From: wenxu <wenxu@ucloud.cn>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org, fw@strlen.de
Subject: Re: [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support
Date: Wed, 23 Oct 2019 22:45:28 +0800 [thread overview]
Message-ID: <6b37142f-c59e-90c2-4c86-6f4740abe071@ucloud.cn> (raw)
In-Reply-To: <20191023101658.onmzadkop7vqfrgj@salvia>
在 2019/10/23 18:16, Pablo Neira Ayuso 写道:
> On Wed, Oct 23, 2019 at 11:49:57AM +0800, wenxu wrote:
>> On 10/22/2019 11:47 PM, Pablo Neira Ayuso wrote:
>>> Hi,
>>>
>>> This is a RFC patchset, untested, to introduce new infrastructure to
>>> specify protocol decapsulation and encapsulation actions. This patchset
>>> comes with initial support for VLAN, eg.
>>>
>>> 1) VLAN decapsulation:
>>>
>>> ... meta iif . vlan id { eth0 . 10, eth1 . 11} decap vlan
>>>
>>> The decapsulation is a single statement with no extra options.
>> Currently there is no vlan meta match expr. So it is better to
>> extend the meta expr or add new ntf_vlan_get_expr?
> There's nft_payload to get the vlan information.
>
There are some limtaion for geting the vlan information through nft_payload
1. It can't get the inner vlan(cvlan) information
2. geting the vlan information is based on offset on link header, There is no good way
to offload the vlan match expr.
prev parent reply other threads:[~2019-10-23 14:45 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-22 15:47 [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support Pablo Neira Ayuso
2019-10-22 15:47 ` [PATCH nf-next,RFC 1/2] netfilter: nf_tables: add decapsulation support Pablo Neira Ayuso
2019-10-22 15:47 ` [PATCH nf-next,RFC 2/2] netfilter: nf_tables: add encapsulation support Pablo Neira Ayuso
2019-10-23 3:37 ` wenxu
2019-10-23 3:49 ` [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support wenxu
2019-10-23 10:16 ` Pablo Neira Ayuso
2019-10-23 14:00 ` wenxu
2019-10-23 14:45 ` wenxu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6b37142f-c59e-90c2-4c86-6f4740abe071@ucloud.cn \
--to=wenxu@ucloud.cn \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).