X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=ipsets.h;h=2ba862dbba0c8d0c70f53bdcd3f771d8caab431d;hp=410c712f117fa9ae41b555f005886bd9901c448f;hb=3d2c18a91bb7cd5f3c0dec7fecf3008934de170b;hpb=275a37dbf280bd471ebb2c673267c49a81071bbb

diff --git a/ipsets.h b/ipsets.h
index 410c712..2ba862d 100644
--- a/ipsets.h
+++ b/ipsets.h
@@ -1,7 +1,7 @@
 /*
  * firewall3 - 3rd OpenWrt UCI firewall implementation
  *
- *   Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
+ *   Copyright (C) 2013 Jo-Philipp Wich <jo@mein.io>
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -19,33 +19,52 @@
 #ifndef __FW3_IPSETS_H
 #define __FW3_IPSETS_H
 
+#include <linux/netfilter/ipset/ip_set.h>
+
 #include "options.h"
 #include "utils.h"
 
-enum fw3_ipset_opts {
-	FW3_IPSET_OPT_IPRANGE   = (1 << 0),
-	FW3_IPSET_OPT_PORTRANGE = (1 << 1),
-	FW3_IPSET_OPT_NETMASK   = (1 << 2),
-	FW3_IPSET_OPT_HASHSIZE  = (1 << 3),
-	FW3_IPSET_OPT_MAXELEM   = (1 << 4),
-	FW3_IPSET_OPT_FAMILY    = (1 << 5),
-};
 
-struct fw3_ipset_settype {
-	enum fw3_ipset_method method;
-	uint32_t types;
-	uint8_t required;
-	uint8_t optional;
-};
+extern const struct fw3_option fw3_ipset_opts[];
 
-struct fw3_ipset * fw3_alloc_ipset(void);
-void fw3_load_ipsets(struct fw3_state *state, struct uci_package *p);
+void fw3_load_ipsets(struct fw3_state *state, struct uci_package *p, struct blob_attr *a);
 void fw3_create_ipsets(struct fw3_state *state);
 void fw3_destroy_ipsets(struct fw3_state *state);
 
-void fw3_free_ipset(struct fw3_ipset *ipset);
+struct fw3_ipset * fw3_lookup_ipset(struct fw3_state *state, const char *name);
+
+bool fw3_check_ipset(struct fw3_ipset *set);
+
+static inline void fw3_free_ipset(struct fw3_ipset *ipset)
+{
+	list_del(&ipset->list);
+	fw3_free_object(ipset, fw3_ipset_opts);
+}
+
+#ifndef SO_IP_SET
+
+#define SO_IP_SET           83
+#define IPSET_MAXNAMELEN    32
+#define IPSET_INVALID_ID    65535
+
+union ip_set_name_index {
+    char name[IPSET_MAXNAMELEN];
+    uint16_t index;
+};
+
+#define IP_SET_OP_GET_BYNAME    0x00000006
+struct ip_set_req_get_set {
+    uint32_t op;
+    uint32_t version;
+    union ip_set_name_index set;
+};
+
+#define IP_SET_OP_VERSION       0x00000100
+struct ip_set_req_version {
+    uint32_t op;
+    uint32_t version;
+};
 
-struct fw3_ipset * fw3_lookup_ipset(struct fw3_state *state, const char *name,
-                                    bool running);
+#endif /* SO_IP_SET */
 
 #endif