X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=ipaddr.h;h=54f10d434367988a596f526c6fb1f267b75fe544;hp=99cd1ed4ea1cbfd0da4ade67f37c4bfc76db2683;hb=9b8369e07aeba5ed2c69fb4a7f74d07c8cebe015;hpb=7138d0c54cd2212439434d27cb2d6ea775c3039b

diff --git a/ipaddr.h b/ipaddr.h
index 99cd1ed..54f10d4 100644
--- a/ipaddr.h
+++ b/ipaddr.h
@@ -1,18 +1,58 @@
+/* Useful functions for dealing with collections of IP addresses */
+
 #ifndef ipaddr_h
 #define ipaddr_h
 
-/* Match an address (in HOST byte order) with a subnet list.
-   Returns True if matched. */
-extern bool_t subnet_match(struct subnet *s, uint32_t address);
-extern bool_t subnet_matches_list(struct subnet_list *list, uint32_t address);
-extern bool_t subnets_intersect(struct subnet a, struct subnet b);
-extern bool_t subnet_intersects_with_list(struct subnet a,
-					  struct subnet_list *b);
-extern bool_t subnet_lists_intersect(struct subnet_list *a,
-				     struct subnet_list *b);
+struct subnet {
+    uint32_t prefix;
+    uint32_t mask;
+    int len;
+};
+
+struct subnet_list {
+    int32_t entries;
+    int32_t alloc;
+    struct subnet *list;
+};
+
+struct iprange {
+    uint32_t a,b;
+};
+
+struct ipset {
+    int32_t l; /* Number of entries in list */
+    int32_t a; /* Allocated space in list */
+    struct iprange *d;
+};
 
+extern struct subnet_list *subnet_list_new(void);
+extern void subnet_list_free(struct subnet_list *a);
+extern void subnet_list_append(struct subnet_list *a, uint32_t prefix, int len);
+
+static inline bool_t subnet_match(struct subnet s, uint32_t address)
+{
+    return (s.prefix==(address&s.mask));
+}
+
+extern struct ipset *ipset_new(void);
+extern void ipset_free(struct ipset *a);
+extern struct ipset *ipset_from_subnet(struct subnet s);
+extern struct ipset *ipset_from_subnet_list(struct subnet_list *l);
+extern struct ipset *ipset_union(struct ipset *a, struct ipset *b);
+extern struct ipset *ipset_intersection(struct ipset *a, struct ipset *b);
+extern struct ipset *ipset_complement(struct ipset *a);
+extern struct ipset *ipset_subtract(struct ipset *a, struct ipset *b);
+extern bool_t ipset_is_empty(struct ipset *a);
+extern bool_t ipset_contains_addr(struct ipset *a, uint32_t addr);
+extern bool_t ipset_is_subset(struct ipset *super, struct ipset *sub);
+extern struct subnet_list *ipset_to_subnet_list(struct ipset *is);
 
 extern string_t ipaddr_to_string(uint32_t addr);
-extern string_t subnet_to_string(struct subnet *sn);
+extern string_t subnet_to_string(struct subnet sn);
+
+extern struct ipset *string_list_to_ipset(list_t *l,struct cloc loc,
+					  cstring_t module, cstring_t param);
+					  
+extern uint32_t string_item_to_ipaddr(item_t *i, cstring_t desc);
 
 #endif /* ipaddr_h */