From 2bee7aae60285c01a4c7e81c20940c1feff1404e Mon Sep 17 00:00:00 2001 From: Philippe Guibert Date: Fri, 27 Apr 2018 16:32:51 +0200 Subject: [PATCH] zebra: add netlink rule support for fwmark option When a mark is set, incoming traffic having that mark set can be redirected to a specific table identifier. This work is done through netlink. Signed-off-by: Philippe Guibert --- zebra/rule_netlink.c | 6 ++++++ zebra/zebra_pbr.h | 2 ++ 2 files changed, 8 insertions(+) diff --git a/zebra/rule_netlink.c b/zebra/rule_netlink.c index 310f0952fa..0cac3172fa 100644 --- a/zebra/rule_netlink.c +++ b/zebra/rule_netlink.c @@ -98,6 +98,12 @@ static int netlink_rule_update(int cmd, struct zebra_pbr_rule *rule) &rule->rule.filter.dst_ip.u.prefix, bytelen); } + /* fwmark, if specified */ + if (IS_RULE_FILTERING_ON_FWMARK(rule)) { + addattr32(&req.n, sizeof(req), FRA_FWMARK, + rule->rule.filter.fwmark); + } + /* Route table to use to forward, if filter criteria matches. */ if (rule->rule.action.table < 256) req.frh.table = rule->rule.action.table; diff --git a/zebra/zebra_pbr.h b/zebra/zebra_pbr.h index 8cb83fe7cc..23b6e5c90f 100644 --- a/zebra/zebra_pbr.h +++ b/zebra/zebra_pbr.h @@ -48,6 +48,8 @@ struct zebra_pbr_rule { (r->rule.filter.filter_bm & PBR_FILTER_SRC_PORT) #define IS_RULE_FILTERING_ON_DST_PORT(r) \ (r->rule.filter.filter_bm & PBR_FILTER_DST_PORT) +#define IS_RULE_FILTERING_ON_FWMARK(r) \ + (r->rule.filter.filter_bm & PBR_FILTER_FWMARK) /* * An IPSet Entry Filter -- 2.39.5