[PATCH nft,v2 16/16] doc: add gretap matching expression

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH nft,v2 16/16] doc: add gretap matching expression
Date: Mon, 17 Oct 2022 13:04:08 +0200	[thread overview]
Message-ID: <20221017110408.742223-17-pablo@netfilter.org> (raw)
In-Reply-To: <20221017110408.742223-1-pablo@netfilter.org>

Document new gretap matching expression. This includes support for
matching the encapsulated ethernet frame layer 2, 3 and 4 headers
within the gre header.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 doc/payload-expression.txt | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/doc/payload-expression.txt b/doc/payload-expression.txt
index e75cb1fae4cc..9a49439b2252 100644
--- a/doc/payload-expression.txt
+++ b/doc/payload-expression.txt
@@ -595,6 +595,26 @@ integer (24 bit)
 netdev filter ingress udp dport 4789 geneve tcp dport 80 counter
 ----------------------------------------------------------
 
+GRETAP HEADER EXPRESSION
+~~~~~~~~~~~~~~~~~~~~~~~~
+[verse]
+*gretap* {*vni* | *flags*}
+*gretap* *ether* {*daddr* | *saddr* | *type*}
+*gretap* *vlan* {*id* | *dei* | *pcp* | *type*}
+*gretap* *ip* {*version* | *hdrlength* | *dscp* | *ecn* | *length* | *id* | *frag-off* | *ttl* | *protocol* | *checksum* | *saddr* | *daddr* }
+*gretap* *ip6* {*version* | *dscp* | *ecn* | *flowlabel* | *length* | *nexthdr* | *hoplimit* | *saddr* | *daddr*}
+*gretap* *tcp* {*sport* | *dport* | *sequence* | *ackseq* | *doff* | *reserved* | *flags* | *window* | *checksum* | *urgptr*}
+*gretap* *udp* {*sport* | *dport* | *length* | *checksum*}
+
+The gretap expression is used to match on the encapsulated ethernet frame
+within the gre header. Use the *gre* expression to match on the *gre* header
+fields.
+
+.Matching inner TCP destination port encapsulated in gretap
+----------------------------------------------------------
+netdev filter ingress gretap tcp dport 80 counter
+----------------------------------------------------------
+
 VXLAN HEADER EXPRESSION
 ~~~~~~~~~~~~~~~~~~~~~~~
 [verse]
-- 
2.30.2

next prev parent reply	other threads:[~2022-10-17 11:04 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-17 11:03 [PATCH nft,v2 00/16] vxlan, geneve, gre, gretap matching support Pablo Neira Ayuso
2022-10-17 11:03 ` [PATCH nft,v2 01/16] src: add eval_proto_ctx() Pablo Neira Ayuso
2022-10-17 11:03 ` [PATCH nft,v2 02/16] src: add dl_proto_ctx() Pablo Neira Ayuso
2022-10-17 11:03 ` [PATCH nft,v2 03/16] src: add vxlan matching support Pablo Neira Ayuso
2022-10-17 11:03 ` [PATCH nft,v2 04/16] tests: py: add vxlan tests Pablo Neira Ayuso
2022-10-17 11:03 ` [PATCH nft,v2 05/16] tests: shell: add vxlan set tests Pablo Neira Ayuso
2022-10-17 11:03 ` [PATCH nft,v2 06/16] doc: add vxlan matching expression Pablo Neira Ayuso
2022-10-17 11:03 ` [PATCH nft,v2 07/16] src: display (inner) tag in --debug=proto-ctx Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 08/16] src: add gre support Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 09/16] tests: py: add gre tests Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 10/16] doc: add gre matching expression Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 11/16] src: add geneve matching support Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 12/16] tests: py: add geneve tests Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 13/16] doc: add geneve matching expression Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 14/16] src: add gretap support Pablo Neira Ayuso
2022-10-17 11:04 ` [PATCH nft,v2 15/16] tests: py: add gretap tests Pablo Neira Ayuso
2022-10-17 11:04 ` Pablo Neira Ayuso [this message]
2023-01-02 15:04 ` [PATCH nft,v2 00/16] vxlan, geneve, gre, gretap matching support Pablo Neira Ayuso

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e75cb1fae4c dfblob:9a49439b225 )
 OR (
bs:"[PATCH nft,v2 16/16] doc: add gretap matching expression" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221017110408.742223-17-pablo@netfilter.org \
    --to=pablo@netfilter.org \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).