From patchwork Wed Jan 20 13:44:16 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pablo Neira Ayuso <pablo@netfilter.org>
X-Patchwork-Id: 570719
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 1C14014031D
	for <incoming@patchwork.ozlabs.org>;
	Thu, 21 Jan 2016 00:44:30 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932865AbcATNo3 (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Wed, 20 Jan 2016 08:44:29 -0500
Received: from mail.us.es ([193.147.175.20]:58619 "EHLO mail.us.es"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S932261AbcATNo2 (ORCPT <rfc822; netfilter-devel@vger.kernel.org>);
	Wed, 20 Jan 2016 08:44:28 -0500
Received: from antivirus1-rhel7.int (unknown [192.168.2.11])
	by mail.us.es (Postfix) with ESMTP id 1DA672EFEC6
	for <netfilter-devel@vger.kernel.org>;
	Wed, 20 Jan 2016 14:44:25 +0100 (CET)
Received: from antivirus1-rhel7.int (localhost [127.0.0.1])
	by antivirus1-rhel7.int (Postfix) with ESMTP id 0F5D6DA85D
	for <netfilter-devel@vger.kernel.org>;
	Wed, 20 Jan 2016 14:44:25 +0100 (CET)
Received: by antivirus1-rhel7.int (Postfix, from userid 99)
	id 0465FDA811; Wed, 20 Jan 2016 14:44:25 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
	antivirus1-rhel7.int
X-Spam-Level: 
X-Spam-Status: No, score=-103.2 required=7.5 tests=BAYES_50,KHOP_DYNAMIC,
	SMTPAUTH_US,USER_IN_WHITELIST autolearn=disabled version=3.4.1
Received: from antivirus1-rhel7.int (localhost [127.0.0.1])
	by antivirus1-rhel7.int (Postfix) with ESMTP id DE595DA861
	for <netfilter-devel@vger.kernel.org>;
	Wed, 20 Jan 2016 14:44:22 +0100 (CET)
Received: from 192.168.1.13 (192.168.1.13) by antivirus1-rhel7.int
	(F-Secure/fsigk_smtp/522/antivirus1-rhel7.int);
	Wed, 20 Jan 2016 14:44:22 +0100 (CET)
X-Virus-Status: clean(F-Secure/fsigk_smtp/522/antivirus1-rhel7.int)
Received: (qmail 21514 invoked from network); 20 Jan 2016 14:44:22 +0100
Received: from 129.166.216.87.static.jazztel.es (HELO salvia.here)
	(pneira@us.es@87.216.166.129)
	by mail.us.es with SMTP; 20 Jan 2016 14:44:22 +0100
From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: kaber@trash.net
Subject: [PATCH nft 1/2] src: add dup statement for netdev
Date: Wed, 20 Jan 2016 14:44:16 +0100
Message-Id: <1453297457-11357-1-git-send-email-pablo@netfilter.org>
X-Mailer: git-send-email 2.1.4
X-Virus-Scanned: ClamAV using ClamSMTP
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

This patch contains the missing chunk to add support for the netdev
family. Part of the support slipped through in the original patch to
add the dup statement for IPv4 and IPv6.

 # nft add table netdev filter
 # nft add chain netdev filter ingress { type filter hook ingress device eth0 priority 0\; }
 # nft add rule netdev filter ingress dup to dummy0

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/evaluate.c             | 15 +++++++++++++++
 tests/py/any/dup.t         |  7 +++++++
 tests/py/any/dup.t.payload | 14 ++++++++++++++
 3 files changed, 36 insertions(+)
 create mode 100644 tests/py/any/dup.t
 create mode 100644 tests/py/any/dup.t.payload

diff --git a/src/evaluate.c b/src/evaluate.c
index 6277f14..ce132e3 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1864,6 +1864,21 @@ static int stmt_evaluate_dup(struct eval_ctx *ctx, struct stmt *stmt)
 				return err;
 		}
 		break;
+	case NFPROTO_NETDEV:
+		if (stmt->dup.to == NULL)
+			return stmt_error(ctx, stmt,
+					  "missing destination interface");
+		if (stmt->dup.dev != NULL)
+			return stmt_error(ctx, stmt, "cannot specify device");
+
+		err = stmt_evaluate_arg(ctx, stmt, &ifindex_type,
+					sizeof(uint32_t) * BITS_PER_BYTE,
+					&stmt->dup.to);
+		if (err < 0)
+			return err;
+		break;
+	default:
+		return stmt_error(ctx, stmt, "unsupported family");
 	}
 	return 0;
 }
diff --git a/tests/py/any/dup.t b/tests/py/any/dup.t
new file mode 100644
index 0000000..7df24a1
--- /dev/null
+++ b/tests/py/any/dup.t
@@ -0,0 +1,7 @@
+:ingress;type filter hook ingress device lo priority 0
+
+*netdev;test-netdev;ingress
+
+dup to lo;ok
+dup to mark map { 0x00000001 : lo, 0x00000002 : lo};ok
+
diff --git a/tests/py/any/dup.t.payload b/tests/py/any/dup.t.payload
new file mode 100644
index 0000000..206a9ec
--- /dev/null
+++ b/tests/py/any/dup.t.payload
@@ -0,0 +1,14 @@
+# dup to lo
+netdev test-netdev ingress 
+  [ immediate reg 1 0x00000001 ]
+  [ dup sreg_dev 1 ]
+
+# dup to mark map { 0x00000001 : lo, 0x00000002 : lo}
+map%d test-netdev b
+map%d test-netdev 0
+	element 00000001  : 00000001 0 [end]	element 00000002  : 00000001 0 [end]
+netdev test-netdev ingress 
+  [ meta load mark => reg 1 ]
+  [ lookup reg 1 set map%d dreg 1 ]
+  [ dup sreg_dev 1 ]
+