zebra: handle policy routing fragment handling

incoming iptable entries with fragment parameter is handled.
An iptable context is created for each fragment value received from BGP.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>

diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index dfbbb8e61f8fac2f9f2607894a1d67fef62ca9d2..32165ae7892866504c183c0b627ca9b9ceb306b1 100644 (file)
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -2943,6 +2943,7 @@ static inline void zread_iptable(ZAPI_HANDLER_ARGS)
        STREAM_GETW(s, zpi.tcp_flags);
        STREAM_GETW(s, zpi.tcp_mask_flags);
        STREAM_GETC(s, zpi.dscp_value);
+       STREAM_GETC(s, zpi.fragment);
        STREAM_GETL(s, zpi.nb_interface);
        zebra_pbr_iptable_update_interfacelist(s, &zpi);
 

diff --git a/zebra/zebra_pbr.c b/zebra/zebra_pbr.c
index f9f7882f6c23679effce6e186c4f5349c9a2f601..74ef25b031fb750c8dff6edeeab2b988d077fb48 100644 (file)
--- a/zebra/zebra_pbr.c
+++ b/zebra/zebra_pbr.c
@@ -93,6 +93,14 @@ static const struct message tcp_value_str[] = {
        {0}
 };
 
+static const struct message fragment_value_str[] = {
+       {1, "dont-fragment"},
+       {2, "is-fragment"},
+       {4, "first-fragment"},
+       {8, "last-fragment"},
+       {0}
+};
+
 /* static function declarations */
 DEFINE_HOOK(zebra_pbr_ipset_entry_wrap_script_get_stat, (struct zebra_ns *zns,
                                    struct zebra_pbr_ipset_entry *ipset,
@@ -376,6 +384,7 @@ uint32_t zebra_pbr_iptable_hash_key(void *arg)
        key = jhash_1word(iptable->tcp_flags, key);
        key = jhash_1word(iptable->tcp_mask_flags, key);
        key = jhash_1word(iptable->dscp_value, key);
+       key = jhash_1word(iptable->fragment, key);
        return jhash_3words(iptable->filter_bm, iptable->type,
                            iptable->unique, key);
 }
@@ -410,6 +419,8 @@ int zebra_pbr_iptable_hash_equal(const void *arg1, const void *arg2)
                return 0;
        if (r1->dscp_value != r2->dscp_value)
                return 0;
+       if (r1->fragment != r2->fragment)
+               return 0;
        return 1;
 }
 
@@ -1089,6 +1100,15 @@ static int zebra_pbr_show_iptable_walkcb(struct hash_backet *backet, void *arg)
                        iptable->filter_bm & MATCH_DSCP_INVERSE_SET ?
                        "not" : "", iptable->dscp_value);
        }
+       if (iptable->fragment) {
+               char val_str[10];
+
+               sprintf(val_str, "%d", iptable->fragment);
+               vty_out(vty, "\t fragment%s %s\n",
+                       iptable->filter_bm & MATCH_FRAGMENT_INVERSE_SET ?
+                       " not" : "", lookup_msg(fragment_value_str,
+                                              iptable->fragment, val_str));
+       }
        ret = hook_call(zebra_pbr_iptable_wrap_script_get_stat,
                        zns, iptable, &pkts, &bytes);
        if (ret && pkts > 0)

diff --git a/zebra/zebra_pbr.h b/zebra/zebra_pbr.h
index 58c71f4d9729a21bac676ec35c8e059b8c173c89..fd83502ae180e1f8982228b7a50c79474a7660ba 100644 (file)
--- a/zebra/zebra_pbr.h
+++ b/zebra/zebra_pbr.h
@@ -138,6 +138,7 @@ struct zebra_pbr_iptable {
        uint16_t tcp_flags;
        uint16_t tcp_mask_flags;
        uint8_t dscp_value;
+       uint8_t fragment;
 
        uint32_t nb_interface;