diff options
| author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-07-12 09:44:13 -0700 |
|---|---|---|
| committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-07-12 11:04:07 -0700 |
| commit | 738affa4b8f5adf66c7451f50698fd76651d1f88 (patch) | |
| tree | 2535c1931e737db667369edd22691b49c4d00fbe | |
| parent | 0a6b091d5a2538eca96e74aaed9d89ade75e1d97 (diff) | |
| download | vyatta-cfg-qos-738affa4b8f5adf66c7451f50698fd76651d1f88.tar.gz vyatta-cfg-qos-738affa4b8f5adf66c7451f50698fd76651d1f88.zip | |
Allow firewall mark combined with interface match
Bug 5815
Allow match on firewall mark and interface id. Using meta match it
is possible to match on both.
| -rw-r--r-- | lib/Vyatta/Qos/Match.pm | 40 |
1 files changed, 17 insertions, 23 deletions
diff --git a/lib/Vyatta/Qos/Match.pm b/lib/Vyatta/Qos/Match.pm index 839ef43..48e92c3 100644 --- a/lib/Vyatta/Qos/Match.pm +++ b/lib/Vyatta/Qos/Match.pm @@ -24,17 +24,13 @@ sub new { my ( $that, $config ) = @_; my $self = {}; my $class = ref($that) || $that; - my %filter; + my $ptype; bless $self, $class; foreach my $proto (qw(ip ipv6 ether)) { next unless $config->exists($proto); - foreach my $t (qw(vif dev)) { - die "can not match on $proto and $t\n" if $config->exists($t); - } - my %fields; if ( $proto eq 'ether' ) { @@ -55,11 +51,10 @@ sub new { $self->{$proto} = \%fields; - my $other = $filter{'protocol'}; + my $other = $ptype; die "Can not match on both $proto and $other protocol in same match\n" if $other; - - $filter{'protocol'} = $proto; + $ptype = $other; } my $vif = $config->returnValue("vif"); @@ -67,17 +62,18 @@ sub new { my $iif = $config->returnValue("interface"); $self->{_indev} = getIfIndex($iif); - $filter{'interface'} = 1 if defined($vif) | defined($iif); my $fwmark = $config->returnValue("mark"); $self->{_fwmark} = $fwmark; - $filter{'mark'} = 1 if $fwmark; - # Firewall mark, packet contents, and meta data use different - # tc filters - my @filters = (keys %filter); - die "Can not combine match on both ", join(' and ',@filters), "\n" - if $#filters > 0; + if ($ptype) { + die "Can not combine protocol and firewall mark match\n" + if ($fwmark); + die "Can not combine protocol and vlan tag match\n" + if ($vif); + die "Can not combine protocol and interface match\n" + if ($iif); + } return $self; } @@ -148,14 +144,6 @@ sub filter { } my $fwmark = $self->{_fwmark}; - if ( $fwmark ) { - printf "filter add dev %s parent %x: prio %d", $dev, $parent, $prio; - printf " protocol all handle %d fw", $fwmark; - print " $police" if $police; - printf " flowid %x:%x\n", $parent, $classid; - return; - } - my $indev = $self->{_indev}; my $vif = $self->{_vif}; if ( defined($vif) || defined($indev) ) { @@ -163,9 +151,15 @@ sub filter { print " protocol all basic"; print " match meta\(rt_iif eq $indev\)" if $indev; print " match meta\(vlan mask 0xfff eq $vif\)" if $vif; + print " match meta\(fw_mark eq $fwmark\)" if $fwmark; print " $police" if $police; printf " flowid %x:%x\n", $parent, $classid; + } elsif ( $fwmark ) { + printf "filter add dev %s parent %x: prio %d", $dev, $parent, $prio; + printf " protocol all handle %d fw", $fwmark; + print " $police" if $police; + printf " flowid %x:%x\n", $parent, $classid; } } |