6c47260250fc6114ce2012db13e1cd3938a27b73 - SHIFTPHONES/kernel/common

commit	6c47260250fc6114ce2012db13e1cd3938a27b73	[log] [tgz]
author	Florian Westphal <fw@strlen.de>	Mon Sep 03 18:09:40 2018 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	Mon Sep 17 11:40:08 2018 +0200
tree	d74409b815de73b670c981d1450501531beee1a2
parent	2953d80ff04862b26a2e628fb3948868f54d753d [diff]

netfilter: nf_tables: add xfrm expression

supports fetching saddr/daddr of tunnel mode states, request id and spi.
If direction is 'in', use inbound skb secpath, else dst->xfrm.

Joint work with Máté Eckl.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/uapi/linux/netfilter/nf_tables.h[diff]
net/netfilter/Kconfig[diff]
net/netfilter/Makefile[diff]
net/netfilter/nft_xfrm.c[Added - diff]

4 files changed

tree: d74409b815de73b670c981d1450501531beee1a2