review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	wenxu <wenxu@ucloud.cn>
	Wed, 7 Aug 2019 01:13:54 +0000 (09:13 +0800)
committer	David S. Miller <davem@davemloft.net>
	Fri, 9 Aug 2019 01:44:30 +0000 (18:44 -0700)
commit	9a32669fecfb484a1f78fe48d0e42a5efccb0675
tree	b822e2d85a81320c74e07d2d8bf41455817dabae	tree \| snapshot
parent	1150ab0f1b333ca310431dac65d8fa403b8471da	commit \| diff

netfilter: nf_tables_offload: support indr block call

nftable support indr-block call. It makes nftable an offload vlan
and tunnel device.

nft add table netdev firewall
nft add chain netdev firewall aclout { type filter hook ingress offload device mlx_pf0vf0 priority - 300 \; }
nft add rule netdev firewall aclout ip daddr 10.0.0.1 fwd to vlan0
nft add chain netdev firewall aclin { type filter hook ingress device vlan0 priority - 300 \; }
nft add rule netdev firewall aclin ip daddr 10.0.0.7 fwd to mlx_pf0vf0

Signed-off-by: wenxu <wenxu@ucloud.cn>
Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/netfilter/nf_tables_offload.h		diff \| blob \| history
net/netfilter/nf_tables_api.c		diff \| blob \| history
net/netfilter/nf_tables_offload.c		diff \| blob \| history