netfilter: ipset: Use HOST_MASK literal to represent host address CIDR len

author Sergey Popovich <popovich_sergei@mail.ua>

Sat, 2 May 2015 17:28:11 +0000 (19:28 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Wed, 13 May 2015 11:25:47 +0000 (13:25 +0200)
author Sergey Popovich <popovich_sergei@mail.ua>
Sat, 2 May 2015 17:28:11 +0000 (19:28 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Wed, 13 May 2015 11:25:47 +0000 (13:25 +0200)
diff --git a/net/netfilter/ipset/ip_set_bitmap_ip.c b/net/netfilter/ipset/ip_set_bitmap_ip.c

index 306a1bf749148838b796652186cee688671198da..01b88ba7c430cef47b0097bd541b9dd8834ded9e 100644 (file)
--- a/net/netfilter/ipset/ip_set_bitmap_ip.c
+++ b/net/netfilter/ipset/ip_set_bitmap_ip.c
@@ -36,6 +36,7 @@ IP_SET_MODULE_DESC("bitmap:ip", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
  MODULE_ALIAS("ip_set_bitmap:ip");
  
  #define MTYPE          bitmap_ip
+#define HOST_MASK      32
  
  /* Type structure */
  struct bitmap_ip {
@@ -177,7 +178,7 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (!cidr || cidr > 32)
+               if (!cidr || cidr > HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(ip, ip_to, cidr);
         } else
@@ -280,7 +281,7 @@ bitmap_ip_create(struct net *net, struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (cidr >= 32)
+               if (cidr >= HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(first_ip, last_ip, cidr);
         } else
@@ -289,7 +290,7 @@ bitmap_ip_create(struct net *net, struct ip_set *set, struct nlattr *tb[],
         if (tb[IPSET_ATTR_NETMASK]) {
                 netmask = nla_get_u8(tb[IPSET_ATTR_NETMASK]);
  
-               if (netmask > 32)
+               if (netmask > HOST_MASK)
                         return -IPSET_ERR_INVALID_NETMASK;
  
                 first_ip &= ip_set_hostmask(netmask);
diff --git a/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/net/netfilter/ipset/ip_set_bitmap_ipmac.c

index c5f6a061fa3537287b1ab140dc692dfa834ee9a0..46868b3fdf7b52d57e8678c842e4e512c1e32b5b 100644 (file)
--- a/net/netfilter/ipset/ip_set_bitmap_ipmac.c
+++ b/net/netfilter/ipset/ip_set_bitmap_ipmac.c
@@ -36,6 +36,7 @@ IP_SET_MODULE_DESC("bitmap:ip,mac", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
  MODULE_ALIAS("ip_set_bitmap:ip,mac");
  
  #define MTYPE          bitmap_ipmac
+#define HOST_MASK      32
  #define IP_SET_BITMAP_STORED_TIMEOUT
  
  enum {
@@ -346,7 +347,7 @@ bitmap_ipmac_create(struct net *net, struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (cidr >= 32)
+               if (cidr >= HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(first_ip, last_ip, cidr);
         } else
diff --git a/net/netfilter/ipset/ip_set_hash_ip.c b/net/netfilter/ipset/ip_set_hash_ip.c

index 1c469df6055162f8429f94070297da8a986ca33f..1a9ef0c6d45768a2c367036c25b60e39a43525fa 100644 (file)
--- a/net/netfilter/ipset/ip_set_hash_ip.c
+++ b/net/netfilter/ipset/ip_set_hash_ip.c
@@ -147,7 +147,7 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (!cidr || cidr > 32)
+               if (!cidr || cidr > HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(ip, ip_to, cidr);
         }
diff --git a/net/netfilter/ipset/ip_set_hash_ipmark.c b/net/netfilter/ipset/ip_set_hash_ipmark.c

index 82ef5b3d9afc61dc53d9c35fb2324d8adf7d8cd4..4499373ef8aaaf364beb117997d0df0441c64e80 100644 (file)
--- a/net/netfilter/ipset/ip_set_hash_ipmark.c
+++ b/net/netfilter/ipset/ip_set_hash_ipmark.c
@@ -149,7 +149,7 @@ hash_ipmark4_uadt(struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (!cidr || cidr > 32)
+               if (!cidr || cidr > HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(ip, ip_to, cidr);
         }
diff --git a/net/netfilter/ipset/ip_set_hash_ipport.c b/net/netfilter/ipset/ip_set_hash_ipport.c

index 299fab630d1ffea03a96bea2994d3d5fc0abd8e2..4ae423c8653246452f68dfbb2aeba96498d83147 100644 (file)
--- a/net/netfilter/ipset/ip_set_hash_ipport.c
+++ b/net/netfilter/ipset/ip_set_hash_ipport.c
@@ -170,7 +170,7 @@ hash_ipport4_uadt(struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (!cidr || cidr > 32)
+               if (!cidr || cidr > HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(ip, ip_to, cidr);
         }
diff --git a/net/netfilter/ipset/ip_set_hash_ipportip.c b/net/netfilter/ipset/ip_set_hash_ipportip.c

index cb7946662fbd8f29836065bf4180e0d60f25d55c..fb921a53c87881f4ceb81b5b36040930d1836701 100644 (file)
--- a/net/netfilter/ipset/ip_set_hash_ipportip.c
+++ b/net/netfilter/ipset/ip_set_hash_ipportip.c
@@ -176,7 +176,7 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (!cidr || cidr > 32)
+               if (!cidr || cidr > HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(ip, ip_to, cidr);
         }
diff --git a/net/netfilter/ipset/ip_set_hash_ipportnet.c b/net/netfilter/ipset/ip_set_hash_ipportnet.c

index 2c39cae0df294789c4d62943b994d6e16bb2996e..4ae9804386ad9d252c79454c07ed3afdc18bd5c3 100644 (file)
--- a/net/netfilter/ipset/ip_set_hash_ipportnet.c
+++ b/net/netfilter/ipset/ip_set_hash_ipportnet.c
@@ -248,7 +248,7 @@ hash_ipportnet4_uadt(struct ip_set *set, struct nlattr *tb[],
         } else if (tb[IPSET_ATTR_CIDR]) {
                 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
  
-               if (!cidr || cidr > 32)
+               if (!cidr || cidr > HOST_MASK)
                         return -IPSET_ERR_INVALID_CIDR;
                 ip_set_mask_from_to(ip, ip_to, cidr);
         }
author	Sergey Popovich <popovich_sergei@mail.ua>
	Sat, 2 May 2015 17:28:11 +0000 (19:28 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 13 May 2015 11:25:47 +0000 (13:25 +0200)
net/netfilter/ipset/ip_set_bitmap_ip.c		patch \| blob \| history
net/netfilter/ipset/ip_set_bitmap_ipmac.c		patch \| blob \| history
net/netfilter/ipset/ip_set_hash_ip.c		patch \| blob \| history
net/netfilter/ipset/ip_set_hash_ipmark.c		patch \| blob \| history
net/netfilter/ipset/ip_set_hash_ipport.c		patch \| blob \| history
net/netfilter/ipset/ip_set_hash_ipportip.c		patch \| blob \| history
net/netfilter/ipset/ip_set_hash_ipportnet.c		patch \| blob \| history