| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 11 Feb 2018 14:26:25 -0800 From: Roopa Prabhu <roopa@...ulusnetworks.com> To: netdev@...r.kernel.org Cc: dsa@...ulusnetworks.com, nikolay@...ulusnetworks.com Subject: [PATCH RFC net-next 0/4] fib_rules: support sport, dport and proto match From: Roopa Prabhu <roopa@...ulusnetworks.com> This series extends fib rule match support to include sport, dport and ip proto match (to complete the 5-tuple match support). Common use-cases of Policy based routing in the data center require 5-tuple match. The last 2 patches in the series add a call to flow dissect in the fwd path if required by the installed fib rules (controlled by a flag). Roopa Prabhu (4): ipv4: fib_rules: support match on sport, dport and ip proto ipv6: fib6_rules: support for match on sport, dport and ip proto ipv4: route: dissect flow in input path if fib rules need it ipv6: route: dissect flow in input path if fib rules need it ------ sending this as RFC for first review (as net-next is closed) include/net/ip6_route.h | 3 ++- include/net/ip_fib.h | 2 +- include/net/netns/ipv4.h | 1 + include/net/netns/ipv6.h | 1 + include/uapi/linux/fib_rules.h | 3 +++ net/ipv4/fib_rules.c | 55 ++++++++++++++++++++++++++++++++++++++-- net/ipv4/fib_semantics.c | 2 +- net/ipv4/route.c | 46 ++++++++++++++++++++++++++-------- net/ipv6/fib6_rules.c | 57 +++++++++++++++++++++++++++++++++++++++--- net/ipv6/icmp.c | 2 +- net/ipv6/route.c | 46 +++++++++++++++++++++++++++------- 11 files changed, 189 insertions(+), 29 deletions(-) -- 2.1.4
Powered by blists - more mailing lists