Currently there does not appear to exist any kernel side nft flowtable
implementation that supports hardware flow offloading.
Attempting to upload a ruleset containing a flowtable declaration with
the hardware offloading flag set will fail with a generic EOPNOTSUPP
error.
Since there is neither a graceful recovery (e.g. continue without
hardware flow offloading) nor any possibility to probe kernel side
support from userspace, disable the facility entirely for now.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
custom_chains: [ "bool", null, UNSUPPORTED ],
disable_ipv6: [ "bool", null, UNSUPPORTED ],
flow_offloading: [ "bool", "0" ],
- flow_offloading_hw: [ "bool", "0" ]
+ flow_offloading_hw: [ "bool", "0", UNSUPPORTED ]
});
if (defs.synflood_protect === null)