diff options
Diffstat (limited to 'filter')
-rw-r--r-- | filter/filter.c | 10 | ||||
-rw-r--r-- | filter/filter.h | 2 | ||||
-rw-r--r-- | filter/trie.c | 15 |
3 files changed, 20 insertions, 7 deletions
diff --git a/filter/filter.c b/filter/filter.c index 5c0e62f9..7a5ba5b9 100644 --- a/filter/filter.c +++ b/filter/filter.c @@ -1095,11 +1095,11 @@ interpret(struct f_inst *what) runtime( "Integer expected"); if (v1.type != T_IP) runtime( "You can mask only IP addresses" ); - { - ip_addr mask = ipa_mkmask(v2.val.i); - res.type = T_IP; - res.val.ip = ipa_and(mask, v1.val.ip); - } + + res.type = T_IP; + res.val.ip = ipa_is_ip4(v1.val.ip) ? + ipa_from_ip4(ip4_and(ipa_to_ip4(v1.val.ip), ip4_mkmask(v2.val.i))) : + ipa_from_ip6(ip6_and(ipa_to_ip6(v1.val.ip), ip6_mkmask(v2.val.i))); break; case 'E': /* Create empty attribute */ diff --git a/filter/filter.h b/filter/filter.h index fe753630..1052f8c8 100644 --- a/filter/filter.h +++ b/filter/filter.h @@ -76,7 +76,7 @@ int same_tree(struct f_tree *t1, struct f_tree *t2); void tree_format(struct f_tree *t, buffer *buf); struct f_trie *f_new_trie(linpool *lp, uint node_size); -void *trie_add_prefix(struct f_trie *t, net_addr *n, uint l, uint h); +void *trie_add_prefix(struct f_trie *t, const net_addr *n, uint l, uint h); int trie_match_net(struct f_trie *t, const net_addr *n); int trie_same(struct f_trie *t1, struct f_trie *t2); void trie_format(struct f_trie *t, buffer *buf); diff --git a/filter/trie.c b/filter/trie.c index 9fdaac6d..6e234af4 100644 --- a/filter/trie.c +++ b/filter/trie.c @@ -74,6 +74,19 @@ #include "conf/conf.h" #include "filter/filter.h" + +/* + * In the trie code, the prefix length is internally treated as for the whole + * ip_addr, regardless whether it contains an IPv4 or IPv6 address. Therefore, + * remaining definitions make sense. + */ + +#define ipa_mkmask(x) ip6_mkmask(x) +#define ipa_masklen(x) ip6_masklen(&x) +#define ipa_pxlen(x,y) ip6_pxlen(x,y) +#define ipa_getbit(x,n) ip6_getbit(x,n) + + /** * f_new_trie - allocates and returns a new empty trie * @lp: linear pool to allocate items from @@ -123,7 +136,7 @@ attach_node(struct f_trie_node *parent, struct f_trie_node *child) */ void * -trie_add_prefix(struct f_trie *t, net_addr *net, uint l, uint h) +trie_add_prefix(struct f_trie *t, const net_addr *net, uint l, uint h) { ip_addr px = net_prefix(net); uint plen = net_pxlen(net); |