ISIS VRF: Added vrf_socket and new param in isisd privileges.

1. The socket() call replaced with vrf_socket() in open_packet_socket().
2. One new isisd privileges is added in zebra_capabilities_t [].

Signed-off-by: Kaushik <kaushik@niralnetworks.com>
This commit is contained in:
Kaushik 2020-06-24 05:27:14 -07:00
parent 3f3391e5f4
commit caa18d497f
2 changed files with 13 additions and 2 deletions

View File

@ -66,7 +66,7 @@
#define FABRICD_VTY_PORT 2618
/* isisd privileges */
zebra_capabilities_t _caps_p[] = {ZCAP_NET_RAW, ZCAP_BIND};
zebra_capabilities_t _caps_p[] = {ZCAP_NET_RAW, ZCAP_BIND, ZCAP_SYS_ADMIN};
struct zebra_privs_t isisd_privs = {
#if defined(FRR_USER)

View File

@ -32,6 +32,7 @@
#include "stream.h"
#include "if.h"
#include "lib_errors.h"
#include "vrf.h"
#include "isisd/isis_constants.h"
#include "isisd/isis_common.h"
@ -121,8 +122,18 @@ static int open_packet_socket(struct isis_circuit *circuit)
{
struct sockaddr_ll s_addr;
int fd, retval = ISIS_OK;
struct vrf *vrf = NULL;
vrf = vrf_lookup_by_id(circuit->interface->vrf_id);
if (vrf == NULL) {
zlog_warn("open_packet_socket(): failed to find vrf node");
return ISIS_WARNING;
}
fd = vrf_socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL),
circuit->interface->vrf_id, vrf->name);
fd = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL));
if (fd < 0) {
zlog_warn("open_packet_socket(): socket() failed %s",
safe_strerror(errno));