proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-12 22:27:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pbrd: adjust/remove the rule correctly when dst and/or src removed

Browse Source 
When the last match criteria was removed (dst-ip or src-ip), we were
not deleting the rule correctly for ipv6. This fix retains the
needed src-ip/dst-ip during the pbr_send_pbr_map process so the
appropriate information is available for the rule delete.

Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
This commit is contained in:
Don Slice 2018-03-26 19:16:09 +00:00 committed by Donald Sharp
parent a1b7005bf4
commit 49027ce856
5 changed files with 13 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pbrd/pbr_map.c
View File

@ -527,13 +527,6 @@ void pbr_map_check(struct pbr_map_sequence *pbrms)
__PRETTY_FUNCTION__, pbrm->name, pbrms->seqno, pbrms->reason); __PRETTY_FUNCTION__, pbrm->name, pbrms->seqno, pbrms->reason);
if (pbrms->reason == PBR_MAP_VALID_SEQUENCE_NUMBER) { if (pbrms->reason == PBR_MAP_VALID_SEQUENCE_NUMBER) {
if (pbrms->installed) {
install = false;
for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, inode, pmi)) {
pbr_send_pbr_map(pbrms, pmi, install);
}
install = true;
}
install = true; install = true;
DEBUGD(&pbr_dbg_map, "%s: Installing %s(%u) reason: %" PRIu64, DEBUGD(&pbr_dbg_map, "%s: Installing %s(%u) reason: %" PRIu64,
__PRETTY_FUNCTION__, pbrm->name, pbrms->seqno, __PRETTY_FUNCTION__, pbrm->name, pbrms->seqno,

5
pbrd/pbr_map.h
View File

@ -85,6 +85,11 @@ struct pbr_map_sequence {
struct prefix *src; struct prefix *src;
struct prefix *dst; struct prefix *dst;
/*
* Family of the src/dst. Needed when deleting since we clear them
*/
unsigned char family;
/* /*
* The nexthop group we auto create * The nexthop group we auto create
* for when the user specifies a individual * for when the user specifies a individual

4
pbrd/pbr_vty.c
View File

@ -95,6 +95,8 @@ DEFPY(pbr_map_match_src, pbr_map_match_src_cmd,
{ {
struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence); struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence);
pbrms->family = prefix->family;
if (!no) { if (!no) {
if (prefix_same(pbrms->src, prefix)) if (prefix_same(pbrms->src, prefix))
return CMD_SUCCESS; return CMD_SUCCESS;
@ -122,6 +124,8 @@ DEFPY(pbr_map_match_dst, pbr_map_match_dst_cmd,
{ {
struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence); struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence);
pbrms->family = prefix->family;
if (!no) { if (!no) {
if (prefix_same(pbrms->dst, prefix)) if (prefix_same(pbrms->dst, prefix))
return CMD_SUCCESS; return CMD_SUCCESS;

11
pbrd/pbr_zebra.c
View File

@ -455,7 +455,7 @@ void pbr_send_rnh(struct nexthop *nhop, bool reg)
static void pbr_encode_pbr_map_sequence_prefix(struct stream *s, static void pbr_encode_pbr_map_sequence_prefix(struct stream *s,
struct prefix *p, struct prefix *p,
u_char family) unsigned char family)
{ {
struct prefix any; struct prefix any;
@ -474,14 +474,11 @@ static void pbr_encode_pbr_map_sequence(struct stream *s,
struct pbr_map_sequence *pbrms, struct pbr_map_sequence *pbrms,
struct interface *ifp) struct interface *ifp)
{ {
u_char family; unsigned char family;
family = AF_INET; family = AF_INET;
if (pbrms->src) if (pbrms->family)
family = pbrms->src->family; family = pbrms->family;
if (pbrms->dst)
family = pbrms->dst->family;
stream_putl(s, pbrms->seqno); stream_putl(s, pbrms->seqno);
stream_putl(s, pbrms->ruleno); stream_putl(s, pbrms->ruleno);

3
zebra/rule_netlink.c
View File

@ -77,9 +77,6 @@ static int netlink_rule_update(int cmd, struct zebra_pbr_rule *rule)
req.frh.family = family; req.frh.family = family;
req.frh.action = FR_ACT_TO_TBL; req.frh.action = FR_ACT_TO_TBL;
if (cmd == RTM_NEWRULE)
req.n.nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL;
/* rule's pref # */ /* rule's pref # */
addattr32(&req.n, sizeof(req), FRA_PRIORITY, rule->priority); addattr32(&req.n, sizeof(req), FRA_PRIORITY, rule->priority);