From be2028d19bddcef6c973c29de40d4a5d6be6765b Mon Sep 17 00:00:00 2001
From: Philippe Guibert <philippe.guibert@6wind.com>
Date: Tue, 27 Mar 2018 11:27:10 +0200
Subject: zebra: rework pbr ipset entry

Add ns_id into zebra_pbr ipset
This is important so that each ipset entry knows on which NETNS the
ipset entry must be inkected

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
---
 zebra/zapi_msg.c  | 2 ++
 zebra/zebra_ns.c  | 4 ++--
 zebra/zebra_pbr.h | 4 ++++
 3 files changed, 8 insertions(+), 2 deletions(-)

(limited to 'zebra')

diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index 9a18cc22f..ae6ccf9f5 100644
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -2847,6 +2847,7 @@ static inline void zread_ipset(ZAPI_HANDLER_ARGS)
 		memset(&zpi, 0, sizeof(zpi));
 
 		zpi.sock = client->sock;
+		zpi.vrf_id = zvrf->vrf->vrf_id;
 		STREAM_GETL(s, zpi.unique);
 		STREAM_GETL(s, zpi.type);
 		STREAM_GET(&zpi.ipset_name, s, ZEBRA_IPSET_NAME_SIZE);
@@ -2914,6 +2915,7 @@ static inline void zread_iptable(ZAPI_HANDLER_ARGS)
 	memset(&zpi, 0, sizeof(zpi));
 
 	zpi.sock = client->sock;
+	zpi.vrf_id = zvrf->vrf->vrf_id;
 	STREAM_GETL(s, zpi.unique);
 	STREAM_GETL(s, zpi.type);
 	STREAM_GETL(s, zpi.filter_bm);
diff --git a/zebra/zebra_ns.c b/zebra/zebra_ns.c
index 5c62e366a..4526a1487 100644
--- a/zebra/zebra_ns.c
+++ b/zebra/zebra_ns.c
@@ -262,10 +262,10 @@ int zebra_ns_disable(ns_id_t ns_id, void **info)
 
 	hash_clean(zns->rules_hash, zebra_pbr_rules_free);
 	hash_free(zns->rules_hash);
-	hash_clean(zns->ipset_hash, zebra_pbr_ipset_free);
-	hash_free(zns->ipset_hash);
 	hash_clean(zns->ipset_entry_hash,
 		   zebra_pbr_ipset_entry_free),
+	hash_clean(zns->ipset_hash, zebra_pbr_ipset_free);
+	hash_free(zns->ipset_hash);
 	hash_free(zns->ipset_entry_hash);
 	hash_clean(zns->iptable_hash,
 		   zebra_pbr_iptable_free);
diff --git a/zebra/zebra_pbr.h b/zebra/zebra_pbr.h
index 6b5cd1e8d..8cb83fe7c 100644
--- a/zebra/zebra_pbr.h
+++ b/zebra/zebra_pbr.h
@@ -61,6 +61,8 @@ struct zebra_pbr_ipset {
 	 */
 	int sock;
 
+	vrf_id_t vrf_id;
+
 	uint32_t unique;
 
 	/* type is encoded as uint32_t
@@ -104,6 +106,8 @@ struct zebra_pbr_iptable {
 	 */
 	int sock;
 
+	vrf_id_t vrf_id;
+
 	uint32_t unique;
 
 	/* include ipset type
-- 
cgit v1.2.3