From 42468fb6df61ac7cdb325cc3be32375bdfce6b4b Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 6 Aug 2018 13:35:05 +0200
Subject: expr: add support for matching tunnel metadata

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/libnftnl/expr.h             |  5 +++++
 include/linux/netfilter/nf_tables.h | 15 +++++++++++++++
 2 files changed, 20 insertions(+)

(limited to 'include')

diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h
index fd0befc..b0a0a85 100644
--- a/include/libnftnl/expr.h
+++ b/include/libnftnl/expr.h
@@ -77,6 +77,11 @@ enum {
 	NFTNL_EXPR_SOCKET_DREG,
 };
 
+enum {
+	NFTNL_EXPR_TUNNEL_KEY	= NFTNL_EXPR_BASE,
+	NFTNL_EXPR_TUNNEL_DREG,
+};
+
 enum {
 	NFTNL_EXPR_CMP_SREG	= NFTNL_EXPR_BASE,
 	NFTNL_EXPR_CMP_OP,
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 0450fc0..6dc00c6 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -1629,4 +1629,19 @@ enum nft_tunnel_key_attributes {
 };
 #define NFTA_TUNNEL_KEY_MAX	(__NFTA_TUNNEL_KEY_MAX - 1)
 
+enum nft_tunnel_keys {
+	NFT_TUNNEL_PATH,
+	NFT_TUNNEL_ID,
+	__NFT_TUNNEL_MAX
+};
+#define NFT_TUNNEL_MAX	(__NFT_TUNNEL_MAX - 1)
+
+enum nft_tunnel_attributes {
+	NFTA_TUNNEL_UNSPEC,
+	NFTA_TUNNEL_KEY,
+	NFTA_TUNNEL_DREG,
+	__NFTA_TUNNEL_MAX
+};
+#define NFTA_TUNNEL_MAX	(__NFTA_TUNNEL_MAX - 1)
+
 #endif /* _LINUX_NF_TABLES_H */
-- 
cgit v1.2.3