diff options
author | Mark Stapp <mjs@labn.net> | 2023-09-08 16:23:20 +0200 |
---|---|---|
committer | Mark Stapp <mjs@labn.net> | 2023-09-08 16:23:20 +0200 |
commit | 7aabdc677aa3b5b5118113da0e41f7ec40985785 (patch) | |
tree | 6170009032057c5290d975ce79346d3c799b118c /zebra/rule_netlink.c | |
parent | Merge pull request #14344 from opensourcerouting/freebsd-printf-sync-20230903 (diff) | |
download | frr-7aabdc677aa3b5b5118113da0e41f7ec40985785.tar.xz frr-7aabdc677aa3b5b5118113da0e41f7ec40985785.zip |
zebra: ignore iprule requests for unsupported actions
Only attempt to install in netlink iprules that include supported
actions; ignore requests with actions that aren't supported by
netlink.
Signed-off-by: Mark Stapp <mjs@labn.net>
Diffstat (limited to 'zebra/rule_netlink.c')
-rw-r--r-- | zebra/rule_netlink.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/zebra/rule_netlink.c b/zebra/rule_netlink.c index bc96e1290..f00aef52c 100644 --- a/zebra/rule_netlink.c +++ b/zebra/rule_netlink.c @@ -174,6 +174,17 @@ static ssize_t netlink_oldrule_msg_encoder(struct zebra_dplane_ctx *ctx, dplane_ctx_rule_get_old_ipproto(ctx), buf, buflen); } +/* + * Identify valid rule actions for netlink - other actions can't be installed + */ +static bool nl_rule_valid_action(uint32_t action) +{ + if (action == PBR_ACTION_TABLE) + return true; + else + return false; +} + /* Public functions */ enum netlink_msg_status @@ -181,6 +192,7 @@ netlink_put_rule_update_msg(struct nl_batch *bth, struct zebra_dplane_ctx *ctx) { enum dplane_op_e op; enum netlink_msg_status ret; + struct pbr_rule rule = {}; op = dplane_ctx_get_op(ctx); if (!(op == DPLANE_OP_RULE_ADD || op == DPLANE_OP_RULE_UPDATE @@ -192,6 +204,18 @@ netlink_put_rule_update_msg(struct nl_batch *bth, struct zebra_dplane_ctx *ctx) return FRR_NETLINK_ERROR; } + /* TODO -- special handling for rules that include actions that + * netlink cannot install. Some of the rule attributes are not + * available in netlink: only try to install valid actions. + */ + dplane_ctx_rule_get(ctx, &rule, NULL); + if (!nl_rule_valid_action(rule.action.flags)) { + if (IS_ZEBRA_DEBUG_KERNEL) + zlog_debug("%s: skip invalid action %#x", __func__, + rule.action.flags); + return 0; + } + ret = netlink_batch_add_msg(bth, ctx, netlink_rule_msg_encoder, false); /** |