git.ipfire.org Git - thirdparty/ipset.git/commit

]> git.ipfire.org Git - thirdparty/ipset.git/commit

projects / thirdparty / ipset.git / commit

author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
	Fri, 21 Sep 2012 19:03:24 +0000 (21:03 +0200)
committer	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
	Fri, 21 Sep 2012 19:03:24 +0000 (21:03 +0200)
commit	3a3794573386d0cb2930a9daad5615036c06f4e2
tree	52dc8066bff6301af9910a47f8e235336f77e8a8	tree
parent	3578220cf27c3e7017dd8af6b17c08218cf632d0	commit \| diff

Support to match elements marked with "nomatch" in hash:*net* sets

Exceptions can now be matched and we can branch according to the
possible cases:

a. match in the set if the element is not flagged as "nomatch"
b. match in the set if the element is flagged with "nomatch"
c. no match

i.e.

iptables ... -m set --match-set ... -j ...
iptables ... -m set --match-set ... --nomatch-entries -j ...
...

include/libipset/linux_ip_set.h		diff \| blob \| blame \| history
kernel/include/linux/netfilter/ipset/ip_set.h		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_core.c		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_hash_ipportnet.c		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_hash_net.c		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_hash_netiface.c		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_hash_netport.c		diff \| blob \| blame \| history
kernel/net/netfilter/xt_set.c		diff \| blob \| blame \| history
tests/iptables.sh		diff \| blob \| blame \| history
tests/match_flags.t	[new file with mode: 0644]	blob
tests/runtest.sh		diff \| blob \| blame \| history

Mirror of git://git.netfilter.org/ipset

RSS Atom