netfilter: add a xt_FLOWOFFLOAD target for NAT/routing offload support

This makes it possible to add an iptables rule that offloads routing/NAT packet processing to a software fast path. This fast path is much quicker than running packets through the regular tables/chains. Requires Linux 4.14 Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-20 15:58:42 +01:00
parent 1033356442
commit 820f030998
4 changed files with 479 additions and 1 deletions
--- a/package/network/utils/iptables/patches/800-flowoffload_target.patch
+++ b/package/network/utils/iptables/patches/800-flowoffload_target.patch
@@ -0,0 +1,18 @@
+--- /dev/null
+++ b/extensions/libxt_FLOWOFFLOAD.c
+@@ -0,0 +1,15 @@
+#include <xtables.h>
+
+static struct xtables_target offload_tg_reg[] = {
+	{
+		.family        = NFPROTO_UNSPEC,
+		.name          = "FLOWOFFLOAD",
+		.revision      = 0,
+		.version       = XTABLES_VERSION,
+	},
+};
+
+void _init(void)
+{
+	xtables_register_targets(offload_tg_reg, ARRAY_SIZE(offload_tg_reg));
+}