[PATCH nft v2] meta: introduce broute expression

Sriram Yagnaraman <sriram.yagnaraman@xxxxxxxx> · Fri, 24 Feb 2023 10:57:35 +0100

nft userspace tool support broute meta statment proposed in [1].

[1]: https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230224095251.11249-1-sriram.yagnaraman@xxxxxxxx/

Signed-off-by: Sriram Yagnaraman <sriram.yagnaraman@xxxxxxxx>
---
 doc/statements.txt                  | 5 ++++-
 include/linux/netfilter/nf_tables.h | 2 ++
 src/meta.c                          | 2 ++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/doc/statements.txt b/doc/statements.txt
index 0532b2b1..4e7e2654 100644
--- a/doc/statements.txt
+++ b/doc/statements.txt
@@ -296,7 +296,7 @@ A meta statement sets the value of a meta expression. The existing meta fields
 are: priority, mark, pkttype, nftrace. +
 
 [verse]
-*meta* {*mark* | *priority* | *pkttype* | *nftrace*} *set* 'value'
+*meta* {*mark* | *priority* | *pkttype* | *nftrace* | *broute*} *set* 'value'
 
 A meta statement sets meta data associated with a packet. +
 
@@ -316,6 +316,9 @@ pkt_type
 |nftrace |
 ruleset packet tracing on/off. Use *monitor trace* command to watch traces|
 0, 1
+|broute |
+broute on/off. packets are routed instead of being bridged|
+0, 1
 |==========================
 
 LIMIT STATEMENT
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index ff677f3a..9c6f02c2 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -931,6 +931,7 @@ enum nft_exthdr_attributes {
  * @NFT_META_TIME_HOUR: hour of day (in seconds)
  * @NFT_META_SDIF: slave device interface index
  * @NFT_META_SDIFNAME: slave device interface name
+ * @NFT_META_BRI_BROUTE: packet br_netfilter_broute bit
  */
 enum nft_meta_keys {
 	NFT_META_LEN,
@@ -969,6 +970,7 @@ enum nft_meta_keys {
 	NFT_META_TIME_HOUR,
 	NFT_META_SDIF,
 	NFT_META_SDIFNAME,
+	NFT_META_BRI_BROUTE,
 	__NFT_META_IIFTYPE,
 };
 
diff --git a/src/meta.c b/src/meta.c
index 013e8cba..6f9ed06b 100644
--- a/src/meta.c
+++ b/src/meta.c
@@ -698,6 +698,8 @@ const struct meta_template meta_templates[] = {
 	[NFT_META_SDIFNAME]	= META_TEMPLATE("sdifname", &ifname_type,
 						IFNAMSIZ * BITS_PER_BYTE,
 						BYTEORDER_HOST_ENDIAN),
+	[NFT_META_BRI_BROUTE]	= META_TEMPLATE("broute",   &integer_type,
+						1    , BYTEORDER_HOST_ENDIAN),
 };
 
 static bool meta_key_is_unqualified(enum nft_meta_keys key)
-- 
2.34.1







