diff options
Diffstat (limited to 'python/vyos')
-rw-r--r-- | python/vyos/ifconfig/interface.py | 48 |
1 files changed, 23 insertions, 25 deletions
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index bf10b4440..7026223b1 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -1044,34 +1044,33 @@ class Interface(Control): # Setting up packet mirroring ingress_mirror = dict_search('mirror.ingress', self._config) - if ingress_mirror: - # if interface does yet not exist bail out early and - # add it later - if ingress_mirror in interfaces(): - # Mirror ingress traffic - mirror_cmd = f'tc qdisc add dev {ifname} handle ffff: ingress' - self._cmd(mirror_cmd) - # Export the mirrored traffic to the interface - mirror_cmd = f'tc filter add dev {ifname} parent ffff: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress mirror dev {ingress_mirror}' - self._cmd(mirror_cmd) + # if interface does yet not exist bail out early and + # add it later + if ingress_mirror and ingress_mirror in interfaces(): + # Mirror ingress traffic + mirror_cmd = f'tc qdisc add dev {ifname} handle ffff: ingress' + self._cmd(mirror_cmd) + # Export the mirrored traffic to the interface + mirror_cmd = f'tc filter add dev {ifname} parent ffff: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress mirror dev {ingress_mirror}' + self._cmd(mirror_cmd) egress_mirror = dict_search('mirror.egress', self._config) - if egress_mirror: - # if interface does yet not exist bail out early and - # add it later - if egress_mirror in interfaces(): - # Mirror egress traffic - mirror_cmd = f'tc qdisc add dev {ifname} handle 1: root prio' - self._cmd(mirror_cmd) - # Export the mirrored traffic to the interface - mirror_cmd = f'tc filter add dev {ifname} parent 1: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress mirror dev {egress_mirror}' - self._cmd(mirror_cmd) - - def apply_mirror_of_monitor(self,mirror_rules): + # if interface does yet not exist bail out early and + # add it later + if egress_mirror and egress_mirror in interfaces(): + # Mirror egress traffic + mirror_cmd = f'tc qdisc add dev {ifname} handle 1: root prio' + self._cmd(mirror_cmd) + # Export the mirrored traffic to the interface + mirror_cmd = f'tc filter add dev {ifname} parent 1: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress mirror dev {egress_mirror}' + self._cmd(mirror_cmd) + + def apply_mirror_of_monitor(self): # Please refer to the document for details # https://man7.org/linux/man-pages/man8/tc.8.html # https://man7.org/linux/man-pages/man8/tc-mirred.8.html ifname = self._config['ifname'] + mirror_rules = self._config.get('is_monitor_intf') # Remove existing mirroring rules # The rule must be completely deleted first @@ -1088,7 +1087,7 @@ class Interface(Control): # Mirror ingress traffic mirror_cmd = f'tc qdisc add dev {intf} handle ffff: ingress' self._cmd(mirror_cmd) - # Mirror ingress traffic + # Export the mirrored traffic to the interface mirror_cmd = f'tc filter add dev {intf} parent ffff: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress mirror dev {ifname}' self._cmd(mirror_cmd) elif dire == "egress": @@ -1269,8 +1268,7 @@ class Interface(Control): # Re-set rules for the mirror monitoring interface if 'is_monitor_intf' in config: - mirror_rules = config.get('is_monitor_intf') - self.apply_mirror_of_monitor(mirror_rules) + self.apply_mirror_of_monitor() # remove no longer required 802.1ad (Q-in-Q VLANs) ifname = config['ifname'] |