projects
/
project
/
firewall3.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c9092f2
)
remove ip range list hack since fw3_address can now represent true ranges
author
Jo-Philipp Wich
<jow@openwrt.org>
Thu, 21 Feb 2013 18:45:19 +0000
(19:45 +0100)
committer
Jo-Philipp Wich
<jow@openwrt.org>
Thu, 21 Feb 2013 18:51:16 +0000
(19:51 +0100)
ipsets.c
patch
|
blob
|
history
options.h
patch
|
blob
|
history
diff --git
a/ipsets.c
b/ipsets.c
index
e2c8575
..
a720172
100644
(file)
--- a/
ipsets.c
+++ b/
ipsets.c
@@
-26,7
+26,7
@@
const struct fw3_option fw3_ipset_opts[] = {
FW3_OPT("storage", ipset_method, ipset, method),
FW3_LIST("match", ipset_datatype, ipset, datatypes),
FW3_OPT("storage", ipset_method, ipset, method),
FW3_LIST("match", ipset_datatype, ipset, datatypes),
- FW3_
LIST("iprange",
address, ipset, iprange),
+ FW3_
OPT("iprange",
address, ipset, iprange),
FW3_OPT("portrange", port, ipset, portrange),
FW3_OPT("netmask", int, ipset, netmask),
FW3_OPT("portrange", port, ipset, portrange),
FW3_OPT("netmask", int, ipset, netmask),
@@
-136,7
+136,7
@@
check_types(struct uci_element *e, struct fw3_ipset *ipset)
if (!ipset->external || !*ipset->external)
{
if ((ipset_types[i].required & OPT_IPRANGE) &&
if (!ipset->external || !*ipset->external)
{
if ((ipset_types[i].required & OPT_IPRANGE) &&
-
list_empty(&ipset->iprange)
)
+
!ipset->iprange.set
)
{
warn_elem(e, "requires an ip range");
return false;
{
warn_elem(e, "requires an ip range");
return false;
@@
-150,17
+150,17
@@
check_types(struct uci_element *e, struct fw3_ipset *ipset)
}
if (!(ipset_types[i].required & OPT_IPRANGE) &&
}
if (!(ipset_types[i].required & OPT_IPRANGE) &&
-
!list_empty(&ipset->iprange)
)
+
ipset->iprange.set
)
{
warn_elem(e, "iprange ignored");
{
warn_elem(e, "iprange ignored");
-
fw3_free_list(&ipset->iprange)
;
+
ipset->iprange.set = false
;
}
if (!(ipset_types[i].required & OPT_PORTRANGE) &&
ipset->portrange.set)
{
warn_elem(e, "portrange ignored");
}
if (!(ipset_types[i].required & OPT_PORTRANGE) &&
ipset->portrange.set)
{
warn_elem(e, "portrange ignored");
-
memset(&ipset->portrange, 0, sizeof(ipset->portrange))
;
+
ipset->portrange.set = false
;
}
if (!(ipset_types[i].optional & OPT_NETMASK) &&
}
if (!(ipset_types[i].optional & OPT_NETMASK) &&
@@
-213,7
+213,6
@@
fw3_alloc_ipset(void)
memset(ipset, 0, sizeof(*ipset));
INIT_LIST_HEAD(&ipset->datatypes);
memset(ipset, 0, sizeof(*ipset));
INIT_LIST_HEAD(&ipset->datatypes);
- INIT_LIST_HEAD(&ipset->iprange);
return ipset;
}
return ipset;
}
@@
-274,7
+273,7
@@
create_ipset(struct fw3_ipset *ipset, struct fw3_state *state)
char s[INET6_ADDRSTRLEN];
struct fw3_ipset_datatype *type;
char s[INET6_ADDRSTRLEN];
struct fw3_ipset_datatype *type;
- struct fw3_address *a
1, *a2
;
+ struct fw3_address *a;
const char *methods[] = {
"(bug)",
const char *methods[] = {
"(bug)",
@@
-306,29
+305,26
@@
create_ipset(struct fw3_ipset *ipset, struct fw3_state *state)
first = false;
}
first = false;
}
- if (
!list_empty(&ipset->iprange)
)
+ if (
ipset->iprange.set
)
{
{
- a1 = list_first_entry(&ipset->iprange, struct fw3_address, list);
- a2 = list_last_entry(&ipset->iprange, struct fw3_address, list);
+ a = &ipset->iprange;
- if (
a1 == a2
)
+ if (
!a->range
)
{
{
- inet_ntop(a
1
->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6,
- &a
1
->address.v6, s, sizeof(s));
+ inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6,
+ &a->address.v6, s, sizeof(s));
- fw3_pr(" range %s/%u", s, a
1
->mask);
+ fw3_pr(" range %s/%u", s, a->mask);
}
}
- else if (a1->family == a2->family &&
- fw3_is_family(ipset, a1->family) &&
- fw3_is_family(ipset, a2->family))
+ else
{
{
- inet_ntop(a
1
->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6,
- &a
1
->address.v6, s, sizeof(s));
+ inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6,
+ &a->address.v6, s, sizeof(s));
fw3_pr(" range %s", s);
fw3_pr(" range %s", s);
- inet_ntop(a
2
->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6,
- &a
2->address
.v6, s, sizeof(s));
+ inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6,
+ &a
->address2
.v6, s, sizeof(s));
fw3_pr("-%s", s);
}
fw3_pr("-%s", s);
}
diff --git
a/options.h
b/options.h
index
f62f0de
..
2209cbe
100644
(file)
--- a/
options.h
+++ b/
options.h
@@
-355,7
+355,7
@@
struct fw3_ipset
enum fw3_ipset_method method;
struct list_head datatypes;
enum fw3_ipset_method method;
struct list_head datatypes;
- struct
list_head
iprange;
+ struct
fw3_address
iprange;
struct fw3_port portrange;
int netmask;
struct fw3_port portrange;
int netmask;