Home
last modified time | relevance | path

Searched refs:nft (Results 1 – 23 of 23) sorted by relevance

/linux/tools/testing/selftests/netfilter/
A Dnft_nat.sh21 nft --version > /dev/null 2>&1
184 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
411 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
512 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
611 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
693 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
798 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
816 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
838 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
870 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
[all …]
A Dnft_concat_range.sh465 eval "echo \"${set_template}\"" | nft -f -
922 nft reset counter inet filter test >/dev/null 2>&1
923 nft flush ruleset >/dev/null 2>&1
1056 if ! nft add element inet filter test "${1}"; then
1170 nft reset counter inet filter test >/dev/null
1291 nft flush inet filter test 2>/dev/null
1306 nft flush ruleset
1417 nft -f "${tmp}"
1435 nft reset counter netdev perf test >/dev/null 2>&1
1470 nft flush set t s 2>/dev/null || return 1
[all …]
A Dconntrack_vrf.sh50 nft --version > /dev/null 2>&1
108 ip netns exec $ns0 nft -f - <<EOF
143 ip netns exec $ns0 nft list ruleset
161 ip netns exec $ns0 nft -f - <<EOF
190 ip netns exec $ns0 nft list table ip nat |grep -q 'counter packets 2' &&
191 ip netns exec $ns0 nft list table ip nat |grep -q 'untracked counter packets [1-9]'
210 ip netns exec $ns0 nft -f - <<EOF
227 ip netns exec $ns0 nft list table ip nat |grep -q 'counter packets 2'
A Dnft_meta.sh10 if ! nft --version > /dev/null 2>&1; then
28 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
94 if ! ip netns exec "$ns0" nft list counter inet filter $cname | grep -q "$want"; then
97 ip netns exec "$ns0" nft list counter inet filter $cname
134 ip netns exec "$ns0" nft reset counters > /dev/null
A Dnft_queue.sh31 nft --version > /dev/null 2>&1
94 ip netns exec ${nsrouter} nft -f /dev/stdin <<EOF
129 ip netns exec ${nsrouter} nft -f /dev/stdin <<EOF
186 ip netns exec ${nsrouter} nft -f /dev/stdin <<EOF
210 ip netns exec ${nsrouter} nft delete table $proto blackh
251 ip netns exec ${nsrouter} nft list ruleset
301 ip netns exec ${nsrouter} nft -f /dev/stdin <<EOF
350 ip netns exec ${ns1} nft -f /dev/stdin <<EOF
373 …ip netns exec ${ns1} nft list chain inet filter $n | grep -q "oifname \"$d\" icmp type echo-reques…
376 ip netns exec ${ns1} nft list ruleset
A Dconntrack_tcp_unreplied.sh16 nft --version > /dev/null 2>&1
47 cnt=$(ip netns exec $ns2 nft list counter inet filter "$name" | grep -q "$expect")
50 ip netns exec $ns2 nft list counter inet filter "$name" 1>&2
91 ip netns exec $ns2 nft -f - <<EOF
117 ip netns exec $ns2 nft -f - <<EOF
A Dnft_flowtable.sh151 ip netns exec nsr1 nft -f - <<EOF
319 ip netns exec nsr1 nft list ruleset
332 ip netns exec nsr1 nft -f - <<EOF
350 ip netns exec nsr1 nft list ruleset
358 if ! ip netns exec nsr1 nft delete rule inet filter forward $handle; then
370 ip netns exec nsr1 nft list ruleset
386 ip netns exec nsr1 nft -f - <<EOF
405 ip netns exec nsr1 nft list ruleset
430 ip netns exec nsr1 nft list ruleset
487 ip netns exec nsr1 nft delete table ip nat
[all …]
A Dconntrack_icmp_related.sh21 nft --version > /dev/null 2>&1
53 cnt=$(ip netns exec $ns nft list counter inet filter "$name" | grep -q "$expect")
56 ip netns exec $ns nft list counter inet filter "$name" 1>&2
130 ip netns exec $netns nft -f - <<EOF
145 ip netns exec nsclient1 nft -f - <<EOF
159 ip netns exec nsclient2 nft -f - <<EOF
188 ip netns exec nsrouter1 nft -f - <<EOF
A Dnft_fib.sh26 nft --version > /dev/null 2>&1
59 ip netns exec ${netns} nft -f /dev/stdin <<EOF
72 ip netns exec ${netns} nft -f /dev/stdin <<EOF
99 …line=$(ip netns exec ${ns} nft list table inet filter | grep 'fib saddr . iif' | grep $address | g…
104 ip netns exec ${ns} nft list table inet filter
188 ip netns exec ${nsrouter} nft flush table inet filter
A Dnft_trans_stress.sh15 nft --version > /dev/null 2>&1
62 for i in $(seq 1 10) ; do ip netns exec "$testns" nft -f "$tmp" & done
67 ip netns exec "$testns" nft delete table inet $table 2>/dev/null
A Dnft_nat_zones.sh63 nft --version > /dev/null 2>&1
161 ip netns exec $gw nft -f /dev/stdin<<EOF
244 ip netns exec $gw nft get element inet raw inicmp "{ 10.1.0.3 . \"veth$i\" . 10.3.0.99 }" 1>&2
249 ip netns exec $gw nft get element inet raw inicmp "{ 10.3.0.99 . \"veth0\" . 10.3.0.1 }" | grep -q …
253 ip netns exec $gw nft get element inet raw inicmp "{ 10.3.99 . \"veth0\" . 10.3.0.1 }" 1>&2
292 …ip netns exec $gw nft get element inet raw inflows "{ 10.1.0.3 . 10000 . \"veth$i\" . 10.3.0.99 . …
303 ip netns exec $gw nft get element inet raw inflows "{ 10.3.0.99 . 5201 . \"veth0\" . 10.3.0.1 . 100…
A Dnft_zones_many.sh46 ip netns exec $ns nft -f /dev/stdin<<EOF
69 ) | ip netns exec $ns nft -f /dev/stdin
A Dnft_conntrack_helper.sh22 nft --version > /dev/null 2>&1
73 ip netns exec ${ns} nft -f - <<EOF
/linux/Documentation/networking/
A Dtproxy.rst24 Alternatively you can do this in nft with the following commands::
26 # nft add table filter
27 # nft add chain filter divert "{ type filter hook prerouting priority -150; }"
28 # nft add rule filter divert meta l4proto tcp socket transparent 1 meta mark set 1 accept
72 Or the following rule to nft:
74 # nft add rule filter divert tcp dport 80 tproxy to :50080 meta mark set 1 accept
/linux/drivers/net/wireless/ath/ath9k/
A Dcalib.c155 int16_t *nft) in ath9k_hw_get_nf_thresh() argument
159 *nft = (int8_t)ah->eep_ops->get_eeprom(ah, EEP_NFTHRESH_5); in ath9k_hw_get_nf_thresh()
162 *nft = (int8_t)ah->eep_ops->get_eeprom(ah, EEP_NFTHRESH_2); in ath9k_hw_get_nf_thresh()
/linux/drivers/net/ethernet/netronome/nfp/flower/
A Dmetadata.c641 if (zt->nft) { in nfp_zone_table_entry_destroy()
642 nf_flow_table_offload_del_cb(zt->nft, in nfp_zone_table_entry_destroy()
645 zt->nft = NULL; in nfp_zone_table_entry_destroy()
A Dconntrack.h64 struct nf_flowtable *nft; member
A Dconntrack.c1081 zt->nft = NULL; in get_nfp_zone_entry()
1438 if (!zt->nft) { in nfp_fl_ct_handle_pre_ct()
1439 zt->nft = ct_act->ct.flow_table; in nfp_fl_ct_handle_pre_ct()
1440 err = nf_flow_table_offload_add_cb(zt->nft, nfp_fl_ct_handle_nft_flow, zt); in nfp_fl_ct_handle_pre_ct()
1759 zt->nft = NULL; in nfp_fl_ct_del_flow()
/linux/include/net/
A Dnet_namespace.h139 struct netns_nftables nft; member
/linux/net/netfilter/
A Dnf_tables_core.c168 bool genbit = READ_ONCE(net->nft.gencursor); in nft_do_chain()
A DKconfig430 controlled by iptables, ip6tables or nft.
476 (also known as expressions) that the userspace 'nft' utility
A Dnf_tables_api.c1167 struct nft_flowtable *flowtable, *nft; in nft_flush_table() local
1200 list_for_each_entry_safe(flowtable, nft, &ctx->table->flowtables, list) { in nft_flush_table()
8589 net->nft.gencursor = nft_gencursor_next(net); in nf_tables_commit()
/linux/include/net/netfilter/
A Dnf_tables.h1365 return net->nft.gencursor + 1 == 1 ? 1 : 0; in nft_gencursor_next()
1376 return 1 << READ_ONCE(net->nft.gencursor); in nft_genmask_cur()

Completed in 59 milliseconds