diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-12-03 21:27:03 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-05 16:30:15 +0100 |
| commit | fa42f2118746f35ae6883ef5b0d4758863282fc9 (patch) | |
| tree | bac51951392313ae1a4b2bff0af5bfc2bd0c60a8 /src/ct.c | |
| parent | f1f6c326d78594fd0dc279d4870502addcd6fcc2 (diff) | |
src: flow offload support
This patch allows us to refer to existing flowtables:
# nft add rule x x flow offload @m
Packets matching this rule create an entry in the flow table 'm', hence,
follow up packets that get to the flowtable at ingress bypass the
classic forwarding path.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/ct.c')
| -rw-r--r-- | src/ct.c | 23 |
1 files changed, 23 insertions, 0 deletions
@@ -456,3 +456,26 @@ struct stmt *notrack_stmt_alloc(const struct location *loc) { return stmt_alloc(loc, ¬rack_stmt_ops); } + +static void flow_offload_stmt_print(const struct stmt *stmt, + struct output_ctx *octx) +{ + printf("flow offload @%s", stmt->flow.table_name); +} + +static const struct stmt_ops flow_offload_stmt_ops = { + .type = STMT_FLOW_OFFLOAD, + .name = "flow_offload", + .print = flow_offload_stmt_print, +}; + +struct stmt *flow_offload_stmt_alloc(const struct location *loc, + const char *table_name) +{ + struct stmt *stmt; + + stmt = stmt_alloc(loc, &flow_offload_stmt_ops); + stmt->flow.table_name = table_name; + + return stmt; +} |