proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-06 02:30:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #14377 from mjstapp/nl_rule_valid_action

Browse Source 
zebra: ignore iprule requests for unsupported actions
This commit is contained in:
Donatas Abraitis 2023-09-09 12:36:18 +03:00 committed by GitHub
commit bee4e27e78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
zebra/rule_netlink.c
View File

@ -174,6 +174,17 @@ static ssize_t netlink_oldrule_msg_encoder(struct zebra_dplane_ctx *ctx,
dplane_ctx_rule_get_old_ipproto(ctx), buf, buflen);
}
/*
* Identify valid rule actions for netlink - other actions can't be installed
*/
static bool nl_rule_valid_action(uint32_t action)
{
if (action == PBR_ACTION_TABLE)
return true;
else
return false;
}
/* Public functions */
enum netlink_msg_status
@ -181,6 +192,7 @@ netlink_put_rule_update_msg(struct nl_batch *bth, struct zebra_dplane_ctx *ctx)
{
enum dplane_op_e op;
enum netlink_msg_status ret;
struct pbr_rule rule = {};
op = dplane_ctx_get_op(ctx);
if (!(op == DPLANE_OP_RULE_ADD || op == DPLANE_OP_RULE_UPDATE
@ -192,6 +204,18 @@ netlink_put_rule_update_msg(struct nl_batch *bth, struct zebra_dplane_ctx *ctx)
return FRR_NETLINK_ERROR;
}
/* TODO -- special handling for rules that include actions that
* netlink cannot install. Some of the rule attributes are not
* available in netlink: only try to install valid actions.
*/
dplane_ctx_rule_get(ctx, &rule, NULL);
if (!nl_rule_valid_action(rule.action.flags)) {
if (IS_ZEBRA_DEBUG_KERNEL)
zlog_debug("%s: skip invalid action %#x", __func__,
rule.action.flags);
return 0;
}
ret = netlink_batch_add_msg(bth, ctx, netlink_rule_msg_encoder, false);
/**