net: sched: add ipset ematch Can be used to match packets against netfilter ip sets created via ipset(8). skb->sk_iif is used as 'incoming interface', skb->dev is 'outgoing interface'. Since ipset is usually called from netfilter, the ematch initializes a fake xt_action_param, pulls the ip header into the linear area and also sets skb->data to the IP header (otherwise matching Layer 4 set types doesn't work). Tested-by: Mr Dash Four <mr.dash.four@googlemail.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 6d4fa852a023080101f1665ea189dd1844c87fef [log] [tgz]
author: Florian Westphal <fw@strlen.de> Wed Jul 11 10:56:57 2012 +0000
committer: David S. Miller <davem@davemloft.net> Thu Jul 12 07:54:46 2012 -0700
tree: 66d687daf267ae9143e3984b130b3aca6b4869c8
parent: fa919833e354b2e62b3c7d26920d1685ddc81eb2 [diff] [blame]
diff --git a/include/linux/pkt_cls.h b/include/linux/pkt_cls.h
index 38fbd4b..082eafa 100644
--- a/include/linux/pkt_cls.h
+++ b/include/linux/pkt_cls.h

@@ -453,7 +453,8 @@
 #define	TCF_EM_TEXT		5
 #define	TCF_EM_VLAN		6
 #define	TCF_EM_CANID		7
-#define	TCF_EM_MAX		7
+#define	TCF_EM_IPSET		8
+#define	TCF_EM_MAX		8
 
 enum {
 	TCF_EM_PROG_TC
commit	6d4fa852a023080101f1665ea189dd1844c87fef	[log] [tgz]
author	Florian Westphal <fw@strlen.de>	Wed Jul 11 10:56:57 2012 +0000
committer	David S. Miller <davem@davemloft.net>	Thu Jul 12 07:54:46 2012 -0700
tree	66d687daf267ae9143e3984b130b3aca6b4869c8
parent	fa919833e354b2e62b3c7d26920d1685ddc81eb2 [diff] [blame]