On Thu, 5 Jan 2017 11:54:51 +0200, Amir Vadai wrote: > You asked me [1] why did I use specific header names instead of layers (L2, > L3...), > and I explained that it is on purpose, this extra information is planned to > be used > by hardware drivers to offload the action. > > Some FW/HW parser APIs are such that they need to get the specific header > type (e.g > IPV4 or IPV6, TCP or UDP) and not only the networking level (e.g network or > transport).
Don't we need better API specification (and enforcement) then, though? See below. > Usage example: > $ tc filter add dev enp0s9 protocol ip parent ffff: \ > flower \ > ip_proto tcp \ > dst_port 80 \ > action \ > pedit munge ip ttl add 0xff \ > pedit munge tcp dport set 8080 \ > pipe action mirred egress redirect dev veth0 What happens when one does: tc filter add ... flower ip_proto udp action pedit munge tcp ... ? Jiri
