include/linux/netfilter/ipset/ip_set.h
Source file repositories/reference/linux-study-clean/include/linux/netfilter/ipset/ip_set.h
File Facts
- System
- Linux kernel
- Corpus path
include/linux/netfilter/ipset/ip_set.h- Extension
.h- Size
- 15540 bytes
- Lines
- 544
- Domain
- Core OS
- Bucket
- Core Kernel Interface
- Inferred role
- Core OS: implementation source
- Status
- source implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/ip.hlinux/ipv6.hlinux/netlink.hlinux/netfilter.hlinux/netfilter/x_tables.hlinux/stringify.hlinux/vmalloc.hnet/netlink.huapi/linux/netfilter/ipset/ip_set.h
Detected Declarations
struct ip_setstruct ip_set_ext_typestruct ip_set_counterstruct ip_set_comment_rcustruct ip_set_commentstruct ip_set_skbinfostruct ip_set_extstruct ip_set_adt_optstruct ip_set_type_variantstruct ip_set_regionstruct ip_set_typestruct ip_setenum ip_set_featureenum ip_set_extensionenum ip_set_ext_idfunction ip_set_ext_destroyfunction ip_set_get_hostipaddr4function ip_set_eexistfunction ip_set_enomatchfunction ip_set_attr_netorderfunction ip_set_optattr_netorderfunction ip_set_get_h32function ip_set_get_h16function nla_put_ipaddr4function nla_put_ipaddr6function ip4addrfunction ip4addrptrfunction ip6addrptrfunction ip_set_timeout_ugetfunction ip_set_timeout_expiredfunction ip_set_timeout_setfunction ip_set_init_counterfunction ip_set_init_skbinfofunction nf_inet_addr_mask_inplace
Annotated Snippet
struct ip_set_ext_type {
/* Destroy extension private data (can be NULL) */
void (*destroy)(struct ip_set *set, void *ext);
enum ip_set_extension type;
enum ipset_cadt_flags flag;
/* Size and minimal alignment */
u8 len;
u8 align;
};
extern const struct ip_set_ext_type ip_set_extensions[];
struct ip_set_counter {
atomic64_t bytes;
atomic64_t packets;
};
struct ip_set_comment_rcu {
struct rcu_head rcu;
char str[];
};
struct ip_set_comment {
struct ip_set_comment_rcu __rcu *c;
};
struct ip_set_skbinfo {
u32 skbmark;
u32 skbmarkmask;
u32 skbprio;
u16 skbqueue;
u16 __pad;
};
struct ip_set_ext {
struct ip_set_skbinfo skbinfo;
u64 packets;
u64 bytes;
char *comment;
u32 timeout;
u8 packets_op;
u8 bytes_op;
bool target;
};
#define ext_timeout(e, s) \
((unsigned long *)(((void *)(e)) + (s)->offset[IPSET_EXT_ID_TIMEOUT]))
#define ext_counter(e, s) \
((struct ip_set_counter *)(((void *)(e)) + (s)->offset[IPSET_EXT_ID_COUNTER]))
#define ext_comment(e, s) \
((struct ip_set_comment *)(((void *)(e)) + (s)->offset[IPSET_EXT_ID_COMMENT]))
#define ext_skbinfo(e, s) \
((struct ip_set_skbinfo *)(((void *)(e)) + (s)->offset[IPSET_EXT_ID_SKBINFO]))
typedef int (*ipset_adtfn)(struct ip_set *set, void *value,
const struct ip_set_ext *ext,
struct ip_set_ext *mext, u32 cmdflags);
/* Kernel API function options */
struct ip_set_adt_opt {
u8 family; /* Actual protocol family */
u8 dim; /* Dimension of match/target */
u8 flags; /* Direction and negation flags */
u32 cmdflags; /* Command-like flags */
struct ip_set_ext ext; /* Extensions */
};
/* Set type, variant-specific part */
struct ip_set_type_variant {
/* Kernelspace: test/add/del entries
* returns negative error code,
* zero for no match/success to add/delete
* positive for matching element */
int (*kadt)(struct ip_set *set, const struct sk_buff *skb,
const struct xt_action_param *par,
enum ipset_adt adt, struct ip_set_adt_opt *opt);
/* Userspace: test/add/del entries
* returns negative error code,
* zero for no match/success to add/delete
* positive for matching element */
int (*uadt)(struct ip_set *set, struct nlattr *tb[],
enum ipset_adt adt, u32 *lineno, u32 flags, bool retried);
/* Low level add/del/test functions */
ipset_adtfn adt[IPSET_ADT_MAX];
/* When adding entries and set is full, try to resize the set */
int (*resize)(struct ip_set *set, bool retried);
/* Destroy the set */
Annotation
- Immediate include surface: `linux/ip.h`, `linux/ipv6.h`, `linux/netlink.h`, `linux/netfilter.h`, `linux/netfilter/x_tables.h`, `linux/stringify.h`, `linux/vmalloc.h`, `net/netlink.h`.
- Detected declarations: `struct ip_set`, `struct ip_set_ext_type`, `struct ip_set_counter`, `struct ip_set_comment_rcu`, `struct ip_set_comment`, `struct ip_set_skbinfo`, `struct ip_set_ext`, `struct ip_set_adt_opt`, `struct ip_set_type_variant`, `struct ip_set_region`.
- Atlas domain: Core OS / Core Kernel Interface.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.