summaryrefslogtreecommitdiffhomepage
path: root/iprule.c
AgeCommit message (Collapse)Author
2019-05-27iprule: fix missing ip rules after a reload (FS#2296)Hans Dedecker
Since commit 5cf79759a24e9bb2a6a3aef7c83d73efb9bf2df3 (iprule: rework interface based rules to handle dynamic interfaces) the rule comparison is broken and doesn't correctly recognize matching rules. This in turn break the reloading as adding the "new" rule fails because it already exists and it then delete the "old" rule. The comparison is broken because it now include fields that are not defining the rule itself, as well as some pointer to malloced strings. To fix this we move back the offending fields in the iprule struct before the 'flags' field and match the malloced strings separately. Signed-off-by: Alban Bedel <albeu@free.fr> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-01iprule: coding style fixesHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-01iprule: fix segfault (FS#1875)Hans Dedecker
Fix segfault in generic_interface_cb by checking the IPRULE_OUT/IPRULE_IN flags before doing the strcmp for the possible configured out/in interface(s) of the ip rule. Also don't copy the interface layer3 device as the layer 3 device is not yet known when IFEV_CREATE event is launched. The layer3 device will be known when the IFEV_UP event is processed in rule_out_cb/rule_in_cb. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-07-25iprule: remove bogus assert callsFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-25iprule: fix broken in_dev/out_dev checksFelix Fietkau
Since they are both char arrays, they can never be NULL Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-05iprule: rework interface based rules to handle dynamic interfacesAlexander Couzens
Previous netifd would only apply `ip rule`s while config phase. If the iprule is depending on an interface (iif or oif), the rule will fail if the interface is not up. Allow iprules to track interfaces and their devices by using the interface events. Fixes: FS#1571 Acked-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-11iprule: Add option to suppress unspecific routing lookupsStefan Tomanek
After applying this patch, policy routing rules can be employed that ignore parts of a routing table. The following config snippet ignores routing lookups from the specified main routing table yielding the default route, passing the lookup process on to the next rule (that might provide a special default route for marked packets): config rule option priority 10 # check main routing table first, but ignore default route result option lookup main option suppress_prefixlength 0 config rule option priority 11 # use special routing table for marked packets # (unless already consumed by previous rule) option mark 0xFF option lookup 100 The result is a ruleset like this (only visible using the full 'ip' binary): # ip rule 0: from all lookup local 10: from all lookup main suppress_prefixlength 0 11: from all fwmark 0xff lookup 100 32766: from all lookup main 32767: from all lookup default # Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
2017-01-31treewide: fix white space errorsHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2013-10-22utils: add a function for checking if a process given by pid is still aliveFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2013-06-10config: use the new uci_blob library codeFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2013-05-28Make sure that iprule flushing happens after system_init(), otherwise the ↵Jo-Philipp Wich
rtnl_socket is not available
2013-05-27Move iprule flushing to the init function to make the timing predictableJo-Philipp Wich
2013-05-27Move initial iprule flushing to system_add_iprule() to not collide with ↵Jo-Philipp Wich
generic multiwan support
2013-04-05Maintain config order of ip rules unless user explicitely provides priorityJo-Philipp Wich
2013-04-04Add support for ip rulesJo-Philipp Wich