Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
include/xtables.h.in | 2 ++
xtoptions.c | 41 +++++++++++++++++++++++++++--------------
2 files changed, 29 insertions(+), 14 deletions(-)
diff --git a/include/xtables.h.in b/include/xtables.h.in
index c9ad523..9bb4235 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -65,6 +65,7 @@ struct in_addr;
* %XTTYPE_PORT_NE: 16-bit port name or number, stored as network-endian
* %XTTYPE_PORTRC: colon-separated port range (names acceptable)
* %XTTYPE_PORTRC_NE: same as %XTTYPE_PORTRC, stored in network-endian
+ * %XTTYPE_PLEN: prefix length
* %XTTYPE_PLENMASK: prefix length (ptr: union nf_inet_addr)
*/
enum xt_option_type {
@@ -87,6 +88,7 @@ enum xt_option_type {
XTTYPE_PORT_NE,
XTTYPE_PORTRC,
XTTYPE_PORTRC_NE,
+ XTTYPE_PLEN,
XTTYPE_PLENMASK,
};
diff --git a/xtoptions.c b/xtoptions.c
index 29d05d5..3cc2e0c 100644
--- a/xtoptions.c
+++ b/xtoptions.c
@@ -569,14 +569,12 @@ static void xtopt_parse_mport(struct xt_option_call *cb)
/**
* Parse an integer and ensure it is within the address family's prefix length
- * limits. The result is stored in @cb->val.hmask and @cb->val.hlen. If
- * %XTOPT_PUT is used, hmask will be copied to the pointed-to area.
+ * limits. The result is stored in @cb->val.hlen.
*/
-static void xtopt_parse_plenmask(struct xt_option_call *cb)
+static void xtopt_parse_plen(struct xt_option_call *cb)
{
const struct xt_option_entry *entry = cb->entry;
- uint32_t *mask = cb->val.hmask.all;
- unsigned int prefix_len = 128;
+ unsigned int prefix_len = 128; /* happiness is a warm gcc */
cb->val.hlen = (afinfo->family == NFPROTO_IPV4) ? 32 : 128;
if (!xtables_strtoui(cb->arg, NULL, &prefix_len, 0, cb->val.hlen))
@@ -586,21 +584,35 @@ static void xtopt_parse_plenmask(struct xt_option_call *cb)
cb->ext_name, entry->name, 0, cb->val.hlen);
cb->val.hlen = prefix_len;
+}
+
+/**
+ * Reuse xtopt_parse_plen for testing the integer. Afterwards convert this to
+ * a bitmask, and make it available through @cb->val.hmask (hlen remains
+ * valid). If %XTOPT_PUT is used, hmask will be copied to the target area.
+ */
+static void xtopt_parse_plenmask(struct xt_option_call *cb)
+{
+ const struct xt_option_entry *entry = cb->entry;
+ uint32_t *mask = cb->val.hmask.all;
+
+ xtopt_parse_plen(cb);
+
memset(mask, 0xFF, sizeof(union nf_inet_addr));
/* This shifting is AF-independent. */
- if (prefix_len == 0) {
+ if (cb->val.hlen == 0) {
mask[0] = mask[1] = mask[2] = mask[3] = 0;
- } else if (prefix_len <= 32) {
- mask[0] <<= 32 - prefix_len;
+ } else if (cb->val.hlen <= 32) {
+ mask[0] <<= 32 - cb->val.hlen;
mask[1] = mask[2] = mask[3] = 0;
- } else if (prefix_len <= 64) {
- mask[1] <<= 32 - (prefix_len - 32);
+ } else if (cb->val.hlen <= 64) {
+ mask[1] <<= 32 - (cb->val.hlen - 32);
mask[2] = mask[3] = 0;
- } else if (prefix_len <= 96) {
- mask[2] <<= 32 - (prefix_len - 64);
+ } else if (cb->val.hlen <= 96) {
+ mask[2] <<= 32 - (cb->val.hlen - 64);
mask[3] = 0;
- } else if (prefix_len <= 128) {
- mask[3] <<= 32 - (prefix_len - 96);
+ } else if (cb->val.hlen <= 128) {
+ mask[3] <<= 32 - (cb->val.hlen - 96);
}
mask[0] = htonl(mask[0]);
mask[1] = htonl(mask[1]);
@@ -629,6 +641,7 @@ static void (*const xtopt_subparse[])(struct xt_option_call *) = {
[XTTYPE_PORT_NE] = xtopt_parse_port,
[XTTYPE_PORTRC] = xtopt_parse_mport,
[XTTYPE_PORTRC_NE] = xtopt_parse_mport,
+ [XTTYPE_PLEN] = xtopt_parse_plen,
[XTTYPE_PLENMASK] = xtopt_parse_plenmask,
};
--
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
