mnl: Support simple wildcards in netdev hooks

When building NFTA_{FLOWTABLE_,}HOOK_DEVS attributes, detect trailing asterisks in interface names and transmit the leading part in a NFTA_DEVICE_PREFIX attribute. Deserialization (i.e., appending asterisk to interface prefixes returned in NFTA_DEVICE_PREFIX atributes happens in libnftnl. Signed-off-by: Phil Sutter <phil@nwl.cc> Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2024-08-13 20:26:08 +0200
committer: Phil Sutter <phil@nwl.cc> 2025-09-30 23:04:35 +0200
commit: c31e887504a90152e29c4a76a74c8a442f771917 (patch)
tree: 9d1ed3a1fde72737a7f452518b79f8b50d5f873e /include/linux/netfilter
parent: 3af59817b8d3994d52db0f1aa5dabeebc84dae45 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index f57963e8..b38d4780 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -1774,10 +1774,12 @@ enum nft_synproxy_attributes {
  * enum nft_device_attributes - nf_tables device netlink attributes
  *
  * @NFTA_DEVICE_NAME: name of this device (NLA_STRING)
+ * @NFTA_DEVICE_PREFIX: device name prefix, a simple wildcard (NLA_STRING)
  */
 enum nft_devices_attributes {
 	NFTA_DEVICE_UNSPEC,
 	NFTA_DEVICE_NAME,
+	NFTA_DEVICE_PREFIX,
 	__NFTA_DEVICE_MAX
 };
 #define NFTA_DEVICE_MAX		(__NFTA_DEVICE_MAX - 1)
author	Phil Sutter <phil@nwl.cc>	2024-08-13 20:26:08 +0200
committer	Phil Sutter <phil@nwl.cc>	2025-09-30 23:04:35 +0200
commit	c31e887504a90152e29c4a76a74c8a442f771917 (patch)
tree	9d1ed3a1fde72737a7f452518b79f8b50d5f873e /include/linux/netfilter
parent	3af59817b8d3994d52db0f1aa5dabeebc84dae45 (diff)