diff options
author | Anders K. Pedersen <akp@cohaesio.com> | 2016-10-28 05:55:33 +0000 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-10-28 10:32:05 +0200 |
commit | c3394df0f547a542af95685fdf08dc46b22efa55 (patch) | |
tree | 3f1e520868994f112cd26cd830e391b052b8e8d8 /include | |
parent | c26951eb0f98de0151699563cd0302f2ed714c01 (diff) |
src: introduce rt expression
Introduce support for rt expression for routing related data as implemented
in kernel.
Signed-off-by: Anders K. Pedersen <akp@cohaesio.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/libnftnl/expr.h | 10 | ||||
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 27 |
2 files changed, 37 insertions, 0 deletions
diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h index edf86a9..6245207 100644 --- a/include/libnftnl/expr.h +++ b/include/libnftnl/expr.h @@ -64,6 +64,11 @@ enum { }; enum { + NFTNL_EXPR_RT_KEY = NFTNL_EXPR_BASE, + NFTNL_EXPR_RT_DREG, +}; + +enum { NFTNL_EXPR_CMP_SREG = NFTNL_EXPR_BASE, NFTNL_EXPR_CMP_OP, NFTNL_EXPR_CMP_DATA, @@ -272,6 +277,11 @@ enum { }; enum { + NFT_EXPR_RT_KEY = NFT_RULE_EXPR_ATTR_BASE, + NFT_EXPR_RT_DREG, +}; + +enum { NFT_EXPR_CMP_SREG = NFT_RULE_EXPR_ATTR_BASE, NFT_EXPR_CMP_OP, NFT_EXPR_CMP_DATA, diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 30e3b21..f396293 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -753,6 +753,19 @@ enum nft_meta_keys { }; /** + * enum nft_rt_keys - nf_tables routing expression keys + * + * @NFT_RT_CLASSID: realm value of packet's route (skb->dst->tclassid) + * @NFT_RT_NEXTHOP4: routing nexthop for IPv4 + * @NFT_RT_NEXTHOP6: routing nexthop for IPv6 + */ +enum nft_rt_keys { + NFT_RT_CLASSID, + NFT_RT_NEXTHOP4, + NFT_RT_NEXTHOP6, +}; + +/** * enum nft_hash_attributes - nf_tables hash expression netlink attributes * * @NFTA_HASH_SREG: source register (NLA_U32) @@ -791,6 +804,20 @@ enum nft_meta_attributes { #define NFTA_META_MAX (__NFTA_META_MAX - 1) /** + * enum nft_rt_attributes - nf_tables routing expression netlink attributes + * + * @NFTA_RT_DREG: destination register (NLA_U32) + * @NFTA_RT_KEY: routing data item to load (NLA_U32: nft_rt_keys) + */ +enum nft_rt_attributes { + NFTA_RT_UNSPEC, + NFTA_RT_DREG, + NFTA_RT_KEY, + __NFTA_RT_MAX +}; +#define NFTA_RT_MAX (__NFTA_RT_MAX - 1) + +/** * enum nft_ct_keys - nf_tables ct expression keys * * @NFT_CT_STATE: conntrack state (bitmask of enum ip_conntrack_info) |