From dbade07e0e1611cf9e44f1d04e71176dcc6d11f8 Mon Sep 17 00:00:00 2001
From: "G. Paul Ziemba" <paulz@labn.net>
Date: Wed, 19 Jul 2023 07:59:04 -0700
Subject: [PATCH] pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol
 any (zapi)

    Subset: ZAPI changes to send the new data

    Also adds filter_bm field; currently for PBR_FILTER_PCP, but in the
    future to be used for all of the filter fields.

    Changes by:
	Josh Werner <joshuawerner@mitre.org>
	Eli Baum <ebaum@mitre.org>
	G. Paul Ziemba <paulz@labn.net>

Signed-off-by: G. Paul Ziemba <paulz@labn.net>
---
 bgpd/bgp_zebra.c | 22 +++++++++++++++-------
 pbrd/pbr_zebra.c | 28 ++++++++++++++++++++++------
 zebra/zapi_msg.c | 22 +++++++++++++++++++---
 3 files changed, 56 insertions(+), 16 deletions(-)

diff --git a/bgpd/bgp_zebra.c b/bgpd/bgp_zebra.c
index 1320906339..aa7ce6a8fb 100644
--- a/bgpd/bgp_zebra.c
+++ b/bgpd/bgp_zebra.c
@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: GPL-2.0-or-later
 /* zebra client
  * Copyright (C) 1997, 98, 99 Kunihiro Ishiguro
+ * Copyright (c) 2023 LabN Consulting, L.L.C.
  */
 
 #include <zebra.h>
@@ -2732,6 +2733,9 @@ static void bgp_encode_pbr_rule_action(struct stream *s,
 		stream_putl(s, pbr->unique);
 	else
 		stream_putl(s, pbra->unique);
+
+	stream_putl(s, 0); /* filter_bm placeholder */
+
 	stream_putc(s, 0); /* ip protocol being used */
 	if (pbr && pbr->flags & MATCH_IP_SRC_SET)
 		memcpy(&pfx, &(pbr->src), sizeof(struct prefix));
@@ -2756,19 +2760,23 @@ static void bgp_encode_pbr_rule_action(struct stream *s,
 	stream_put(s, &pfx.u.prefix, prefix_blen(&pfx));
 
 	stream_putw(s, 0);  /* dst port */
-	stream_putc(s, 0);  /* dsfield */
+
+	stream_putc(s, 0); /* filter dsfield */
 	/* if pbr present, fwmark is not used */
 	if (pbr)
 		stream_putl(s, 0);
 	else
-		stream_putl(s, pbra->fwmark);  /* fwmark */
+		stream_putl(s, pbra->fwmark); /* filter fwmark */
 
-	stream_putl(s, 0); /* queue id */
-	stream_putw(s, 0); /* vlan_id */
-	stream_putw(s, 0); /* vlan_flags */
-	stream_putw(s, 0); /* pcp */
+	stream_putc(s, 0); /* pcp filter */
+	stream_putw(s, 0); /* pcp action  */
+	stream_putw(s, 0); /* vlan_id filter */
+	stream_putw(s, 0); /* vlan_flags filter */
+	stream_putw(s, 0); /* vlan_id action */
+	stream_putw(s, 0); /* vlan_flags action */
+	stream_putl(s, 0); /* queue id action */
 
-	stream_putl(s, pbra->table_id);
+	stream_putl(s, pbra->table_id); /* table action */
 
 	memset(ifname, 0, sizeof(ifname));
 	stream_put(s, ifname, INTERFACE_NAMSIZ); /* ifname unused */
diff --git a/pbrd/pbr_zebra.c b/pbrd/pbr_zebra.c
index 53a02e14a5..28d89b0b5c 100644
--- a/pbrd/pbr_zebra.c
+++ b/pbrd/pbr_zebra.c
@@ -3,6 +3,9 @@
  * Zebra connect code.
  * Copyright (C) 2018 Cumulus Networks, Inc.
  *               Donald Sharp
+ * Portions:
+ *		Copyright (c) 2021 The MITRE Corporation.
+ *		Copyright (c) 2023 LabN Consulting, L.L.C.
  */
 #include <zebra.h>
 
@@ -20,6 +23,7 @@
 #include "log.h"
 #include "nexthop.h"
 #include "nexthop_group.h"
+#include "pbr.h"
 
 #include "pbr_nht.h"
 #include "pbr_map.h"
@@ -529,6 +533,9 @@ static bool pbr_encode_pbr_map_sequence(struct stream *s,
 	stream_putl(s, pbrms->seqno);
 	stream_putl(s, pbrms->ruleno);
 	stream_putl(s, pbrms->unique);
+
+	stream_putl(s, pbrms->filter_bm);
+
 	stream_putc(s, pbrms->ip_proto); /* The ip_proto */
 	pbr_encode_pbr_map_sequence_prefix(s, pbrms->src, family);
 	stream_putw(s, pbrms->src_prt);
@@ -536,13 +543,25 @@ static bool pbr_encode_pbr_map_sequence(struct stream *s,
 	stream_putw(s, pbrms->dst_prt);
 	stream_putc(s, pbrms->dsfield);
 	stream_putl(s, pbrms->mark);
-
-	stream_putl(s, pbrms->action_queue_id);
+	/* PCP */
+	if (CHECK_FLAG(pbrms->filter_bm, PBR_FILTER_PCP))
+		stream_putc(s, pbrms->match_pcp);
+	else
+		stream_putc(s, 0);
+	stream_putw(s, pbrms->action_pcp);
+	/* VLAN */
+	stream_putw(s, pbrms->match_vlan_id);
+	stream_putw(s, pbrms->match_vlan_flags);
 
 	stream_putw(s, pbrms->action_vlan_id);
 	stream_putw(s, pbrms->action_vlan_flags);
-	stream_putw(s, pbrms->action_pcp);
+	stream_putl(s, pbrms->action_queue_id);
 
+	/* if the user does not use the command "set vrf name |unchanged"
+	 * then pbr_encode_pbr_map_sequence_vrf will not be called
+	 */
+
+	/* these statement get a table id */
 	if (pbrms->vrf_unchanged || pbrms->vrf_lookup)
 		pbr_encode_pbr_map_sequence_vrf(s, pbrms, ifp);
 	else if (pbrms->nhgrp_name)
@@ -568,9 +587,6 @@ bool pbr_send_pbr_map(struct pbr_map_sequence *pbrms,
 
 	is_installed &= pbrms->installed;
 
-	DEBUGD(&pbr_dbg_zebra, "%s: for %s %d(%" PRIu64 ")", __func__,
-	       pbrm->name, install, is_installed);
-
 	/*
 	 * If we are installed and asked to do so again and the config
 	 * has not changed, just return.
diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index 5ac8754058..ab491ea525 100644
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -5,6 +5,8 @@
  *   Copyright (C) 1997-1999  Kunihiro Ishiguro
  *   Copyright (C) 2015-2018  Cumulus Networks, Inc.
  *   et al.
+ *   Copyright (c) 2021 The MITRE Corporation.
+ *   Copyright (c) 2023 LabN Consulting, L.L.C.
  */
 
 #include <zebra.h>
@@ -3199,6 +3201,9 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
 		STREAM_GETL(s, zpr.rule.seq);
 		STREAM_GETL(s, zpr.rule.priority);
 		STREAM_GETL(s, zpr.rule.unique);
+
+		STREAM_GETL(s, zpr.rule.filter.filter_bm);
+
 		STREAM_GETC(s, zpr.rule.filter.ip_proto);
 		STREAM_GETC(s, zpr.rule.filter.src_ip.family);
 		STREAM_GETC(s, zpr.rule.filter.src_ip.prefixlen);
@@ -3213,10 +3218,13 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
 		STREAM_GETC(s, zpr.rule.filter.dsfield);
 		STREAM_GETL(s, zpr.rule.filter.fwmark);
 
-		STREAM_GETL(s, zpr.rule.action.queue_id);
+		STREAM_GETC(s, zpr.rule.filter.pcp);
+		STREAM_GETW(s, zpr.rule.action.pcp);
+		STREAM_GETW(s, zpr.rule.filter.vlan_id);
+		STREAM_GETW(s, zpr.rule.filter.vlan_flags);
 		STREAM_GETW(s, zpr.rule.action.vlan_id);
 		STREAM_GETW(s, zpr.rule.action.vlan_flags);
-		STREAM_GETW(s, zpr.rule.action.pcp);
+		STREAM_GETL(s, zpr.rule.action.queue_id);
 
 		STREAM_GETL(s, zpr.rule.action.table);
 		STREAM_GET(ifname, s, INTERFACE_NAMSIZ);
@@ -3245,6 +3253,14 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
 		if (zpr.rule.filter.fwmark)
 			zpr.rule.filter.filter_bm |= PBR_FILTER_FWMARK;
 
+		/* NB PBR_FILTER_PCP should already be set by sender */
+
+		if (zpr.rule.filter.vlan_flags)
+			zpr.rule.filter.filter_bm |= PBR_FILTER_VLAN_FLAGS;
+
+		if (zpr.rule.filter.vlan_id)
+			zpr.rule.filter.filter_bm |= PBR_FILTER_VLAN_ID;
+
 		if (!(zpr.rule.filter.src_ip.family == AF_INET
 		      || zpr.rule.filter.src_ip.family == AF_INET6)) {
 			zlog_warn(
@@ -3515,7 +3531,7 @@ static inline void zread_ipset_entry(ZAPI_HANDLER_ARGS)
 		if (zpi.src_port_max != 0)
 			zpi.filter_bm |= PBR_FILTER_SRC_PORT_RANGE;
 		if (zpi.proto != 0)
-			zpi.filter_bm |= PBR_FILTER_PROTO;
+			zpi.filter_bm |= PBR_FILTER_IP_PROTOCOL;
 
 		if (!(zpi.dst.family == AF_INET
 		      || zpi.dst.family == AF_INET6)) {
-- 
2.39.5