| 276 |
return error; |
return error; |
| 277 |
} |
} |
| 278 |
|
|
| 279 |
static bool ccs_is_same_ip_network_acl(const struct ccs_acl_info *a, |
static bool ccs_same_ip_network_acl(const struct ccs_acl_info *a, |
| 280 |
const struct ccs_acl_info *b) |
const struct ccs_acl_info *b) |
| 281 |
{ |
{ |
| 282 |
const struct ccs_ip_network_acl *p1 = container_of(a, typeof(*p1), |
const struct ccs_ip_network_acl *p1 = container_of(a, typeof(*p1), |
| 283 |
head); |
head); |
| 284 |
const struct ccs_ip_network_acl *p2 = container_of(b, typeof(*p2), |
const struct ccs_ip_network_acl *p2 = container_of(b, typeof(*p2), |
| 285 |
head); |
head); |
| 286 |
return ccs_is_same_acl_head(&p1->head, &p2->head) |
return ccs_same_acl_head(&p1->head, &p2->head) |
| 287 |
&& p1->address_type == p2->address_type && |
&& p1->address_type == p2->address_type && |
| 288 |
p1->address.ipv4.min == p2->address.ipv4.min && |
p1->address.ipv4.min == p2->address.ipv4.min && |
| 289 |
p1->address.ipv6.min == p2->address.ipv6.min && |
p1->address.ipv6.min == p2->address.ipv6.min && |
| 290 |
p1->address.ipv4.max == p2->address.ipv4.max && |
p1->address.ipv4.max == p2->address.ipv4.max && |
| 291 |
p1->address.ipv6.max == p2->address.ipv6.max && |
p1->address.ipv6.max == p2->address.ipv6.max && |
| 292 |
p1->address.group == p2->address.group && |
p1->address.group == p2->address.group && |
| 293 |
ccs_is_same_number_union(&p1->port, &p2->port); |
ccs_same_number_union(&p1->port, &p2->port); |
| 294 |
} |
} |
| 295 |
|
|
| 296 |
static bool ccs_merge_ip_network_acl(struct ccs_acl_info *a, |
static bool ccs_merge_ip_network_acl(struct ccs_acl_info *a, |
| 310 |
} |
} |
| 311 |
|
|
| 312 |
/** |
/** |
| 313 |
* ccs_write_network_policy - Write "struct ccs_ip_network_acl" list. |
* ccs_write_network - Write "struct ccs_ip_network_acl" list. |
| 314 |
* |
* |
| 315 |
* @data: String to parse. |
* @data: String to parse. |
| 316 |
* @domain: Pointer to "struct ccs_domain_info". |
* @domain: Pointer to "struct ccs_domain_info". |
| 319 |
* |
* |
| 320 |
* Returns 0 on success, negative value otherwise. |
* Returns 0 on success, negative value otherwise. |
| 321 |
*/ |
*/ |
| 322 |
int ccs_write_network_policy(char *data, struct ccs_domain_info *domain, |
int ccs_write_network(char *data, struct ccs_domain_info *domain, |
| 323 |
struct ccs_condition *condition, |
struct ccs_condition *condition, const bool is_delete) |
|
const bool is_delete) |
|
| 324 |
{ |
{ |
| 325 |
struct ccs_ip_network_acl e = { |
struct ccs_ip_network_acl e = { |
| 326 |
.head.type = CCS_TYPE_IP_NETWORK_ACL, |
.head.type = CCS_TYPE_IP_NETWORK_ACL, |
| 398 |
} |
} |
| 399 |
if (!ccs_parse_number_union(w[3], &e.port)) |
if (!ccs_parse_number_union(w[3], &e.port)) |
| 400 |
goto out; |
goto out; |
| 401 |
error = ccs_update_domain_policy(&e.head, sizeof(e), is_delete, domain, |
error = ccs_update_domain(&e.head, sizeof(e), is_delete, domain, |
| 402 |
ccs_is_same_ip_network_acl, |
ccs_same_ip_network_acl, |
| 403 |
ccs_merge_ip_network_acl); |
ccs_merge_ip_network_acl); |
| 404 |
out: |
out: |
| 405 |
if (w[2][0] == '@') |
if (w[2][0] == '@') |
| 406 |
ccs_put_group(e.address.group); |
ccs_put_group(e.address.group); |
TOMOYO
Parent Directory
Revision Log
Patch