diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-31 02:58:00 +0300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-06-01 11:35:47 +0300 |
commit | d32de98ea70fe7cf606f3809f0970b31c115764b (patch) | |
tree | 198a323a34a3f12e43042c0a6fbd1aecc6280943 /include | |
parent | 7b7744e2aa93864b2a490fb3533e9417d21cadc0 (diff) | |
download | linux-d32de98ea70fe7cf606f3809f0970b31c115764b.tar.xz |
netfilter: nft_fwd_netdev: allow to forward packets via neighbour layer
This allows us to forward packets from the netdev family via neighbour
layer, so you don't need an explicit link-layer destination when using
this expression from rules. The ttl/hop_limit field is decremented.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/uapi/linux/netfilter/nf_tables.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h index 5c7eb9b9f6d6..a089af092a29 100644 --- a/include/uapi/linux/netfilter/nf_tables.h +++ b/include/uapi/linux/netfilter/nf_tables.h @@ -1260,10 +1260,14 @@ enum nft_dup_attributes { * enum nft_fwd_attributes - nf_tables fwd expression netlink attributes * * @NFTA_FWD_SREG_DEV: source register of output interface (NLA_U32: nft_register) + * @NFTA_FWD_SREG_ADDR: source register of destination address (NLA_U32: nft_register) + * @NFTA_FWD_NFPROTO: layer 3 family of source register address (NLA_U32: enum nfproto) */ enum nft_fwd_attributes { NFTA_FWD_UNSPEC, NFTA_FWD_SREG_DEV, + NFTA_FWD_SREG_ADDR, + NFTA_FWD_NFPROTO, __NFTA_FWD_MAX }; #define NFTA_FWD_MAX (__NFTA_FWD_MAX - 1) |