3e0304a583d72c747caa8afac76b8d514aa293f5 - kernel/msm-4.19

commit	3e0304a583d72c747caa8afac76b8d514aa293f5	[log] [tgz]
author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	Fri Sep 21 22:02:36 2012 +0200
committer	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	Sat Sep 22 22:44:34 2012 +0200
tree	134fd8cc48ed72be16a7ca2f90b169de103bec2e
parent	3ace95c0ac125a042cfb682d0a9bbdbf1e5a2c65 [diff]

netfilter: ipset: Support to match elements marked with "nomatch"

Exceptions can now be matched and we can branch according to the
possible cases:

a. match in the set if the element is not flagged as "nomatch"
b. match in the set if the element is flagged with "nomatch"
c. no match

i.e.

iptables ... -m set --match-set ... -j ...
iptables ... -m set --match-set ... --nomatch-entries -j ...
...

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>

include/linux/netfilter/ipset/ip_set.h[diff]
net/netfilter/ipset/ip_set_core.c[diff]
net/netfilter/ipset/ip_set_hash_ipportnet.c[diff]
net/netfilter/ipset/ip_set_hash_net.c[diff]
net/netfilter/ipset/ip_set_hash_netiface.c[diff]
net/netfilter/ipset/ip_set_hash_netport.c[diff]
net/netfilter/xt_set.c[diff]

7 files changed

tree: 134fd8cc48ed72be16a7ca2f90b169de103bec2e