diff options
| author |   Pablo Neira Ayuso <pablo@netfilter.org> | 2017-10-09 19:52:28 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-11-07 01:00:31 +0100 |
| commit | ba0e4d9917b43dfa746cbbcb4477da59aae73bd6 (patch) | |
| tree | b8665d2f2be0764277f19fb0a45c59dff4650259 /net/netfilter/nft_set_bitmap.c | |
| parent | netfilter: nf_tables: performance set policy skips size description in selection (diff) | |
| download | linux-dev-ba0e4d9917b43dfa746cbbcb4477da59aae73bd6.tar.xz linux-dev-ba0e4d9917b43dfa746cbbcb4477da59aae73bd6.zip | |
netfilter: nf_tables: get set elements via netlink
This patch adds a new get operation to look up for specific elements in
a set via netlink interface. You can also use it to check if an interval
already exists.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nft_set_bitmap.c')
| -rw-r--r-- | net/netfilter/nft_set_bitmap.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/net/netfilter/nft_set_bitmap.c b/net/netfilter/nft_set_bitmap.c index 734989c40579..45fb2752fb63 100644 --- a/net/netfilter/nft_set_bitmap.c +++ b/net/netfilter/nft_set_bitmap.c @@ -106,6 +106,23 @@ nft_bitmap_elem_find(const struct nft_set *set, struct nft_bitmap_elem *this, return NULL; } +static void *nft_bitmap_get(const struct net *net, const struct nft_set *set, + const struct nft_set_elem *elem, unsigned int flags) +{ + const struct nft_bitmap *priv = nft_set_priv(set); + u8 genmask = nft_genmask_cur(net); + struct nft_bitmap_elem *be; + + list_for_each_entry_rcu(be, &priv->list, head) { + if (memcmp(nft_set_ext_key(&be->ext), elem->key.val.data, set->klen) || + !nft_set_elem_active(&be->ext, genmask)) + continue; + + return be; + } + return ERR_PTR(-ENOENT); +} + static int nft_bitmap_insert(const struct net *net, const struct nft_set *set, const struct nft_set_elem *elem, struct nft_set_ext **ext) @@ -294,6 +311,7 @@ static struct nft_set_ops nft_bitmap_ops __read_mostly = { .activate = nft_bitmap_activate, .lookup = nft_bitmap_lookup, .walk = nft_bitmap_walk, + .get = nft_bitmap_get, }; static struct nft_set_type nft_bitmap_type __read_mostly = { |