diff options
| author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-06-16 18:56:47 +0200 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2011-06-16 18:56:47 +0200 |
| commit | b66554cf03fe866b3fb7b9f40f430b8ba09f41c8 (patch) | |
| tree | 14797f02748576a30284c3d7b545fe05fbbf05d4 /net/netfilter/ipset/ip_set_core.c | |
| parent | e6146e8684ed6dd4c0ff85ca21bf4324114fbbfa (diff) | |
netfilter: ipset: add xt_action_param to the variant level kadt functions, ipset API change
With the change the sets can use any parameter available for the match
and target extensions, like input/output interface. It's required for
the hash:net,iface set type.
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter/ipset/ip_set_core.c')
| -rw-r--r-- | net/netfilter/ipset/ip_set_core.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 6a82cc0c9e00..64e7b04759a7 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -21,6 +21,7 @@ #include <net/netlink.h> #include <linux/netfilter.h> +#include <linux/netfilter/x_tables.h> #include <linux/netfilter/nfnetlink.h> #include <linux/netfilter/ipset/ip_set.h> @@ -328,6 +329,7 @@ __ip_set_put(ip_set_id_t index) int ip_set_test(ip_set_id_t index, const struct sk_buff *skb, + const struct xt_action_param *par, const struct ip_set_adt_opt *opt) { struct ip_set *set = ip_set_list[index]; @@ -341,14 +343,14 @@ ip_set_test(ip_set_id_t index, const struct sk_buff *skb, return 0; read_lock_bh(&set->lock); - ret = set->variant->kadt(set, skb, IPSET_TEST, opt); + ret = set->variant->kadt(set, skb, par, IPSET_TEST, opt); read_unlock_bh(&set->lock); if (ret == -EAGAIN) { /* Type requests element to be completed */ pr_debug("element must be competed, ADD is triggered\n"); write_lock_bh(&set->lock); - set->variant->kadt(set, skb, IPSET_ADD, opt); + set->variant->kadt(set, skb, par, IPSET_ADD, opt); write_unlock_bh(&set->lock); ret = 1; } @@ -360,6 +362,7 @@ EXPORT_SYMBOL_GPL(ip_set_test); int ip_set_add(ip_set_id_t index, const struct sk_buff *skb, + const struct xt_action_param *par, const struct ip_set_adt_opt *opt) { struct ip_set *set = ip_set_list[index]; @@ -373,7 +376,7 @@ ip_set_add(ip_set_id_t index, const struct sk_buff *skb, return 0; write_lock_bh(&set->lock); - ret = set->variant->kadt(set, skb, IPSET_ADD, opt); + ret = set->variant->kadt(set, skb, par, IPSET_ADD, opt); write_unlock_bh(&set->lock); return ret; @@ -382,6 +385,7 @@ EXPORT_SYMBOL_GPL(ip_set_add); int ip_set_del(ip_set_id_t index, const struct sk_buff *skb, + const struct xt_action_param *par, const struct ip_set_adt_opt *opt) { struct ip_set *set = ip_set_list[index]; @@ -395,7 +399,7 @@ ip_set_del(ip_set_id_t index, const struct sk_buff *skb, return 0; write_lock_bh(&set->lock); - ret = set->variant->kadt(set, skb, IPSET_DEL, opt); + ret = set->variant->kadt(set, skb, par, IPSET_DEL, opt); write_unlock_bh(&set->lock); return ret; |