP2_TO),
255 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
256 },
257 [IPSET_DEL] = {
258 .args = {
259 IPSET_ARG_NONE,
260 },
261 .need = IPSET_FLAG(IPSET_OPT_IP)
262 | IPSET_FLAG(IPSET_OPT_IP2),
263 .full = IPSET_FLAG(IPSET_OPT_IP)
264 | IPSET_FLAG(IPSET_OPT_CIDR)
265 | IPSET_FLAG(IPSET_OPT_IP_TO)
266 | IPSET_FLAG(IPSET_OPT_IP2)
267 | IPSET_FLAG(IPSET_OPT_CIDR2)
268 | IPSET_FLAG(IPSET_OPT_IP2_TO),
269 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
270 },
271 [IPSET_TEST] = {
272 .args = {
273 IPSET_ARG_NOMATCH,
274 IPSET_ARG_NONE,
275 },
276 .need = IPSET_FLAG(IPSET_OPT_IP)
277 | IPSET_FLAG(IPSET_OPT_IP2),
278 .full = IPSET_FLAG(IPSET_OPT_IP)
279 | IPSET_FLAG(IPSET_OPT_CIDR)
280 | IPSET_FLAG(IPSET_OPT_IP2)
281 | IPSET_FLAG(IPSET_OPT_CIDR2),
282 .help = "IP[/CIDR],IP[/CIDR]",
283 },
d5835e4b 284 },
d71dd935
JK		 285 .usage = "where depending on the INET family\n"
286 " IP is an IPv4 or IPv6 address (or hostname),\n"
287 " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
288 " IP range is not supported with IPv6.",
d5835e4b
AD		 289 .description = "skbinfo support",
290};
291
de340a7f
JK		 292/* bucketsize support */
293static struct ipset_type ipset_hash_netnet3 = {
294 .name = "hash:net,net",
295 .alias = { "netnethash", NULL },
296 .revision = 3,
297 .family = NFPROTO_IPSET_IPV46,
298 .dimension = IPSET_DIM_TWO,
299 .elem = {
300 [IPSET_DIM_ONE - 1] = {
301 .parse = ipset_parse_ip4_net6,
302 .print = ipset_print_ip,
303 .opt = IPSET_OPT_IP
304 },
305 [IPSET_DIM_TWO - 1] = {
306 .parse = ipset_parse_ip4_net6,
307 .print = ipset_print_ip,
308 .opt = IPSET_OPT_IP2
309 },
310 },
311 .cmd = {
312 [IPSET_CREATE] = {
313 .args = {
314 IPSET_ARG_FAMILY,
315 /* Aliases */
316 IPSET_ARG_INET,
317 IPSET_ARG_INET6,
318 IPSET_ARG_HASHSIZE,
319 IPSET_ARG_MAXELEM,
320 IPSET_ARG_TIMEOUT,
321 IPSET_ARG_COUNTERS,
322 IPSET_ARG_COMMENT,
323 IPSET_ARG_FORCEADD,
324 IPSET_ARG_SKBINFO,
325 IPSET_ARG_BUCKETSIZE,
280fe2d4 326 IPSET_ARG_INITVAL,
de340a7f
JK		 327 IPSET_ARG_NONE,
328 },
329 .need = 0,
330 .full = 0,
331 .help = "",
332 },
333 [IPSET_ADD] = {
334 .args = {
335 IPSET_ARG_TIMEOUT,
336 IPSET_ARG_NOMATCH,
337 IPSET_ARG_PACKETS,
338 IPSET_ARG_BYTES,
339 IPSET_ARG_ADT_COMMENT,
340 IPSET_ARG_SKBMARK,
341 IPSET_ARG_SKBPRIO,
342 IPSET_ARG_SKBQUEUE,
343 IPSET_ARG_NONE,
344 },
345 .need = IPSET_FLAG(IPSET_OPT_IP)
346 | IPSET_FLAG(IPSET_OPT_IP2),
347 .full = IPSET_FLAG(IPSET_OPT_IP)
348 | IPSET_FLAG(IPSET_OPT_CIDR)
349 | IPSET_FLAG(IPSET_OPT_IP_TO)
350 | IPSET_FLAG(IPSET_OPT_IP2)
351 | IPSET_FLAG(IPSET_OPT_CIDR2)
352 | IPSET_FLAG(IPSET_OPT_IP2_TO),
353 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
354 },
355 [IPSET_DEL] = {
356 .args = {
357 IPSET_ARG_NONE,
358 },
359 .need = IPSET_FLAG(IPSET_OPT_IP)
360 | IPSET_FLAG(IPSET_OPT_IP2),
361 .full = IPSET_FLAG(IPSET_OPT_IP)
362 | IPSET_FLAG(IPSET_OPT_CIDR)
363 | IPSET_FLAG(IPSET_OPT_IP_TO)
364 | IPSET_FLAG(IPSET_OPT_IP2)
365 | IPSET_FLAG(IPSET_OPT_CIDR2)
366 | IPSET_FLAG(IPSET_OPT_IP2_TO),
367 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
368 },
369 [IPSET_TEST] = {
370 .args = {
371 IPSET_ARG_NOMATCH,
372 IPSET_ARG_NONE,
373 },
374 .need = IPSET_FLAG(IPSET_OPT_IP)
375 | IPSET_FLAG(IPSET_OPT_IP2),
376 .full = IPSET_FLAG(IPSET_OPT_IP)
377 | IPSET_FLAG(IPSET_OPT_CIDR)
378 | IPSET_FLAG(IPSET_OPT_IP2)
379 | IPSET_FLAG(IPSET_OPT_CIDR2),
380 .help = "IP[/CIDR],IP[/CIDR]",
381 },
382 },
383 .usage = "where depending on the INET family\n"
384 " IP is an IPv4 or IPv6 address (or hostname),\n"
385 " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
386 " IP range is not supported with IPv6.",
280fe2d4 387 .description = "bucketsize, initval support",
de340a7f
JK		 388};
389
b1b2073e
VP		 390/* bitmask support */
391static struct ipset_type ipset_hash_netnet4 = {
392 .name = "hash:net,net",
393 .alias = { "netnethash", NULL },
394 .revision = 4,
395 .family = NFPROTO_IPSET_IPV46,
396 .dimension = IPSET_DIM_TWO,
397 .elem = {
398 [IPSET_DIM_ONE - 1] = {
399 .parse = ipset_parse_ip4_net6,
400 .print = ipset_print_ip,
401 .opt = IPSET_OPT_IP
402 },
403 [IPSET_DIM_TWO - 1] = {
404 .parse = ipset_parse_ip4_net6,
405 .print = ipset_print_ip,
406 .opt = IPSET_OPT_IP2
407 },
408 },
409 .cmd = {
410 [IPSET_CREATE] = {
411 .args = {
412 IPSET_ARG_FAMILY,
413 /* Aliases */
414 IPSET_ARG_INET,
415 IPSET_ARG_INET6,
416 IPSET_ARG_HASHSIZE,
417 IPSET_ARG_MAXELEM,
418 IPSET_ARG_TIMEOUT,
419 IPSET_ARG_COUNTERS,
420 IPSET_ARG_COMMENT,
421 IPSET_ARG_FORCEADD,
422 IPSET_ARG_SKBINFO,
423 IPSET_ARG_BUCKETSIZE,
424 IPSET_ARG_INITVAL,
425 IPSET_ARG_BITMASK,
426 IPSET_ARG_NETMASK,
427 IPSET_ARG_NONE,
428 },
429 .need = 0,
430 .full = 0,
431 .help = "",
432 },
433 [IPSET_ADD] = {
434 .args = {
435 IPSET_ARG_TIMEOUT,
436 IPSET_ARG_NOMATCH,
437 IPSET_ARG_PACKETS,
438 IPSET_ARG_BYTES,
439 IPSET_ARG_ADT_COMMENT,
440 IPSET_ARG_SKBMARK,
441 IPSET_ARG_SKBPRIO,
442 IPSET_ARG_SKBQUEUE,
443 IPSET_ARG_NONE,
444 },
445 .need = IPSET_FLAG(IPSET_OPT_IP)
446 | IPSET_FLAG(IPSET_OPT_IP2),
447 .full = IPSET_FLAG(IPSET_OPT_IP)
448 | IPSET_FLAG(IPSET_OPT_CIDR)
449 | IPSET_FLAG(IPSET_OPT_IP_TO)
450 | IPSET_FLAG(IPSET_OPT_IP2)
451 | IPSET_FLAG(IPSET_OPT_CIDR2)
452 | IPSET_FLAG(IPSET_OPT_IP2_TO),
453 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
454 },
455 [IPSET_DEL] = {
456 .args = {
457 IPSET_ARG_NONE,
458 },
459 .need = IPSET_FLAG(IPSET_OPT_IP)
460 | IPSET_FLAG(IPSET_OPT_IP2),
461 .full = IPSET_FLAG(IPSET_OPT_IP)
462 | IPSET_FLAG(IPSET_OPT_CIDR)
463 | IPSET_FLAG(IPSET_OPT_IP_TO)
464 | IPSET_FLAG(IPSET_OPT_IP2)
465 | IPSET_FLAG(IPSET_OPT_CIDR2)
466 | IPSET_FLAG(IPSET_OPT_IP2_TO),
467 .help = "IP[/CIDR]|FROM-TO,IP[/CIDR]|FROM-TO",
468 },
469 [IPSET_TEST] = {
470 .args = {
471 IPSET_ARG_NOMATCH,
472 IPSET_ARG_NONE,
473 },
474 .need = IPSET_FLAG(IPSET_OPT_IP)
475 | IPSET_FLAG(IPSET_OPT_IP2),
476 .full = IPSET_FLAG(IPSET_OPT_IP)
477 | IPSET_FLAG(IPSET_OPT_CIDR)
478 | IPSET_FLAG(IPSET_OPT_IP2)
479 | IPSET_FLAG(IPSET_OPT_CIDR2),
480 .help = "IP[/CIDR],IP[/CIDR]",
481 },
482 },
483 .usage = "where depending on the INET family\n"
484 " IP is an IPv4 or IPv6 address (or hostname),\n"
485 " CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
486 " IP range is not supported with IPv6.",
487 .description = "netmask and bitmask support",
488};
489
ab7c1721
OS		 490void _init(void);
491void _init(void)
492{
493 ipset_type_add(&ipset_hash_netnet0);
51ffda2e 494 ipset_type_add(&ipset_hash_netnet1);
d5835e4b 495 ipset_type_add(&ipset_hash_netnet2);
de340a7f 496 ipset_type_add(&ipset_hash_netnet3);
b1b2073e 497 ipset_type_add(&ipset_hash_netnet4);
ab7c1721 498}
Mirror of git://git.netfilter.org/ipset