"meta random" fills a register with a 32bit pseudo-random number.
For instance one can now use
meta random <=
2147483647
... to match every 2nd packet on average.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
[NFT_META_CGROUP] = META_TEMPLATE("cgroup", &integer_type,
4 * BITS_PER_BYTE,
BYTEORDER_HOST_ENDIAN),
+ [NFT_META_PRANDOM] = META_TEMPLATE("random", &integer_type,
+ 4 * BITS_PER_BYTE,
+ BYTEORDER_BIG_ENDIAN), /* avoid conversion; doesn't have endianess */
};
static bool meta_key_is_qualified(enum nft_meta_keys key)
case NFT_META_L4PROTO:
case NFT_META_PROTOCOL:
case NFT_META_PRIORITY:
+ case NFT_META_PRANDOM:
return true;
default:
return false;
| L4PROTO { $$ = NFT_META_L4PROTO; }
| PROTOCOL { $$ = NFT_META_PROTOCOL; }
| PRIORITY { $$ = NFT_META_PRIORITY; }
+ | RANDOM { $$ = NFT_META_PRANDOM; }
;
meta_key_unqualified : MARK { $$ = NFT_META_MARK; }
projects / thirdparty / nftables.git / commitdiff
