summaryrefslogtreecommitdiff
path: root/filter
diff options
context:
space:
mode:
Diffstat (limited to 'filter')
-rw-r--r--filter/filter.c10
-rw-r--r--filter/filter.h2
-rw-r--r--filter/trie.c15
3 files changed, 20 insertions, 7 deletions
diff --git a/filter/filter.c b/filter/filter.c
index 5c0e62f9..7a5ba5b9 100644
--- a/filter/filter.c
+++ b/filter/filter.c
@@ -1095,11 +1095,11 @@ interpret(struct f_inst *what)
runtime( "Integer expected");
if (v1.type != T_IP)
runtime( "You can mask only IP addresses" );
- {
- ip_addr mask = ipa_mkmask(v2.val.i);
- res.type = T_IP;
- res.val.ip = ipa_and(mask, v1.val.ip);
- }
+
+ res.type = T_IP;
+ res.val.ip = ipa_is_ip4(v1.val.ip) ?
+ ipa_from_ip4(ip4_and(ipa_to_ip4(v1.val.ip), ip4_mkmask(v2.val.i))) :
+ ipa_from_ip6(ip6_and(ipa_to_ip6(v1.val.ip), ip6_mkmask(v2.val.i)));
break;
case 'E': /* Create empty attribute */
diff --git a/filter/filter.h b/filter/filter.h
index fe753630..1052f8c8 100644
--- a/filter/filter.h
+++ b/filter/filter.h
@@ -76,7 +76,7 @@ int same_tree(struct f_tree *t1, struct f_tree *t2);
void tree_format(struct f_tree *t, buffer *buf);
struct f_trie *f_new_trie(linpool *lp, uint node_size);
-void *trie_add_prefix(struct f_trie *t, net_addr *n, uint l, uint h);
+void *trie_add_prefix(struct f_trie *t, const net_addr *n, uint l, uint h);
int trie_match_net(struct f_trie *t, const net_addr *n);
int trie_same(struct f_trie *t1, struct f_trie *t2);
void trie_format(struct f_trie *t, buffer *buf);
diff --git a/filter/trie.c b/filter/trie.c
index 9fdaac6d..6e234af4 100644
--- a/filter/trie.c
+++ b/filter/trie.c
@@ -74,6 +74,19 @@
#include "conf/conf.h"
#include "filter/filter.h"
+
+/*
+ * In the trie code, the prefix length is internally treated as for the whole
+ * ip_addr, regardless whether it contains an IPv4 or IPv6 address. Therefore,
+ * remaining definitions make sense.
+ */
+
+#define ipa_mkmask(x) ip6_mkmask(x)
+#define ipa_masklen(x) ip6_masklen(&x)
+#define ipa_pxlen(x,y) ip6_pxlen(x,y)
+#define ipa_getbit(x,n) ip6_getbit(x,n)
+
+
/**
* f_new_trie - allocates and returns a new empty trie
* @lp: linear pool to allocate items from
@@ -123,7 +136,7 @@ attach_node(struct f_trie_node *parent, struct f_trie_node *child)
*/
void *
-trie_add_prefix(struct f_trie *t, net_addr *net, uint l, uint h)
+trie_add_prefix(struct f_trie *t, const net_addr *net, uint l, uint h)
{
ip_addr px = net_prefix(net);
uint plen = net_pxlen(net);