extern void ct_expr_update_type(struct proto_ctx *ctx, struct expr *expr);
extern struct stmt *notrack_stmt_alloc(const struct location *loc);
+extern struct stmt *flow_offload_stmt_alloc(const struct location *loc,
+ const char *table_name);
extern const struct datatype ct_dir_type;
extern const struct datatype ct_state_type;
extern struct stmt *verdict_stmt_alloc(const struct location *loc,
struct expr *expr);
+struct flow_stmt {
+ const char *table_name;
+};
+
+struct stmt *flow_stmt_alloc(const struct location *loc, const char *name);
+
struct objref_stmt {
uint32_t type;
struct expr *expr;
* @STMT_NOTRACK: notrack statement
* @STMT_OBJREF: stateful object reference statement
* @STMT_EXTHDR: extension header statement
+ * @STMT_FLOW_OFFLOAD: flow offload statement
*/
enum stmt_types {
STMT_INVALID,
STMT_NOTRACK,
STMT_OBJREF,
STMT_EXTHDR,
+ STMT_FLOW_OFFLOAD,
};
/**
struct fwd_stmt fwd;
struct xt_stmt xt;
struct objref_stmt objref;
+ struct flow_stmt flow;
};
};
{
return stmt_alloc(loc, ¬rack_stmt_ops);
}
+
+static void flow_offload_stmt_print(const struct stmt *stmt,
+ struct output_ctx *octx)
+{
+ printf("flow offload @%s", stmt->flow.table_name);
+}
+
+static const struct stmt_ops flow_offload_stmt_ops = {
+ .type = STMT_FLOW_OFFLOAD,
+ .name = "flow_offload",
+ .print = flow_offload_stmt_print,
+};
+
+struct stmt *flow_offload_stmt_alloc(const struct location *loc,
+ const char *table_name)
+{
+ struct stmt *stmt;
+
+ stmt = stmt_alloc(loc, &flow_offload_stmt_ops);
+ stmt->flow.table_name = table_name;
+
+ return stmt;
+}
case STMT_LIMIT:
case STMT_QUOTA:
case STMT_NOTRACK:
+ case STMT_FLOW_OFFLOAD:
return 0;
case STMT_EXPRESSION:
return stmt_evaluate_expr(ctx, stmt);
ctx->stmt = notrack_stmt_alloc(loc);
}
+static void netlink_parse_flow_offload(struct netlink_parse_ctx *ctx,
+ const struct location *loc,
+ const struct nftnl_expr *nle)
+{
+ const char *table_name;
+
+ table_name = xstrdup(nftnl_expr_get_str(nle, NFTNL_EXPR_FLOW_TABLE_NAME));
+ ctx->stmt = flow_offload_stmt_alloc(loc, table_name);
+}
+
static void netlink_parse_ct_stmt(struct netlink_parse_ctx *ctx,
const struct location *loc,
const struct nftnl_expr *nle)
{ .name = "hash", .parse = netlink_parse_hash },
{ .name = "fib", .parse = netlink_parse_fib },
{ .name = "tcpopt", .parse = netlink_parse_exthdr },
+ { .name = "flow_offload", .parse = netlink_parse_flow_offload },
};
static int netlink_parse_expr(const struct nftnl_expr *nle,
nftnl_rule_add_expr(ctx->nlr, nle);
}
+static void netlink_gen_flow_offload_stmt(struct netlink_linearize_ctx *ctx,
+ const struct stmt *stmt)
+{
+ struct nftnl_expr *nle;
+
+ nle = alloc_nft_expr("flow_offload");
+ nftnl_expr_set_str(nle, NFTNL_EXPR_FLOW_TABLE_NAME,
+ stmt->flow.table_name);
+ nftnl_rule_add_expr(ctx->nlr, nle);
+}
+
static void netlink_gen_set_stmt(struct netlink_linearize_ctx *ctx,
const struct stmt *stmt)
{
break;
case STMT_NOTRACK:
return netlink_gen_notrack_stmt(ctx, stmt);
+ case STMT_FLOW_OFFLOAD:
+ return netlink_gen_flow_offload_stmt(ctx, stmt);
case STMT_OBJREF:
return netlink_gen_objref_stmt(ctx, stmt);
default:
%token SIZE "size"
%token FLOW "flow"
+%token OFFLOAD "offload"
%token METER "meter"
%token METERS "meters"
{
$$ = notrack_stmt_alloc(&@$);
}
+ | FLOW OFFLOAD AT string
+ {
+ $$ = flow_offload_stmt_alloc(&@$, $4);
+ }
;
offset_opt : /* empty */ { $$ = 0; }
"memory" { return MEMORY; }
"flow" { return FLOW; }
+"offload" { return OFFLOAD; }
"meter" { return METER; }
"meters" { return METERS; }
projects / thirdparty / nftables.git / commitdiff
