diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-11-24 21:26:27 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-01-31 22:32:18 +0100 |
| commit | 6f137a2db3419e961e41eda28668cd99e8a3f2e2 (patch) | |
| tree | a53b45962d657c1c02363d9b248aa944840a9134 /src/netlink_delinearize.c | |
| parent | 8a236ef68cd43af81fac10c5b58658514273a14e (diff) | |
src: add fwd statement for netdev
This patch add support for the forward statement, only available at the
netdev family.
# nft add table netdev filter
# nft add chain netdev filter ingress { type filter hook ingress device eth0 priority 0\; }
# nft add rule netdev filter ingress fwd to dummy0
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink_delinearize.c')
| -rw-r--r-- | src/netlink_delinearize.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 2732c965..94fa11fa 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -831,6 +831,30 @@ static void netlink_parse_dup(struct netlink_parse_ctx *ctx, list_add_tail(&stmt->list, &ctx->rule->stmts); } +static void netlink_parse_fwd(struct netlink_parse_ctx *ctx, + const struct location *loc, + const struct nftnl_expr *nle) +{ + enum nft_registers reg1; + struct expr *dev; + struct stmt *stmt; + + stmt = fwd_stmt_alloc(loc); + + reg1 = netlink_parse_register(nle, NFTNL_EXPR_FWD_SREG_DEV); + if (reg1) { + dev = netlink_get_register(ctx, loc, reg1); + if (dev == NULL) + return netlink_error(ctx, loc, + "fwd statement has no output expression"); + + expr_set_type(dev, &ifindex_type, BYTEORDER_HOST_ENDIAN); + stmt->fwd.to = dev; + } + + list_add_tail(&stmt->list, &ctx->rule->stmts); +} + static void netlink_parse_queue(struct netlink_parse_ctx *ctx, const struct location *loc, const struct nftnl_expr *nle) @@ -922,6 +946,7 @@ static const struct { { .name = "dup", .parse = netlink_parse_dup }, { .name = "queue", .parse = netlink_parse_queue }, { .name = "dynset", .parse = netlink_parse_dynset }, + { .name = "fwd", .parse = netlink_parse_fwd }, }; static int netlink_parse_expr(struct nftnl_expr *nle, void *arg) @@ -1667,6 +1692,10 @@ static void rule_parse_postprocess(struct netlink_parse_ctx *ctx, struct rule *r if (stmt->dup.dev != NULL) expr_postprocess(&rctx, &stmt->dup.dev); break; + case STMT_FWD: + if (stmt->fwd.to != NULL) + expr_postprocess(&rctx, &stmt->fwd.to); + break; default: break; } |