[PATCH nftables] meta: Add support for `time`

Karuna Grewal <karunagrewal98@xxxxxxxxx> · Fri, 8 Mar 2019 22:59:44 +0530

meta `time` can be used to match the timestamp of a packet.

Signed-off-by: Karuna Grewal <karunagrewal98@xxxxxxxxx>
---
 include/linux/netfilter/nf_tables.h | 2 ++
 src/meta.c                          | 3 +++
 src/parser_bison.y                  | 1 +
 src/scanner.l                       | 1 +
 4 files changed, 7 insertions(+)

diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 37036be0..a20fc966 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -791,6 +791,7 @@ enum nft_exthdr_attributes {
  * @NFT_META_SECPATH: boolean, secpath_exists (!!skb->sp)
  * @NFT_META_IIFKIND: packet input interface kind name (dev->rtnl_link_ops->kind)
  * @NFT_META_OIFKIND: packet output interface kind name (dev->rtnl_link_ops->kind)
+ * @NFT_META_TSTAMP_NS: packet arrival time (skb->tstamp)
  */
 enum nft_meta_keys {
 	NFT_META_LEN,
@@ -821,6 +822,7 @@ enum nft_meta_keys {
 	NFT_META_SECPATH,
 	NFT_META_IIFKIND,
 	NFT_META_OIFKIND,
+	NFT_META_TSTAMP_NS,
 };
 
 /**
diff --git a/src/meta.c b/src/meta.c
index 7e44a2a3..1b35e508 100644
--- a/src/meta.c
+++ b/src/meta.c
@@ -450,6 +450,9 @@ const struct meta_template meta_templates[] = {
 	[NFT_META_OIFKIND]	= META_TEMPLATE("oifkind",   &ifname_type,
 						IFNAMSIZ * BITS_PER_BYTE,
 						BYTEORDER_HOST_ENDIAN),
+	[NFT_META_TSTAMP_NS] = META_TEMPLATE("timestamp", &time_type,
+						8 * BITS_PER_BYTE,
+						BYTEORDER_HOST_ENDIAN),
 };
 
 static bool meta_key_is_unqualified(enum nft_meta_keys key)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index b20be3a8..58914486 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -3874,6 +3874,7 @@ meta_key_unqualified	:	MARK		{ $$ = NFT_META_MARK; }
 			|       OIFGROUP	{ $$ = NFT_META_OIFGROUP; }
 			|       CGROUP		{ $$ = NFT_META_CGROUP; }
 			|       IPSEC		{ $$ = NFT_META_SECPATH; }
+			|	TIMESTAMP	{ $$ = NFT_META_TSTAMP_NS; }
 			;
 
 meta_stmt		:	META	meta_key	SET	stmt_expr
diff --git a/src/scanner.l b/src/scanner.l
index 6f83aa11..bfb8c558 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -507,6 +507,7 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 "iifgroup"		{ return IIFGROUP; }
 "oifgroup"		{ return OIFGROUP; }
 "cgroup"		{ return CGROUP; }
+"time"			{ return TIMESTAMP; }
 
 "classid"		{ return CLASSID; }
 "nexthop"		{ return NEXTHOP; }
-- 
2.17.1







