Searched refs:flowtable (Results 1 – 8 of 8) sorted by relevance
| /Linux-v5.10/Documentation/networking/ |
| D | nf_flowtable.rst | 4 Netfilter's flowtable infrastructure
7 This documentation describes the software flowtable infrastructure available in
15 in both directions), then you can decide to offload the flow to the flowtable
18 Packets that find an entry in the flowtable (ie. flowtable hit) are sent to the
21 netfilter hooks coming after the ingress). In case of flowtable miss, the packet
24 The flowtable uses a resizable hashtable, lookups are based on the following
35 including the Netfilter hooks and the flowtable fastpath bypass.
53 flowtable | ____\/___ | |
59 |_____| | flowtable |
67 Fig.1 Netfilter hooks and flowtable interactions
[all …]
|
| /Linux-v5.10/net/netfilter/ |
| D | nft_flow_offload.c | 19 struct nft_flowtable *flowtable; member
75 struct nf_flowtable *flowtable = &priv->flowtable->data; in nft_flow_offload_eval() local
130 ret = flow_offload_add(flowtable, flow); in nft_flow_offload_eval()
167 struct nft_flowtable *flowtable; in nft_flow_offload_init() local
172 flowtable = nft_flowtable_lookup(ctx->table, tb[NFTA_FLOW_TABLE_NAME], in nft_flow_offload_init()
174 if (IS_ERR(flowtable)) in nft_flow_offload_init()
175 return PTR_ERR(flowtable); in nft_flow_offload_init()
177 priv->flowtable = flowtable; in nft_flow_offload_init()
178 flowtable->use++; in nft_flow_offload_init()
189 nf_tables_deactivate_flowtable(ctx, priv->flowtable, phase); in nft_flow_offload_deactivate()
[all …]
|
| D | nf_flow_table_offload.c | 22 struct nf_flowtable *flowtable; member
580 const struct nf_flowtable *flowtable = offload->flowtable; in nf_flow_offload_rule_alloc() local
606 if (flowtable->type->action(net, flow, dir, flow_rule) < 0) in nf_flow_offload_rule_alloc()
646 struct net *net = read_pnet(&offload->flowtable->net); in nf_flow_offload_alloc()
676 static int nf_flow_offload_tuple(struct nf_flowtable *flowtable, in nf_flow_offload_tuple() argument
695 down_read(&flowtable->flow_block_lock); in nf_flow_offload_tuple()
704 up_read(&flowtable->flow_block_lock); in nf_flow_offload_tuple()
716 return nf_flow_offload_tuple(offload->flowtable, offload->flow, in flow_offload_tuple_add()
719 &offload->flowtable->flow_block.cb_list); in flow_offload_tuple_add()
725 nf_flow_offload_tuple(offload->flowtable, offload->flow, NULL, dir, in flow_offload_tuple_del()
[all …]
|
| D | nf_flow_table_core.c | 505 int nf_flow_table_init(struct nf_flowtable *flowtable) in nf_flow_table_init() argument
509 INIT_DEFERRABLE_WORK(&flowtable->gc_work, nf_flow_offload_work_gc); in nf_flow_table_init()
510 flow_block_init(&flowtable->flow_block); in nf_flow_table_init()
511 init_rwsem(&flowtable->flow_block_lock); in nf_flow_table_init()
513 err = rhashtable_init(&flowtable->rhashtable, in nf_flow_table_init()
519 &flowtable->gc_work, HZ); in nf_flow_table_init()
522 list_add(&flowtable->list, &flowtables); in nf_flow_table_init()
544 void nf_flow_table_gc_cleanup(struct nf_flowtable *flowtable, in nf_flow_table_gc_cleanup() argument
547 nf_flow_table_iterate(flowtable, nf_flow_table_do_cleanup, dev); in nf_flow_table_gc_cleanup()
548 flush_delayed_work(&flowtable->gc_work); in nf_flow_table_gc_cleanup()
[all …]
|
| D | nf_tables_api.c | 472 struct nft_flowtable *flowtable) in nft_trans_flowtable_add() argument
482 nft_activate_next(ctx->net, flowtable); in nft_trans_flowtable_add()
484 nft_trans_flowtable(trans) = flowtable; in nft_trans_flowtable_add()
491 struct nft_flowtable *flowtable) in nft_delflowtable() argument
495 err = nft_trans_flowtable_add(ctx, NFT_MSG_DELFLOWTABLE, flowtable); in nft_delflowtable()
499 nft_deactivate_next(ctx->net, flowtable); in nft_delflowtable()
1077 struct nft_flowtable *flowtable, *nft; in nft_flush_table() local
1110 list_for_each_entry_safe(flowtable, nft, &ctx->table->flowtables, list) { in nft_flush_table()
1111 if (!nft_is_active_next(ctx->net, flowtable)) in nft_flush_table()
1114 err = nft_delflowtable(ctx, flowtable); in nft_flush_table()
[all …]
|
| /Linux-v5.10/include/net/netfilter/ |
| D | nf_flow_table.h | 81 static inline bool nf_flowtable_hw_offload(struct nf_flowtable *flowtable) in nf_flowtable_hw_offload() argument
83 return flowtable->flags & NF_FLOWTABLE_HW_OFFLOAD; in nf_flowtable_hw_offload()
219 void nf_flow_table_gc_cleanup(struct nf_flowtable *flowtable,
247 void nf_flow_offload_add(struct nf_flowtable *flowtable,
249 void nf_flow_offload_del(struct nf_flowtable *flowtable,
251 void nf_flow_offload_stats(struct nf_flowtable *flowtable,
254 void nf_flow_table_offload_flush(struct nf_flowtable *flowtable);
255 int nf_flow_table_offload_setup(struct nf_flowtable *flowtable,
|
| D | nf_tables.h | 1250 struct nft_flowtable *flowtable,
1508 struct nft_flowtable *flowtable; member
1514 (((struct nft_trans_flowtable *)trans->data)->flowtable)
|
| /Linux-v5.10/tools/testing/selftests/netfilter/ |
| D | nft_flowtable.sh | 153 flowtable f1 {
|
