aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2008-01-31 21:37:42 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-31 22:28:36 -0500
commite5dfb815181fcb186d6080ac3a091eadff2d98fe (patch)
tree25ec6cc5b3c75536dc45a14089ca14fc8bd67938 /include/linux
parent94de78d19580143c407ff2492edf2410d0e7d48c (diff)
[NET_SCHED]: Add flow classifier
Add new "flow" classifier, which is meant to extend the SFQ hashing capabilities without hard-coding new hash functions and also allows deterministic mappings of keys to classes, replacing some out of tree iptables patches like IPCLASSIFY (maps IPs to classes), IPMARK (maps IPs to marks, with fw filters to classes), ... Some examples: - Classic SFQ hash: tc filter add ... flow hash \ keys src,dst,proto,proto-src,proto-dst divisor 1024 - Classic SFQ hash, but using information from conntrack to work properly in combination with NAT: tc filter add ... flow hash \ keys nfct-src,nfct-dst,proto,nfct-proto-src,nfct-proto-dst divisor 1024 - Map destination IPs of 192.168.0.0/24 to classids 1-257: tc filter add ... flow map \ key dst addend -192.168.0.0 divisor 256 - alternatively: tc filter add ... flow map \ key dst and 0xff - similar, but reverse ordered: tc filter add ... flow map \ key dst and 0xff xor 0xff Perturbation is currently not supported because we can't reliable kill the timer on destruction. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/pkt_cls.h50
1 files changed, 50 insertions, 0 deletions
diff --git a/include/linux/pkt_cls.h b/include/linux/pkt_cls.h
index 30b8571e6b34..1c1dba9ea5fb 100644
--- a/include/linux/pkt_cls.h
+++ b/include/linux/pkt_cls.h
@@ -328,6 +328,56 @@ enum
328 328
329#define TCA_TCINDEX_MAX (__TCA_TCINDEX_MAX - 1) 329#define TCA_TCINDEX_MAX (__TCA_TCINDEX_MAX - 1)
330 330
331/* Flow filter */
332
333enum
334{
335 FLOW_KEY_SRC,
336 FLOW_KEY_DST,
337 FLOW_KEY_PROTO,
338 FLOW_KEY_PROTO_SRC,
339 FLOW_KEY_PROTO_DST,
340 FLOW_KEY_IIF,
341 FLOW_KEY_PRIORITY,
342 FLOW_KEY_MARK,
343 FLOW_KEY_NFCT,
344 FLOW_KEY_NFCT_SRC,
345 FLOW_KEY_NFCT_DST,
346 FLOW_KEY_NFCT_PROTO_SRC,
347 FLOW_KEY_NFCT_PROTO_DST,
348 FLOW_KEY_RTCLASSID,
349 FLOW_KEY_SKUID,
350 FLOW_KEY_SKGID,
351 __FLOW_KEY_MAX,
352};
353
354#define FLOW_KEY_MAX (__FLOW_KEY_MAX - 1)
355
356enum
357{
358 FLOW_MODE_MAP,
359 FLOW_MODE_HASH,
360};
361
362enum
363{
364 TCA_FLOW_UNSPEC,
365 TCA_FLOW_KEYS,
366 TCA_FLOW_MODE,
367 TCA_FLOW_BASECLASS,
368 TCA_FLOW_RSHIFT,
369 TCA_FLOW_ADDEND,
370 TCA_FLOW_MASK,
371 TCA_FLOW_XOR,
372 TCA_FLOW_DIVISOR,
373 TCA_FLOW_ACT,
374 TCA_FLOW_POLICE,
375 TCA_FLOW_EMATCHES,
376 __TCA_FLOW_MAX
377};
378
379#define TCA_FLOW_MAX (__TCA_FLOW_MAX - 1)
380
331/* Basic filter */ 381/* Basic filter */
332 382
333enum 383enum