[PATCH nft] meta: introduce broute expression

Sriram Yagnaraman <sriram.yagnaraman@xxxxxxxx> · Thu, 23 Feb 2023 21:29:42 +0100

nft userspace tool support broute meta statment proposed in [1].

[1]: https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230223202246.15640-1-sriram.yagnaraman@xxxxxxxx/

---
 include/linux/netfilter/nf_tables.h | 2 ++
 src/meta.c                          | 2 ++
 src/parser_bison.y                  | 2 ++
 src/scanner.l                       | 1 +
 4 files changed, 7 insertions(+)

diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index ff677f3a..9c6f02c2 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -931,6 +931,7 @@ enum nft_exthdr_attributes {
  * @NFT_META_TIME_HOUR: hour of day (in seconds)
  * @NFT_META_SDIF: slave device interface index
  * @NFT_META_SDIFNAME: slave device interface name
+ * @NFT_META_BRI_BROUTE: packet br_netfilter_broute bit
  */
 enum nft_meta_keys {
 	NFT_META_LEN,
@@ -969,6 +970,7 @@ enum nft_meta_keys {
 	NFT_META_TIME_HOUR,
 	NFT_META_SDIF,
 	NFT_META_SDIFNAME,
+	NFT_META_BRI_BROUTE,
 	__NFT_META_IIFTYPE,
 };
 
diff --git a/src/meta.c b/src/meta.c
index 013e8cba..6f9ed06b 100644
--- a/src/meta.c
+++ b/src/meta.c
@@ -698,6 +698,8 @@ const struct meta_template meta_templates[] = {
 	[NFT_META_SDIFNAME]	= META_TEMPLATE("sdifname", &ifname_type,
 						IFNAMSIZ * BITS_PER_BYTE,
 						BYTEORDER_HOST_ENDIAN),
+	[NFT_META_BRI_BROUTE]	= META_TEMPLATE("broute",   &integer_type,
+						1    , BYTEORDER_HOST_ENDIAN),
 };
 
 static bool meta_key_is_unqualified(enum nft_meta_keys key)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 824e5db8..e3440b2b 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -528,6 +528,7 @@ int nft_lex(void *, void *, void *);
 %token OIFGROUP			"oifgroup"
 %token CGROUP			"cgroup"
 %token TIME			"time"
+%token BROUTE 			"broute"
 
 %token CLASSID			"classid"
 %token NEXTHOP			"nexthop"
@@ -5122,6 +5123,7 @@ meta_key_unqualified	:	MARK		{ $$ = NFT_META_MARK; }
 			|       TIME		{ $$ = NFT_META_TIME_NS; }
 			|       DAY		{ $$ = NFT_META_TIME_DAY; }
 			|       HOUR		{ $$ = NFT_META_TIME_HOUR; }
+			|	BROUTE		{ $$ = NFT_META_BRI_BROUTE; }
 			;
 
 meta_stmt		:	META	meta_key	SET	stmt_expr	close_scope_meta
diff --git a/src/scanner.l b/src/scanner.l
index bc5b5b62..f1ffa053 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -721,6 +721,7 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 "iifgroup"		{ return IIFGROUP; }
 "oifgroup"		{ return OIFGROUP; }
 "cgroup"		{ return CGROUP; }
+"broute"		{ return BROUTE; }
 
 <SCANSTATE_EXPR_RT>{
 	"nexthop"		{ return NEXTHOP; }
-- 
2.34.1







