On Thu, Jun 27, 2019 at 09:37:53PM +0800, wenxu wrote: > > 在 2019/6/27 20:35, Pablo Neira Ayuso 写道: > > On Thu, Jun 27, 2019 at 10:09:17AM +0800, wenxu@xxxxxxxxx wrote: > >> From: wenxu <wenxu@xxxxxxxxx> > >> > >> This patch provide a meta vlan to set the vlan tag of the packet. > >> > >> for q-in-q vlan id 20: > >> meta vlan set 0x88a8:20 > > Actually, I think this is not very useful for stacked vlan since this > > just sets/mangles the existing meta vlan data. > > > > We'll need infrastructure that uses skb_vlan_push() and _pop(). > > > > Patch looks good anyway, such infrastructure to push/pop can be added > > later on. > > > > Thanks. > > yes, It's just ste/mangle the meta vlan data. I just wonder if we set for stacked vlan. > vlan meta 0x88a8:20. The packet should contain a 0x8100 vlan tag, we just push the > inner vlan and the the vlan meta with the outer 0x88a8:20. Or the packet don't contain > only vlan tag, we add a inner 0x8100:20 tag and outer 0x88a8:20 tag? You got me thinking here. I wonder if we can just make this fit into nft_payload. Or just add a new nft_vlan extension for this specifically, to push, to mangle and to pop vlan headers. This would be a simple solution for this. I need to explore this by the weekend, will get back to you beginning next week. Feedback is welcome in any case :-), thanks.
