netfilter: ipset: Fix the order of listing of sets
A restoreable saving of sets requires that list:set type of sets come last and the code part which should have taken into account the ordering was broken. The patch fixes the listing order. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Родитель
eafbd3fde6
Коммит
a8a8a0937e
|
@ -1022,8 +1022,9 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
|
||||||
if (cb->args[1] >= ip_set_max)
|
if (cb->args[1] >= ip_set_max)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]);
|
|
||||||
max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max;
|
max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max;
|
||||||
|
dump_last:
|
||||||
|
pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]);
|
||||||
for (; cb->args[1] < max; cb->args[1]++) {
|
for (; cb->args[1] < max; cb->args[1]++) {
|
||||||
index = (ip_set_id_t) cb->args[1];
|
index = (ip_set_id_t) cb->args[1];
|
||||||
set = ip_set_list[index];
|
set = ip_set_list[index];
|
||||||
|
@ -1038,8 +1039,8 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
|
||||||
* so that lists (unions of sets) are dumped last.
|
* so that lists (unions of sets) are dumped last.
|
||||||
*/
|
*/
|
||||||
if (cb->args[0] != DUMP_ONE &&
|
if (cb->args[0] != DUMP_ONE &&
|
||||||
!((cb->args[0] == DUMP_ALL) ^
|
((cb->args[0] == DUMP_ALL) ==
|
||||||
(set->type->features & IPSET_DUMP_LAST)))
|
!!(set->type->features & IPSET_DUMP_LAST)))
|
||||||
continue;
|
continue;
|
||||||
pr_debug("List set: %s\n", set->name);
|
pr_debug("List set: %s\n", set->name);
|
||||||
if (!cb->args[2]) {
|
if (!cb->args[2]) {
|
||||||
|
@ -1083,6 +1084,12 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
|
||||||
goto release_refcount;
|
goto release_refcount;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
/* If we dump all sets, continue with dumping last ones */
|
||||||
|
if (cb->args[0] == DUMP_ALL) {
|
||||||
|
cb->args[0] = DUMP_LAST;
|
||||||
|
cb->args[1] = 0;
|
||||||
|
goto dump_last;
|
||||||
|
}
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
nla_put_failure:
|
nla_put_failure:
|
||||||
|
@ -1093,11 +1100,6 @@ release_refcount:
|
||||||
pr_debug("release set %s\n", ip_set_list[index]->name);
|
pr_debug("release set %s\n", ip_set_list[index]->name);
|
||||||
ip_set_put_byindex(index);
|
ip_set_put_byindex(index);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If we dump all sets, continue with dumping last ones */
|
|
||||||
if (cb->args[0] == DUMP_ALL && cb->args[1] >= max && !cb->args[2])
|
|
||||||
cb->args[0] = DUMP_LAST;
|
|
||||||
|
|
||||||
out:
|
out:
|
||||||
if (nlh) {
|
if (nlh) {
|
||||||
nlmsg_end(skb, nlh);
|
nlmsg_end(skb, nlh);
|
||||||
|
|
Загрузка…
Ссылка в новой задаче