forked from Mirror/frr
pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol any (zapi)
Subset: ZAPI changes to send the new data
Also adds filter_bm field; currently for PBR_FILTER_PCP, but in the
future to be used for all of the filter fields.
Changes by:
Josh Werner <joshuawerner@mitre.org>
Eli Baum <ebaum@mitre.org>
G. Paul Ziemba <paulz@labn.net>
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
This commit is contained in:
G. Paul Ziemba
parent
bfd3e8e012
commit
dbade07e0e
|
|
@ -1,6 +1,7 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0-or-later
|
// SPDX-License-Identifier: GPL-2.0-or-later
|
||||||
/* zebra client
|
/* zebra client
|
||||||
* Copyright (C) 1997, 98, 99 Kunihiro Ishiguro
|
* Copyright (C) 1997, 98, 99 Kunihiro Ishiguro
|
||||||
|
* Copyright (c) 2023 LabN Consulting, L.L.C.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <zebra.h>
|
#include <zebra.h>
|
||||||
|
|
@ -2732,6 +2733,9 @@ static void bgp_encode_pbr_rule_action(struct stream *s,
|
||||||
stream_putl(s, pbr->unique);
|
stream_putl(s, pbr->unique);
|
||||||
else
|
else
|
||||||
stream_putl(s, pbra->unique);
|
stream_putl(s, pbra->unique);
|
||||||
|
|
||||||
|
stream_putl(s, 0); /* filter_bm placeholder */
|
||||||
|
|
||||||
stream_putc(s, 0); /* ip protocol being used */
|
stream_putc(s, 0); /* ip protocol being used */
|
||||||
if (pbr && pbr->flags & MATCH_IP_SRC_SET)
|
if (pbr && pbr->flags & MATCH_IP_SRC_SET)
|
||||||
memcpy(&pfx, &(pbr->src), sizeof(struct prefix));
|
memcpy(&pfx, &(pbr->src), sizeof(struct prefix));
|
||||||
|
|
@ -2756,19 +2760,23 @@ static void bgp_encode_pbr_rule_action(struct stream *s,
|
||||||
stream_put(s, &pfx.u.prefix, prefix_blen(&pfx));
|
stream_put(s, &pfx.u.prefix, prefix_blen(&pfx));
|
||||||
|
|
||||||
stream_putw(s, 0); /* dst port */
|
stream_putw(s, 0); /* dst port */
|
||||||
stream_putc(s, 0); /* dsfield */
|
|
||||||
|
stream_putc(s, 0); /* filter dsfield */
|
||||||
/* if pbr present, fwmark is not used */
|
/* if pbr present, fwmark is not used */
|
||||||
if (pbr)
|
if (pbr)
|
||||||
stream_putl(s, 0);
|
stream_putl(s, 0);
|
||||||
else
|
else
|
||||||
stream_putl(s, pbra->fwmark); /* fwmark */
|
stream_putl(s, pbra->fwmark); /* filter fwmark */
|
||||||
|
|
||||||
stream_putl(s, 0); /* queue id */
|
stream_putc(s, 0); /* pcp filter */
|
||||||
stream_putw(s, 0); /* vlan_id */
|
stream_putw(s, 0); /* pcp action */
|
||||||
stream_putw(s, 0); /* vlan_flags */
|
stream_putw(s, 0); /* vlan_id filter */
|
||||||
stream_putw(s, 0); /* pcp */
|
stream_putw(s, 0); /* vlan_flags filter */
|
||||||
|
stream_putw(s, 0); /* vlan_id action */
|
||||||
|
stream_putw(s, 0); /* vlan_flags action */
|
||||||
|
stream_putl(s, 0); /* queue id action */
|
||||||
|
|
||||||
stream_putl(s, pbra->table_id);
|
stream_putl(s, pbra->table_id); /* table action */
|
||||||
|
|
||||||
memset(ifname, 0, sizeof(ifname));
|
memset(ifname, 0, sizeof(ifname));
|
||||||
stream_put(s, ifname, INTERFACE_NAMSIZ); /* ifname unused */
|
stream_put(s, ifname, INTERFACE_NAMSIZ); /* ifname unused */
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,9 @@
|
||||||
* Zebra connect code.
|
* Zebra connect code.
|
||||||
* Copyright (C) 2018 Cumulus Networks, Inc.
|
* Copyright (C) 2018 Cumulus Networks, Inc.
|
||||||
* Donald Sharp
|
* Donald Sharp
|
||||||
|
* Portions:
|
||||||
|
* Copyright (c) 2021 The MITRE Corporation.
|
||||||
|
* Copyright (c) 2023 LabN Consulting, L.L.C.
|
||||||
*/
|
*/
|
||||||
#include <zebra.h>
|
#include <zebra.h>
|
||||||
|
|
||||||
|
|
@ -20,6 +23,7 @@
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "nexthop.h"
|
#include "nexthop.h"
|
||||||
#include "nexthop_group.h"
|
#include "nexthop_group.h"
|
||||||
|
#include "pbr.h"
|
||||||
|
|
||||||
#include "pbr_nht.h"
|
#include "pbr_nht.h"
|
||||||
#include "pbr_map.h"
|
#include "pbr_map.h"
|
||||||
|
|
@ -529,6 +533,9 @@ static bool pbr_encode_pbr_map_sequence(struct stream *s,
|
||||||
stream_putl(s, pbrms->seqno);
|
stream_putl(s, pbrms->seqno);
|
||||||
stream_putl(s, pbrms->ruleno);
|
stream_putl(s, pbrms->ruleno);
|
||||||
stream_putl(s, pbrms->unique);
|
stream_putl(s, pbrms->unique);
|
||||||
|
|
||||||
|
stream_putl(s, pbrms->filter_bm);
|
||||||
|
|
||||||
stream_putc(s, pbrms->ip_proto); /* The ip_proto */
|
stream_putc(s, pbrms->ip_proto); /* The ip_proto */
|
||||||
pbr_encode_pbr_map_sequence_prefix(s, pbrms->src, family);
|
pbr_encode_pbr_map_sequence_prefix(s, pbrms->src, family);
|
||||||
stream_putw(s, pbrms->src_prt);
|
stream_putw(s, pbrms->src_prt);
|
||||||
|
|
@ -536,13 +543,25 @@ static bool pbr_encode_pbr_map_sequence(struct stream *s,
|
||||||
stream_putw(s, pbrms->dst_prt);
|
stream_putw(s, pbrms->dst_prt);
|
||||||
stream_putc(s, pbrms->dsfield);
|
stream_putc(s, pbrms->dsfield);
|
||||||
stream_putl(s, pbrms->mark);
|
stream_putl(s, pbrms->mark);
|
||||||
|
/* PCP */
|
||||||
stream_putl(s, pbrms->action_queue_id);
|
if (CHECK_FLAG(pbrms->filter_bm, PBR_FILTER_PCP))
|
||||||
|
stream_putc(s, pbrms->match_pcp);
|
||||||
|
else
|
||||||
|
stream_putc(s, 0);
|
||||||
|
stream_putw(s, pbrms->action_pcp);
|
||||||
|
/* VLAN */
|
||||||
|
stream_putw(s, pbrms->match_vlan_id);
|
||||||
|
stream_putw(s, pbrms->match_vlan_flags);
|
||||||
|
|
||||||
stream_putw(s, pbrms->action_vlan_id);
|
stream_putw(s, pbrms->action_vlan_id);
|
||||||
stream_putw(s, pbrms->action_vlan_flags);
|
stream_putw(s, pbrms->action_vlan_flags);
|
||||||
stream_putw(s, pbrms->action_pcp);
|
stream_putl(s, pbrms->action_queue_id);
|
||||||
|
|
||||||
|
/* if the user does not use the command "set vrf name |unchanged"
|
||||||
|
* then pbr_encode_pbr_map_sequence_vrf will not be called
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* these statement get a table id */
|
||||||
if (pbrms->vrf_unchanged || pbrms->vrf_lookup)
|
if (pbrms->vrf_unchanged || pbrms->vrf_lookup)
|
||||||
pbr_encode_pbr_map_sequence_vrf(s, pbrms, ifp);
|
pbr_encode_pbr_map_sequence_vrf(s, pbrms, ifp);
|
||||||
else if (pbrms->nhgrp_name)
|
else if (pbrms->nhgrp_name)
|
||||||
|
|
@ -568,9 +587,6 @@ bool pbr_send_pbr_map(struct pbr_map_sequence *pbrms,
|
||||||
|
|
||||||
is_installed &= pbrms->installed;
|
is_installed &= pbrms->installed;
|
||||||
|
|
||||||
DEBUGD(&pbr_dbg_zebra, "%s: for %s %d(%" PRIu64 ")", __func__,
|
|
||||||
pbrm->name, install, is_installed);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If we are installed and asked to do so again and the config
|
* If we are installed and asked to do so again and the config
|
||||||
* has not changed, just return.
|
* has not changed, just return.
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,8 @@
|
||||||
* Copyright (C) 1997-1999 Kunihiro Ishiguro
|
* Copyright (C) 1997-1999 Kunihiro Ishiguro
|
||||||
* Copyright (C) 2015-2018 Cumulus Networks, Inc.
|
* Copyright (C) 2015-2018 Cumulus Networks, Inc.
|
||||||
* et al.
|
* et al.
|
||||||
|
* Copyright (c) 2021 The MITRE Corporation.
|
||||||
|
* Copyright (c) 2023 LabN Consulting, L.L.C.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <zebra.h>
|
#include <zebra.h>
|
||||||
|
|
@ -3199,6 +3201,9 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
|
||||||
STREAM_GETL(s, zpr.rule.seq);
|
STREAM_GETL(s, zpr.rule.seq);
|
||||||
STREAM_GETL(s, zpr.rule.priority);
|
STREAM_GETL(s, zpr.rule.priority);
|
||||||
STREAM_GETL(s, zpr.rule.unique);
|
STREAM_GETL(s, zpr.rule.unique);
|
||||||
|
|
||||||
|
STREAM_GETL(s, zpr.rule.filter.filter_bm);
|
||||||
|
|
||||||
STREAM_GETC(s, zpr.rule.filter.ip_proto);
|
STREAM_GETC(s, zpr.rule.filter.ip_proto);
|
||||||
STREAM_GETC(s, zpr.rule.filter.src_ip.family);
|
STREAM_GETC(s, zpr.rule.filter.src_ip.family);
|
||||||
STREAM_GETC(s, zpr.rule.filter.src_ip.prefixlen);
|
STREAM_GETC(s, zpr.rule.filter.src_ip.prefixlen);
|
||||||
|
|
@ -3213,10 +3218,13 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
|
||||||
STREAM_GETC(s, zpr.rule.filter.dsfield);
|
STREAM_GETC(s, zpr.rule.filter.dsfield);
|
||||||
STREAM_GETL(s, zpr.rule.filter.fwmark);
|
STREAM_GETL(s, zpr.rule.filter.fwmark);
|
||||||
|
|
||||||
STREAM_GETL(s, zpr.rule.action.queue_id);
|
STREAM_GETC(s, zpr.rule.filter.pcp);
|
||||||
|
STREAM_GETW(s, zpr.rule.action.pcp);
|
||||||
|
STREAM_GETW(s, zpr.rule.filter.vlan_id);
|
||||||
|
STREAM_GETW(s, zpr.rule.filter.vlan_flags);
|
||||||
STREAM_GETW(s, zpr.rule.action.vlan_id);
|
STREAM_GETW(s, zpr.rule.action.vlan_id);
|
||||||
STREAM_GETW(s, zpr.rule.action.vlan_flags);
|
STREAM_GETW(s, zpr.rule.action.vlan_flags);
|
||||||
STREAM_GETW(s, zpr.rule.action.pcp);
|
STREAM_GETL(s, zpr.rule.action.queue_id);
|
||||||
|
|
||||||
STREAM_GETL(s, zpr.rule.action.table);
|
STREAM_GETL(s, zpr.rule.action.table);
|
||||||
STREAM_GET(ifname, s, INTERFACE_NAMSIZ);
|
STREAM_GET(ifname, s, INTERFACE_NAMSIZ);
|
||||||
|
|
@ -3245,6 +3253,14 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
|
||||||
if (zpr.rule.filter.fwmark)
|
if (zpr.rule.filter.fwmark)
|
||||||
zpr.rule.filter.filter_bm |= PBR_FILTER_FWMARK;
|
zpr.rule.filter.filter_bm |= PBR_FILTER_FWMARK;
|
||||||
|
|
||||||
|
/* NB PBR_FILTER_PCP should already be set by sender */
|
||||||
|
|
||||||
|
if (zpr.rule.filter.vlan_flags)
|
||||||
|
zpr.rule.filter.filter_bm |= PBR_FILTER_VLAN_FLAGS;
|
||||||
|
|
||||||
|
if (zpr.rule.filter.vlan_id)
|
||||||
|
zpr.rule.filter.filter_bm |= PBR_FILTER_VLAN_ID;
|
||||||
|
|
||||||
if (!(zpr.rule.filter.src_ip.family == AF_INET
|
if (!(zpr.rule.filter.src_ip.family == AF_INET
|
||||||
|| zpr.rule.filter.src_ip.family == AF_INET6)) {
|
|| zpr.rule.filter.src_ip.family == AF_INET6)) {
|
||||||
zlog_warn(
|
zlog_warn(
|
||||||
|
|
@ -3515,7 +3531,7 @@ static inline void zread_ipset_entry(ZAPI_HANDLER_ARGS)
|
||||||
if (zpi.src_port_max != 0)
|
if (zpi.src_port_max != 0)
|
||||||
zpi.filter_bm |= PBR_FILTER_SRC_PORT_RANGE;
|
zpi.filter_bm |= PBR_FILTER_SRC_PORT_RANGE;
|
||||||
if (zpi.proto != 0)
|
if (zpi.proto != 0)
|
||||||
zpi.filter_bm |= PBR_FILTER_PROTO;
|
zpi.filter_bm |= PBR_FILTER_IP_PROTOCOL;
|
||||||
|
|
||||||
if (!(zpi.dst.family == AF_INET
|
if (!(zpi.dst.family == AF_INET
|
||||||
|| zpi.dst.family == AF_INET6)) {
|
|| zpi.dst.family == AF_INET6)) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue