From patchwork Sun Feb 25 17:46:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Donald Hunter X-Patchwork-Id: 13571012 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D560F1862E for ; Sun, 25 Feb 2024 17:46:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883191; cv=none; b=Fj1xY0bkgwqtvp1W0EtA2Dzv5lqyAbRkMUITJE/wpIY5RlSiLu4NvIIQdU7rwvNRhQ1EJ57C0NkJpNpCFSdXqIOS0ocNGgOreA0CXy3NM9McBZjkdWztKMA3oNI9r4qGhwJ3ZYRLUT7SuuVJenpKabh9pjh7zUFtNd5o5HU0f+A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883191; c=relaxed/simple; bh=1I0k7Ufr76IpmebVdS3DYr3+/kf91A0cM10ua8RidlY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jsmALj83kTO2XHnMGeRSbi0HhbncAX/vu/uiYZLTA9k9zE4jmicXoyj44kNKj04gHxX6j6TqUrP0fQ7DB5D41sp/oRsztQ9cSxvOlj/R2KJa/uxYdEDo2E+dFNHJ6/yJBTXcV6kptQc4H9UPThnow9pP6gcCtt4bB/znr5U7Q4o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=mJcdgpmc; arc=none smtp.client-ip=209.85.221.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="mJcdgpmc" Received: by mail-wr1-f50.google.com with SMTP id ffacd0b85a97d-33d509ab80eso975879f8f.3 for ; Sun, 25 Feb 2024 09:46:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708883188; x=1709487988; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=IcuhTD3Hkz219GABcN0nRRjLsqJ5zc2knXCLNNndOqo=; b=mJcdgpmcajFgHw02yXilC/Po5rc6xrdS37Q5R3nv8ui0gN5pYGkOo2tkPKgtRVfW30 uh+VbwQyF7h+tJlzf1cwcbIHqKDUyt5okDjaFL+xer0eJJ9idH/u2SA4hmlHGVeY6Ned YDD87y90aniE86NVFWWTCfBQqXOs6TeJo1rLHn+WAUAG7dQA5Asd5Lme8vvDwtPjiPcw FIjRgTEBK1eDy9S0AMe0QRS87B0obR8S4Okl+3803XZmcU8hwnmFFelwDmk/To0bT9Dg fGpEKOJZPGLt/sDRcJ4fgohFGE9qxvCnW50a33jX2m1ZxvP2c0CKMcRFYXrntBdXb/FA LWJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708883188; x=1709487988; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=IcuhTD3Hkz219GABcN0nRRjLsqJ5zc2knXCLNNndOqo=; b=tX9MdsoKDdgz04bB/0K+VI6FW1Ovoqh54FTvrXDqNrkeOo9vGG3nOC/aPwhW2Q4myw yUaiTvdcJy0WHm9KXJFJopdB1jt3fQXnO9x9IqAw5irb3lf2XGd44/n7AC+az5Px1uqu AXAx/X27+fFYVp1jFbrBJyrCerEWydt05QoTg9hr8nGWpIEDMoaBnmlmAz9CSkDsYxbb cjxwQL7vt5X/N4VqAGbqdjfk0Mz0Dp6vJiPuzWWm58Htz1nP4LevYL2hIvvstdlva21U giZoiIyJ/Cc6j+4lhsCiZTslMogphXitU2tzic510xSlEXzl9oEJGfEpntZOUrejuqS6 OJdg== X-Gm-Message-State: AOJu0YyDckJK+Ti6YZmUxtKDnLzbTESSk/SCiBDbUNTIYbHUyNLp9sd8 VvI3jraR2zzfN2fI5XtBr3EWL+keZN3tabZ1ZeZR7DXHSekxrH65b5dTPmAvxEc= X-Google-Smtp-Source: AGHT+IHavLOexOBaMqApIC4P8pZVIiV+8JXQuyR/eAQ6OqYP61LviW+ifhGYGqVIfShyrxNHMgW65Q== X-Received: by 2002:a5d:4fcb:0:b0:33d:d5a6:fbb4 with SMTP id h11-20020a5d4fcb000000b0033dd5a6fbb4mr731651wrw.40.1708883187890; Sun, 25 Feb 2024 09:46:27 -0800 (PST) Received: from imac.fritz.box ([2a02:8010:60a0:0:907c:51fb:7b4f:c84f]) by smtp.gmail.com with ESMTPSA id r2-20020adff702000000b0033b60bad2fcsm5558729wrp.113.2024.02.25.09.46.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 25 Feb 2024 09:46:27 -0800 (PST) From: Donald Hunter To: netdev@vger.kernel.org, Jakub Kicinski , "David S. Miller" , Eric Dumazet , Paolo Abeni , Jacob Keller , Jiri Pirko , Stanislav Fomichev Cc: donald.hunter@redhat.com, Donald Hunter Subject: [RFC net-next 1/4] doc/netlink: Add batch op definitions to netlink-raw schema Date: Sun, 25 Feb 2024 17:46:16 +0000 Message-ID: <20240225174619.18990-2-donald.hunter@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240225174619.18990-1-donald.hunter@gmail.com> References: <20240225174619.18990-1-donald.hunter@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC The nftables netlink families use batch operations for create update and delete operations. Extend the netlink-raw schema so that operations can be marked as batch ops. Add definitions of the begin-batch and end-batch messages. The begin/end messages themselves are defined as ordinary ops, but there are new attributes that describe the op name and parameters for the begin/end messages. The section of yaml spec that defines the begin/end ops looks like this; the newtable op is marked 'is-batch: true' so the message needs to be wrapped with 'batch-begin(res-id: 10)' and batch-end(res-id: 10) messages: operations: enum-model: directional begin-batch: operation: batch-begin parameters: res-id: 10 end-batch: operation: batch-end parameters: res-id: 10 list: - name: batch-begin doc: Start a batch of operations attribute-set: batch-attrs fixed-header: nfgenmsg do: request: value: 0x10 attributes: - genid reply: value: 0x10 attributes: - genid - name: batch-end doc: Finish a batch of operations attribute-set: batch-attrs fixed-header: nfgenmsg do: request: value: 0x11 attributes: - genid - name: newtable doc: Create a new table. attribute-set: table-attrs fixed-header: nfgenmsg do: request: value: 0xa00 is-batch: True attributes: - name Signed-off-by: Donald Hunter --- Documentation/netlink/netlink-raw.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/Documentation/netlink/netlink-raw.yaml b/Documentation/netlink/netlink-raw.yaml index ac4e05415f2f..eb35fee44898 100644 --- a/Documentation/netlink/netlink-raw.yaml +++ b/Documentation/netlink/netlink-raw.yaml @@ -446,6 +446,11 @@ properties: i.e. requests and responses have different message enums. $ref: '#/$defs/uint' # End genetlink-legacy + # Start netlink-raw + is-batch: + description: Must be part of a message batch + type: boolean + # End netlink-raw reply: *subop-attr-list pre: description: Hook for a function to run before the main callback (pre_doit or start). @@ -469,6 +474,22 @@ properties: mcgrp: description: Name of the multicast group generating given notification. type: string + # Start netlink-raw + begin-batch: &batch-params + description: Definition of a message call for a batch message + type: object + additionalProperties: False + properties: + operation: + description: Name of the operation + type: string + parameters: + description: Parameters for the operation + type: object + items: + type: object + end-batch: *batch-params + # End netlink-raw mcast-groups: description: List of multicast groups. type: object From patchwork Sun Feb 25 17:46:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Donald Hunter X-Patchwork-Id: 13571013 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-lj1-f181.google.com (mail-lj1-f181.google.com [209.85.208.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8577117BD6 for ; Sun, 25 Feb 2024 17:46:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883193; cv=none; b=g2gg+wEnYqN3Iruwx7yDCV+5QiMKMmFNkrVBsZr45MJaAyiyqq/+Upqf87FVreaniOyqmnlfj7GlAL7H3eRNvSvHg+9BOzDfjggmPNcyfcbbQMBdqZscGqCUplSztXHFzENQJsZmpO7Bc84B7O/uwg6AmBEUKQq5+D1M7grdqEw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883193; c=relaxed/simple; bh=PX2GNCYHv6n1KXDu2ZDfzrozQFX7aIfSNoRfyRiEyIo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=NmAKXK71v8bruoMoKYl/MB9VKfebfjpFDDDzv0waNFEJw6jc+ovIDOJFvX51MKW3gSrvVc8mq4MhjMXI0XWSpMFBaRQgs14w6L7c1LXVnvc4gGeHBUDEY+CW2aNY0CRCeae3+YrJ0dfftkF/nrWM3W5+E5JZRLd3W0bAV+lanLo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=dMMQ0/kS; arc=none smtp.client-ip=209.85.208.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="dMMQ0/kS" Received: by mail-lj1-f181.google.com with SMTP id 38308e7fff4ca-2d220e39907so40641411fa.1 for ; Sun, 25 Feb 2024 09:46:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708883189; x=1709487989; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ow9Dqjj2Vt2O9LPzJjX4mqagWHoEa67N0WCC5IIwegE=; b=dMMQ0/kSzPTFCIA2LPRKtoYDrDL2PbIpqUcR212xduNWt3bj9vKi7rJOuFMfF/W6kC S7+k2duqP+cAUI7bFs7ZnD8PVx1Twuw0Af50DuMPbMuUwGPOE8EzN84d9k27cxAf2RbD GoIPJJn0H4J4uZqkZ/sf+wzoRp4Bex1kRtdh0QxGLCCXZbkOXQt9AngFaEvhLCjJ3nmg OGHB6KS8eqFxKMn5JrZV99/R+xIiGoOPmBD99WNdoLQUsa4Ax4RKhCWVLQeks3X9LzaB nI8zN9hlD12YNcrKGmuVQ5y4bCC9kFg6NJZIq9xohxm6ji/uyJWVSSlYn4jNDLEDEQmH 1dRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708883189; x=1709487989; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ow9Dqjj2Vt2O9LPzJjX4mqagWHoEa67N0WCC5IIwegE=; b=q0B5mJm9XgMuLgA6b6i+5AxjD7Je1DX5hqyp5vpOS3fQopFJ48vcV7s2OH34UmMdSs 7SQCAqiwaMUnBX3G+Lcqufy0UHbWiiA4SEz37s3Ua6h2nW4ywR6Dj69tvJgPL/q97MXE yzW1q6eygPs9BGm/xvmzA6HS+bKIpKBN82PWLsiKzcvjo6iv/hmq2TFKOZ4NiWVPYpXa j0GXmXUCBwFdNr/n9wlVSLW8fBJBwQzwQABbO0PeJLsMBwD3Wv/wMXGMXdsrW19gA0s4 sugY7HJE6ulz3o4rb3hh7wd2Rwa+4hQwG85VUnE/do1fcfbdcA6b5zNOhd9hUFKvg5QW 5Lvg== X-Gm-Message-State: AOJu0Yzg0xaGb1yuenWPGAHrC+OmcZygf2J52aEgquHFB3DE1n2ZI8cn PtBZBxadbULPV4cGZazpjQ8xLrhAIZ2tE0KObUHyPRRyASmZkSQUpeHdhXg0YRg= X-Google-Smtp-Source: AGHT+IHvJIgvwiEzLDJQ0inAadiuNnm1LfFTy3pLlKcf+Wmcytfx3GyWgBA04akAA0UNEvpzWcIKPw== X-Received: by 2002:a05:651c:331:b0:2d2:4377:e9f3 with SMTP id b17-20020a05651c033100b002d24377e9f3mr2802519ljp.36.1708883188905; Sun, 25 Feb 2024 09:46:28 -0800 (PST) Received: from imac.fritz.box ([2a02:8010:60a0:0:907c:51fb:7b4f:c84f]) by smtp.gmail.com with ESMTPSA id r2-20020adff702000000b0033b60bad2fcsm5558729wrp.113.2024.02.25.09.46.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 25 Feb 2024 09:46:28 -0800 (PST) From: Donald Hunter To: netdev@vger.kernel.org, Jakub Kicinski , "David S. Miller" , Eric Dumazet , Paolo Abeni , Jacob Keller , Jiri Pirko , Stanislav Fomichev Cc: donald.hunter@redhat.com, Donald Hunter Subject: [RFC net-next 2/4] tools/net/ynl: Extract message encoding into _encode_message() Date: Sun, 25 Feb 2024 17:46:17 +0000 Message-ID: <20240225174619.18990-3-donald.hunter@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240225174619.18990-1-donald.hunter@gmail.com> References: <20240225174619.18990-1-donald.hunter@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC Make the message encoding a separate method so that it can be reused for encoding batch messages. Signed-off-by: Donald Hunter --- tools/net/ynl/lib/ynl.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/tools/net/ynl/lib/ynl.py b/tools/net/ynl/lib/ynl.py index ac55aa5a3083..c6fc9588c235 100644 --- a/tools/net/ynl/lib/ynl.py +++ b/tools/net/ynl/lib/ynl.py @@ -831,6 +831,16 @@ class YnlFamily(SpecFamily): return op['do']['request']['attributes'].copy() + def _encode_message(self, op, vals, nl_flags, req_seq): + msg = self.nlproto.message(nl_flags, op.req_value, 1, req_seq) + if op.fixed_header: + msg += self._encode_struct(op.fixed_header, vals) + search_attrs = SpaceAttrs(op.attr_set, vals) + for name, value in vals.items(): + msg += self._add_attr(op.attr_set.name, name, value, search_attrs) + msg = _genl_msg_finalize(msg) + return msg + def _op(self, method, vals, flags=None, dump=False): op = self.ops[method] @@ -841,13 +851,7 @@ class YnlFamily(SpecFamily): nl_flags |= Netlink.NLM_F_DUMP req_seq = random.randint(1024, 65535) - msg = self.nlproto.message(nl_flags, op.req_value, 1, req_seq) - if op.fixed_header: - msg += self._encode_struct(op.fixed_header, vals) - search_attrs = SpaceAttrs(op.attr_set, vals) - for name, value in vals.items(): - msg += self._add_attr(op.attr_set.name, name, value, search_attrs) - msg = _genl_msg_finalize(msg) + msg = self._encode_message(op, vals, nl_flags, req_seq) self.sock.send(msg, 0) From patchwork Sun Feb 25 17:46:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Donald Hunter X-Patchwork-Id: 13571014 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3681B19BBA for ; Sun, 25 Feb 2024 17:46:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883193; cv=none; b=GLtUftfmr39qdnqg5lZAGMoqZ7TNtyWCmbXLwRaHyjs+/UZqIxkBFVUAM855aEG8kYehWwJZwF3MHi6e2HxhXL3cCFHe0uaPZnfESU7AXMIR51Ddq8FDPT1UimW3pg4YBkycGRpKglh5gvIrr9RYTD3Noj6/EXQpY7ey1yr0s7k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883193; c=relaxed/simple; bh=7wAqg9foTIHMmx4OsmIdZ1GzxvWbzdvDTUIdriH5JmM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LNd3GtoV0OmG5SqZzrny65ZgXdel8DROqerADGuSlsjCXg9TLF1sqseTKQT4/hUJ/KUh2zv5p9XcbQhecrnb3YzSHglqLg9lqZyEJcds595ckN8mVzm7ubhjuR4NR4UJx0rDNUjsKgoCjbeTRkx0DaFoFcOtWoxl7oDVSno3q3Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=akrmxdAA; arc=none smtp.client-ip=209.85.221.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="akrmxdAA" Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-33d32f74833so1326742f8f.3 for ; Sun, 25 Feb 2024 09:46:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708883190; x=1709487990; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JgJVZsaQlQklBgNjFjDp6oBPw9KW1L83Q0alGDwej54=; b=akrmxdAAbJoQR9C5sIzhLMOYBx90bVXXRMiHmVN9BdLTj5RHIx/R6iOseR0keIFYN6 hRw6iksTUkopa1CKgwz0hOcMlvaKuH56i3+e2ipvuULy3kJD6V70j4d9qo2zznP/EFnA RhQdROJ/3VADf7SaoNoG8zlV8WNHYPawW55O8wCnjqZeARoKlR5b4GCHnefQ+WfRxbL3 ZUeegOyF2vdtUXFVyP8EOkhoI1ZraAinMPibsu3ot7r2uxALEjK65AgUPoNA7v1jX0vb DJnuZIvIWBjeC8q0/plJGYAHxQGViayxinqx4/LwmPkKDYQZHwHifnFAY+2n538UlcEI s/JQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708883190; x=1709487990; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JgJVZsaQlQklBgNjFjDp6oBPw9KW1L83Q0alGDwej54=; b=cQ3XcrGubIlwrw9YRgy3Do/giEqv51FNBcna01HMuD6Ygag7aUW4V8RRAL5Xmweh4N OFPesGQgB85I5wwNCSy7yzVB72feNh3evkbtawqhq6FSB2LLcYKC6USSw61BAIuVPmoJ Q5mkke7qJx/BoMIQimikSjDUDp7BDAkkSQ9H8Rrcg6n6790TiLoNQ29SXTOybT8PpJmI GfqIiLY0Qxj7ovx8LDyMOWKn06+b1ITNA4QlRCOhButDP+Np7Hf1bNVyfF2jAhwm2TZi rHDZw37NhogDGStYe4HYoVXbPD+O4GfoDMJc0vIMvMBPqLlwHOJxFzFcNH3FTcf0HAO6 gF8g== X-Gm-Message-State: AOJu0YysGnbkQrockcMuaHV/c9sQOp2oSWUD56+ssxpIKpvvShMKWQCp P6l+SV75mHK5xp12SNcVSJzch2p5ulmoHKH1C1xjtBO1+Mr3lbTXdBbtJmS238c= X-Google-Smtp-Source: AGHT+IGImNXWxkV4fXyqi6RrpEBzIqmZgFgT3YbLWpqU/hBlz5s8mLfKbrxSQZ83nxdbRwdvFTdUdQ== X-Received: by 2002:adf:cd89:0:b0:33d:3830:769c with SMTP id q9-20020adfcd89000000b0033d3830769cmr3325376wrj.65.1708883190253; Sun, 25 Feb 2024 09:46:30 -0800 (PST) Received: from imac.fritz.box ([2a02:8010:60a0:0:907c:51fb:7b4f:c84f]) by smtp.gmail.com with ESMTPSA id r2-20020adff702000000b0033b60bad2fcsm5558729wrp.113.2024.02.25.09.46.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 25 Feb 2024 09:46:29 -0800 (PST) From: Donald Hunter To: netdev@vger.kernel.org, Jakub Kicinski , "David S. Miller" , Eric Dumazet , Paolo Abeni , Jacob Keller , Jiri Pirko , Stanislav Fomichev Cc: donald.hunter@redhat.com, Donald Hunter Subject: [RFC net-next 3/4] tools/net/ynl: Add batch message encoding for nftables Date: Sun, 25 Feb 2024 17:46:18 +0000 Message-ID: <20240225174619.18990-4-donald.hunter@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240225174619.18990-1-donald.hunter@gmail.com> References: <20240225174619.18990-1-donald.hunter@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC The nftables families use batch operations for create, update and delete operations. For ops that have 'is-batch: true' wrap them in begin-batch and end-batch messages. Signed-off-by: Donald Hunter --- tools/net/ynl/lib/ynl.py | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/tools/net/ynl/lib/ynl.py b/tools/net/ynl/lib/ynl.py index c6fc9588c235..3a4af3c5a6a7 100644 --- a/tools/net/ynl/lib/ynl.py +++ b/tools/net/ynl/lib/ynl.py @@ -841,6 +841,12 @@ class YnlFamily(SpecFamily): msg = _genl_msg_finalize(msg) return msg + def _encode_batch_message(self, name, nl_flags, req_seq): + msg = self.yaml.get('operations').get(name) + op = self.ops[msg['operation']] + params = msg['parameters'] + return self._encode_message(op, params, nl_flags, req_seq) + def _op(self, method, vals, flags=None, dump=False): op = self.ops[method] @@ -851,7 +857,16 @@ class YnlFamily(SpecFamily): nl_flags |= Netlink.NLM_F_DUMP req_seq = random.randint(1024, 65535) - msg = self._encode_message(op, vals, nl_flags, req_seq) + msg = b'' + + is_batch = op['do']['request'].get('is-batch', False) + if is_batch: + msg += self._encode_batch_message('begin-batch', nl_flags, req_seq) + + msg += self._encode_message(op, vals, nl_flags, req_seq) + + if is_batch: + msg += self._encode_batch_message('end-batch', nl_flags, req_seq) self.sock.send(msg, 0) From patchwork Sun Feb 25 17:46:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Donald Hunter X-Patchwork-Id: 13571015 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-lj1-f172.google.com (mail-lj1-f172.google.com [209.85.208.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2913C1B81F for ; Sun, 25 Feb 2024 17:46:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883196; cv=none; b=sF3tKORW+J3D8Gt3XM1l7epJQlq6q7qK3/9vTmHkN14ng/z7nIxZX9T8nakCnZkxsHhCIvmYCzn22JEL0u6EilTehkjlhn/UjaH46lwRN+qR+dcP26ac6oO2IgOwGts6WNB0eLStejj4I7IDfRdMQkjZ9tpSnAbOURnMlxnH9NA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708883196; c=relaxed/simple; bh=kfe4HpCH0d+q+EvfM6duVEk83pWc0BGQ45dvVujXJvY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=OKs3+6/cVPW7Tws34T9jheQXfsVhxWBBLsOnYWfCXi8xZNfQ5nV8hCgoXFScMoaYNm87QU0PAaRnR8152OgMsa1+78dBKqT/qppO+vUQapO8Wjgc85CON8/pXNFQNBBT+UpCCWxsjUNSAbMAXFwJZn54K9hcIlWQ3jSj2cvZ+ko= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=JoBL8czm; arc=none smtp.client-ip=209.85.208.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JoBL8czm" Received: by mail-lj1-f172.google.com with SMTP id 38308e7fff4ca-2d244b28b95so24693601fa.0 for ; Sun, 25 Feb 2024 09:46:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708883192; x=1709487992; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=A6bvvlKB5zwzfC4uoFyEjiBUofV+xlR3N+nGTzzLbrU=; b=JoBL8czm8a1MzHsmltYyQV9v9t/+uguyuQMOjW5HRrIIbj2EhtxgQRFARXJugWqcn8 WOH5rNWprKsETHL6jlxdReYIJjH9ZYdx8VfhhTIXyq3vot27gadyCkUl3+uz+g0sk4k0 mUOjMhgav7rLRbtGYR6MBf0dzCoRHr70HHkaUDuS8SgndXWCnKv9qBy/xUdiAucs13fU iEek8PuTKsawXLBXTnvT8VEcAZhzjIKPJjFkGAw42etcXyxszYAv/zOpHigrTHqd+AkB vKY//7EcsgGI1XXHEKAYqGj51Ppes/5Ktt49/+Zvs5dY7mQX1FLDBiN0dyT5IhvQD70t OKLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708883192; x=1709487992; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=A6bvvlKB5zwzfC4uoFyEjiBUofV+xlR3N+nGTzzLbrU=; b=SBHyBpLx8+FVCNoTA+negrOqzznQgC4rVUasaqH+n6Yw7sf9k3e1Qz8uMZO6t6ayh9 khigmQb3mm5afI1SnvAmYH0uwd1eJrzXVIYgq7eAqSAX2S2iHIuudZjE2KPi4WzzNmUk RT409qp+DAgSaSGGlSy+Y0bxXueTQ1bckG0gGhHWHKC6MgfFa2XKmpOU8x1ySt6jXMCp VhuVUQcto+aFt60TSPsPmybih+EBEO4xAD41fQh4wPzs1nccKBaK7Dg1mdE/KYC99eFP fpO+Gc9FDa+7ysR39+iLPzPrOn9GdOL08rRs++RXgf9cCPROJAbuykspcI+zaDUc4gpW Q/rw== X-Gm-Message-State: AOJu0YxHqLR14ykCU1/d06Tt2YBJ/yrY/m787xACYx2QOPJ6HAgmmi2T YBu/oj8npLa1srKHNFTfAoex2AmRvuh18GqFeytC66f0HdO/hPXm7Ih/7L96w4E= X-Google-Smtp-Source: AGHT+IF9yMl3oaHO9OBmLnWWXTGHsBkGJVPIYE5k8LceAAFEiwIqPrT2tB7Bb8RfC7XMk4tnsszBrQ== X-Received: by 2002:a2e:a984:0:b0:2d2:8048:884e with SMTP id x4-20020a2ea984000000b002d28048884emr2694698ljq.7.1708883191575; Sun, 25 Feb 2024 09:46:31 -0800 (PST) Received: from imac.fritz.box ([2a02:8010:60a0:0:907c:51fb:7b4f:c84f]) by smtp.gmail.com with ESMTPSA id r2-20020adff702000000b0033b60bad2fcsm5558729wrp.113.2024.02.25.09.46.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 25 Feb 2024 09:46:30 -0800 (PST) From: Donald Hunter To: netdev@vger.kernel.org, Jakub Kicinski , "David S. Miller" , Eric Dumazet , Paolo Abeni , Jacob Keller , Jiri Pirko , Stanislav Fomichev Cc: donald.hunter@redhat.com, Donald Hunter Subject: [RFC net-next 4/4] doc/netlink/specs: Add draft nftables spec Date: Sun, 25 Feb 2024 17:46:19 +0000 Message-ID: <20240225174619.18990-5-donald.hunter@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240225174619.18990-1-donald.hunter@gmail.com> References: <20240225174619.18990-1-donald.hunter@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC Add a spec for nftables that has nearly complete coverage of the ops, but limited coverage of rule types and subexpressions. Signed-off-by: Donald Hunter --- Documentation/netlink/specs/nftables.yaml | 1292 +++++++++++++++++++++ 1 file changed, 1292 insertions(+) create mode 100644 Documentation/netlink/specs/nftables.yaml diff --git a/Documentation/netlink/specs/nftables.yaml b/Documentation/netlink/specs/nftables.yaml new file mode 100644 index 000000000000..74157f296f71 --- /dev/null +++ b/Documentation/netlink/specs/nftables.yaml @@ -0,0 +1,1292 @@ +# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) + +name: nftables +protocol: netlink-raw +protonum: 12 + +doc: + Netfilter nftables configuration over netlink. + +definitions: + - + name: nfgenmsg + type: struct + members: + - + name: nfgen-family + type: u8 + - + name: version + type: u8 + - + name: res-id + byte-order: big-endian + type: u16 + - + name: meta-keys + type: enum + entries: + - len + - protocol + - priority + - mark + - iif + - oif + - iifname + - oifname + - iftype + - oiftype + - skuid + - skgid + - nftrace + - rtclassid + - secmark + - nfproto + - l4-proto + - bri-iifname + - bri-oifname + - pkttype + - cpu + - iifgroup + - oifgroup + - cgroup + - prandom + - secpath + - iifkind + - oifkind + - bri-iifpvid + - bri-iifvproto + - time-ns + - time-day + - time-hour + - sdif + - sdifname + - bri-broute + - + name: cmp-ops + type: enum + entries: + - eq + - neq + - lt + - lte + - gt + - gte + - + name: object-type + type: enum + entries: + - unspec + - counter + - quota + - ct-helper + - limit + - connlimit + - tunnel + - ct-timeout + - secmark + - ct-expect + - synproxy + - + name: nat-range-flags + type: flags + entries: + - map-ips + - proto-specified + - proto-random + - persistent + - proto-random-fully + - proto-offset + - netmap + - + name: table-flags + type: flags + entries: + - dormant + - owner + - + name: chain-flags + type: flags + entries: + - base + - hw-offload + - binding + - + name: set-flags + type: flags + entries: + - anonymous + - constant + - interval + - map + - timeout + - eval + - object + - concat + - expr + +attribute-sets: + - + name: empty-attrs + attributes: + - + name: name + type: string + - + name: batch-attrs + attributes: + - + name: genid + type: u32 + byte-order: big-endian + - + name: table-attrs + attributes: + - + name: name + type: string + doc: name of the table + - + name: flags + type: u32 + byte-order: big-endian + doc: bitmask of flags + enum: table-flags + enum-as-flags: true + - + name: use + type: u32 + byte-order: big-endian + doc: number of chains in this table + - + name: handle + type: u64 + byte-order: big-endian + doc: numeric handle of the table + - + name: userdata + type: binary + doc: user data + - + name: chain-attrs + attributes: + - + name: table + type: string + doc: name of the table containing the chain + - + name: handle + type: u64 + byte-order: big-endian + doc: numeric handle of the chain + - + name: name + type: string + doc: name of the chain + - + name: hook + type: nest + nested-attributes: nft-hook-attrs + doc: hook specification for basechains + - + name: policy + type: u32 + byte-order: big-endian + doc: numeric policy of the chain + - + name: use + type: u32 + byte-order: big-endian + doc: number of references to this chain + - + name: type + type: string + doc: type name of the chain + - + name: counters + type: nest + nested-attributes: nft-counter-attrs + doc: counter specification of the chain + - + name: flags + type: u32 + byte-order: big-endian + doc: chain flags + enum: chain-flags + enum-as-flags: true + - + name: id + type: u32 + byte-order: big-endian + doc: uniquely identifies a chain in a transaction + - + name: userdata + type: binary + doc: user data + - + name: counter-attrs + attributes: + - + name: bytes + type: u64 + byte-order: big-endian + - + name: packets + type: u64 + byte-order: big-endian + - + name: pad + type: pad + - + name: nft-hook-attrs + attributes: + - + name: num + type: u32 + byte-order: big-endian + - + name: priority + type: s32 + byte-order: big-endian + - + name: dev + type: string + doc: net device name + - + name: devs + type: nest + nested-attributes: hook-dev-attrs + doc: list of net devices + - + name: hook-dev-attrs + attributes: + - + name: name + type: string + multi-attr: true + - + name: nft-counter-attrs + attributes: + - + name: bytes + type: u64 + - + name: packets + type: u64 + - + name: rule-attrs + attributes: + - + name: table + type: string + doc: name of the table containing the rule + - + name: chain + type: string + doc: name of the chain containing the rule + - + name: handle + type: u64 + byte-order: big-endian + doc: numeric handle of the rule + - + name: expressions + type: nest + nested-attributes: expr-list-attrs + doc: list of expressions + - + name: compat + type: nest + nested-attributes: rule-compat-attrs + doc: compatibility specifications of the rule + - + name: position + type: u64 + byte-order: big-endian + doc: numeric handle of the previous rule + - + name: userdata + type: binary + doc: user data + - + name: id + type: u32 + doc: uniquely identifies a rule in a transaction + - + name: position-id + type: u32 + doc: transaction unique identifier of the previous rule + - + name: chain-id + type: u32 + doc: add the rule to chain by ID, alternative to chain name + - + name: expr-list-attrs + attributes: + - + name: elem + type: nest + nested-attributes: expr-attrs + multi-attr: true + - + name: expr-attrs + attributes: + - + name: name + type: string + doc: name of the expression type + - + name: data + type: sub-message + sub-message: expr-ops + selector: name + doc: type specific data + - + name: rule-compat-attrs + attributes: + - + name: proto + type: binary + doc: numeric value of the handled protocol + - + name: flags + type: binary + doc: bitmask of flags + - + name: set-attrs + attributes: + - + name: table + type: string + doc: table name + - + name: name + type: string + doc: set name + - + name: flags + type: u32 + enum: set-flags + byte-order: big-endian + doc: bitmask of enum nft_set_flags + - + name: key-type + type: u32 + byte-order: big-endian + doc: key data type, informational purpose only + - + name: key-len + type: u32 + byte-order: big-endian + doc: key data length + - + name: data-type + type: u32 + byte-order: big-endian + doc: mapping data type + - + name: data-len + type: u32 + byte-order: big-endian + doc: mapping data length + - + name: policy + type: u32 + byte-order: big-endian + doc: selection policy + - + name: desc + type: nest + nested-attributes: set-desc-attrs + doc: set description + - + name: id + type: u32 + doc: uniquely identifies a set in a transaction + - + name: timeout + type: u64 + doc: default timeout value + - + name: gc-interval + type: u32 + doc: garbage collection interval + - + name: userdata + type: binary + doc: user data + - + name: pad + type: pad + - + name: obj-type + type: u32 + byte-order: big-endian + doc: stateful object type + - + name: handle + type: u64 + byte-order: big-endian + doc: set handle + - + name: expr + type: nest + nested-attributes: expr-attrs + doc: set expression + multi-attr: true + - + name: expressions + type: nest + nested-attributes: set-list-attrs + doc: list of expressions + - + name: set-desc-attrs + attributes: + - + name: size + type: u32 + byte-order: big-endian + doc: number of elements in set + - + name: concat + type: nest + nested-attributes: set-desc-concat-attrs + doc: description of field concatenation + multi-attr: true + - + name: set-desc-concat-attrs + attributes: + - + name: elem + type: nest + nested-attributes: set-field-attrs + - + name: set-field-attrs + attributes: + - + name: len + type: u32 + byte-order: big-endian + - + name: set-list-attrs + attributes: + - + name: elem + type: nest + nested-attributes: expr-attrs + multi-attr: true + - + name: setelem-attrs + attributes: + - + name: key + type: nest + nested-attributes: data-attrs + doc: key value + - + name: data + type: nest + nested-attributes: data-attrs + doc: data value of mapping + - + name: flags + type: binary + doc: bitmask of nft_set_elem_flags + - + name: timeout + type: u64 + doc: timeout value + - + name: expiration + type: u64 + doc: expiration time + - + name: userdata + type: binary + doc: user data + - + name: expr + type: nest + nested-attributes: expr-attrs + doc: expression + - + name: objref + type: string + doc: stateful object reference + - + name: key-end + type: nest + nested-attributes: TODO + doc: closing key value + - + name: expressions + type: nest + nested-attributes: list-attrs + doc: list of expressions + - + name: setelem-list-elem-attrs + attributes: + - + name: elem + type: nest + nested-attributes: setelem-attrs + multi-attr: true + - + name: setelem-list-attrs + attributes: + - + name: table + type: string + - + name: set + type: string + - + name: elements + type: nest + nested-attributes: setelem-list-elem-attrs + - + name: set-id + type: u32 + - + name: gen-attrs + attributes: + - + name: id + type: u32 + byte-order: big-endian + doc: ruleset generation id + - + name: proc-pid + type: u32 + byte-order: big-endian + - + name: proc-name + type: string + - + name: obj-attrs + attributes: + - + name: table + type: string + doc: name of the table containing the expression + - + name: name + type: string + doc: name of this expression type + - + name: type + type: u32 + enum: object-type + byte-order: big-endian + doc: stateful object type + - + name: data + type: sub-message + sub-message: obj-data + selector: type + doc: stateful object data + - + name: use + type: u32 + byte-order: big-endian + doc: number of references to this expression + - + name: handle + type: u64 + byte-order: big-endian + doc: object handle + - + name: pad + type: pad + - + name: userdata + type: binary + doc: user data + - + name: quota-attrs + attributes: + - + name: bytes + type: u64 + byte-order: big-endian + - + name: flags # TODO + type: u32 + byte-order: big-endian + - + name: pad + type: pad + - + name: consumed + type: u64 + byte-order: big-endian + - + name: flowtable-attrs + attributes: + - + name: table + type: string + - + name: name + type: string + - + name: hook + type: nest + nested-attributes: flowtable-hook-attrs + - + name: use + type: u32 + byte-order: big-endian + - + name: handle + type: u64 + byte-order: big-endian + - + name: pad + type: pad + - + name: flags + type: u32 + byte-order: big-endian + - + name: flowtable-hook-attrs + attributes: + - + name: num + type: u32 + byte-order: big-endian + - + name: priority + type: u32 + byte-order: big-endian + - + name: devs + type: nest + nested-attributes: hook-dev-attrs + - + name: expr-cmp-attrs + attributes: + - + name: sreg + type: u32 + byte-order: big-endian + - + name: op + type: u32 + byte-order: big-endian + enum: cmp-ops + - + name: data + type: nest + nested-attributes: data-attrs + - + name: data-attrs + attributes: + - + name: value + type: binary + # sub-type: u8 + - + name: verdict + type: nest + nested-attributes: verdict-attrs + - + name: verdict-attrs + attributes: + - + name: code + type: u32 + byte-order: big-endian + - + name: chain + type: string + - + name: chain-id + type: u32 + - + name: expr-counter-attrs + attributes: + - + name: bytes + type: u64 + doc: Number of bytes + - + name: packets + type: u64 + doc: Number of packets + - + name: pad + type: pad + - + name: expr-flow-offload-attrs + attributes: + - + name: name + type: string + doc: Flow offload table name + - + name: expr-immediate-attrs + attributes: + - + name: dreg + type: u32 + byte-order: big-endian + - + name: data + type: nest + nested-attributes: data-attrs + - + name: expr-meta-attrs + attributes: + - + name: dreg + type: u32 + byte-order: big-endian + - + name: key + type: u32 + byte-order: big-endian + enum: meta-keys + - + name: sreg + type: u32 + byte-order: big-endian + - + name: expr-nat-attrs + attributes: + - + name: type + type: u32 + byte-order: big-endian + - + name: family + type: u32 + byte-order: big-endian + - + name: reg-addr-min + type: u32 + byte-order: big-endian + - + name: reg-addr-max + type: u32 + byte-order: big-endian + - + name: reg-proto-min + type: u32 + byte-order: big-endian + - + name: reg-proto-max + type: u32 + byte-order: big-endian + - + name: flags + type: u32 + byte-order: big-endian + enum: nat-range-flags + enum-as-flags: true + - + name: expr-payload-attrs + attributes: + - + name: dreg + type: u32 + byte-order: big-endian + - + name: base + type: u32 + byte-order: big-endian + - + name: offset + type: u32 + byte-order: big-endian + - + name: len + type: u32 + byte-order: big-endian + - + name: sreg + type: u32 + byte-order: big-endian + - + name: csum-type + type: u32 + byte-order: big-endian + - + name: csum-offset + type: u32 + byte-order: big-endian + - + name: csum-flags + type: u32 + byte-order: big-endian + - + name: expr-tproxy-attrs + attributes: + - + name: family + type: u32 + byte-order: big-endian + - + name: reg-addr + type: u32 + byte-order: big-endian + - + name: reg-port + type: u32 + byte-order: big-endian + +sub-messages: + - + name: expr-ops + formats: + - + value: bitwise # TODO + - + value: cmp + attribute-set: expr-cmp-attrs + - + value: counter + attribute-set: expr-counter-attrs + - + value: ct # TODO + - + value: flow_offload + attribute-set: expr-flow-offload-attrs + - + value: immediate + attribute-set: expr-immediate-attrs + - + value: lookup # TODO + - + value: meta + attribute-set: expr-meta-attrs + - + value: nat + attribute-set: expr-nat-attrs + - + value: payload + attribute-set: expr-payload-attrs + - + value: tproxy + attribute-set: expr-tproxy-attrs + - + name: obj-data + formats: + - + value: counter + attribute-set: counter-attrs + - + value: quota + attribute-set: quota-attrs + +operations: + enum-model: directional + begin-batch: + operation: batch-begin + parameters: + res-id: 10 + end-batch: + operation: batch-end + parameters: + res-id: 10 + list: + - + name: batch-begin + doc: Start a batch of operations + attribute-set: batch-attrs + fixed-header: nfgenmsg + do: + request: + value: 0x10 + attributes: + - genid + reply: + value: 0x10 + attributes: + - genid + - + name: batch-end + doc: Finish a batch of operations + attribute-set: batch-attrs + fixed-header: nfgenmsg + do: + request: + value: 0x11 + attributes: + - genid + - + name: newtable + doc: Create a new table. + attribute-set: table-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa00 + is-batch: True + attributes: + - name + - + name: gettable + doc: Get / dump tables. + attribute-set: table-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa01 + attributes: + - name + reply: + value: 0xa00 + attributes: + - name + - + name: deltable + doc: Delete an existing table. + attribute-set: table-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa02 + is-batch: True + attributes: + - name + - + name: destroytable + doc: Delete an existing table with destroy semantics (ignoring ENOENT errors). + attribute-set: table-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa1a + is-batch: True + attributes: + - name + - + name: newchain + doc: Create a new chain. + attribute-set: chain-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa03 + is-batch: True + attributes: + - name + - + name: getchain + doc: Get / dump chains. + attribute-set: chain-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa04 + attributes: + - name + reply: + value: 0xa03 + attributes: + - name + - + name: delchain + doc: Delete an existing chain. + attribute-set: chain-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa05 + is-batch: True + attributes: + - name + - + name: destroychain + doc: Delete an existing chain with destroy semantics (ignoring ENOENT errors). + attribute-set: chain-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa1b + is-batch: True + attributes: + - name + - + name: newrule + doc: Create a new rule. + attribute-set: rule-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa06 + is-batch: True + attributes: + - name + - + name: getrule + doc: Get / dump rules. + attribute-set: rule-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa07 + attributes: + - name + reply: + value: 0xa06 + attributes: + - name + - + name: getrule-reset + doc: Get / dump rules and reset stateful expressions. + attribute-set: rule-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa19 + attributes: + - name + reply: + value: 0xa06 + attributes: + - name + - + name: delrule + doc: Delete an existing rule. + attribute-set: rule-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa08 + is-batch: True + attributes: + - name + - + name: destroyrule + doc: Delete an existing rule with destroy semantics (ignoring ENOENT errors). + attribute-set: rule-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa1c + is-batch: True + attributes: + - name + - + name: newset + doc: Create a new set. + attribute-set: set-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa09 + is-batch: True + attributes: + - name + - + name: getset + doc: Get / dump sets. + attribute-set: set-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa0a + attributes: + - name + reply: + value: 0xa09 + attributes: + - name + - + name: delset + doc: Delete an existing set. + attribute-set: set-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa0b + is-batch: True + attributes: + - name + - + name: destroyset + doc: Delete an existing set with destroy semantics (ignoring ENOENT errors). + attribute-set: set-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa1d + is-batch: True + attributes: + - name + - + name: newsetelem + doc: Create a new set element. + attribute-set: setelem-list-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa0c + is-batch: True + attributes: + - name + - + name: getsetelem + doc: Get / dump set elements. + attribute-set: setelem-list-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa0d + attributes: + - name + reply: + value: 0xa0c + attributes: + - name + - + name: getsetelem-reset + doc: Get / dump set elements and reset stateful expressions. + attribute-set: setelem-list-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa21 + attributes: + - name + reply: + value: 0xa0c + attributes: + - name + - + name: delsetelem + doc: Delete an existing set element. + attribute-set: setelem-list-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa0e + is-batch: True + attributes: + - name + - + name: destroysetelem + doc: Delete an existing set element with destroy semantics. + attribute-set: setelem-list-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa1e + is-batch: True + attributes: + - name + - + name: getgen + doc: Get / dump rule-set generation. + attribute-set: gen-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa10 + attributes: + - name + reply: + value: 0xa0f + attributes: + - name + - + name: newobj + doc: Create a new stateful object. + attribute-set: obj-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa12 + is-batch: True + attributes: + - name + - + name: getobj + doc: Get / dump stateful objects. + attribute-set: obj-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa13 + attributes: + - name + reply: + value: 0xa12 + attributes: + - name + - + name: delobj + doc: Delete an existing stateful object. + attribute-set: obj-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa14 + is-batch: True + attributes: + - name + - + name: destroyobj + doc: Delete an existing stateful object with destroy semantics. + attribute-set: obj-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa1f + is-batch: True + attributes: + - name + - + name: newflowtable + doc: Create a new flow table. + attribute-set: flowtable-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa16 + is-batch: True + attributes: + - name + - + name: getflowtable + doc: Get / dump flow tables. + attribute-set: flowtable-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa17 + attributes: + - name + reply: + value: 0xa16 + attributes: + - name + - + name: delflowtable + doc: Delete an existing flow table. + attribute-set: flowtable-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa18 + is-batch: True + attributes: + - name + - + name: destroyflowtable + doc: Delete an existing flow table with destroy semantics. + attribute-set: flowtable-attrs + fixed-header: nfgenmsg + do: + request: + value: 0xa20 + is-batch: True + attributes: + - name + +mcast-groups: + list: + - + name: mgmt