• Pablo Neira Ayuso's avatar
    netfilter: nf_flow_table: hardware offload support · c29f74e0
    Pablo Neira Ayuso authored
    This patch adds the dataplane hardware offload to the flowtable
    infrastructure. Three new flags represent the hardware state of this
    flow:
    
    * FLOW_OFFLOAD_HW: This flow entry resides in the hardware.
    * FLOW_OFFLOAD_HW_DYING: This flow entry has been scheduled to be remove
      from hardware. This might be triggered by either packet path (via TCP
      RST/FIN packet) or via aging.
    * FLOW_OFFLOAD_HW_DEAD: This flow entry has been already removed from
      the hardware, the software garbage collector can remove it from the
      software flowtable.
    
    This patch supports for:
    
    * IPv4 only.
    * Aging via FLOW_CLS_STATS, no packet and byte counter synchronization
      at this stage.
    
    This patch also adds the action callback that specifies how to convert
    the flow entry into the flow_rule object that is passed to the driver.
    Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    c29f74e0
Makefile 8.93 KB