summaryrefslogtreecommitdiff
path: root/src/conf_mode/policy-route.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-01-27 22:28:51 +0100
committerGitHub <noreply@github.com>2022-01-27 22:28:51 +0100
commita23cc19ad88bcf8ed32dbe77ebe25254448d8a9c (patch)
treeff9e07493a6e4b1a4fcf79fe223185a0a1f199a0 /src/conf_mode/policy-route.py
parenta414fa198a96ac5557bc1bd827e8dc18c3150825 (diff)
parent25e97e0b0224f3f8f1bffb77b36955d6fa129dd3 (diff)
downloadvyos-1x-a23cc19ad88bcf8ed32dbe77ebe25254448d8a9c.tar.gz
vyos-1x-a23cc19ad88bcf8ed32dbe77ebe25254448d8a9c.zip
Merge pull request #1194 from sarthurdev/T4213
policy: T4213: Fix rule creation/deletion for IPv6 policy routes
Diffstat (limited to 'src/conf_mode/policy-route.py')
-rwxr-xr-xsrc/conf_mode/policy-route.py26
1 files changed, 14 insertions, 12 deletions
diff --git a/src/conf_mode/policy-route.py b/src/conf_mode/policy-route.py
index ee5197af0..7dcab4b58 100755
--- a/src/conf_mode/policy-route.py
+++ b/src/conf_mode/policy-route.py
@@ -205,6 +205,7 @@ def generate(policy):
def apply_table_marks(policy):
for route in ['route', 'route6']:
if route in policy:
+ cmd_str = 'ip' if route == 'route' else 'ip -6'
for name, pol_conf in policy[route].items():
if 'rule' in pol_conf:
for rule_id, rule_conf in pol_conf['rule'].items():
@@ -213,20 +214,21 @@ def apply_table_marks(policy):
if set_table == 'main':
set_table = '254'
table_mark = mark_offset - int(set_table)
- cmd(f'ip rule add fwmark {table_mark} table {set_table}')
+ cmd(f'{cmd_str} rule add pref {set_table} fwmark {table_mark} table {set_table}')
def cleanup_table_marks():
- json_rules = cmd('ip -j -N rule list')
- rules = loads(json_rules)
- for rule in rules:
- if 'fwmark' not in rule or 'table' not in rule:
- continue
- fwmark = rule['fwmark']
- table = int(rule['table'])
- if fwmark[:2] == '0x':
- fwmark = int(fwmark, 16)
- if (int(fwmark) == (mark_offset - table)):
- cmd(f'ip rule del fwmark {fwmark} table {table}')
+ for cmd_str in ['ip', 'ip -6']:
+ json_rules = cmd(f'{cmd_str} -j -N rule list')
+ rules = loads(json_rules)
+ for rule in rules:
+ if 'fwmark' not in rule or 'table' not in rule:
+ continue
+ fwmark = rule['fwmark']
+ table = int(rule['table'])
+ if fwmark[:2] == '0x':
+ fwmark = int(fwmark, 16)
+ if (int(fwmark) == (mark_offset - table)):
+ cmd(f'{cmd_str} rule del fwmark {fwmark} table {table}')
def apply(policy):
install_result = run(f'nft -f {nftables_conf}')