diff options
| author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-04-19 09:59:15 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2011-04-19 09:59:15 -0400 |
| commit | a8a8a0937e22a5fd55aeb22586724ba6bb70aadd (patch) | |
| tree | 28e610c98f0f71e42e9676fc3e3e6bb9fe112056 /net | |
| parent | eafbd3fde6fc5ada0d61307367e408813b04928a (diff) | |
netfilter: ipset: Fix the order of listing of sets
A restoreable saving of sets requires that list:set type of sets
come last and the code part which should have taken into account
the ordering was broken. The patch fixes the listing order.
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/ipset/ip_set_core.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index e88ac3c3ed07..d87e03bc8ef8 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c | |||
| @@ -1022,8 +1022,9 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 1022 | if (cb->args[1] >= ip_set_max) | 1022 | if (cb->args[1] >= ip_set_max) |
| 1023 | goto out; | 1023 | goto out; |
| 1024 | 1024 | ||
| 1025 | pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]); | ||
| 1026 | max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max; | 1025 | max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max; |
| 1026 | dump_last: | ||
| 1027 | pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]); | ||
| 1027 | for (; cb->args[1] < max; cb->args[1]++) { | 1028 | for (; cb->args[1] < max; cb->args[1]++) { |
| 1028 | index = (ip_set_id_t) cb->args[1]; | 1029 | index = (ip_set_id_t) cb->args[1]; |
| 1029 | set = ip_set_list[index]; | 1030 | set = ip_set_list[index]; |
| @@ -1038,8 +1039,8 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 1038 | * so that lists (unions of sets) are dumped last. | 1039 | * so that lists (unions of sets) are dumped last. |
| 1039 | */ | 1040 | */ |
| 1040 | if (cb->args[0] != DUMP_ONE && | 1041 | if (cb->args[0] != DUMP_ONE && |
| 1041 | !((cb->args[0] == DUMP_ALL) ^ | 1042 | ((cb->args[0] == DUMP_ALL) == |
| 1042 | (set->type->features & IPSET_DUMP_LAST))) | 1043 | !!(set->type->features & IPSET_DUMP_LAST))) |
| 1043 | continue; | 1044 | continue; |
| 1044 | pr_debug("List set: %s\n", set->name); | 1045 | pr_debug("List set: %s\n", set->name); |
| 1045 | if (!cb->args[2]) { | 1046 | if (!cb->args[2]) { |
| @@ -1083,6 +1084,12 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 1083 | goto release_refcount; | 1084 | goto release_refcount; |
| 1084 | } | 1085 | } |
| 1085 | } | 1086 | } |
| 1087 | /* If we dump all sets, continue with dumping last ones */ | ||
| 1088 | if (cb->args[0] == DUMP_ALL) { | ||
| 1089 | cb->args[0] = DUMP_LAST; | ||
| 1090 | cb->args[1] = 0; | ||
| 1091 | goto dump_last; | ||
| 1092 | } | ||
| 1086 | goto out; | 1093 | goto out; |
| 1087 | 1094 | ||
| 1088 | nla_put_failure: | 1095 | nla_put_failure: |
| @@ -1093,11 +1100,6 @@ release_refcount: | |||
| 1093 | pr_debug("release set %s\n", ip_set_list[index]->name); | 1100 | pr_debug("release set %s\n", ip_set_list[index]->name); |
| 1094 | ip_set_put_byindex(index); | 1101 | ip_set_put_byindex(index); |
| 1095 | } | 1102 | } |
| 1096 | |||
| 1097 | /* If we dump all sets, continue with dumping last ones */ | ||
| 1098 | if (cb->args[0] == DUMP_ALL && cb->args[1] >= max && !cb->args[2]) | ||
| 1099 | cb->args[0] = DUMP_LAST; | ||
| 1100 | |||
| 1101 | out: | 1103 | out: |
| 1102 | if (nlh) { | 1104 | if (nlh) { |
| 1103 | nlmsg_end(skb, nlh); | 1105 | nlmsg_end(skb, nlh); |