Add a new parameter to complement the existing 'netmask' option. The main difference between netmask and bitmask is that bitmask takes any arbitrary ip address as input, it does not have to be a valid netmask. The name of the new parameter is 'bitmask'. This lets us mask out arbitrary bits in the ip address, for example: ipset create set1 hash:ip bitmask 255.128.255.0 ipset create set2 hash:ip,port family inet6 bitmask ffff::ff80 This patchset contains userspace patches, I will submit the kernel patch separately. include/libipset/args.h | 1 + include/libipset/data.h | 6 ++++-- include/libipset/linux_ip_set.h | 1 + include/libipset/nf_inet_addr.h | 9 +-------- include/libipset/nfproto.h | 15 +-------------- include/libipset/parse.h | 2 ++ lib/args.c | 8 ++++++++ lib/data.c | 10 ++++++++++ lib/debug.c | 1 + lib/ipset_hash_ip.c | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ lib/ipset_hash_ipport.c | 108 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ lib/ipset_hash_netnet.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ lib/parse.c | 37 +++++++++++++++++++++++++++++++++++++ lib/print.c | 3 ++- lib/session.c | 8 ++++++++ src/ipset.8 | 33 ++++++++++++++++++++++++++++++--- 16 files changed, 401 insertions(+), 28 deletions(-) Signed-off-by: Vishwanath Pai <vpai@xxxxxxxxxx> Signed-off-by: Joshua Hunt <johunt@xxxxxxxxxx>
