Hi Florian,
I love your patch! Perhaps something to improve:
[auto build test WARNING on nf-next/master]
url:
https://github.com/0day-ci/linux/commits/Florian-Westphal/netfilter-meta-secpath-support/20171204-124857
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git mas
Arturo Borrero Gonzalez wrote:
> > + if (priv->key != NFT_META_SECPATH)
> > + return 0;
> > +
>
> Would it worth adding here something like this?
>
> #ifnfdef CONFIG_XFRM
> return -EOPNOTSUPP;
> #endif
>
> I mean, if CONFIG_XFRM is not defined, then _get_eval() i
On 1 December 2017 at 13:40, Florian Westphal wrote:
> replacement for iptables "-m policy --dir in --policy {ipsec,none}".
>
> Signed-off-by: Florian Westphal
> ---
> include/uapi/linux/netfilter/nf_tables.h | 2 ++
> net/netfilter/nft_meta.c | 39
> +++
Florian Westphal wrote:
> +int nft_meta_get_validate(const struct nft_ctx *ctx,
> + const struct nft_expr *expr,
> + const struct nft_data **data)
Sigh, this should be static of course.
I will not send a v2 for now.
--
To unsubscribe from this list: sen
replacement for iptables "-m policy --dir in --policy {ipsec,none}".
Signed-off-by: Florian Westphal
---
include/uapi/linux/netfilter/nf_tables.h | 2 ++
net/netfilter/nft_meta.c | 39
2 files changed, 41 insertions(+)
diff --git a/include/uapi/
