zebra: pbr rule structure is being added fwmark tag

PBR rule is being added a 32 bit value that can be used to record a rule in the kernel, by using a fwmark information. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
2025-07-09 03:51:39 +00:00 · 2018-03-08 15:20:49 +01:00 · 2018-03-08 15:20:49 +01:00 · 1907e4b80b
commit 1907e4b80b
parent 425bdd6bf1
3 changed files with 22 additions and 4 deletions
--- a/zebra/zebra_pbr.c
+++ b/zebra/zebra_pbr.c
@ -57,6 +57,10 @@ uint32_t zebra_pbr_rules_hash_key(void *arg)
 	else
 		key = jhash_1word(0, key);

+	if (rule->filter.fwmark)
+		key = jhash_1word(rule->filter.fwmark, key);
+	else
+		key = jhash_1word(0, key);
 	return jhash_3words(rule->filter.src_port, rule->filter.dst_port,
 			    prefix_hash_key(&rule->filter.dst_ip),
 			    jhash_1word(rule->unique, key));
@ -87,6 +91,9 @@ int zebra_pbr_rules_hash_equal(const void *arg1, const void *arg2)
 	if (r1->filter.dst_port != r2->filter.dst_port)
 		return 0;

+	if (r1->filter.fwmark != r2->filter.fwmark)
+		return 0;
+
 	if (!prefix_same(&r1->filter.src_ip, &r2->filter.src_ip))
 		return 0;

--- a/zebra/zebra_pbr.h
+++ b/zebra/zebra_pbr.h
@ -46,6 +46,7 @@ struct zebra_pbr_filter {
 #define PBR_FILTER_DST_IP     (1 << 1)
 #define PBR_FILTER_SRC_PORT   (1 << 2)
 #define PBR_FILTER_DST_PORT   (1 << 3)
+#define PBR_FILTER_FWMARK     (1 << 4)

 	/* Source and Destination IP address with masks. */
 	struct prefix src_ip;
@ -54,6 +55,9 @@ struct zebra_pbr_filter {
 	/* Source and Destination higher-layer (TCP/UDP) port numbers. */
 	uint16_t src_port;
 	uint16_t dst_port;
+
+	/* Filter with fwmark */
+	uint32_t fwmark;
 };

 #define IS_RULE_FILTERING_ON_SRC_IP(r) \
--- a/zebra/zserv.c
+++ b/zebra/zserv.c
@ -2741,13 +2741,17 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
 		STREAM_GET(&zpr.filter.dst_ip.u.prefix, s,
 			   prefix_blen(&zpr.filter.dst_ip));
 		STREAM_GETW(s, zpr.filter.dst_port);
+		STREAM_GETL(s, zpr.filter.fwmark);
 		STREAM_GETL(s, zpr.action.table);
 		STREAM_GETL(s, ifindex);

-		zpr.ifp = if_lookup_by_index(ifindex, VRF_UNKNOWN);
-		if (!zpr.ifp) {
-			zlog_debug("Failed to lookup ifindex: %u", ifindex);
-			return;
+		if (ifindex) {
+			zpr.ifp = if_lookup_by_index(ifindex, VRF_UNKNOWN);
+			if (!zpr.ifp) {
+				zlog_debug("Failed to lookup ifindex: %u",
+					   ifindex);
+				return;
+			}
 		}

 		if (!is_default_prefix(&zpr.filter.src_ip))
@ -2762,6 +2766,9 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
 		if (zpr.filter.dst_port)
 			zpr.filter.filter_bm |= PBR_FILTER_DST_PORT;

+		if (zpr.filter.fwmark)
+			zpr.filter.filter_bm |= PBR_FILTER_FWMARK;
+
 		if (hdr->command == ZEBRA_RULE_ADD)
 			zebra_pbr_add_rule(zvrf->zns, &zpr);
 		else