diff options
author | Stefan Tomanek <stefan.tomanek@wertarbyte.de> | 2017-06-07 12:47:04 +0200 |
---|---|---|
committer | Hans Dedecker <dedeckeh@gmail.com> | 2017-06-11 15:07:18 +0200 |
commit | 90e2e2c404eeeb3414c794dfb45f5ee4b88cd479 (patch) | |
tree | 8d2a78ef9b3fce2f3edcf3e524ea09fdf6b026d0 /iprule.c | |
parent | 08f1875201a60dc20c65d2af26b41af987662f10 (diff) |
iprule: Add option to suppress unspecific routing lookups
After applying this patch, policy routing rules can be employed that ignore
parts of a routing table. The following config snippet ignores routing lookups
from the specified main routing table yielding the default route, passing the
lookup process on to the next rule (that might provide a special default route
for marked packets):
config rule
option priority 10
# check main routing table first, but ignore default route result
option lookup main
option suppress_prefixlength 0
config rule
option priority 11
# use special routing table for marked packets
# (unless already consumed by previous rule)
option mark 0xFF
option lookup 100
The result is a ruleset like this (only visible using the full 'ip' binary):
# ip rule
0: from all lookup local
10: from all lookup main suppress_prefixlength 0
11: from all fwmark 0xff lookup 100
32766: from all lookup main
32767: from all lookup default
#
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
Diffstat (limited to 'iprule.c')
-rw-r--r-- | iprule.c | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -42,6 +42,7 @@ enum { RULE_LOOKUP, RULE_ACTION, RULE_GOTO, + RULE_SUP_PREFIXLEN, __RULE_MAX }; @@ -55,6 +56,7 @@ static const struct blobmsg_policy rule_attr[__RULE_MAX] = { [RULE_TOS] = { .name = "tos", .type = BLOBMSG_TYPE_INT32 }, [RULE_FWMARK] = { .name = "mark", .type = BLOBMSG_TYPE_STRING }, [RULE_LOOKUP] = { .name = "lookup", .type = BLOBMSG_TYPE_STRING }, + [RULE_SUP_PREFIXLEN] = { .name = "suppress_prefixlength", .type = BLOBMSG_TYPE_INT32 }, [RULE_ACTION] = { .name = "action", .type = BLOBMSG_TYPE_STRING }, [RULE_GOTO] = { .name = "goto", .type = BLOBMSG_TYPE_INT32 }, }; @@ -185,6 +187,11 @@ iprule_add(struct blob_attr *attr, bool v6) rule->flags |= IPRULE_LOOKUP; } + if ((cur = tb[RULE_SUP_PREFIXLEN]) != NULL) { + rule->sup_prefixlen = blobmsg_get_u32(cur); + rule->flags |= IPRULE_SUP_PREFIXLEN; + } + if ((cur = tb[RULE_ACTION]) != NULL) { if (!system_resolve_iprule_action(blobmsg_data(cur), &rule->action)) { DPRINTF("Failed to parse rule action: %s\n", (char *) blobmsg_data(cur)); |