diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-12-03 21:27:03 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-05 16:30:15 +0100 |
commit | fa42f2118746f35ae6883ef5b0d4758863282fc9 (patch) | |
tree | bac51951392313ae1a4b2bff0af5bfc2bd0c60a8 /src/netlink_delinearize.c | |
parent | f1f6c326d78594fd0dc279d4870502addcd6fcc2 (diff) |
src: flow offload support
This patch allows us to refer to existing flowtables:
# nft add rule x x flow offload @m
Packets matching this rule create an entry in the flow table 'm', hence,
follow up packets that get to the flowtable at ingress bypass the
classic forwarding path.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink_delinearize.c')
-rw-r--r-- | src/netlink_delinearize.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index c7df2b43..d65aacf8 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -686,6 +686,16 @@ static void netlink_parse_notrack(struct netlink_parse_ctx *ctx, ctx->stmt = notrack_stmt_alloc(loc); } +static void netlink_parse_flow_offload(struct netlink_parse_ctx *ctx, + const struct location *loc, + const struct nftnl_expr *nle) +{ + const char *table_name; + + table_name = xstrdup(nftnl_expr_get_str(nle, NFTNL_EXPR_FLOW_TABLE_NAME)); + ctx->stmt = flow_offload_stmt_alloc(loc, table_name); +} + static void netlink_parse_ct_stmt(struct netlink_parse_ctx *ctx, const struct location *loc, const struct nftnl_expr *nle) @@ -1294,6 +1304,7 @@ static const struct { { .name = "hash", .parse = netlink_parse_hash }, { .name = "fib", .parse = netlink_parse_fib }, { .name = "tcpopt", .parse = netlink_parse_exthdr }, + { .name = "flow_offload", .parse = netlink_parse_flow_offload }, }; static int netlink_parse_expr(const struct nftnl_expr *nle, |