nftables: add flags offload to flowtable

allow flags (currently only offload) in flowtables like it is stated here: https://lwn.net/Articles/804384/ tested on mt7622/Bananapi-R64 table ip filter { flowtable f { hook ingress priority filter + 1 devices = { lan3, lan0, wan } flags offload; } chain forward { type filter hook forward priority filter; policy accept; ip protocol { tcp, udp } flow add @f } } table ip nat { chain post { type nat hook postrouting priority filter; policy accept; oifname "wan" masquerade } } Signed-off-by: Frank Wunderlich <frank-w@public-files.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Frank Wunderlich <frank-w@public-files.de> 2021-03-21 17:49:16 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2021-03-25 12:10:30 +0100
commit: 8e6cc9f373854ed580156ec6f01bcd97786fa9f7 (patch)
tree: 03ed5f94524a9dd610b45fbabc6bd2356e07682f /include
parent: f699e4c06a26b4977f4a5d220a0c5260b71d6433 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/include/rule.h b/include/rule.h
index 523435f6..4ef24eb4 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -188,6 +188,14 @@ enum chain_flags {
 };
 
 /**
+ * enum flowtable_flags - flowtable flags
+ *
+ */
+enum flowtable_flags {
+	FLOWTABLE_F_HW_OFFLOAD	= 0x1, /* NF_FLOWTABLE_HW_OFFLOAD in linux nf_flow_table.h */
+};
+
+/**
  * struct prio_spec - extendend priority specification for mixed
  *                    textual/numerical parsing.
  *
author	Frank Wunderlich <frank-w@public-files.de>	2021-03-21 17:49:16 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2021-03-25 12:10:30 +0100
commit	8e6cc9f373854ed580156ec6f01bcd97786fa9f7 (patch)
tree	03ed5f94524a9dd610b45fbabc6bd2356e07682f /include
parent	f699e4c06a26b4977f4a5d220a0c5260b71d6433 (diff)