5 |
* |
* |
6 |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
7 |
* |
* |
8 |
* Version: 1.6.0-pre 2008/01/04 |
* Version: 1.6.0-pre 2008/01/18 |
9 |
* |
* |
10 |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
11 |
* See README.ccs for ChangeLog. |
* See README.ccs for ChangeLog. |
309 |
mutex_lock(&domain_acl_lock); |
mutex_lock(&domain_acl_lock); |
310 |
if (!is_delete) { |
if (!is_delete) { |
311 |
list1_for_each_entry(ptr, &domain->acl_info_list, list) { |
list1_for_each_entry(ptr, &domain->acl_info_list, list) { |
312 |
switch (ptr->type) { |
switch (ptr->type & ~ACL_DELETED) { |
313 |
case TYPE_IP_NETWORK_ACL: |
case TYPE_IP_NETWORK_ACL: |
314 |
if (condition) continue; |
if (condition) continue; |
315 |
acl = container_of(ptr, struct ip_network_acl_record, head); |
acl = container_of(ptr, struct ip_network_acl_record, head); |
325 |
if (acl->operation_type != operation || acl->record_type != record_type || acl->min_port != min_port || max_port != acl->max_port) continue; |
if (acl->operation_type != operation || acl->record_type != record_type || acl->min_port != min_port || max_port != acl->max_port) continue; |
326 |
if (record_type == IP_RECORD_TYPE_ADDRESS_GROUP) { |
if (record_type == IP_RECORD_TYPE_ADDRESS_GROUP) { |
327 |
if (acl->u.group != group) continue; |
if (acl->u.group != group) continue; |
|
acl->is_deleted = 0; |
|
|
/* Found. Nothing to do. */ |
|
|
error = 0; |
|
|
goto out; |
|
328 |
} else if (record_type == IP_RECORD_TYPE_IPv4) { |
} else if (record_type == IP_RECORD_TYPE_IPv4) { |
329 |
if (acl->u.ipv4.min != min_ip || max_ip != acl->u.ipv4.max) continue; |
if (acl->u.ipv4.min != min_ip || max_ip != acl->u.ipv4.max) continue; |
|
acl->is_deleted = 0; |
|
|
/* Found. Nothing to do. */ |
|
|
error = 0; |
|
|
goto out; |
|
330 |
} else if (record_type == IP_RECORD_TYPE_IPv6) { |
} else if (record_type == IP_RECORD_TYPE_IPv6) { |
331 |
if (acl->u.ipv6.min != saved_min_address || saved_max_address != acl->u.ipv6.max) continue; |
if (acl->u.ipv6.min != saved_min_address || saved_max_address != acl->u.ipv6.max) continue; |
|
acl->is_deleted = 0; |
|
|
/* Found. Nothing to do. */ |
|
|
error = 0; |
|
|
goto out; |
|
332 |
} |
} |
333 |
|
error = AddDomainACL(NULL, ptr); |
334 |
|
goto out; |
335 |
} |
} |
336 |
/* Not found. Append it to the tail. */ |
/* Not found. Append it to the tail. */ |
337 |
if (condition) { |
if (condition) { |
373 |
default: |
default: |
374 |
continue; |
continue; |
375 |
} |
} |
376 |
if (acl->operation_type != operation || acl->record_type != record_type || acl->min_port != min_port || max_port != acl->max_port || acl->is_deleted) continue; |
if (acl->operation_type != operation || acl->record_type != record_type || acl->min_port != min_port || max_port != acl->max_port) continue; |
377 |
if (record_type == IP_RECORD_TYPE_ADDRESS_GROUP) { |
if (record_type == IP_RECORD_TYPE_ADDRESS_GROUP) { |
378 |
if (acl->u.group != group) continue; |
if (acl->u.group != group) continue; |
379 |
} else if (record_type == IP_RECORD_TYPE_IPv4) { |
} else if (record_type == IP_RECORD_TYPE_IPv4) { |
381 |
} else if (record_type == IP_RECORD_TYPE_IPv6) { |
} else if (record_type == IP_RECORD_TYPE_IPv6) { |
382 |
if (acl->u.ipv6.min != saved_min_address || saved_max_address != acl->u.ipv6.max) continue; |
if (acl->u.ipv6.min != saved_min_address || saved_max_address != acl->u.ipv6.max) continue; |
383 |
} |
} |
384 |
acl->is_deleted = 1; |
error = DelDomainACL(ptr); |
|
error = DelDomainACL(); |
|
385 |
break; |
break; |
386 |
} |
} |
387 |
} |
} |
418 |
cond = p->condition; |
cond = p->condition; |
419 |
break; |
break; |
420 |
} |
} |
421 |
if (acl->is_deleted || acl->operation_type != operation || port < acl->min_port || acl->max_port < port || !CheckCondition(cond, NULL)) continue; |
if (acl->operation_type != operation || port < acl->min_port || acl->max_port < port || !CheckCondition(cond, NULL)) continue; |
422 |
if (acl->record_type == IP_RECORD_TYPE_ADDRESS_GROUP) { |
if (acl->record_type == IP_RECORD_TYPE_ADDRESS_GROUP) { |
423 |
if (!AddressMatchesToGroup(is_ipv6, address, acl->u.group)) continue; |
if (!AddressMatchesToGroup(is_ipv6, address, acl->u.group)) continue; |
424 |
} else if (acl->record_type == IP_RECORD_TYPE_IPv4) { |
} else if (acl->record_type == IP_RECORD_TYPE_IPv4) { |