zebra: handle policy routing fragment handling

incoming iptable entries with fragment parameter is handled.
An iptable context is created for each fragment value received from BGP.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>

diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index 65626b79cde854b4bf2261daaa72fd5e4cdcbde4..5a80072e546b34bc4d8a96653a7e560fd47138dd 100644 (file)
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -2911,6 +2911,7 @@ static inline void zread_iptable(ZAPI_HANDLER_ARGS)
        STREAM_GETW(s, zpi.tcp_flags);
        STREAM_GETW(s, zpi.tcp_mask_flags);
        STREAM_GETC(s, zpi.dscp_value);
+       STREAM_GETC(s, zpi.fragment);
        STREAM_GETL(s, zpi.nb_interface);
        zebra_pbr_iptable_update_interfacelist(s, &zpi);
 

diff --git a/zebra/zebra_pbr.c b/zebra/zebra_pbr.c
index ea103f9b7b0ba6cd88994425686a95d107ee20f3..86e054795bb5a6d1aab08b8b5013e0e9faccb714 100644 (file)
--- a/zebra/zebra_pbr.c
+++ b/zebra/zebra_pbr.c
@@ -92,6 +92,14 @@ static const struct message tcp_value_str[] = {
        {0}
 };
 
+static const struct message fragment_value_str[] = {
+       {1, "dont-fragment"},
+       {2, "is-fragment"},
+       {4, "first-fragment"},
+       {8, "last-fragment"},
+       {0}
+};
+
 /* static function declarations */
 DEFINE_HOOK(zebra_pbr_ipset_entry_wrap_script_get_stat, (struct zebra_ns *zns,
                                    struct zebra_pbr_ipset_entry *ipset,
@@ -375,6 +383,7 @@ uint32_t zebra_pbr_iptable_hash_key(void *arg)
        key = jhash_1word(iptable->tcp_flags, key);
        key = jhash_1word(iptable->tcp_mask_flags, key);
        key = jhash_1word(iptable->dscp_value, key);
+       key = jhash_1word(iptable->fragment, key);
        return jhash_3words(iptable->filter_bm, iptable->type,
                            iptable->unique, key);
 }
@@ -409,6 +418,8 @@ int zebra_pbr_iptable_hash_equal(const void *arg1, const void *arg2)
                return 0;
        if (r1->dscp_value != r2->dscp_value)
                return 0;
+       if (r1->fragment != r2->fragment)
+               return 0;
        return 1;
 }
 
@@ -1086,6 +1097,15 @@ static int zebra_pbr_show_iptable_walkcb(struct hash_backet *backet, void *arg)
                        iptable->filter_bm & MATCH_DSCP_INVERSE_SET ?
                        "not" : "", iptable->dscp_value);
        }
+       if (iptable->fragment) {
+               char val_str[10];
+
+               sprintf(val_str, "%d", iptable->fragment);
+               vty_out(vty, "\t fragment%s %s\n",
+                       iptable->filter_bm & MATCH_FRAGMENT_INVERSE_SET ?
+                       " not" : "", lookup_msg(fragment_value_str,
+                                              iptable->fragment, val_str));
+       }
        ret = hook_call(zebra_pbr_iptable_wrap_script_get_stat,
                        zns, iptable, &pkts, &bytes);
        if (ret && pkts > 0)

diff --git a/zebra/zebra_pbr.h b/zebra/zebra_pbr.h
index a1509091a592a7bc2dffbb03e7ee6f6d9dc19b84..3d26281d0dad3e2f82bcbd4a55e2fede50540cc7 100644 (file)
--- a/zebra/zebra_pbr.h
+++ b/zebra/zebra_pbr.h
@@ -138,6 +138,7 @@ struct zebra_pbr_iptable {
        uint16_t tcp_flags;
        uint16_t tcp_mask_flags;
        uint8_t dscp_value;
+       uint8_t fragment;
 
        uint32_t nb_interface;