[thirdparty/ipset.git] / lib / ipset_hash_netportnet.c

/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@netfilter.org)
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */
#include <libipset/data.h>			/* IPSET_OPT_* */
#include <libipset/parse.h>			/* parser functions */
#include <libipset/print.h>			/* printing functions */
#include <libipset/ipset.h>			/* ipset_port_usage */
#include <libipset/types.h>			/* prototypes */

/* initial revision */
static struct ipset_type ipset_hash_netportnet0 = {
	.name = "hash:net,port,net",
	.alias = { "netportnethash", NULL },
	.revision = 0,
	.family = NFPROTO_IPSET_IPV46,
	.dimension = IPSET_DIM_THREE,
	.elem = {
		[IPSET_DIM_ONE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP
		},
		[IPSET_DIM_TWO - 1] = {
			.parse = ipset_parse_proto_port,
			.print = ipset_print_proto_port,
			.opt = IPSET_OPT_PORT
		},
		[IPSET_DIM_THREE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP2
		},
	},
	.cmd = {
		[IPSET_CREATE] = {
			.args = {
				IPSET_ARG_FAMILY,
				/* Aliases */
				IPSET_ARG_INET,
				IPSET_ARG_INET6,
				IPSET_ARG_HASHSIZE,
				IPSET_ARG_MAXELEM,
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_COUNTERS,
				IPSET_ARG_COMMENT,
				IPSET_ARG_NONE,
			},
			.need = 0,
			.full = 0,
			.help = "",
		},
		[IPSET_ADD] = {
			.args = {
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_NOMATCH,
				IPSET_ARG_PACKETS,
				IPSET_ARG_BYTES,
				IPSET_ARG_ADT_COMMENT,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_DEL] = {
			.args = {
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_TEST] = {
			.args = {
				IPSET_ARG_NOMATCH,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
	},
	.usage = "where depending on the INET family\n"
		 "      IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
		 "      Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
		 "      in both IP components are supported for IPv4.\n"
		 "      Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
		 "      port range is supported both for IPv4 and IPv6.",
	.usagefn = ipset_port_usage,
	.description = "initial revision",
};

/* forceadd support */
static struct ipset_type ipset_hash_netportnet1 = {
	.name = "hash:net,port,net",
	.alias = { "netportnethash", NULL },
	.revision = 1,
	.family = NFPROTO_IPSET_IPV46,
	.dimension = IPSET_DIM_THREE,
	.elem = {
		[IPSET_DIM_ONE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP
		},
		[IPSET_DIM_TWO - 1] = {
			.parse = ipset_parse_proto_port,
			.print = ipset_print_proto_port,
			.opt = IPSET_OPT_PORT
		},
		[IPSET_DIM_THREE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP2
		},
	},
	.cmd = {
		[IPSET_CREATE] = {
			.args = {
				IPSET_ARG_FAMILY,
				/* Aliases */
				IPSET_ARG_INET,
				IPSET_ARG_INET6,
				IPSET_ARG_HASHSIZE,
				IPSET_ARG_MAXELEM,
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_COUNTERS,
				IPSET_ARG_COMMENT,
				IPSET_ARG_FORCEADD,
				IPSET_ARG_NONE,
			},
			.need = 0,
			.full = 0,
			.help = "",
		},
		[IPSET_ADD] = {
			.args = {
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_NOMATCH,
				IPSET_ARG_PACKETS,
				IPSET_ARG_BYTES,
				IPSET_ARG_ADT_COMMENT,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_DEL] = {
			.args = {
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_TEST] = {
			.args = {
				IPSET_ARG_NOMATCH,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
	},
	.usage = "where depending on the INET family\n"
		 "      IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
		 "      Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
		 "      in both IP components are supported for IPv4.\n"
		 "      Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
		 "      port range is supported both for IPv4 and IPv6.",
	.usagefn = ipset_port_usage,
	.description = "forceadd support",
};

/* skbinfo support */
static struct ipset_type ipset_hash_netportnet2 = {
	.name = "hash:net,port,net",
	.alias = { "netportnethash", NULL },
	.revision = 2,
	.family = NFPROTO_IPSET_IPV46,
	.dimension = IPSET_DIM_THREE,
	.elem = {
		[IPSET_DIM_ONE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP
		},
		[IPSET_DIM_TWO - 1] = {
			.parse = ipset_parse_proto_port,
			.print = ipset_print_proto_port,
			.opt = IPSET_OPT_PORT
		},
		[IPSET_DIM_THREE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP2
		},
	},
	.cmd = {
		[IPSET_CREATE] = {
			.args = {
				IPSET_ARG_FAMILY,
				/* Aliases */
				IPSET_ARG_INET,
				IPSET_ARG_INET6,
				IPSET_ARG_HASHSIZE,
				IPSET_ARG_MAXELEM,
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_COUNTERS,
				IPSET_ARG_COMMENT,
				IPSET_ARG_FORCEADD,
				IPSET_ARG_SKBINFO,
				IPSET_ARG_NONE,
			},
			.need = 0,
			.full = 0,
			.help = "",
		},
		[IPSET_ADD] = {
			.args = {
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_NOMATCH,
				IPSET_ARG_PACKETS,
				IPSET_ARG_BYTES,
				IPSET_ARG_ADT_COMMENT,
				IPSET_ARG_SKBMARK,
				IPSET_ARG_SKBPRIO,
				IPSET_ARG_SKBQUEUE,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_DEL] = {
			.args = {
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_TEST] = {
			.args = {
				IPSET_ARG_NOMATCH,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
	},
	.usage = "where depending on the INET family\n"
		 "      IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
		 "      Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
		 "      in both IP components are supported for IPv4.\n"
		 "      Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
		 "      port range is supported both for IPv4 and IPv6.",
	.usagefn = ipset_port_usage,
	.description = "skbinfo support",
};

/* bucketsize support */
static struct ipset_type ipset_hash_netportnet3 = {
	.name = "hash:net,port,net",
	.alias = { "netportnethash", NULL },
	.revision = 3,
	.family = NFPROTO_IPSET_IPV46,
	.dimension = IPSET_DIM_THREE,
	.elem = {
		[IPSET_DIM_ONE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP
		},
		[IPSET_DIM_TWO - 1] = {
			.parse = ipset_parse_proto_port,
			.print = ipset_print_proto_port,
			.opt = IPSET_OPT_PORT
		},
		[IPSET_DIM_THREE - 1] = {
			.parse = ipset_parse_ip4_net6,
			.print = ipset_print_ip,
			.opt = IPSET_OPT_IP2
		},
	},
	.cmd = {
		[IPSET_CREATE] = {
			.args = {
				IPSET_ARG_FAMILY,
				/* Aliases */
				IPSET_ARG_INET,
				IPSET_ARG_INET6,
				IPSET_ARG_HASHSIZE,
				IPSET_ARG_MAXELEM,
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_COUNTERS,
				IPSET_ARG_COMMENT,
				IPSET_ARG_FORCEADD,
				IPSET_ARG_SKBINFO,
				IPSET_ARG_BUCKETSIZE,
				IPSET_ARG_INITVAL,
				IPSET_ARG_NONE,
			},
			.need = 0,
			.full = 0,
			.help = "",
		},
		[IPSET_ADD] = {
			.args = {
				IPSET_ARG_TIMEOUT,
				IPSET_ARG_NOMATCH,
				IPSET_ARG_PACKETS,
				IPSET_ARG_BYTES,
				IPSET_ARG_ADT_COMMENT,
				IPSET_ARG_SKBMARK,
				IPSET_ARG_SKBPRIO,
				IPSET_ARG_SKBQUEUE,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_DEL] = {
			.args = {
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_PORT_TO)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP_TO)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2)
				| IPSET_FLAG(IPSET_OPT_IP2_TO),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
		[IPSET_TEST] = {
			.args = {
				IPSET_ARG_NOMATCH,
				IPSET_ARG_NONE,
			},
			.need = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_IP2),
			.full = IPSET_FLAG(IPSET_OPT_IP)
				| IPSET_FLAG(IPSET_OPT_PROTO)
				| IPSET_FLAG(IPSET_OPT_PORT)
				| IPSET_FLAG(IPSET_OPT_CIDR)
				| IPSET_FLAG(IPSET_OPT_IP2)
				| IPSET_FLAG(IPSET_OPT_CIDR2),
			.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
		},
	},
	.usage = "where depending on the INET family\n"
		 "      IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
		 "      CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
		 "      Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
		 "      in both IP components are supported for IPv4.\n"
		 "      Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
		 "      port range is supported both for IPv4 and IPv6.",
	.usagefn = ipset_port_usage,
	.description = "bucketsize, initval support",
};

void _init(void);
void _init(void)
{
	ipset_type_add(&ipset_hash_netportnet0);
	ipset_type_add(&ipset_hash_netportnet1);
	ipset_type_add(&ipset_hash_netportnet2);
	ipset_type_add(&ipset_hash_netportnet3);
}
Commit	Line	Data
0fdebb3b	1	/* Copyright 2007-2010 Jozsef Kadlecsik (kadlec@netfilter.org)
4e92e6ba OS	2	*
	3	* This program is free software; you can redistribute it and/or modify
	4	* it under the terms of the GNU General Public License version 2 as
	5	* published by the Free Software Foundation.
	6	*/
	7	#include <libipset/data.h> /* IPSET_OPT_* */
	8	#include <libipset/parse.h> /* parser functions */
	9	#include <libipset/print.h> /* printing functions */
55fdd96e	10	#include <libipset/ipset.h> /* ipset_port_usage */
4e92e6ba OS	11	#include <libipset/types.h> /* prototypes */
4e92e6ba OS	12
d71dd935	13	/* initial revision */
4e92e6ba OS	14	static struct ipset_type ipset_hash_netportnet0 = {
	15	.name = "hash:net,port,net",
	16	.alias = { "netportnethash", NULL },
	17	.revision = 0,
	18	.family = NFPROTO_IPSET_IPV46,
	19	.dimension = IPSET_DIM_THREE,
	20	.elem = {
	21	[IPSET_DIM_ONE - 1] = {
	22	.parse = ipset_parse_ip4_net6,
	23	.print = ipset_print_ip,
	24	.opt = IPSET_OPT_IP
	25	},
	26	[IPSET_DIM_TWO - 1] = {
	27	.parse = ipset_parse_proto_port,
	28	.print = ipset_print_proto_port,
	29	.opt = IPSET_OPT_PORT
	30	},
	31	[IPSET_DIM_THREE - 1] = {
	32	.parse = ipset_parse_ip4_net6,
	33	.print = ipset_print_ip,
	34	.opt = IPSET_OPT_IP2
	35	},
	36	},
d71dd935 JK	37	.cmd = {
	38	[IPSET_CREATE] = {
	39	.args = {
	40	IPSET_ARG_FAMILY,
	41	/* Aliases */
	42	IPSET_ARG_INET,
	43	IPSET_ARG_INET6,
	44	IPSET_ARG_HASHSIZE,
	45	IPSET_ARG_MAXELEM,
	46	IPSET_ARG_TIMEOUT,
	47	IPSET_ARG_COUNTERS,
	48	IPSET_ARG_COMMENT,
	49	IPSET_ARG_NONE,
	50	},
	51	.need = 0,
	52	.full = 0,
	53	.help = "",
	54	},
	55	[IPSET_ADD] = {
	56	.args = {
	57	IPSET_ARG_TIMEOUT,
	58	IPSET_ARG_NOMATCH,
	59	IPSET_ARG_PACKETS,
	60	IPSET_ARG_BYTES,
	61	IPSET_ARG_ADT_COMMENT,
	62	IPSET_ARG_NONE,
	63	},
	64	.need = IPSET_FLAG(IPSET_OPT_IP)
	65	\| IPSET_FLAG(IPSET_OPT_PROTO)
	66	\| IPSET_FLAG(IPSET_OPT_PORT)
	67	\| IPSET_FLAG(IPSET_OPT_IP2),
	68	.full = IPSET_FLAG(IPSET_OPT_IP)
	69	\| IPSET_FLAG(IPSET_OPT_PROTO)
	70	\| IPSET_FLAG(IPSET_OPT_PORT)
	71	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	72	\| IPSET_FLAG(IPSET_OPT_CIDR)
	73	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	74	\| IPSET_FLAG(IPSET_OPT_IP2)
	75	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	76	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
	77	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
	78	},
	79	[IPSET_DEL] = {
	80	.args = {
	81	IPSET_ARG_NONE,
	82	},
	83	.need = IPSET_FLAG(IPSET_OPT_IP)
	84	\| IPSET_FLAG(IPSET_OPT_PROTO)
	85	\| IPSET_FLAG(IPSET_OPT_PORT)
	86	\| IPSET_FLAG(IPSET_OPT_IP2),
	87	.full = IPSET_FLAG(IPSET_OPT_IP)
	88	\| IPSET_FLAG(IPSET_OPT_PROTO)
	89	\| IPSET_FLAG(IPSET_OPT_PORT)
	90	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	91	\| IPSET_FLAG(IPSET_OPT_CIDR)
	92	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	93	\| IPSET_FLAG(IPSET_OPT_IP2)
	94	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	95	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
	96	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
	97	},
	98	[IPSET_TEST] = {
	99	.args = {
	100	IPSET_ARG_NOMATCH,
101	IPSET_ARG_NONE,
102	},
103	.need = IPSET_FLAG(IPSET_OPT_IP)
104	\| IPSET_FLAG(IPSET_OPT_PROTO)
105	\| IPSET_FLAG(IPSET_OPT_PORT)
106	\| IPSET_FLAG(IPSET_OPT_IP2),
107	.full = IPSET_FLAG(IPSET_OPT_IP)
108	\| IPSET_FLAG(IPSET_OPT_PROTO)
109	\| IPSET_FLAG(IPSET_OPT_PORT)
110	\| IPSET_FLAG(IPSET_OPT_CIDR)
111	\| IPSET_FLAG(IPSET_OPT_IP2)
112	\| IPSET_FLAG(IPSET_OPT_CIDR2),
113	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
114	},
4e92e6ba	115	},
d71dd935 JK	116	.usage = "where depending on the INET family\n"
	117	" IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
	118	" CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
	119	" Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
	120	" in both IP components are supported for IPv4.\n"
	121	" Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
	122	" port range is supported both for IPv4 and IPv6.",
4e92e6ba OS	123	.usagefn = ipset_port_usage,
	124	.description = "initial revision",
	125	};
	126
d71dd935	127	/* forceadd support */
51ffda2e JH	128	static struct ipset_type ipset_hash_netportnet1 = {
	129	.name = "hash:net,port,net",
	130	.alias = { "netportnethash", NULL },
	131	.revision = 1,
	132	.family = NFPROTO_IPSET_IPV46,
	133	.dimension = IPSET_DIM_THREE,
	134	.elem = {
	135	[IPSET_DIM_ONE - 1] = {
	136	.parse = ipset_parse_ip4_net6,
	137	.print = ipset_print_ip,
	138	.opt = IPSET_OPT_IP
	139	},
	140	[IPSET_DIM_TWO - 1] = {
	141	.parse = ipset_parse_proto_port,
	142	.print = ipset_print_proto_port,
	143	.opt = IPSET_OPT_PORT
	144	},
	145	[IPSET_DIM_THREE - 1] = {
	146	.parse = ipset_parse_ip4_net6,
	147	.print = ipset_print_ip,
	148	.opt = IPSET_OPT_IP2
	149	},
	150	},
d71dd935 JK	151	.cmd = {
	152	[IPSET_CREATE] = {
	153	.args = {
	154	IPSET_ARG_FAMILY,
	155	/* Aliases */
	156	IPSET_ARG_INET,
	157	IPSET_ARG_INET6,
	158	IPSET_ARG_HASHSIZE,
	159	IPSET_ARG_MAXELEM,
	160	IPSET_ARG_TIMEOUT,
	161	IPSET_ARG_COUNTERS,
	162	IPSET_ARG_COMMENT,
	163	IPSET_ARG_FORCEADD,
	164	IPSET_ARG_NONE,
	165	},
	166	.need = 0,
	167	.full = 0,
	168	.help = "",
	169	},
	170	[IPSET_ADD] = {
	171	.args = {
	172	IPSET_ARG_TIMEOUT,
	173	IPSET_ARG_NOMATCH,
	174	IPSET_ARG_PACKETS,
	175	IPSET_ARG_BYTES,
	176	IPSET_ARG_ADT_COMMENT,
	177	IPSET_ARG_NONE,
	178	},
	179	.need = IPSET_FLAG(IPSET_OPT_IP)
	180	\| IPSET_FLAG(IPSET_OPT_PROTO)
	181	\| IPSET_FLAG(IPSET_OPT_PORT)
	182	\| IPSET_FLAG(IPSET_OPT_IP2),
	183	.full = IPSET_FLAG(IPSET_OPT_IP)
	184	\| IPSET_FLAG(IPSET_OPT_PROTO)
	185	\| IPSET_FLAG(IPSET_OPT_PORT)
	186	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	187	\| IPSET_FLAG(IPSET_OPT_CIDR)
	188	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	189	\| IPSET_FLAG(IPSET_OPT_IP2)
	190	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	191	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
	192	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
	193	},
	194	[IPSET_DEL] = {
	195	.args = {
	196	IPSET_ARG_NONE,
	197	},
	198	.need = IPSET_FLAG(IPSET_OPT_IP)
	199	\| IPSET_FLAG(IPSET_OPT_PROTO)
	200	\| IPSET_FLAG(IPSET_OPT_PORT)
	201	\| IPSET_FLAG(IPSET_OPT_IP2),
	202	.full = IPSET_FLAG(IPSET_OPT_IP)
	203	\| IPSET_FLAG(IPSET_OPT_PROTO)
	204	\| IPSET_FLAG(IPSET_OPT_PORT)
	205	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	206	\| IPSET_FLAG(IPSET_OPT_CIDR)
	207	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	208	\| IPSET_FLAG(IPSET_OPT_IP2)
	209	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	210	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
	211	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
	212	},
	213	[IPSET_TEST] = {
	214	.args = {
215	IPSET_ARG_NOMATCH,
216	IPSET_ARG_NONE,
217	},
218	.need = IPSET_FLAG(IPSET_OPT_IP)
219	\| IPSET_FLAG(IPSET_OPT_PROTO)
220	\| IPSET_FLAG(IPSET_OPT_PORT)
221	\| IPSET_FLAG(IPSET_OPT_IP2),
222	.full = IPSET_FLAG(IPSET_OPT_IP)
223	\| IPSET_FLAG(IPSET_OPT_PROTO)
224	\| IPSET_FLAG(IPSET_OPT_PORT)
225	\| IPSET_FLAG(IPSET_OPT_CIDR)
226	\| IPSET_FLAG(IPSET_OPT_IP2)
227	\| IPSET_FLAG(IPSET_OPT_CIDR2),
228	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
229	},
51ffda2e	230	},
d71dd935 JK	231	.usage = "where depending on the INET family\n"
	232	" IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
	233	" CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
	234	" Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
	235	" in both IP components are supported for IPv4.\n"
	236	" Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
	237	" port range is supported both for IPv4 and IPv6.",
51ffda2e JH	238	.usagefn = ipset_port_usage,
	239	.description = "forceadd support",
	240	};
	241
d71dd935	242	/* skbinfo support */
d5835e4b AD	243	static struct ipset_type ipset_hash_netportnet2 = {
	244	.name = "hash:net,port,net",
	245	.alias = { "netportnethash", NULL },
	246	.revision = 2,
	247	.family = NFPROTO_IPSET_IPV46,
	248	.dimension = IPSET_DIM_THREE,
	249	.elem = {
	250	[IPSET_DIM_ONE - 1] = {
	251	.parse = ipset_parse_ip4_net6,
	252	.print = ipset_print_ip,
	253	.opt = IPSET_OPT_IP
	254	},
	255	[IPSET_DIM_TWO - 1] = {
	256	.parse = ipset_parse_proto_port,
	257	.print = ipset_print_proto_port,
	258	.opt = IPSET_OPT_PORT
	259	},
	260	[IPSET_DIM_THREE - 1] = {
	261	.parse = ipset_parse_ip4_net6,
	262	.print = ipset_print_ip,
	263	.opt = IPSET_OPT_IP2
	264	},
	265	},
d71dd935 JK	266	.cmd = {
	267	[IPSET_CREATE] = {
	268	.args = {
	269	IPSET_ARG_FAMILY,
	270	/* Aliases */
	271	IPSET_ARG_INET,
	272	IPSET_ARG_INET6,
	273	IPSET_ARG_HASHSIZE,
	274	IPSET_ARG_MAXELEM,
	275	IPSET_ARG_TIMEOUT,
	276	IPSET_ARG_COUNTERS,
	277	IPSET_ARG_COMMENT,
	278	IPSET_ARG_FORCEADD,
	279	IPSET_ARG_SKBINFO,
	280	IPSET_ARG_NONE,
	281	},
	282	.need = 0,
	283	.full = 0,
	284	.help = "",
	285	},
	286	[IPSET_ADD] = {
	287	.args = {
	288	IPSET_ARG_TIMEOUT,
	289	IPSET_ARG_NOMATCH,
	290	IPSET_ARG_PACKETS,
	291	IPSET_ARG_BYTES,
	292	IPSET_ARG_ADT_COMMENT,
	293	IPSET_ARG_SKBMARK,
	294	IPSET_ARG_SKBPRIO,
	295	IPSET_ARG_SKBQUEUE,
	296	IPSET_ARG_NONE,
	297	},
	298	.need = IPSET_FLAG(IPSET_OPT_IP)
	299	\| IPSET_FLAG(IPSET_OPT_PROTO)
	300	\| IPSET_FLAG(IPSET_OPT_PORT)
	301	\| IPSET_FLAG(IPSET_OPT_IP2),
	302	.full = IPSET_FLAG(IPSET_OPT_IP)
	303	\| IPSET_FLAG(IPSET_OPT_PROTO)
	304	\| IPSET_FLAG(IPSET_OPT_PORT)
	305	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	306	\| IPSET_FLAG(IPSET_OPT_CIDR)
	307	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	308	\| IPSET_FLAG(IPSET_OPT_IP2)
	309	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	310	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
	311	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
	312	},
	313	[IPSET_DEL] = {
	314	.args = {
	315	IPSET_ARG_NONE,
	316	},
	317	.need = IPSET_FLAG(IPSET_OPT_IP)
	318	\| IPSET_FLAG(IPSET_OPT_PROTO)
	319	\| IPSET_FLAG(IPSET_OPT_PORT)
	320	\| IPSET_FLAG(IPSET_OPT_IP2),
	321	.full = IPSET_FLAG(IPSET_OPT_IP)
	322	\| IPSET_FLAG(IPSET_OPT_PROTO)
	323	\| IPSET_FLAG(IPSET_OPT_PORT)
	324	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	325	\| IPSET_FLAG(IPSET_OPT_CIDR)
	326	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	327	\| IPSET_FLAG(IPSET_OPT_IP2)
	328	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	329	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
330	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
331	},
332	[IPSET_TEST] = {
333	.args = {
334	IPSET_ARG_NOMATCH,
335	IPSET_ARG_NONE,
336	},
337	.need = IPSET_FLAG(IPSET_OPT_IP)
338	\| IPSET_FLAG(IPSET_OPT_PROTO)
339	\| IPSET_FLAG(IPSET_OPT_PORT)
340	\| IPSET_FLAG(IPSET_OPT_IP2),
341	.full = IPSET_FLAG(IPSET_OPT_IP)
342	\| IPSET_FLAG(IPSET_OPT_PROTO)
343	\| IPSET_FLAG(IPSET_OPT_PORT)
344	\| IPSET_FLAG(IPSET_OPT_CIDR)
345	\| IPSET_FLAG(IPSET_OPT_IP2)
346	\| IPSET_FLAG(IPSET_OPT_CIDR2),
347	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
348	},
d5835e4b	349	},
d71dd935 JK	350	.usage = "where depending on the INET family\n"
	351	" IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
	352	" CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
	353	" Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
	354	" in both IP components are supported for IPv4.\n"
	355	" Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
	356	" port range is supported both for IPv4 and IPv6.",
d5835e4b AD	357	.usagefn = ipset_port_usage,
	358	.description = "skbinfo support",
	359	};
	360
de340a7f JK	361	/* bucketsize support */
	362	static struct ipset_type ipset_hash_netportnet3 = {
	363	.name = "hash:net,port,net",
	364	.alias = { "netportnethash", NULL },
	365	.revision = 3,
	366	.family = NFPROTO_IPSET_IPV46,
	367	.dimension = IPSET_DIM_THREE,
	368	.elem = {
	369	[IPSET_DIM_ONE - 1] = {
	370	.parse = ipset_parse_ip4_net6,
	371	.print = ipset_print_ip,
	372	.opt = IPSET_OPT_IP
	373	},
	374	[IPSET_DIM_TWO - 1] = {
	375	.parse = ipset_parse_proto_port,
	376	.print = ipset_print_proto_port,
	377	.opt = IPSET_OPT_PORT
	378	},
	379	[IPSET_DIM_THREE - 1] = {
	380	.parse = ipset_parse_ip4_net6,
	381	.print = ipset_print_ip,
	382	.opt = IPSET_OPT_IP2
	383	},
	384	},
	385	.cmd = {
	386	[IPSET_CREATE] = {
	387	.args = {
	388	IPSET_ARG_FAMILY,
	389	/* Aliases */
	390	IPSET_ARG_INET,
	391	IPSET_ARG_INET6,
	392	IPSET_ARG_HASHSIZE,
	393	IPSET_ARG_MAXELEM,
	394	IPSET_ARG_TIMEOUT,
	395	IPSET_ARG_COUNTERS,
	396	IPSET_ARG_COMMENT,
	397	IPSET_ARG_FORCEADD,
	398	IPSET_ARG_SKBINFO,
	399	IPSET_ARG_BUCKETSIZE,
280fe2d4	400	IPSET_ARG_INITVAL,
de340a7f JK	401	IPSET_ARG_NONE,
	402	},
	403	.need = 0,
	404	.full = 0,
	405	.help = "",
	406	},
	407	[IPSET_ADD] = {
	408	.args = {
	409	IPSET_ARG_TIMEOUT,
	410	IPSET_ARG_NOMATCH,
	411	IPSET_ARG_PACKETS,
	412	IPSET_ARG_BYTES,
	413	IPSET_ARG_ADT_COMMENT,
	414	IPSET_ARG_SKBMARK,
	415	IPSET_ARG_SKBPRIO,
	416	IPSET_ARG_SKBQUEUE,
	417	IPSET_ARG_NONE,
	418	},
	419	.need = IPSET_FLAG(IPSET_OPT_IP)
	420	\| IPSET_FLAG(IPSET_OPT_PROTO)
	421	\| IPSET_FLAG(IPSET_OPT_PORT)
	422	\| IPSET_FLAG(IPSET_OPT_IP2),
	423	.full = IPSET_FLAG(IPSET_OPT_IP)
	424	\| IPSET_FLAG(IPSET_OPT_PROTO)
	425	\| IPSET_FLAG(IPSET_OPT_PORT)
	426	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	427	\| IPSET_FLAG(IPSET_OPT_CIDR)
	428	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	429	\| IPSET_FLAG(IPSET_OPT_IP2)
	430	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	431	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
	432	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
	433	},
	434	[IPSET_DEL] = {
	435	.args = {
	436	IPSET_ARG_NONE,
	437	},
	438	.need = IPSET_FLAG(IPSET_OPT_IP)
	439	\| IPSET_FLAG(IPSET_OPT_PROTO)
	440	\| IPSET_FLAG(IPSET_OPT_PORT)
	441	\| IPSET_FLAG(IPSET_OPT_IP2),
	442	.full = IPSET_FLAG(IPSET_OPT_IP)
	443	\| IPSET_FLAG(IPSET_OPT_PROTO)
	444	\| IPSET_FLAG(IPSET_OPT_PORT)
	445	\| IPSET_FLAG(IPSET_OPT_PORT_TO)
	446	\| IPSET_FLAG(IPSET_OPT_CIDR)
	447	\| IPSET_FLAG(IPSET_OPT_IP_TO)
	448	\| IPSET_FLAG(IPSET_OPT_IP2)
	449	\| IPSET_FLAG(IPSET_OPT_CIDR2)
	450	\| IPSET_FLAG(IPSET_OPT_IP2_TO),
	451	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
	452	},
	453	[IPSET_TEST] = {
	454	.args = {
	455	IPSET_ARG_NOMATCH,
	456	IPSET_ARG_NONE,
	457	},
	458	.need = IPSET_FLAG(IPSET_OPT_IP)
	459	\| IPSET_FLAG(IPSET_OPT_PROTO)
	460	\| IPSET_FLAG(IPSET_OPT_PORT)
	461	\| IPSET_FLAG(IPSET_OPT_IP2),
	462	.full = IPSET_FLAG(IPSET_OPT_IP)
	463	\| IPSET_FLAG(IPSET_OPT_PROTO)
	464	\| IPSET_FLAG(IPSET_OPT_PORT)
465	\| IPSET_FLAG(IPSET_OPT_CIDR)
466	\| IPSET_FLAG(IPSET_OPT_IP2)
467	\| IPSET_FLAG(IPSET_OPT_CIDR2),
468	.help = "IP[/CIDR],[PROTO:]PORT,IP[/CIDR]",
469	},
470	},
471	.usage = "where depending on the INET family\n"
472	" IP are valid IPv4 or IPv6 addresses (or hostnames),\n"
473	" CIDR is a valid IPv4 or IPv6 CIDR prefix.\n"
474	" Adding/deleting multiple elements in IP/CIDR or FROM-TO form\n"
475	" in both IP components are supported for IPv4.\n"
476	" Adding/deleting multiple elements with TCP/SCTP/UDP/UDPLITE\n"
477	" port range is supported both for IPv4 and IPv6.",
478	.usagefn = ipset_port_usage,
280fe2d4	479	.description = "bucketsize, initval support",
de340a7f JK	480	};
de340a7f JK	481
4e92e6ba OS	482	void _init(void);
	483	void _init(void)
	484	{
	485	ipset_type_add(&ipset_hash_netportnet0);
51ffda2e	486	ipset_type_add(&ipset_hash_netportnet1);
d5835e4b	487	ipset_type_add(&ipset_hash_netportnet2);
de340a7f	488	ipset_type_add(&ipset_hash_netportnet3);
4e92e6ba	489	}