lib: add ZEBRA IPSET defines

ZEBRA IPSET defines are added for creating/deleting ipset contexts.
Ans also create ipset hash sets.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>

diff --git a/lib/log.c b/lib/log.c
index f5aff756dde5e2587986c87afa35e3ff5052cb97..dbfc95da86251fd6cbf2925637d2cae4f9b93a5a 100644 (file)
--- a/lib/log.c
+++ b/lib/log.c
@@ -968,6 +968,10 @@ static const struct zebra_desc_table command_types[] = {
        DESC_ENTRY(ZEBRA_TABLE_MANAGER_CONNECT),
        DESC_ENTRY(ZEBRA_GET_TABLE_CHUNK),
        DESC_ENTRY(ZEBRA_RELEASE_TABLE_CHUNK),
+       DESC_ENTRY(ZEBRA_IPSET_CREATE),
+       DESC_ENTRY(ZEBRA_IPSET_DESTROY),
+       DESC_ENTRY(ZEBRA_IPSET_ENTRY_ADD),
+       DESC_ENTRY(ZEBRA_IPSET_ENTRY_DELETE),
 };
 #undef DESC_ENTRY
 

diff --git a/lib/zclient.h b/lib/zclient.h
index a77b1c1f9495bc3555d05bdbbdc8666b8402b8b6..3c6e1b32089bdafc0d14a00b28b6f94573110e30 100644 (file)
--- a/lib/zclient.h
+++ b/lib/zclient.h
@@ -140,6 +140,10 @@ typedef enum {
        ZEBRA_TABLE_MANAGER_CONNECT,
        ZEBRA_GET_TABLE_CHUNK,
        ZEBRA_RELEASE_TABLE_CHUNK,
+       ZEBRA_IPSET_CREATE,
+       ZEBRA_IPSET_DESTROY,
+       ZEBRA_IPSET_ENTRY_ADD,
+       ZEBRA_IPSET_ENTRY_DELETE,
 } zebra_message_types_t;
 
 struct redist_proto {

diff --git a/zebra/zebra_pbr.c b/zebra/zebra_pbr.c
index 1855b543719dbef1a502b5bad5fa86b90b97a9c2..cec891b7f3c6414435968858d62a0c5321d73fe9 100644 (file)
--- a/zebra/zebra_pbr.c
+++ b/zebra/zebra_pbr.c
@@ -283,6 +283,20 @@ static void *pbr_ipset_alloc_intern(void *arg)
        return new;
 }
 
+static struct zebra_pbr_ipset *zpi_found;
+
+static int zebra_pbr_ipset_pername_walkcb(struct hash_backet *backet, void *arg)
+{
+       struct zebra_pbr_ipset  *zpi = (struct zebra_pbr_ipset *)backet->data;
+       char *ipset_name = (char *)arg;
+
+       if (!strncmp(ipset_name, zpi->ipset_name, ZEBRA_IPSET_NAME_SIZE)) {
+               zpi_found = zpi;
+               return HASHWALK_ABORT;
+       }
+       return HASHWALK_CONTINUE;
+}
+
 void zebra_pbr_create_ipset(struct zebra_ns *zns,
                            struct zebra_pbr_ipset *ipset)
 {
@@ -309,6 +323,16 @@ void zebra_pbr_destroy_ipset(struct zebra_ns *zns,
                          __PRETTY_FUNCTION__);
 }
 
+struct zebra_pbr_ipset *zebra_pbr_lookup_ipset_pername(struct zebra_ns *zns,
+                                                      char *ipsetname)
+{
+       if (!ipsetname)
+               return NULL;
+       zpi_found = NULL;
+       hash_walk(zns->ipset_hash, zebra_pbr_ipset_pername_walkcb, ipsetname);
+       return zpi_found;
+}
+
 static void *pbr_ipset_entry_alloc_intern(void *arg)
 {
        struct zebra_pbr_ipset_entry *zpi;

diff --git a/zebra/zebra_pbr.h b/zebra/zebra_pbr.h
index 31e20a3078dac5da77b0ab8d4c989453ad8bd80c..2060cc25ec9f1a831a9bf1f83624bba55638fa41 100644 (file)
--- a/zebra/zebra_pbr.h
+++ b/zebra/zebra_pbr.h
@@ -150,6 +150,8 @@ void zebra_pbr_create_ipset(struct zebra_ns *zns,
                            struct zebra_pbr_ipset *ipset);
 void zebra_pbr_destroy_ipset(struct zebra_ns *zns,
                             struct zebra_pbr_ipset *ipset);
+struct zebra_pbr_ipset *zebra_pbr_lookup_ipset_pername(struct zebra_ns *zns,
+                                                      char *ipsetname);
 void zebra_pbr_add_ipset_entry(struct zebra_ns *zns,
                               struct zebra_pbr_ipset_entry *ipset);
 void zebra_pbr_del_ipset_entry(struct zebra_ns *zns,

diff --git a/zebra/zserv.c b/zebra/zserv.c
index c06efbfb4bf288d319c3a52e5dddcff6ed3a3e2d..942e60c798318fe394bc607868673eeae8443cde 100644 (file)
--- a/zebra/zserv.c
+++ b/zebra/zserv.c
@@ -2685,7 +2685,7 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
 
                zpr.ifp = if_lookup_by_index(ifindex, VRF_UNKNOWN);
                if (!zpr.ifp) {
-                       zlog_debug("FAiled to lookup ifindex: %u", ifindex);
+                       zlog_debug("Failed to lookup ifindex: %u", ifindex);
                        return;
                }
 
@@ -2711,6 +2711,82 @@ stream_failure:
        return;
 }
 
+
+static inline void zread_ipset(ZAPI_HANDLER_ARGS)
+{
+       struct zebra_pbr_ipset zpi;
+       struct stream *s;
+       uint32_t total, i;
+
+       s = msg;
+       STREAM_GETL(s, total);
+
+       for (i = 0; i < total; i++) {
+               memset(&zpi, 0, sizeof(zpi));
+
+               zpi.sock = client->sock;
+               STREAM_GETL(s, zpi.unique);
+               STREAM_GETL(s, zpi.type);
+               STREAM_GET(&zpi.ipset_name, s,
+                          ZEBRA_IPSET_NAME_SIZE);
+
+               if (hdr->command == ZEBRA_IPSET_CREATE)
+                       zebra_pbr_create_ipset(zvrf->zns, &zpi);
+               else
+                       zebra_pbr_destroy_ipset(zvrf->zns, &zpi);
+       }
+
+stream_failure:
+       return;
+}
+
+static inline void zread_ipset_entry(ZAPI_HANDLER_ARGS)
+{
+       struct zebra_pbr_ipset_entry zpi;
+       struct zebra_pbr_ipset ipset;
+       struct stream *s;
+       uint32_t total, i;
+
+       s = msg;
+       STREAM_GETL(s, total);
+
+       for (i = 0; i < total; i++) {
+               memset(&zpi, 0, sizeof(zpi));
+               memset(&ipset, 0, sizeof(ipset));
+
+               zpi.sock = client->sock;
+               STREAM_GETL(s, zpi.unique);
+               STREAM_GET(&ipset.ipset_name, s,
+                          ZEBRA_IPSET_NAME_SIZE);
+               STREAM_GETC(s, zpi.src.family);
+               STREAM_GETC(s, zpi.src.prefixlen);
+               STREAM_GET(&zpi.src.u.prefix, s,
+                          prefix_blen(&zpi.src));
+               STREAM_GETC(s, zpi.dst.family);
+               STREAM_GETC(s, zpi.dst.prefixlen);
+               STREAM_GET(&zpi.dst.u.prefix, s,
+                          prefix_blen(&zpi.dst));
+
+               if (!is_default_prefix(&zpi.src))
+                       zpi.filter_bm |= PBR_FILTER_SRC_IP;
+
+               if (!is_default_prefix(&zpi.dst))
+                       zpi.filter_bm |= PBR_FILTER_DST_IP;
+
+               /* calculate backpointer */
+               zpi.backpointer = zebra_pbr_lookup_ipset_pername(zvrf->zns,
+                                                        ipset.ipset_name);
+               if (hdr->command == ZEBRA_IPSET_ENTRY_ADD)
+                       zebra_pbr_add_ipset_entry(zvrf->zns, &zpi);
+               else
+                       zebra_pbr_del_ipset_entry(zvrf->zns, &zpi);
+       }
+
+stream_failure:
+       return;
+}
+
+
 void (*zserv_handlers[])(ZAPI_HANDLER_ARGS) = {
        [ZEBRA_ROUTER_ID_ADD] = zread_router_id_add,
        [ZEBRA_ROUTER_ID_DELETE] = zread_router_id_delete,
@@ -2771,6 +2847,10 @@ void (*zserv_handlers[])(ZAPI_HANDLER_ARGS) = {
        [ZEBRA_TABLE_MANAGER_CONNECT] = zread_table_manager_request,
        [ZEBRA_GET_TABLE_CHUNK] = zread_table_manager_request,
        [ZEBRA_RELEASE_TABLE_CHUNK] = zread_table_manager_request,
+       [ZEBRA_IPSET_CREATE] = zread_ipset,
+       [ZEBRA_IPSET_DESTROY] = zread_ipset,
+       [ZEBRA_IPSET_ENTRY_ADD] = zread_ipset_entry,
+       [ZEBRA_IPSET_ENTRY_DELETE] = zread_ipset_entry,
 };
 
 static inline void zserv_handle_commands(struct zserv *client,