firewall: T4502: Update to flowtable CLI

`set firewall flowtable <name> interface <ifname>`
`set firewall flowtable <name> offload [software|hardware]`

`set firewall [ipv4|ipv6] forward filter rule N action offload`
`set firewall [ipv4|ipv6] forward filter rule N offload-target <name>`

1 files changed, 9 insertions, 0 deletions

diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py
index d999b2a64..eba3ebf59 100755
--- a/src/conf_mode/firewall.py
+++ b/src/conf_mode/firewall.py
@@ -163,6 +163,15 @@ def verify_rule(firewall, rule_conf, ipv6):
             if target not in dict_search_args(firewall, 'ipv6', 'name'):
                 raise ConfigError(f'Invalid jump-target. Firewall ipv6 name {target} does not exist on the system')
 
+    if rule_conf['action'] == 'offload':
+        if 'offload_target' not in rule_conf:
+            raise ConfigError('Action set to offload, but no offload-target specified')
+
+        offload_target = rule_conf['offload_target']
+
+        if not dict_search_args(firewall, 'flowtable', offload_target):
+            raise ConfigError(f'Invalid offload-target. Flowtable "{offload_target}" does not exist on the system')
+
     if 'queue_options' in rule_conf:
         if 'queue' not in rule_conf['action']:
             raise ConfigError('queue-options defined, but action queue needed and it is not defined')