On Thu, Jan 25, 2018 at 2:00 AM, Pablo Neira Ayuso wrote:
> On Wed, Jan 24, 2018 at 04:37:16PM -0500, David Miller wrote:
>> From: Eyal Birger
>> Date: Tue, 23 Jan 2018 11:17:32 +0200
>>
>> > + network_offset = skb_network_offset(skb);
>> > +
On Wed, Jan 24, 2018 at 04:37:16PM -0500, David Miller wrote:
> From: Eyal Birger
> Date: Tue, 23 Jan 2018 11:17:32 +0200
>
> > + network_offset = skb_network_offset(skb);
> > + skb_pull(skb, network_offset);
> > +
> > + rcu_read_lock();
> > +
> > + if
From: Eyal Birger
Date: Tue, 23 Jan 2018 11:17:32 +0200
> + network_offset = skb_network_offset(skb);
> + skb_pull(skb, network_offset);
> +
> + rcu_read_lock();
> +
> + if (skb->skb_iif)
> + indev = dev_get_by_index_rcu(em->net, skb->skb_iif);
On Tue, Jan 23, 2018 at 11:17:32AM +0200, Eyal Birger wrote:
> From: Eyal Birger
>
> This module allows performing tc classification based on data structures
> and implementations provided by netfilter extensions.
>
> Example use case is classification based on the
From: Eyal Birger
This module allows performing tc classification based on data structures
and implementations provided by netfilter extensions.
Example use case is classification based on the incoming IPSec policy used
during decpsulation using the 'policy' iptables