From 4112baec9f7ec235c66e2c5992ba2288ca1557e7 Mon Sep 17 00:00:00 2001 From: Mark Stapp Date: Tue, 23 May 2023 15:31:31 -0400 Subject: pbrd, zebra: fix zapi and netlink rule encoding In pbrd, don't encode a rule without a table. There are cases where the zapi encoding was incorrect because the 4-octet table id was missing. In zebra, mask off the ECN bits in the TOS byte when encoding an iprule to match netlink's expectation. Signed-off-by: Mark Stapp --- pbrd/pbr_zebra.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) (limited to 'pbrd') diff --git a/pbrd/pbr_zebra.c b/pbrd/pbr_zebra.c index 097c9f2964..53a02e14a5 100644 --- a/pbrd/pbr_zebra.c +++ b/pbrd/pbr_zebra.c @@ -516,7 +516,7 @@ pbr_encode_pbr_map_sequence_vrf(struct stream *s, stream_putl(s, pbr_vrf->vrf->data.l.table_id); } -static void pbr_encode_pbr_map_sequence(struct stream *s, +static bool pbr_encode_pbr_map_sequence(struct stream *s, struct pbr_map_sequence *pbrms, struct interface *ifp) { @@ -549,7 +549,14 @@ static void pbr_encode_pbr_map_sequence(struct stream *s, stream_putl(s, pbr_nht_get_table(pbrms->nhgrp_name)); else if (pbrms->nhg) stream_putl(s, pbr_nht_get_table(pbrms->internal_nhg_name)); + else { + /* Not valid for install without table */ + return false; + } + stream_put(s, ifp->name, INTERFACE_NAMSIZ); + + return true; } bool pbr_send_pbr_map(struct pbr_map_sequence *pbrms, @@ -593,11 +600,13 @@ bool pbr_send_pbr_map(struct pbr_map_sequence *pbrms, install ? "Installing" : "Deleting", pbrm->name, pbrms->seqno, install, pmi->ifp->name, pmi->delete); - pbr_encode_pbr_map_sequence(s, pbrms, pmi->ifp); - - stream_putw_at(s, 0, stream_get_endp(s)); - - zclient_send_message(zclient); + if (pbr_encode_pbr_map_sequence(s, pbrms, pmi->ifp)) { + stream_putw_at(s, 0, stream_get_endp(s)); + zclient_send_message(zclient); + } else { + DEBUGD(&pbr_dbg_zebra, "%s: %s seq %u encode failed, skipped", + __func__, pbrm->name, pbrms->seqno); + } return true; } -- cgit v1.2.3