From 6c43069e5f2a55d769ec6d362bc863af906591d0 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 4 Jun 2015 20:58:59 +0200
Subject: src: add netdev family support

This patch adds support for the new 'netdev' table. So far, this table allows
you to create filter chains from ingress.

The following example shows a very simple base configuration with one table that
contains a basechain that is attached to the 'eth0':

 # nft list table netdev filter
 table netdev filter {
        chain eth0-ingress {
                type filter hook ingress device eth0 priority 0; policy accept;
        }
 }

You can test that this works by adding a simple rule with counters:

 # nft add rule netdev filter eth0-ingress counter

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/proto.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/proto.c')

diff --git a/src/proto.c b/src/proto.c
index 6302016c..d40caebc 100644
--- a/src/proto.c
+++ b/src/proto.c
@@ -123,6 +123,7 @@ const struct proto_desc *proto_dev_desc(uint16_t type)
 
 const struct hook_proto_desc hook_proto_desc[] = {
 	[NFPROTO_BRIDGE]	= HOOK_PROTO_DESC(PROTO_BASE_LL_HDR,	  &proto_eth),
+	[NFPROTO_NETDEV]	= HOOK_PROTO_DESC(PROTO_BASE_LL_HDR,	  &proto_eth),
 	[NFPROTO_INET]		= HOOK_PROTO_DESC(PROTO_BASE_LL_HDR,	  &proto_inet),
 	[NFPROTO_IPV4]		= HOOK_PROTO_DESC(PROTO_BASE_NETWORK_HDR, &proto_ip),
 	[NFPROTO_IPV6]		= HOOK_PROTO_DESC(PROTO_BASE_NETWORK_HDR, &proto_ip6),
-- 
cgit v1.2.3