Gitiles
Code Review Sign In
gerrit.nordix.org / thekelleys / dnsmasq / e99e4d92f870ef266bfc2e1f51a6dafafd3a04d1^! / .
commite99e4d92f870ef266bfc2e1f51a6dafafd3a04d1[log] [tgz]
authortarun.kundu <tarun.kundu@est.tech>Thu Apr 13 14:08:45 2023 -0700
committertarun.kundu <tarun.kundu@est.tech>Thu Apr 13 14:08:45 2023 -0700
tree1abe1df09527dcef20d1d15ed4611a2f00008b19
parentbd2650479011acd16e9804c319a3c8ea4fa42725 [diff]
Add timeout to ip entries using IPSET_ATTR_TIMEOUT

Change-Id: Ia988cc734a00eb25872313b8eb10edab4d9abdcc

diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 038ae10..56d2d0d 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h

@@ -1555,7 +1555,8 @@
 /* ipset.c */
 #ifdef HAVE_IPSET
 void ipset_init(void);
-int add_to_ipset(const char *setname, const union all_addr *ipaddr, int flags, int remove);
+int add_to_ipset(const char *setname, const union all_addr *ipaddr, int flags,
+                 int remove, unsigned long attl);
 #endif
 
 /* helper.c */

diff --git a/src/ipset.c b/src/ipset.c
index 8d6c532..76972ea 100644
--- a/src/ipset.c
+++ b/src/ipset.c

@@ -84,7 +84,8 @@
  * Note: The N and O flag are mutually exclusive.
  */
 
-static int new_add_to_ipset(const char *setname, const union all_addr *ipaddr, int af, int remove)
+static int new_add_to_ipset(const char *setname, const union all_addr *ipaddr,
+                            int af, int remove, unsigned long attl)
 {
   struct nlmsghdr *nlh;
   struct nfgenmsg *nfg;
@@ -93,6 +94,8 @@
   struct nlattr *ipset_attr_data_ptr = NULL;
   struct nlattr *ipset_attr_ip_ptr = NULL;
   struct nlattr *ipset_attr_ip_addr_ptr = NULL;
+  struct nlattr *ipset_attr_timeout_ptr = NULL;
+  unsigned int attl_val = htonl(attl);
 
   if (strlen(setname) >= IPSET_MAXNAMELEN) 
     {
@@ -124,6 +127,9 @@
 	   addrsz, ipaddr);
   ipset_attr_ip_ptr->nla_len += ipset_attr_ip_addr_ptr->nla_len;
   ipset_attr_data_ptr->nla_len += ipset_attr_ip_addr_ptr->nla_len;
+  ipset_attr_timeout_ptr = add_attr(nlh, IPSET_ATTR_TIMEOUT | NLA_F_NET_BYTEORDER,
+                                    sizeof(attl_val), &attl_val);
+  ipset_attr_data_ptr->nla_len += ipset_attr_timeout_ptr->nla_len;
 	
   while (retry_send(sendto(ipset_sock, buffer, nlh->nlmsg_len, 0,
 			   (struct sockaddr *)&snl, sizeof(snl))));
@@ -173,7 +179,8 @@
 
 
 
-int add_to_ipset(const char *setname, const union all_addr *ipaddr, int flags, int remove)
+int add_to_ipset(const char *setname, const union all_addr *ipaddr, int flags,
+                 int remove, unsigned long attl)
 {
   int ret = 0, af = AF_INET;
 
@@ -189,7 +196,7 @@
     }
   
   if (ret != -1) 
-    ret = old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ipset(setname, ipaddr, af, remove);
+    ret = old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ipset(setname, ipaddr, af, remove, attl);
 
   if (ret == -1)
      my_syslog(LOG_ERR, _("failed to update ipset %s: %s"), setname, strerror(errno));

diff --git a/src/rfc1035.c b/src/rfc1035.c
index 5a961b8..67dd90b 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c

@@ -826,7 +826,7 @@
 			      while (*ipsets_cur)
 				{
 				  log_query((flags & (F_IPV4 | F_IPV6)) | F_IPSET, name, &addr, *ipsets_cur);
-				  add_to_ipset(*ipsets_cur++, &addr, flags, 0);
+				  add_to_ipset(*ipsets_cur++, &addr, flags, 0, attl);
 				}
 			    }
 #endif