Also add comments for unnamed rules

[project/firewall3.git] / ipsets.h

diff --git a/ipsets.h b/ipsets.h
index 49c6e66..9704177 100644 (file)
--- a/ipsets.h
+++ b/ipsets.h
@@ -19,32 +19,24 @@
 #ifndef __FW3_IPSETS_H
 #define __FW3_IPSETS_H
 
 #ifndef __FW3_IPSETS_H
 #define __FW3_IPSETS_H
 

+#include <linux/netfilter/ipset/ip_set.h>
+

 #include "options.h"
 #include "utils.h"
 
 #include "options.h"
 #include "utils.h"
 

-enum fw3_ipset_opts {
-       FW3_IPSET_OPT_IPRANGE   = (1 << 0),
-       FW3_IPSET_OPT_PORTRANGE = (1 << 1),
-       FW3_IPSET_OPT_NETMASK   = (1 << 2),
-       FW3_IPSET_OPT_HASHSIZE  = (1 << 3),
-       FW3_IPSET_OPT_MAXELEM   = (1 << 4),
-       FW3_IPSET_OPT_FAMILY    = (1 << 5),
-};
-
-struct fw3_ipset_settype {
-       enum fw3_ipset_method method;
-       uint32_t types;
-       uint8_t required;
-       uint8_t optional;
-};

 
 

+extern const struct fw3_option fw3_ipset_opts[];
+
+struct fw3_ipset * fw3_alloc_ipset(void);

 void fw3_load_ipsets(struct fw3_state *state, struct uci_package *p);
 void fw3_create_ipsets(struct fw3_state *state);
 void fw3_load_ipsets(struct fw3_state *state, struct uci_package *p);
 void fw3_create_ipsets(struct fw3_state *state);

+void fw3_destroy_ipsets(struct fw3_state *state);

 
 

-void fw3_destroy_ipsets(struct list_head *statefile);
+struct fw3_ipset * fw3_lookup_ipset(struct fw3_state *state, const char *name);

 
 

-void fw3_free_ipset(struct fw3_ipset *ipset);
+bool fw3_check_ipset(struct fw3_ipset *set);

 
 

-struct fw3_ipset * fw3_lookup_ipset(struct fw3_state *state, const char *name);
+#define fw3_free_ipset(ipset) \
+       fw3_free_object(ipset, fw3_ipset_opts)

 
 #endif
 
 #endif