diff options
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ip.c | 22 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ipmark.c | 2 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ipport.c | 2 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ipportip.c | 2 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ipportnet.c | 4 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_net.c | 2 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_netiface.c | 2 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_netnet.c | 4 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_netport.c | 2 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_netportnet.c | 4 |
10 files changed, 24 insertions, 22 deletions
diff --git a/net/netfilter/ipset/ip_set_hash_ip.c b/net/netfilter/ipset/ip_set_hash_ip.c index 20bfbd315f61..613eb212cb48 100644 --- a/net/netfilter/ipset/ip_set_hash_ip.c +++ b/net/netfilter/ipset/ip_set_hash_ip.c | |||
| @@ -123,13 +123,12 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 123 | return ret; | 123 | return ret; |
| 124 | 124 | ||
| 125 | ip &= ip_set_hostmask(h->netmask); | 125 | ip &= ip_set_hostmask(h->netmask); |
| 126 | e.ip = htonl(ip); | ||
| 127 | if (e.ip == 0) | ||
| 128 | return -IPSET_ERR_HASH_ELEM; | ||
| 126 | 129 | ||
| 127 | if (adt == IPSET_TEST) { | 130 | if (adt == IPSET_TEST) |
| 128 | e.ip = htonl(ip); | ||
| 129 | if (e.ip == 0) | ||
| 130 | return -IPSET_ERR_HASH_ELEM; | ||
| 131 | return adtfn(set, &e, &ext, &ext, flags); | 131 | return adtfn(set, &e, &ext, &ext, flags); |
| 132 | } | ||
| 133 | 132 | ||
| 134 | ip_to = ip; | 133 | ip_to = ip; |
| 135 | if (tb[IPSET_ATTR_IP_TO]) { | 134 | if (tb[IPSET_ATTR_IP_TO]) { |
| @@ -148,17 +147,20 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 148 | 147 | ||
| 149 | hosts = h->netmask == 32 ? 1 : 2 << (32 - h->netmask - 1); | 148 | hosts = h->netmask == 32 ? 1 : 2 << (32 - h->netmask - 1); |
| 150 | 149 | ||
| 151 | if (retried) | 150 | if (retried) { |
| 152 | ip = ntohl(h->next.ip); | 151 | ip = ntohl(h->next.ip); |
| 153 | for (; !before(ip_to, ip); ip += hosts) { | ||
| 154 | e.ip = htonl(ip); | 152 | e.ip = htonl(ip); |
| 155 | if (e.ip == 0) | 153 | } |
| 156 | return -IPSET_ERR_HASH_ELEM; | 154 | for (; ip <= ip_to;) { |
| 157 | ret = adtfn(set, &e, &ext, &ext, flags); | 155 | ret = adtfn(set, &e, &ext, &ext, flags); |
| 158 | |||
| 159 | if (ret && !ip_set_eexist(ret, flags)) | 156 | if (ret && !ip_set_eexist(ret, flags)) |
| 160 | return ret; | 157 | return ret; |
| 161 | 158 | ||
| 159 | ip += hosts; | ||
| 160 | e.ip = htonl(ip); | ||
| 161 | if (e.ip == 0) | ||
| 162 | return 0; | ||
| 163 | |||
| 162 | ret = 0; | 164 | ret = 0; |
| 163 | } | 165 | } |
| 164 | return ret; | 166 | return ret; |
diff --git a/net/netfilter/ipset/ip_set_hash_ipmark.c b/net/netfilter/ipset/ip_set_hash_ipmark.c index b64cf14e8352..f3ba8348cf9d 100644 --- a/net/netfilter/ipset/ip_set_hash_ipmark.c +++ b/net/netfilter/ipset/ip_set_hash_ipmark.c | |||
| @@ -149,7 +149,7 @@ hash_ipmark4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 149 | 149 | ||
| 150 | if (retried) | 150 | if (retried) |
| 151 | ip = ntohl(h->next.ip); | 151 | ip = ntohl(h->next.ip); |
| 152 | for (; !before(ip_to, ip); ip++) { | 152 | for (; ip <= ip_to; ip++) { |
| 153 | e.ip = htonl(ip); | 153 | e.ip = htonl(ip); |
| 154 | ret = adtfn(set, &e, &ext, &ext, flags); | 154 | ret = adtfn(set, &e, &ext, &ext, flags); |
| 155 | 155 | ||
diff --git a/net/netfilter/ipset/ip_set_hash_ipport.c b/net/netfilter/ipset/ip_set_hash_ipport.c index f438740e6c6a..ddb8039ec1d2 100644 --- a/net/netfilter/ipset/ip_set_hash_ipport.c +++ b/net/netfilter/ipset/ip_set_hash_ipport.c | |||
| @@ -178,7 +178,7 @@ hash_ipport4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 178 | 178 | ||
| 179 | if (retried) | 179 | if (retried) |
| 180 | ip = ntohl(h->next.ip); | 180 | ip = ntohl(h->next.ip); |
| 181 | for (; !before(ip_to, ip); ip++) { | 181 | for (; ip <= ip_to; ip++) { |
| 182 | p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port) | 182 | p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port) |
| 183 | : port; | 183 | : port; |
| 184 | for (; p <= port_to; p++) { | 184 | for (; p <= port_to; p++) { |
diff --git a/net/netfilter/ipset/ip_set_hash_ipportip.c b/net/netfilter/ipset/ip_set_hash_ipportip.c index 6215fb898c50..a7f4d7a85420 100644 --- a/net/netfilter/ipset/ip_set_hash_ipportip.c +++ b/net/netfilter/ipset/ip_set_hash_ipportip.c | |||
| @@ -185,7 +185,7 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 185 | 185 | ||
| 186 | if (retried) | 186 | if (retried) |
| 187 | ip = ntohl(h->next.ip); | 187 | ip = ntohl(h->next.ip); |
| 188 | for (; !before(ip_to, ip); ip++) { | 188 | for (; ip <= ip_to; ip++) { |
| 189 | p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port) | 189 | p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port) |
| 190 | : port; | 190 | : port; |
| 191 | for (; p <= port_to; p++) { | 191 | for (; p <= port_to; p++) { |
diff --git a/net/netfilter/ipset/ip_set_hash_ipportnet.c b/net/netfilter/ipset/ip_set_hash_ipportnet.c index 5ab1b99a53c2..a2f19b9906e9 100644 --- a/net/netfilter/ipset/ip_set_hash_ipportnet.c +++ b/net/netfilter/ipset/ip_set_hash_ipportnet.c | |||
| @@ -271,7 +271,7 @@ hash_ipportnet4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 271 | 271 | ||
| 272 | if (retried) | 272 | if (retried) |
| 273 | ip = ntohl(h->next.ip); | 273 | ip = ntohl(h->next.ip); |
| 274 | for (; !before(ip_to, ip); ip++) { | 274 | for (; ip <= ip_to; ip++) { |
| 275 | e.ip = htonl(ip); | 275 | e.ip = htonl(ip); |
| 276 | p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port) | 276 | p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port) |
| 277 | : port; | 277 | : port; |
| @@ -281,7 +281,7 @@ hash_ipportnet4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 281 | ip == ntohl(h->next.ip) && | 281 | ip == ntohl(h->next.ip) && |
| 282 | p == ntohs(h->next.port) | 282 | p == ntohs(h->next.port) |
| 283 | ? ntohl(h->next.ip2) : ip2_from; | 283 | ? ntohl(h->next.ip2) : ip2_from; |
| 284 | while (!after(ip2, ip2_to)) { | 284 | while (ip2 <= ip2_to) { |
| 285 | e.ip2 = htonl(ip2); | 285 | e.ip2 = htonl(ip2); |
| 286 | ip2_last = ip_set_range_to_cidr(ip2, ip2_to, | 286 | ip2_last = ip_set_range_to_cidr(ip2, ip2_to, |
| 287 | &cidr); | 287 | &cidr); |
diff --git a/net/netfilter/ipset/ip_set_hash_net.c b/net/netfilter/ipset/ip_set_hash_net.c index 5d9e895452e7..1c67a1761e45 100644 --- a/net/netfilter/ipset/ip_set_hash_net.c +++ b/net/netfilter/ipset/ip_set_hash_net.c | |||
| @@ -193,7 +193,7 @@ hash_net4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 193 | } | 193 | } |
| 194 | if (retried) | 194 | if (retried) |
| 195 | ip = ntohl(h->next.ip); | 195 | ip = ntohl(h->next.ip); |
| 196 | while (!after(ip, ip_to)) { | 196 | while (ip <= ip_to) { |
| 197 | e.ip = htonl(ip); | 197 | e.ip = htonl(ip); |
| 198 | last = ip_set_range_to_cidr(ip, ip_to, &e.cidr); | 198 | last = ip_set_range_to_cidr(ip, ip_to, &e.cidr); |
| 199 | ret = adtfn(set, &e, &ext, &ext, flags); | 199 | ret = adtfn(set, &e, &ext, &ext, flags); |
diff --git a/net/netfilter/ipset/ip_set_hash_netiface.c b/net/netfilter/ipset/ip_set_hash_netiface.c index 44cf11939c91..d417074f1c1a 100644 --- a/net/netfilter/ipset/ip_set_hash_netiface.c +++ b/net/netfilter/ipset/ip_set_hash_netiface.c | |||
| @@ -255,7 +255,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 255 | 255 | ||
| 256 | if (retried) | 256 | if (retried) |
| 257 | ip = ntohl(h->next.ip); | 257 | ip = ntohl(h->next.ip); |
| 258 | while (!after(ip, ip_to)) { | 258 | while (ip <= ip_to) { |
| 259 | e.ip = htonl(ip); | 259 | e.ip = htonl(ip); |
| 260 | last = ip_set_range_to_cidr(ip, ip_to, &e.cidr); | 260 | last = ip_set_range_to_cidr(ip, ip_to, &e.cidr); |
| 261 | ret = adtfn(set, &e, &ext, &ext, flags); | 261 | ret = adtfn(set, &e, &ext, &ext, flags); |
diff --git a/net/netfilter/ipset/ip_set_hash_netnet.c b/net/netfilter/ipset/ip_set_hash_netnet.c index db614e13b193..7f9ae2e9645b 100644 --- a/net/netfilter/ipset/ip_set_hash_netnet.c +++ b/net/netfilter/ipset/ip_set_hash_netnet.c | |||
| @@ -250,13 +250,13 @@ hash_netnet4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 250 | if (retried) | 250 | if (retried) |
| 251 | ip = ntohl(h->next.ip[0]); | 251 | ip = ntohl(h->next.ip[0]); |
| 252 | 252 | ||
| 253 | while (!after(ip, ip_to)) { | 253 | while (ip <= ip_to) { |
| 254 | e.ip[0] = htonl(ip); | 254 | e.ip[0] = htonl(ip); |
| 255 | last = ip_set_range_to_cidr(ip, ip_to, &e.cidr[0]); | 255 | last = ip_set_range_to_cidr(ip, ip_to, &e.cidr[0]); |
| 256 | ip2 = (retried && | 256 | ip2 = (retried && |
| 257 | ip == ntohl(h->next.ip[0])) ? ntohl(h->next.ip[1]) | 257 | ip == ntohl(h->next.ip[0])) ? ntohl(h->next.ip[1]) |
| 258 | : ip2_from; | 258 | : ip2_from; |
| 259 | while (!after(ip2, ip2_to)) { | 259 | while (ip2 <= ip2_to) { |
| 260 | e.ip[1] = htonl(ip2); | 260 | e.ip[1] = htonl(ip2); |
| 261 | last2 = ip_set_range_to_cidr(ip2, ip2_to, &e.cidr[1]); | 261 | last2 = ip_set_range_to_cidr(ip2, ip2_to, &e.cidr[1]); |
| 262 | ret = adtfn(set, &e, &ext, &ext, flags); | 262 | ret = adtfn(set, &e, &ext, &ext, flags); |
diff --git a/net/netfilter/ipset/ip_set_hash_netport.c b/net/netfilter/ipset/ip_set_hash_netport.c index 54b64b6cd0cd..e6ef382febe4 100644 --- a/net/netfilter/ipset/ip_set_hash_netport.c +++ b/net/netfilter/ipset/ip_set_hash_netport.c | |||
| @@ -241,7 +241,7 @@ hash_netport4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 241 | 241 | ||
| 242 | if (retried) | 242 | if (retried) |
| 243 | ip = ntohl(h->next.ip); | 243 | ip = ntohl(h->next.ip); |
| 244 | while (!after(ip, ip_to)) { | 244 | while (ip <= ip_to) { |
| 245 | e.ip = htonl(ip); | 245 | e.ip = htonl(ip); |
| 246 | last = ip_set_range_to_cidr(ip, ip_to, &cidr); | 246 | last = ip_set_range_to_cidr(ip, ip_to, &cidr); |
| 247 | e.cidr = cidr - 1; | 247 | e.cidr = cidr - 1; |
diff --git a/net/netfilter/ipset/ip_set_hash_netportnet.c b/net/netfilter/ipset/ip_set_hash_netportnet.c index aff846960ac4..8602f2595a1a 100644 --- a/net/netfilter/ipset/ip_set_hash_netportnet.c +++ b/net/netfilter/ipset/ip_set_hash_netportnet.c | |||
| @@ -291,7 +291,7 @@ hash_netportnet4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 291 | if (retried) | 291 | if (retried) |
| 292 | ip = ntohl(h->next.ip[0]); | 292 | ip = ntohl(h->next.ip[0]); |
| 293 | 293 | ||
| 294 | while (!after(ip, ip_to)) { | 294 | while (ip <= ip_to) { |
| 295 | e.ip[0] = htonl(ip); | 295 | e.ip[0] = htonl(ip); |
| 296 | ip_last = ip_set_range_to_cidr(ip, ip_to, &e.cidr[0]); | 296 | ip_last = ip_set_range_to_cidr(ip, ip_to, &e.cidr[0]); |
| 297 | p = retried && ip == ntohl(h->next.ip[0]) ? ntohs(h->next.port) | 297 | p = retried && ip == ntohl(h->next.ip[0]) ? ntohs(h->next.port) |
| @@ -301,7 +301,7 @@ hash_netportnet4_uadt(struct ip_set *set, struct nlattr *tb[], | |||
| 301 | ip2 = (retried && ip == ntohl(h->next.ip[0]) && | 301 | ip2 = (retried && ip == ntohl(h->next.ip[0]) && |
| 302 | p == ntohs(h->next.port)) ? ntohl(h->next.ip[1]) | 302 | p == ntohs(h->next.port)) ? ntohl(h->next.ip[1]) |
| 303 | : ip2_from; | 303 | : ip2_from; |
| 304 | while (!after(ip2, ip2_to)) { | 304 | while (ip2 <= ip2_to) { |
| 305 | e.ip[1] = htonl(ip2); | 305 | e.ip[1] = htonl(ip2); |
| 306 | ip2_last = ip_set_range_to_cidr(ip2, ip2_to, | 306 | ip2_last = ip_set_range_to_cidr(ip2, ip2_to, |
| 307 | &e.cidr[1]); | 307 | &e.cidr[1]); |