On Thu, May 26, 2022 at 02:57:30AM -0400, wenxu@xxxxxxxxxxxxxxx wrote:
[...]
> diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c
> index b350fe9..5da651d 100644
> --- a/net/netfilter/nf_flow_table_ip.c
> +++ b/net/netfilter/nf_flow_table_ip.c
> @@ -291,6 +291,23 @@ static bool nf_flow_skb_encap_protocol(const struct sk_buff *skb, __be16 proto,
> return false;
> }
>
> +static void nf_flow_encap_push(struct sk_buff *skb,
> + struct flow_offload_tuple_rhash *tuplehash)
> +{
> + int i;
> +
> + for (i = 0; i < tuplehash->tuple.encap_num; i++) {
> + switch (tuplehash->tuple.encap[i].proto) {
> + case htons(ETH_P_8021Q):
> + case htons(ETH_P_8021AD):
> + skb_vlan_push(skb,
Nit: skb_vlan_push() might fail.
> + tuplehash->tuple.encap[i].proto,
> + tuplehash->tuple.encap[i].id);
> + break;
> + }
> + }
> +}
If I understand correctly, the goal of this patchset is to move the
existing vlan and ppp support to use the XMIT_DIRECT path?
So this already works but you would prefer to not use XMIT_NEIGH?
The scenarios you describe already work fine with the existing
codebase? I am assuming 'eth' provides Internet access? You refer to
this in the patch description:
br0.100-->br0(vlan filter enable)-->eth
br0(vlan filter enable)-->eth
br0(vlan filter disable)-->eth.100-->eth
