git.baikalelectronics.ru Git - kernel.git/commit

]> git.baikalelectronics.ru Git - kernel.git/commit

author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
	Fri, 21 Sep 2012 20:02:36 +0000 (22:02 +0200)
committer	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
	Sat, 22 Sep 2012 20:44:34 +0000 (22:44 +0200)
commit	2e55df2a15a286ea2bb642a757b0d4fb139e02b7
tree	134fd8cc48ed72be16a7ca2f90b169de103bec2e	tree \| snapshot
parent	9aa5d39d122977b6302b06068e6b724b5cc33d82	commit \| diff

netfilter: ipset: Support to match elements marked with "nomatch"

Exceptions can now be matched and we can branch according to the
possible cases:

a. match in the set if the element is not flagged as "nomatch"
b. match in the set if the element is flagged with "nomatch"
c. no match

i.e.

iptables ... -m set --match-set ... -j ...
iptables ... -m set --match-set ... --nomatch-entries -j ...
...

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>

Linux Kernel Source Tree.

RSS Atom

include/linux/netfilter/ipset/ip_set.h		diff \| blob \| history
net/netfilter/ipset/ip_set_core.c		diff \| blob \| history
net/netfilter/ipset/ip_set_hash_ipportnet.c		diff \| blob \| history
net/netfilter/ipset/ip_set_hash_net.c		diff \| blob \| history
net/netfilter/ipset/ip_set_hash_netiface.c		diff \| blob \| history
net/netfilter/ipset/ip_set_hash_netport.c		diff \| blob \| history
net/netfilter/xt_set.c		diff \| blob \| history