Jarno Rajahalme <jrajaha...@nicira.com> wrote: > Extend OVS conntrack interface to cover NAT. New nested > OVS_CT_ATTR_NAT may be used to include NAT with a CT action. A bare > OVS_CT_ATTR_NAT only mangles existing connections. If > OVS_NAT_ATTR_SRC or OVS_NAT_ATTR_DST is included within the nested > attributes, new (non-committed/non-confirmed) connections are mangled > according to the rest of the nested attributes. > > This work extends on a branch by Thomas Graf at > https://github.com/tgraf/ovs/tree/nat. > > Signed-off-by: Jarno Rajahalme <jrajaha...@nicira.com> > --- > include/uapi/linux/openvswitch.h | 48 +++- > net/openvswitch/actions.c | 25 +- > net/openvswitch/conntrack.c | 543 > ++++++++++++++++++++++++++++++++++++--- > net/openvswitch/conntrack.h | 2 + > net/openvswitch/flow.h | 11 +- > 5 files changed, 580 insertions(+), 49 deletions(-) > > diff --git a/include/uapi/linux/openvswitch.h > b/include/uapi/linux/openvswitch.h > index 098d8b5..9d63472 100644 > --- a/include/uapi/linux/openvswitch.h > +++ b/include/uapi/linux/openvswitch.h > @@ -454,6 +454,12 @@ struct ovs_key_ct_label { > #define OVS_CS_F_REPLY_DIR 0x08 /* Flow is in the reply direction. */ > #define OVS_CS_F_INVALID 0x10 /* Could not track connection. */ > #define OVS_CS_F_TRACKED 0x20 /* Conntrack has occurred. */ > +#define OVS_CS_F_SRC_NAT 0x40 /* Packet's source address/port was > + mangled by NAT. */ > +#define OVS_CS_F_DST_NAT 0x80 /* Packet's destination address/port > + was mangled by NAT. */
I'm blind -- how does ovs deal with change of output device and the ether dst mac as result of a l3 dst translation? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
