summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/pbr.h13
-rw-r--r--lib/zclient.c116
2 files changed, 90 insertions, 39 deletions
diff --git a/lib/pbr.h b/lib/pbr.h
index 61a5eb07f6..ae01ae7978 100644
--- a/lib/pbr.h
+++ b/lib/pbr.h
@@ -57,7 +57,7 @@ struct pbr_filter {
struct prefix src_ip;
struct prefix dst_ip;
- /* Source and Destination higher-layer (TCP/UDP) port numbers */
+ /* Source and Destination layer 4 (TCP/UDP/etc.) port numbers */
uint16_t src_port;
uint16_t dst_port;
@@ -88,11 +88,11 @@ struct pbr_filter {
struct pbr_action {
uint32_t flags;
-#define PBR_ACTION_TABLE (1 << 0)
-#define PBR_ACTION_QUEUE_ID (1 << 1)
-#define PBR_ACTION_PCP (1 << 2)
-#define PBR_ACTION_VLAN_ID (1 << 3)
-#define PBR_ACTION_VLAN_FLAGS (1 << 4)
+#define PBR_ACTION_TABLE (1 << 0)
+#define PBR_ACTION_QUEUE_ID (1 << 1)
+#define PBR_ACTION_PCP (1 << 2)
+#define PBR_ACTION_VLAN_ID (1 << 3)
+#define PBR_ACTION_VLAN_STRIP_INNER_ANY (1 << 4)
uint32_t table;
uint32_t queue_id;
@@ -100,7 +100,6 @@ struct pbr_action {
/* VLAN */
uint8_t pcp;
uint16_t vlan_id;
- uint16_t vlan_flags;
};
diff --git a/lib/zclient.c b/lib/zclient.c
index 4648b285fd..97c829c90d 100644
--- a/lib/zclient.c
+++ b/lib/zclient.c
@@ -1631,40 +1631,79 @@ static void zapi_pbr_rule_filter_encode(struct stream *s, struct pbr_filter *f)
assert((f->src_ip.family == AF_INET) || (f->src_ip.family == AF_INET6));
stream_putl(s, f->filter_bm);
- stream_putc(s, f->ip_proto);
+
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_IP_PROTOCOL))
+ stream_putc(s, f->ip_proto);
/* addresses */
- zapi_encode_prefix(s, &f->src_ip, f->src_ip.family);
- zapi_encode_prefix(s, &f->dst_ip, f->dst_ip.family);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_SRC_IP))
+ zapi_encode_prefix(s, &f->src_ip, f->src_ip.family);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_DST_IP))
+ zapi_encode_prefix(s, &f->dst_ip, f->dst_ip.family);
/* port numbers */
- stream_putw(s, f->src_port);
- stream_putw(s, f->dst_port);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_SRC_PORT))
+ stream_putw(s, f->src_port);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_DST_PORT))
+ stream_putw(s, f->dst_port);
+
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_DSCP))
+ stream_putc(s, f->dsfield & PBR_DSFIELD_DSCP);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_ECN))
+ stream_putc(s, f->dsfield & PBR_DSFIELD_ECN);
/* vlan */
- stream_putc(s, f->pcp);
- stream_putw(s, f->vlan_id);
- stream_putw(s, f->vlan_flags);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_PCP))
+ stream_putc(s, f->pcp);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_VLAN_ID))
+ stream_putw(s, f->vlan_id);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_VLAN_FLAGS))
+ stream_putw(s, f->vlan_flags);
+
- stream_putc(s, f->dsfield);
- stream_putl(s, f->fwmark);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_FWMARK))
+ stream_putl(s, f->fwmark);
}
static bool zapi_pbr_rule_filter_decode(struct stream *s, struct pbr_filter *f)
{
+ uint8_t dscp = 0;
+ uint8_t ecn = 0;
+
STREAM_GETL(s, f->filter_bm);
- STREAM_GETC(s, f->ip_proto);
- if (!zapi_decode_prefix(s, &(f->src_ip)))
- goto stream_failure;
- if (!zapi_decode_prefix(s, &(f->dst_ip)))
- goto stream_failure;
- STREAM_GETW(s, f->src_port);
- STREAM_GETW(s, f->dst_port);
- STREAM_GETC(s, f->pcp);
- STREAM_GETW(s, f->vlan_id);
- STREAM_GETW(s, f->vlan_flags);
- STREAM_GETC(s, f->dsfield);
- STREAM_GETL(s, f->fwmark);
+
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_IP_PROTOCOL))
+ STREAM_GETC(s, f->ip_proto);
+
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_SRC_IP))
+ if (!zapi_decode_prefix(s, &(f->src_ip)))
+ goto stream_failure;
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_DST_IP))
+ if (!zapi_decode_prefix(s, &(f->dst_ip)))
+ goto stream_failure;
+
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_SRC_PORT))
+ STREAM_GETW(s, f->src_port);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_DST_PORT))
+ STREAM_GETW(s, f->dst_port);
+
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_DSCP))
+ STREAM_GETC(s, dscp);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_ECN))
+ STREAM_GETC(s, ecn);
+ f->dsfield = (dscp & PBR_DSFIELD_DSCP) | (ecn & PBR_DSFIELD_ECN);
+
+ /* vlan */
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_PCP))
+ STREAM_GETC(s, f->pcp);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_VLAN_ID))
+ STREAM_GETW(s, f->vlan_id);
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_VLAN_FLAGS))
+ STREAM_GETW(s, f->vlan_flags);
+
+ if (CHECK_FLAG(f->filter_bm, PBR_FILTER_FWMARK))
+ STREAM_GETL(s, f->fwmark);
+
return true;
stream_failure:
@@ -1674,21 +1713,34 @@ stream_failure:
static void zapi_pbr_rule_action_encode(struct stream *s, struct pbr_action *a)
{
stream_putl(s, a->flags);
- stream_putl(s, a->table);
- stream_putl(s, a->queue_id);
- stream_putc(s, a->pcp);
- stream_putw(s, a->vlan_id);
- stream_putw(s, a->vlan_flags);
+
+ if (CHECK_FLAG(a->flags, PBR_ACTION_TABLE))
+ stream_putl(s, a->table);
+ if (CHECK_FLAG(a->flags, PBR_ACTION_QUEUE_ID))
+ stream_putl(s, a->queue_id);
+
+ /* L2 */
+ if (CHECK_FLAG(a->flags, PBR_ACTION_PCP))
+ stream_putc(s, a->pcp);
+ if (CHECK_FLAG(a->flags, PBR_ACTION_VLAN_ID))
+ stream_putw(s, a->vlan_id);
}
static bool zapi_pbr_rule_action_decode(struct stream *s, struct pbr_action *a)
{
STREAM_GETL(s, a->flags);
- STREAM_GETL(s, a->table);
- STREAM_GETL(s, a->queue_id);
- STREAM_GETC(s, a->pcp);
- STREAM_GETW(s, a->vlan_id);
- STREAM_GETW(s, a->vlan_flags);
+
+ if (CHECK_FLAG(a->flags, PBR_ACTION_TABLE))
+ STREAM_GETL(s, a->table);
+ if (CHECK_FLAG(a->flags, PBR_ACTION_QUEUE_ID))
+ STREAM_GETL(s, a->queue_id);
+
+ /* L2 */
+ if (CHECK_FLAG(a->flags, PBR_ACTION_PCP))
+ STREAM_GETC(s, a->pcp);
+ if (CHECK_FLAG(a->flags, PBR_ACTION_VLAN_ID))
+ STREAM_GETW(s, a->vlan_id);
+
return true;
stream_failure: