diff options
| author | Philippe Guibert <philippe.guibert@6wind.com> | 2018-03-08 15:20:49 +0100 |
|---|---|---|
| committer | Philippe Guibert <philippe.guibert@6wind.com> | 2018-04-16 14:40:43 +0200 |
| commit | 1907e4b80b03dbaea9cb13eb4b52b33d1b9d30d3 (patch) | |
| tree | c9a89b39b37f2cd3e35936078375fc16b93024dd | |
| parent | 425bdd6bf10123c2027ed602536490aeb5fb72a0 (diff) | |
zebra: pbr rule structure is being added fwmark tag
PBR rule is being added a 32 bit value that can be used to record a rule
in the kernel, by using a fwmark information.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
| -rw-r--r-- | zebra/zebra_pbr.c | 7 | ||||
| -rw-r--r-- | zebra/zebra_pbr.h | 4 | ||||
| -rw-r--r-- | zebra/zserv.c | 15 |
3 files changed, 22 insertions, 4 deletions
diff --git a/zebra/zebra_pbr.c b/zebra/zebra_pbr.c index 9cc7ce905c..dd6e16bb70 100644 --- a/zebra/zebra_pbr.c +++ b/zebra/zebra_pbr.c @@ -57,6 +57,10 @@ uint32_t zebra_pbr_rules_hash_key(void *arg) else key = jhash_1word(0, key); + if (rule->filter.fwmark) + key = jhash_1word(rule->filter.fwmark, key); + else + key = jhash_1word(0, key); return jhash_3words(rule->filter.src_port, rule->filter.dst_port, prefix_hash_key(&rule->filter.dst_ip), jhash_1word(rule->unique, key)); @@ -87,6 +91,9 @@ int zebra_pbr_rules_hash_equal(const void *arg1, const void *arg2) if (r1->filter.dst_port != r2->filter.dst_port) return 0; + if (r1->filter.fwmark != r2->filter.fwmark) + return 0; + if (!prefix_same(&r1->filter.src_ip, &r2->filter.src_ip)) return 0; diff --git a/zebra/zebra_pbr.h b/zebra/zebra_pbr.h index c4af66b056..9f25c6f434 100644 --- a/zebra/zebra_pbr.h +++ b/zebra/zebra_pbr.h @@ -46,6 +46,7 @@ struct zebra_pbr_filter { #define PBR_FILTER_DST_IP (1 << 1) #define PBR_FILTER_SRC_PORT (1 << 2) #define PBR_FILTER_DST_PORT (1 << 3) +#define PBR_FILTER_FWMARK (1 << 4) /* Source and Destination IP address with masks. */ struct prefix src_ip; @@ -54,6 +55,9 @@ struct zebra_pbr_filter { /* Source and Destination higher-layer (TCP/UDP) port numbers. */ uint16_t src_port; uint16_t dst_port; + + /* Filter with fwmark */ + uint32_t fwmark; }; #define IS_RULE_FILTERING_ON_SRC_IP(r) \ diff --git a/zebra/zserv.c b/zebra/zserv.c index f38ea81adb..4d9898ae2d 100644 --- a/zebra/zserv.c +++ b/zebra/zserv.c @@ -2741,13 +2741,17 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS) STREAM_GET(&zpr.filter.dst_ip.u.prefix, s, prefix_blen(&zpr.filter.dst_ip)); STREAM_GETW(s, zpr.filter.dst_port); + STREAM_GETL(s, zpr.filter.fwmark); STREAM_GETL(s, zpr.action.table); STREAM_GETL(s, ifindex); - zpr.ifp = if_lookup_by_index(ifindex, VRF_UNKNOWN); - if (!zpr.ifp) { - zlog_debug("Failed to lookup ifindex: %u", ifindex); - return; + if (ifindex) { + zpr.ifp = if_lookup_by_index(ifindex, VRF_UNKNOWN); + if (!zpr.ifp) { + zlog_debug("Failed to lookup ifindex: %u", + ifindex); + return; + } } if (!is_default_prefix(&zpr.filter.src_ip)) @@ -2762,6 +2766,9 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS) if (zpr.filter.dst_port) zpr.filter.filter_bm |= PBR_FILTER_DST_PORT; + if (zpr.filter.fwmark) + zpr.filter.filter_bm |= PBR_FILTER_FWMARK; + if (hdr->command == ZEBRA_RULE_ADD) zebra_pbr_add_rule(zvrf->zns, &zpr); else |