net/mlx5: Add new chain for netfilter flow table offload
Netfilter tables (nftables) implements a software datapath that comes after tc ingress datapath. The datapath supports offloading such rules via the flow table offload API. This API is currently only used by NFT and it doesn't provide the global priority in regards to tc offload, so we assume offloading such rules must come after tc. It does provide a flow table priority parameter, so we need to provide some supported priority range. For that, split fastpath prio to two, flow table offload and tc offload, with one dedicated priority chain for flow table offload. Next patch will re-use the multi chain API to access this chain by allowing access to this chain by the fdb_sub_namespace. Signed-off-by: NPaul Blakey <paulb@mellanox.com> Reviewed-by: NMark Bloch <markb@mellanox.com> Acked-by: NPablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: NSaeed Mahameed <saeedm@mellanox.com>
Showing
想要评论请 注册 或 登录