From patchwork Sat Feb 20 09:07:08 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stephane Bryant X-Patchwork-Id: 585576 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 8D68C14076A for ; Sat, 20 Feb 2016 20:07:41 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=jhuvT0B3; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2992888AbcBTJHk (ORCPT ); Sat, 20 Feb 2016 04:07:40 -0500 Received: from mail-wm0-f49.google.com ([74.125.82.49]:37936 "EHLO mail-wm0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2992561AbcBTJHe (ORCPT ); Sat, 20 Feb 2016 04:07:34 -0500 Received: by mail-wm0-f49.google.com with SMTP id a4so100461744wme.1 for ; Sat, 20 Feb 2016 01:07:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id; bh=BD7Io0vpT9ek0Apy+n54oKnhORX8JkboYBSJ5YaOyiI=; b=jhuvT0B3pLiU3bpoHI1nO+3S7/HnRX0Ya9aIGpdx2klead/R07DjE7Ztidfplk51UD o2Lf8G9hfab9W6SR9xjvtvAGUIxhN1PqdbYxPP9u8ozKA4IF559jpBVOGPAZLtn99Ezj l0HMvkxKxqu6eJJxej6xPBngISd9ehJgSu6obn9tkSzba1kLKrNNNcrK7MVDCxpM9ALv ngSitATqF9dUGKvtLuILkGrbpbk54WeMe3amO7t2wYe8E+M7Aiku31UMnFQ+R2g/F9Wi QSs3F/HXgFd9dGkAlA3c1fOBOCU3OLiLKDu3dBl6MBdaj9teOjNN9LYCoOK5ImmWttFd 0Zow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=BD7Io0vpT9ek0Apy+n54oKnhORX8JkboYBSJ5YaOyiI=; b=T9rpd0/y88HZ6AOGQu600OTJF2UE8nAbXrIKRZVdI1y0ibc5/zWbdPss4jF4ygmMSS eNjwx9mFP0x/YdTpHELK7b2QsuyLrlAoeDvJPvTJUWrNmRhpY7SIC3UpJSvSiC6GrmkQ wLZKhc42hTV2e9xixIjegIJ6lzTg0CsRG31QbbXD1PbFMNoWO1tHMhFsIyK3ftMqLsAE btd8pLoaGh6vRb0h9toj1gA3knQBo8lENJ1cpS/Oytlqa7NlkYmt1r+RrFsud+jP6tTF bCKuc0a/WPZ6pmZpdo1LtrPfdq2MvBHpR/A6c4tkU7E3iD5wWbzJeISutPWpQLyWl/lq d3sQ== X-Gm-Message-State: AG10YOTObJFagpjp0FP+u+C2ZKk8w/+ouzKB8KuR+PhuINH6y0do+eiKqf0DyzYb4uFmKw== X-Received: by 10.194.187.175 with SMTP id ft15mr17470589wjc.141.1455959252408; Sat, 20 Feb 2016 01:07:32 -0800 (PST) Received: from localhost.localdomain (gar13-9-83-156-136-174.fbx.proxad.net. [83.156.136.174]) by smtp.gmail.com with ESMTPSA id x66sm11167834wmb.20.2016.02.20.01.07.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 20 Feb 2016 01:07:31 -0800 (PST) From: Stephane Bryant To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org, stephane Subject: [PATCH nf-next v3 1/3] netfilter: bridge: add nf_afinfo to enable queuing to userspace Date: Sat, 20 Feb 2016 10:07:08 +0100 Message-Id: <1455959230-3680-1-git-send-email-stephane.ml.bryant@gmail.com> X-Mailer: git-send-email 2.1.4 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org From: stephane This just adds and registers a nf_afinfo for the ethernet bridge, which enables queuing to userspace for the AF_BRIDGE family. No checksum computation is done. Signed-off-by: Stephane Bryant --- net/bridge/netfilter/nf_tables_bridge.c | 47 +++++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 2 deletions(-) diff --git a/net/bridge/netfilter/nf_tables_bridge.c b/net/bridge/netfilter/nf_tables_bridge.c index 7fcdd72..a78c4e2 100644 --- a/net/bridge/netfilter/nf_tables_bridge.c +++ b/net/bridge/netfilter/nf_tables_bridge.c @@ -162,15 +162,57 @@ static const struct nf_chain_type filter_bridge = { (1 << NF_BR_POST_ROUTING), }; +static void nf_br_saveroute(const struct sk_buff *skb, + struct nf_queue_entry *entry) +{ +} + +static int nf_br_reroute(struct net *net, struct sk_buff *skb, + const struct nf_queue_entry *entry) +{ + return 0; +} + +static __sum16 nf_br_checksum(struct sk_buff *skb, unsigned int hook, + unsigned int dataoff, u_int8_t protocol) +{ + return 0; +} + +static __sum16 nf_br_checksum_partial(struct sk_buff *skb, unsigned int hook, + unsigned int dataoff, unsigned int len, + u_int8_t protocol) +{ + return 0; +} + +static int nf_br_route(struct net *net, struct dst_entry **dst, + struct flowi *fl, bool strict __always_unused) +{ + return 0; +} + +static const struct nf_afinfo nf_br_afinfo = { + .family = AF_BRIDGE, + .checksum = nf_br_checksum, + .checksum_partial = nf_br_checksum_partial, + .route = nf_br_route, + .saveroute = nf_br_saveroute, + .reroute = nf_br_reroute, + .route_key_size = 0, +}; + static int __init nf_tables_bridge_init(void) { int ret; + nf_register_afinfo(&nf_br_afinfo); nft_register_chain_type(&filter_bridge); ret = register_pernet_subsys(&nf_tables_bridge_net_ops); - if (ret < 0) + if (ret < 0) { nft_unregister_chain_type(&filter_bridge); - + nf_unregister_afinfo(&nf_br_afinfo); + } return ret; } @@ -178,6 +220,7 @@ static void __exit nf_tables_bridge_exit(void) { unregister_pernet_subsys(&nf_tables_bridge_net_ops); nft_unregister_chain_type(&filter_bridge); + nf_unregister_afinfo(&nf_br_afinfo); } module_init(nf_tables_bridge_init);