diff options
author | Arturo Borrero <arturo.borrero.glez@gmail.com> | 2014-09-23 14:05:15 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-09-29 12:33:37 +0200 |
commit | 90a0f8c443bbe33676aeff4e9782aa6b0e6c0894 (patch) | |
tree | c5c9dd78ed5423f093fe997db595bddbee8df6e3 /include | |
parent | 013dbc6b0a8490ba24805a8ae35d7707183b9615 (diff) |
src: add set optimization options
This patch adds options to choose set optimization mechanisms.
Two new statements are added to the set syntax, and they can be mixed:
nft add set filter set1 { type ipv4_addr ; size 1024 ; }
nft add set filter set1 { type ipv4_addr ; policy memory ; }
nft add set filter set1 { type ipv4_addr ; policy performance ; }
nft add set filter set1 { type ipv4_addr ; policy memory ; size 1024 ; }
nft add set filter set1 { type ipv4_addr ; size 1024 ; policy memory ; }
nft add set filter set1 { type ipv4_addr ; policy performance ; size 1024 ; }
nft add set filter set1 { type ipv4_addr ; size 1024 ; policy performance ; }
Also valid for maps:
nft add map filter map1 { type ipv4_addr : verdict ; policy performace ; }
[...]
This is the output format, which can be imported later with `nft -f':
table filter {
set set1 {
type ipv4_addr
policy memory
size 1024
}
}
In this approach the parser accepts default options such as 'performance',
given they are a valid configurations, but aren't sent to the kernel.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/rule.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/rule.h b/include/rule.h index 88aefc69..a1d58900 100644 --- a/include/rule.h +++ b/include/rule.h @@ -180,6 +180,8 @@ enum set_flags { * @datatype: mapping data type * @datalen: mapping data len * @init: initializer + * @policy: set mechanism policy + * @desc: set mechanism desc */ struct set { struct list_head list; @@ -192,6 +194,10 @@ struct set { const struct datatype *datatype; unsigned int datalen; struct expr *init; + uint32_t policy; + struct { + uint32_t size; + } desc; }; extern struct set *set_alloc(const struct location *loc); |