netfilter: ipset: Make possible to test elements marked with nomatch

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2013-04-08 21:51:25 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-04-29 20:08:44 +0200
commit: 43c56e595bb81319230affd545392536c933317e (patch)
tree: 61db0ec532d858885e812432b41e42188adb6738 /include/linux/netfilter
parent: net: fix address check in rtnl_fdb_del (diff)
download: linux-dev-43c56e595bb81319230affd545392536c933317e.tar.xz
linux-dev-43c56e595bb81319230affd545392536c933317e.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h
index 7958e84a65af..970187187f5b 100644
--- a/include/linux/netfilter/ipset/ip_set.h
+++ b/include/linux/netfilter/ipset/ip_set.h
@@ -200,6 +200,14 @@ ip_set_eexist(int ret, u32 flags)
 	return ret == -IPSET_ERR_EXIST && (flags & IPSET_FLAG_EXIST);
 }
 
+/* Match elements marked with nomatch */
+static inline bool
+ip_set_enomatch(int ret, u32 flags, enum ipset_adt adt)
+{
+	return adt == IPSET_TEST &&
+	       ret == -ENOTEMPTY && ((flags >> 16) & IPSET_FLAG_NOMATCH);
+}
+
 /* Check the NLA_F_NET_BYTEORDER flag */
 static inline bool
 ip_set_attr_netorder(struct nlattr *tb[], int type)
author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2013-04-08 21:51:25 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-04-29 20:08:44 +0200
commit	43c56e595bb81319230affd545392536c933317e (patch)
tree	61db0ec532d858885e812432b41e42188adb6738 /include/linux/netfilter
parent	net: fix address check in rtnl_fdb_del (diff)
download	linux-dev-43c56e595bb81319230affd545392536c933317e.tar.xz linux-dev-43c56e595bb81319230affd545392536c933317e.zip