diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-05-11 00:22:11 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-05-11 23:01:31 +0200 |
commit | bc9d2e5006b2963f9cc117076ecf38a5c3782964 (patch) | |
tree | 610905ddeffcbfd12a292c0832ad8925444369dd /src/parser_bison.y | |
parent | 16fcc85c283537ea00357e2ca4bbb561c03bc65b (diff) |
src: add ecn support
This supports both IPv4:
# nft --debug=netlink add rule ip filter forward ip ecn ce counter
ip filter forward
[ payload load 1b @ network header + 1 => reg 1 ]
[ bitwise reg 1 = (reg=1 & 0x00000003 ) ^ 0x00000000 ]
[ cmp eq reg 1 0x00000003 ]
[ counter pkts 0 bytes 0 ]
For IPv6:
# nft --debug=netlink add rule ip6 filter forward ip6 ecn ce counter
ip6 filter forward
[ payload load 1b @ network header + 1 => reg 1 ]
[ bitwise reg 1 = (reg=1 & 0x00000030 ) ^ 0x00000000 ]
[ cmp eq reg 1 0x00000030 ]
[ counter pkts 0 bytes 0 ]
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/parser_bison.y')
-rw-r--r-- | src/parser_bison.y | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/parser_bison.y b/src/parser_bison.y index 490047b9..b8d33861 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -249,6 +249,7 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token HDRVERSION "version" %token HDRLENGTH "hdrlength" %token DSCP "dscp" +%token ECN "ecn" %token LENGTH "length" %token FRAG_OFF "frag-off" %token TTL "ttl" @@ -1103,6 +1104,7 @@ type_identifier_list : type_identifier type_identifier : STRING { $$ = $1; } | MARK { $$ = xstrdup("mark"); } | DSCP { $$ = xstrdup("dscp"); } + | ECN { $$ = xstrdup("ecn"); } ; hook_spec : TYPE STRING HOOK STRING dev_spec PRIORITY prio_spec @@ -2187,6 +2189,12 @@ primary_rhs_expr : symbol_expr { $$ = $1; } current_scope(state), "dnat"); } + | ECN + { + $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE, + current_scope(state), + "ecn"); + } ; relational_op : EQ { $$ = OP_EQ; } @@ -2405,6 +2413,7 @@ ip_hdr_expr : IP ip_hdr_field ip_hdr_field : HDRVERSION { $$ = IPHDR_VERSION; } | HDRLENGTH { $$ = IPHDR_HDRLENGTH; } | DSCP { $$ = IPHDR_DSCP; } + | ECN { $$ = IPHDR_ECN; } | LENGTH { $$ = IPHDR_LENGTH; } | ID { $$ = IPHDR_ID; } | FRAG_OFF { $$ = IPHDR_FRAG_OFF; } @@ -2438,6 +2447,7 @@ ip6_hdr_expr : IP6 ip6_hdr_field ip6_hdr_field : HDRVERSION { $$ = IP6HDR_VERSION; } | DSCP { $$ = IP6HDR_DSCP; } + | ECN { $$ = IP6HDR_ECN; } | FLOWLABEL { $$ = IP6HDR_FLOWLABEL; } | LENGTH { $$ = IP6HDR_LENGTH; } | NEXTHDR { $$ = IP6HDR_NEXTHDR; } |