summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2013-09-07 00:10:07 +0200
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2013-09-30 21:33:27 +0200
commitca134ce86451f3f5ac45ffbf1494a1f42110bf93 (patch)
tree6968a9a693a6c77ad98c4bb600bd5167b8a0e16a /include
parentf925f7056920213889c5e61445f9529f1a86ae41 (diff)
netfilter: ipset: Move extension data to set structure
Default timeout and extension offsets are moved to struct set, because all set types supports all extensions and it makes possible to generalize extension support. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter/ipset/ip_set.h29
-rw-r--r--include/linux/netfilter/ipset/ip_set_timeout.h4
2 files changed, 22 insertions, 11 deletions
diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h
index b4db7912bf0d..992a2f58dbd3 100644
--- a/include/linux/netfilter/ipset/ip_set.h
+++ b/include/linux/netfilter/ipset/ip_set.h
@@ -72,6 +72,16 @@ struct ip_set_ext {
u32 timeout;
};
+struct ip_set_counter {
+ atomic64_t bytes;
+ atomic64_t packets;
+};
+
+#define ext_timeout(e, s) \
+(unsigned long *)(((void *)(e)) + (s)->offset[IPSET_EXT_ID_TIMEOUT])
+#define ext_counter(e, s) \
+(struct ip_set_counter *)(((void *)(e)) + (s)->offset[IPSET_EXT_ID_COUNTER])
+
struct ip_set;
typedef int (*ipset_adtfn)(struct ip_set *set, void *value,
@@ -179,15 +189,16 @@ struct ip_set {
u8 revision;
/* Extensions */
u8 extensions;
+ /* Default timeout value, if enabled */
+ u32 timeout;
+ /* Element data size */
+ size_t dsize;
+ /* Offsets to extensions in elements */
+ size_t offset[IPSET_EXT_ID_MAX];
/* The type specific data */
void *data;
};
-struct ip_set_counter {
- atomic64_t bytes;
- atomic64_t packets;
-};
-
static inline void
ip_set_add_bytes(u64 bytes, struct ip_set_counter *counter)
{
@@ -390,13 +401,13 @@ bitmap_bytes(u32 a, u32 b)
#include <linux/netfilter/ipset/ip_set_timeout.h>
-#define IP_SET_INIT_KEXT(skb, opt, map) \
+#define IP_SET_INIT_KEXT(skb, opt, set) \
{ .bytes = (skb)->len, .packets = 1, \
- .timeout = ip_set_adt_opt_timeout(opt, map) }
+ .timeout = ip_set_adt_opt_timeout(opt, set) }
-#define IP_SET_INIT_UEXT(map) \
+#define IP_SET_INIT_UEXT(set) \
{ .bytes = ULLONG_MAX, .packets = ULLONG_MAX, \
- .timeout = (map)->timeout }
+ .timeout = (set)->timeout }
#define IP_SET_INIT_CIDR(a, b) ((a) ? (a) : (b))
diff --git a/include/linux/netfilter/ipset/ip_set_timeout.h b/include/linux/netfilter/ipset/ip_set_timeout.h
index 3aac04167ca7..83c2f9e0886c 100644
--- a/include/linux/netfilter/ipset/ip_set_timeout.h
+++ b/include/linux/netfilter/ipset/ip_set_timeout.h
@@ -23,8 +23,8 @@
/* Set is defined with timeout support: timeout value may be 0 */
#define IPSET_NO_TIMEOUT UINT_MAX
-#define ip_set_adt_opt_timeout(opt, map) \
-((opt)->ext.timeout != IPSET_NO_TIMEOUT ? (opt)->ext.timeout : (map)->timeout)
+#define ip_set_adt_opt_timeout(opt, set) \
+((opt)->ext.timeout != IPSET_NO_TIMEOUT ? (opt)->ext.timeout : (set)->timeout)
static inline unsigned int
ip_set_timeout_uget(struct nlattr *tb)