zebra: cleanup zebra policy context

Upon the remote daemon leaving, some contexts may have to be flushed.
This commit does the change. IPset and IPSet Entries and iptables are
flushed.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>

diff --git a/zebra/zebra_pbr.c b/zebra/zebra_pbr.c
index ac0192f2dedeb0443de90d2a63bf32fa12af3dab..69b14d9d2e9db33d1b171a357ce4a79f33c3b194 100644 (file)
--- a/zebra/zebra_pbr.c
+++ b/zebra/zebra_pbr.c
@@ -320,11 +320,54 @@ static void zebra_pbr_cleanup_rules(struct hash_backet *b, void *data)
        }
 }
 
-void zebra_pbr_client_close_cleanup(int sock)
+static void zebra_pbr_cleanup_ipset(struct hash_backet *b, void *data)
 {
        struct zebra_ns *zns = zebra_ns_lookup(NS_DEFAULT);
+       struct zebra_pbr_ipset *ipset = b->data;
+       int *sock = data;
+
+       if (ipset->sock == *sock)
+               hash_release(zns->ipset_hash, ipset);
+}
+
+static void zebra_pbr_cleanup_ipset_entry(struct hash_backet *b, void *data)
+{
+       struct zebra_ns *zns = zebra_ns_lookup(NS_DEFAULT);
+       struct zebra_pbr_ipset_entry *ipset = b->data;
+       int *sock = data;
+
+       if (ipset->sock == *sock)
+               hash_release(zns->ipset_entry_hash, ipset);
+}
+
+static void zebra_pbr_cleanup_iptable(struct hash_backet *b, void *data)
+{
+       struct zebra_ns *zns = zebra_ns_lookup(NS_DEFAULT);
+       struct zebra_pbr_iptable *iptable = b->data;
+       int *sock = data;
+
+       if (iptable->sock == *sock)
+               hash_release(zns->iptable_hash, iptable);
+}
+
+static int zebra_pbr_client_close_cleanup(struct zserv *client)
+{
+       int sock = client->sock;
+       struct zebra_ns *zns = zebra_ns_lookup(NS_DEFAULT);
 
        hash_iterate(zns->rules_hash, zebra_pbr_cleanup_rules, &sock);
+       hash_iterate(zns->iptable_hash,
+                    zebra_pbr_cleanup_iptable, &sock);
+       hash_iterate(zns->ipset_entry_hash,
+                    zebra_pbr_cleanup_ipset_entry, &sock);
+       hash_iterate(zns->ipset_hash,
+                    zebra_pbr_cleanup_ipset, &sock);
+       return 1;
+}
+
+void zebra_pbr_init(void)
+{
+       hook_register(zapi_client_close, zebra_pbr_client_close_cleanup);
 }
 
 static void *pbr_ipset_alloc_intern(void *arg)

diff --git a/zebra/zebra_pbr.h b/zebra/zebra_pbr.h
index 616bb8a444553e021ec14727c750614396954a07..7ba4e988c1a74c1dc7ba7f2824d00c96d18dde01 100644 (file)
--- a/zebra/zebra_pbr.h
+++ b/zebra/zebra_pbr.h
@@ -186,8 +186,6 @@ extern void kernel_pbr_iptable_add_del_status(struct zebra_pbr_iptable *iptable,
  */
 extern int kernel_pbr_rule_del(struct zebra_pbr_rule *rule);
 
-extern void zebra_pbr_client_close_cleanup(int sock);
-
 extern void zebra_pbr_rules_free(void *arg);
 extern uint32_t zebra_pbr_rules_hash_key(void *arg);
 extern int zebra_pbr_rules_hash_equal(const void *arg1, const void *arg2);