From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nft 1/3] meta: add random expression key
Date: Tue, 5 Jul 2016 09:35:33 +0200 [thread overview]
Message-ID: <1467704135-9154-2-git-send-email-fw@strlen.de> (raw)
In-Reply-To: <1467704135-9154-1-git-send-email-fw@strlen.de>
meta random fills a 32bit register with a pseudo-random number.
For instance one can now use
meta random <= 2147483647
... to match every 2nd packet, on average.
A followup patch will add a short-hand version ('probability 0.5') so
that users do not have to deal with details.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
src/meta.c | 6 ++++++
src/parser_bison.y | 1 +
2 files changed, 7 insertions(+)
diff --git a/src/meta.c b/src/meta.c
index 75431a2..8b1a2fc 100644
--- a/src/meta.c
+++ b/src/meta.c
@@ -10,11 +10,13 @@
* Development of this code funded by Astaro AG (http://www.astaro.com/)
*/
+#include <errno.h>
#include <stddef.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdint.h>
#include <string.h>
+#include <limits.h>
#include <net/if.h>
#include <net/if_arp.h>
#include <pwd.h>
@@ -418,6 +420,9 @@ static const struct meta_template meta_templates[] = {
[NFT_META_CGROUP] = META_TEMPLATE("cgroup", &integer_type,
4 * BITS_PER_BYTE,
BYTEORDER_HOST_ENDIAN),
+ [NFT_META_PRANDOM] = META_TEMPLATE("random", &integer_type,
+ 4 * BITS_PER_BYTE,
+ BYTEORDER_BIG_ENDIAN), /* avoid conversion; doesn't have endianess */
};
static bool meta_key_is_qualified(enum nft_meta_keys key)
@@ -428,6 +433,7 @@ static bool meta_key_is_qualified(enum nft_meta_keys key)
case NFT_META_L4PROTO:
case NFT_META_PROTOCOL:
case NFT_META_PRIORITY:
+ case NFT_META_PRANDOM:
return true;
default:
return false;
diff --git a/src/parser_bison.y b/src/parser_bison.y
index d7cba23..fdbfed9 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2336,6 +2336,7 @@ meta_key_qualified : LENGTH { $$ = NFT_META_LEN; }
| L4PROTO { $$ = NFT_META_L4PROTO; }
| PROTOCOL { $$ = NFT_META_PROTOCOL; }
| PRIORITY { $$ = NFT_META_PRIORITY; }
+ | RANDOM { $$ = NFT_META_PRANDOM; }
;
meta_key_unqualified : MARK { $$ = NFT_META_MARK; }
--
2.7.3
next prev parent reply other threads:[~2016-07-05 7:35 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-05 7:35 [PATCH nft 1/3] meta: add random and probability match Florian Westphal
2016-07-05 7:35 ` Florian Westphal [this message]
2016-07-18 19:34 ` [PATCH nft 1/3] meta: add random expression key Pablo Neira Ayuso
2016-07-18 22:09 ` Florian Westphal
2016-07-05 7:35 ` [PATCH nft 2/3] meta: add short-hand mnemonic for probalistic matching Florian Westphal
2016-07-14 10:41 ` Pablo Neira Ayuso
2016-07-14 10:52 ` Florian Westphal
2016-07-14 11:32 ` Pablo Neira Ayuso
2016-07-14 12:08 ` Florian Westphal
2016-07-14 12:17 ` Pablo Neira Ayuso
2016-07-05 7:35 ` [PATCH nft 3/3] netlink_delinearize, meta: show meta prandom <= value as probability mnemonic Florian Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1467704135-9154-2-git-send-email-fw@strlen.de \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).