diff mbox series

[iproute2-next] tc: flower: add tc conntrack inv ct_state support

Message ID 1611045299-764-1-git-send-email-wenxu@ucloud.cn (mailing list archive)
State Superseded
Delegated to: David Ahern
Headers show
Series [iproute2-next] tc: flower: add tc conntrack inv ct_state support | expand

Checks

Context Check Description
netdev/tree_selection success Not a local patch

Commit Message

wenxu Jan. 19, 2021, 8:34 a.m. UTC 
From: wenxu <wenxu@ucloud.cn>

Matches on conntrack inv ct_state.

Signed-off-by: wenxu <wenxu@ucloud.cn>
---
 include/uapi/linux/pkt_cls.h | 1 +
 man/man8/tc-flower.8         | 2 ++
 tc/f_flower.c                | 1 +
 3 files changed, 4 insertions(+)

Comments

Marcelo Ricardo Leitner Jan. 19, 2021, 8:08 p.m. UTC | #1 
On Tue, Jan 19, 2021 at 04:34:59PM +0800, wenxu@ucloud.cn wrote:
> --- a/man/man8/tc-flower.8
> +++ b/man/man8/tc-flower.8
> @@ -387,6 +387,8 @@ new - New connection.
>  .TP
>  est - Established connection.
>  .TP
> +inv - The packet is associated with no known connection.

This is not accurate. Please write it after OVS' description of it, on
ovs-fields.7 (not saying to copy it):

inv (0x10)
       The  state is invalid, meaning that the connection tracker couldn’t iden‐
       tify the connection. This flag is a catch-all for problems in the connec‐
       tion or the connection tracker, such as:

       •      L3/L4  protocol  handler is not loaded/unavailable. With the Linux
              kernel datapath, this  may  mean  that  the  nf_conntrack_ipv4  or
              nf_conntrack_ipv6 modules are not loaded.

       •      L3/L4 protocol handler determines that the packet is malformed.

       •      Packets are unexpected length for protocol.

Something like: The packet couldn't be associated to a connection.

> +.TP
>  Example: +trk+est
>  .RE
>  .TP

Thanks,
Marcelo
diff mbox series

Patch

diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h
index ee95f42..709668e 100644
--- a/include/uapi/linux/pkt_cls.h
+++ b/include/uapi/linux/pkt_cls.h
@@ -591,6 +591,7 @@  enum {
 	TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED = 1 << 1, /* Part of an existing connection. */
 	TCA_FLOWER_KEY_CT_FLAGS_RELATED = 1 << 2, /* Related to an established connection. */
 	TCA_FLOWER_KEY_CT_FLAGS_TRACKED = 1 << 3, /* Conntrack has occurred. */
+	TCA_FLOWER_KEY_CT_FLAGS_INVALID = 1 << 4, /* Conntrack is invalid. */
 };
 
 enum {
diff --git a/man/man8/tc-flower.8 b/man/man8/tc-flower.8
index 1a76b37..8de68d1 100644
--- a/man/man8/tc-flower.8
+++ b/man/man8/tc-flower.8
@@ -387,6 +387,8 @@  new - New connection.
 .TP
 est - Established connection.
 .TP
+inv - The packet is associated with no known connection.
+.TP
 Example: +trk+est
 .RE
 .TP
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 1fe0ef4..489c0d7 100644
--- a/tc/f_flower.c
+++ b/tc/f_flower.c
@@ -345,6 +345,7 @@  static struct flower_ct_states {
 	{ "trk", TCA_FLOWER_KEY_CT_FLAGS_TRACKED },
 	{ "new", TCA_FLOWER_KEY_CT_FLAGS_NEW },
 	{ "est", TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED },
+	{ "inv", TCA_FLOWER_KEY_CT_FLAGS_INVALID},
 };
 
 static int flower_parse_ct_state(char *str, struct nlmsghdr *n)