diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-10-09 20:52:28 +0300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-11-07 03:00:31 +0300 |
commit | ba0e4d9917b43dfa746cbbcb4477da59aae73bd6 (patch) | |
tree | b8665d2f2be0764277f19fb0a45c59dff4650259 /net/netfilter/nft_set_bitmap.c | |
parent | 644e334eeec01a25138b62ebd576b3a798183c7c (diff) | |
download | linux-ba0e4d9917b43dfa746cbbcb4477da59aae73bd6.tar.xz |
netfilter: nf_tables: get set elements via netlink
This patch adds a new get operation to look up for specific elements in
a set via netlink interface. You can also use it to check if an interval
already exists.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nft_set_bitmap.c')
-rw-r--r-- | net/netfilter/nft_set_bitmap.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/net/netfilter/nft_set_bitmap.c b/net/netfilter/nft_set_bitmap.c index 734989c40579..45fb2752fb63 100644 --- a/net/netfilter/nft_set_bitmap.c +++ b/net/netfilter/nft_set_bitmap.c @@ -106,6 +106,23 @@ nft_bitmap_elem_find(const struct nft_set *set, struct nft_bitmap_elem *this, return NULL; } +static void *nft_bitmap_get(const struct net *net, const struct nft_set *set, + const struct nft_set_elem *elem, unsigned int flags) +{ + const struct nft_bitmap *priv = nft_set_priv(set); + u8 genmask = nft_genmask_cur(net); + struct nft_bitmap_elem *be; + + list_for_each_entry_rcu(be, &priv->list, head) { + if (memcmp(nft_set_ext_key(&be->ext), elem->key.val.data, set->klen) || + !nft_set_elem_active(&be->ext, genmask)) + continue; + + return be; + } + return ERR_PTR(-ENOENT); +} + static int nft_bitmap_insert(const struct net *net, const struct nft_set *set, const struct nft_set_elem *elem, struct nft_set_ext **ext) @@ -294,6 +311,7 @@ static struct nft_set_ops nft_bitmap_ops __read_mostly = { .activate = nft_bitmap_activate, .lookup = nft_bitmap_lookup, .walk = nft_bitmap_walk, + .get = nft_bitmap_get, }; static struct nft_set_type nft_bitmap_type __read_mostly = { |