diff options
| author | Joe Stringer <joestringer@nicira.com> | 2015-10-13 11:13:10 -0700 |
|---|---|---|
| committer | Joe Stringer <joestringer@nicira.com> | 2015-10-13 15:34:16 -0700 |
| commit | 9daf23484fb1f0d8fe8bf807a82c3d5b571a3dea (patch) | |
| tree | 7cf24d8e7b63d18809d9c94a0c1fb65cd30011d1 /datapath/flow_netlink.c | |
| parent | 8e53fe8cf7a178cf9702fb1bb916f4645058e5e7 (diff) | |
| download | openvswitch-9daf23484fb1f0d8fe8bf807a82c3d5b571a3dea.tar.gz | |
Add connection tracking label support.
This patch adds a new 128-bit metadata field to the connection tracking
interface. When a label is specified as part of the ct action and the
connection is committed, the value is saved with the current connection.
Subsequent ct lookups with the table specified will expose this metadata
as the "ct_label" field in the flow.
For example, to allow new TCP connections from port 1->2 and only allow
established connections from port 2->1, and to associate a label with
those connections:
table=0,priority=1,action=drop
table=0,arp,action=normal
table=0,in_port=1,tcp,action=ct(commit,exec(set_field:1->ct_label)),2
table=0,in_port=2,ct_state=-trk,tcp,action=ct(table=1)
table=1,in_port=2,ct_state=+trk,ct_label=1,tcp,action=1
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Diffstat (limited to 'datapath/flow_netlink.c')
| -rw-r--r-- | datapath/flow_netlink.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/datapath/flow_netlink.c b/datapath/flow_netlink.c index f50f0234d..3a3492beb 100644 --- a/datapath/flow_netlink.c +++ b/datapath/flow_netlink.c @@ -282,7 +282,7 @@ size_t ovs_key_attr_size(void) /* Whenever adding new OVS_KEY_ FIELDS, we should consider * updating this function. */ - BUILD_BUG_ON(OVS_KEY_ATTR_TUNNEL_INFO != 25); + BUILD_BUG_ON(OVS_KEY_ATTR_TUNNEL_INFO != 26); return nla_total_size(4) /* OVS_KEY_ATTR_PRIORITY */ + nla_total_size(0) /* OVS_KEY_ATTR_TUNNEL */ |