On Mon, 23 Apr 2018 22:08:44 +0200
Florian Westphal wrote:
> Ahmed Abdelsalam wrote:
> > > > @@ -50,6 +62,12 @@ struct ip6t_srh {
> > > > __u8segs_left;
> > > > __u8last_entry;
> > > > __u16
Ahmed Abdelsalam wrote:
> > > @@ -50,6 +62,12 @@ struct ip6t_srh {
> > > __u8segs_left;
> > > __u8last_entry;
> > > __u16 tag;
> > > + struct in6_addr psid_addr;
> > > + struct in6_addr nsid_addr;
On Mon, 23 Apr 2018 19:30:47 +0200
Pablo Neira Ayuso wrote:
> On Mon, Apr 23, 2018 at 05:48:22AM -0500, Ahmed Abdelsalam wrote:
> > Signed-off-by: Ahmed Abdelsalam
> > ---
> > include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 22 +--
> >
On Mon, Apr 23, 2018 at 05:48:22AM -0500, Ahmed Abdelsalam wrote:
> IPv6 Segment Routing Header (SRH) contains a list of SIDs to be crossed by
> SR encapsulated packet. Each SID is encoded as an IPv6 prefix.
>
> When a Firewall receives an SR encapsulated packet, it should be able to
> identify
IPv6 Segment Routing Header (SRH) contains a list of SIDs to be crossed by
SR encapsulated packet. Each SID is encoded as an IPv6 prefix.
When a Firewall receives an SR encapsulated packet, it should be able to
identify which node previously processed the packet (previous SID), which
node is