diff options
author | wenxu <wenxu@ucloud.cn> | 2019-08-07 09:13:54 +0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2019-08-08 18:44:30 -0700 |
commit | 9a32669fecfb484a1f78fe48d0e42a5efccb0675 (patch) | |
tree | b822e2d85a81320c74e07d2d8bf41455817dabae /net/netfilter/xt_cgroup.c | |
parent | 1150ab0f1b333ca310431dac65d8fa403b8471da (diff) | |
download | linux-9a32669fecfb484a1f78fe48d0e42a5efccb0675.tar.bz2 |
netfilter: nf_tables_offload: support indr block call
nftable support indr-block call. It makes nftable an offload vlan
and tunnel device.
nft add table netdev firewall
nft add chain netdev firewall aclout { type filter hook ingress offload device mlx_pf0vf0 priority - 300 \; }
nft add rule netdev firewall aclout ip daddr 10.0.0.1 fwd to vlan0
nft add chain netdev firewall aclin { type filter hook ingress device vlan0 priority - 300 \; }
nft add rule netdev firewall aclin ip daddr 10.0.0.7 fwd to mlx_pf0vf0
Signed-off-by: wenxu <wenxu@ucloud.cn>
Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter/xt_cgroup.c')
0 files changed, 0 insertions, 0 deletions