The following patchset contains nftables updates: 1) Add support for using TOS symbols when we add rules that we use TOS. Before, we have added the rules with TOS mask and we didn't have support for adding the rules with symbols. 2) Add support for using DSCP in Nftables. With this patch, we allow to use DSCP in nftables. With this two patchs, we have retrocompatibility with TOS and we have DSCP support. 3) We can add rules with TOS, but when we list the rules in nftables, the position in the Ip header of TOS and DSCP is the same (but different structure) and we must to decide in which format we want to list the rules. I have decided to put the IPHDR_DSCP value before of IPHDR_TOS. With that we list the rules with nftables, we will see the rules in format DSCP. I have decided that because DSCP is more current and we still have retrocompatibility with TOS. Example: If we add this rule: nft add rule ip filter input ip tos 0x00 counter accept or nft add rule ip filter input ip tos normal-service counter accept If we list the table filter. We will see: ip dscp CS0 counter packets 0 bytes 0 accept. Álvaro Neira Ayuso (2): src: Add support for adding TOS symbols src: Add DSCP support in nftables include/datatype.h | 4 ++ include/proto.h | 1 + src/parser.y | 2 + src/proto.c | 133 +++++++++++++++++++++++++++++++++++++++++++++++++++- src/scanner.l | 1 + 5 files changed, 140 insertions(+), 1 deletion(-) -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
