summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2021-03-24 02:30:41 +0100
committerDavid S. Miller <davem@davemloft.net>2021-03-24 12:48:39 -0700
commit4cd91f7c290f64fe430867ddbae10bff34657b6a (patch)
treedbb745f8344be02727179413bad095b782608991 /include
parent7a27f6ab41356ecba47ec2bec6d635704c169779 (diff)
netfilter: flowtable: add vlan support
Add the vlan id and protocol to the flow tuple to uniquely identify flows from the receive path. For the transmit path, dev_hard_header() on the vlan device push the headers. This patch includes support for two vlan headers (QinQ) from the ingress path. Add a generic encap field to the flowtable entry which stores the protocol and the tag id. This allows to reuse these fields in the PPPoE support coming in a later patch. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/net/netfilter/nf_flow_table.h17
1 files changed, 14 insertions, 3 deletions
diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h
index 41c8436bc77e..e34fd3eb4bb5 100644
--- a/include/net/netfilter/nf_flow_table.h
+++ b/include/net/netfilter/nf_flow_table.h
@@ -95,6 +95,8 @@ enum flow_offload_xmit_type {
FLOW_OFFLOAD_XMIT_DIRECT,
};
+#define NF_FLOW_TABLE_ENCAP_MAX 2
+
struct flow_offload_tuple {
union {
struct in_addr src_v4;
@@ -113,13 +115,17 @@ struct flow_offload_tuple {
u8 l3proto;
u8 l4proto;
+ struct {
+ u16 id;
+ __be16 proto;
+ } encap[NF_FLOW_TABLE_ENCAP_MAX];
/* All members above are keys for lookups, see flow_offload_hash(). */
struct { } __hash;
- u8 dir:6,
- xmit_type:2;
-
+ u8 dir:4,
+ xmit_type:2,
+ encap_num:2;
u16 mtu;
union {
struct dst_entry *dst_cache;
@@ -174,6 +180,11 @@ struct nf_flow_route {
struct dst_entry *dst;
struct {
u32 ifindex;
+ struct {
+ u16 id;
+ __be16 proto;
+ } encap[NF_FLOW_TABLE_ENCAP_MAX];
+ u8 num_encaps;
} in;
struct {
u32 ifindex;