This allows to specify sets of addresses which are defined by sharing
the least-common netmask value.
For example, if the allow list contains the following addresses:
10.0.0.2/24 10.0.0.2/32
then the second address is redundant since it is already included
via the first one. The least-common netmask value is 24; with this
patch a command like
para_client sender http deny 10.0.0.0/24
will catch both addresses.
* \param addr The address to delete.
* \param netmask The netmask of the entry to be removed from the list.
*/
* \param addr The address to delete.
* \param netmask The netmask of the entry to be removed from the list.
*/
-static void acl_del_entry(struct list_head *acl, char *addr, int netmask)
+static void acl_del_entry(struct list_head *acl, char *addr, unsigned netmask)
{
struct access_info *ai, *tmp;
{
struct access_info *ai, *tmp;
+ struct in_addr to_delete;
+
+ inet_pton(AF_INET, addr, &to_delete);
list_for_each_entry_safe(ai, tmp, acl, node) {
list_for_each_entry_safe(ai, tmp, acl, node) {
- if (!strcmp(addr, inet_ntoa(ai->addr)) &&
- ai->netmask == netmask) {
+
+ if (v4_addr_match(to_delete.s_addr, ai->addr.s_addr,
+ PARA_MIN(netmask, ai->netmask))) {
PARA_NOTICE_LOG("removing %s/%i from access list\n",
addr, ai->netmask);
list_del(&ai->node);
PARA_NOTICE_LOG("removing %s/%i from access list\n",
addr, ai->netmask);
list_del(&ai->node);