+/**
+ * Check whether the peer name of a given fd is allowed by an acl.
+ *
+ * \param fd File descriptor.
+ * \param acl The access control list.
+ * \param default_deny Whether \a acl is a whitelist.
+ *
+ * \return Positive if the peer of \a fd is permitted by \a acl, \p -E_ACL_PERM
+ * otherwise.
+ */
+int acl_check_access(int fd, struct list_head *acl, int default_deny)
+{
+ int match = acl_lookup(fd, acl);
+
+ return (!match || default_deny) && (match || !default_deny)?
+ 1 : -E_ACL_PERM;
+}
+
+/**
+ * Permit access for a range of IP addresses.
+ *
+ * \param addr The address to permit.
+ * \param netmask The netmask of the entry to be permitted.
+ * \param acl The access control list.
+ * \param default_deny Whether \a acl is a whitelist.
+ */
+void acl_allow(char *addr, int netmask,
+ struct list_head *acl, int default_deny)
+{
+ if (default_deny)
+ acl_add_entry(acl, addr, netmask);
+ else
+ acl_del_entry(acl, addr, netmask);
+}
+
+/**
+ * Deny access for a range of IP addresses.
+ *
+ * \param addr The address to deny.
+ * \param netmask The netmask of the entry to be denied.
+ * \param acl The access control list.
+ * \param default_deny Whether \a acl is a whitelist.
+ */
+void acl_deny(char *addr, int netmask,
+ struct list_head *acl, int default_deny)
+{
+ acl_allow(addr, netmask, acl, !default_deny);
+}