[NETFILTER]: xt_owner: allow matching UID/GID ranges

Add support for ranges to the new revision. This doesn't affect
compatibility since the new revision was not released yet.

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/netfilter/xt_owner.h

@@ -8,8 +8,8 @@ enum {
 };
 
 struct xt_owner_match_info {
-	u_int32_t uid;
-	u_int32_t gid;
+	u_int32_t uid_min, uid_max;
+	u_int32_t gid_min, gid_max;
 	u_int8_t match, invert;
 };
 

net/netfilter/xt_owner.c

@@ -4,8 +4,8 @@
  *
  * (C) 2000 Marc Boucher <marc@mbsi.ca>
  *
- * Copyright © CC Computer Consultants GmbH, 2007
- * Contact: <jengelh@computergmbh.de>
+ * Copyright © CC Computer Consultants GmbH, 2007 - 2008
+ * <jengelh@computergmbh.de>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -102,13 +102,15 @@ owner_mt(const struct sk_buff *skb, const struct net_device *in,
 		       (XT_OWNER_UID | XT_OWNER_GID)) == 0;
 
 	if (info->match & XT_OWNER_UID)
-		if ((filp->f_uid != info->uid) ^
-		    !!(info->invert & XT_OWNER_UID))
+		if ((filp->f_uid >= info->uid_min &&
+		    filp->f_uid <= info->uid_max) ^
+		    !(info->invert & XT_OWNER_UID))
 			return false;
 
 	if (info->match & XT_OWNER_GID)
-		if ((filp->f_gid != info->gid) ^
-		    !!(info->invert & XT_OWNER_GID))
+		if ((filp->f_gid >= info->gid_min &&
+		    filp->f_gid <= info->gid_max) ^
+		    !(info->invert & XT_OWNER_GID))
 			return false;
 
 	return true;