diff options
| author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-07-12 09:44:13 -0700 |
|---|---|---|
| committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-07-12 11:04:07 -0700 |
| commit | 738affa4b8f5adf66c7451f50698fd76651d1f88 (patch) | |
| tree | 2535c1931e737db667369edd22691b49c4d00fbe /lib | |
| parent | 0a6b091d5a2538eca96e74aaed9d89ade75e1d97 (diff) | |
| download | vyatta-cfg-qos-738affa4b8f5adf66c7451f50698fd76651d1f88.tar.gz vyatta-cfg-qos-738affa4b8f5adf66c7451f50698fd76651d1f88.zip | |
Allow firewall mark combined with interface match
Bug 5815
Allow match on firewall mark and interface id. Using meta match it
is possible to match on both.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Vyatta/Qos/Match.pm | 40 |
1 files changed, 17 insertions, 23 deletions
diff --git a/lib/Vyatta/Qos/Match.pm b/lib/Vyatta/Qos/Match.pm index 839ef43..48e92c3 100644 --- a/lib/Vyatta/Qos/Match.pm +++ b/lib/Vyatta/Qos/Match.pm @@ -24,17 +24,13 @@ sub new { my ( $that, $config ) = @_; my $self = {}; my $class = ref($that) || $that; - my %filter; + my $ptype; bless $self, $class; foreach my $proto (qw(ip ipv6 ether)) { next unless $config->exists($proto); - foreach my $t (qw(vif dev)) { - die "can not match on $proto and $t\n" if $config->exists($t); - } - my %fields; if ( $proto eq 'ether' ) { @@ -55,11 +51,10 @@ sub new { $self->{$proto} = \%fields; - my $other = $filter{'protocol'}; + my $other = $ptype; die "Can not match on both $proto and $other protocol in same match\n" if $other; - - $filter{'protocol'} = $proto; + $ptype = $other; } my $vif = $config->returnValue("vif"); @@ -67,17 +62,18 @@ sub new { my $iif = $config->returnValue("interface"); $self->{_indev} = getIfIndex($iif); - $filter{'interface'} = 1 if defined($vif) | defined($iif); my $fwmark = $config->returnValue("mark"); $self->{_fwmark} = $fwmark; - $filter{'mark'} = 1 if $fwmark; - # Firewall mark, packet contents, and meta data use different - # tc filters - my @filters = (keys %filter); - die "Can not combine match on both ", join(' and ',@filters), "\n" - if $#filters > 0; + if ($ptype) { + die "Can not combine protocol and firewall mark match\n" + if ($fwmark); + die "Can not combine protocol and vlan tag match\n" + if ($vif); + die "Can not combine protocol and interface match\n" + if ($iif); + } return $self; } @@ -148,14 +144,6 @@ sub filter { } my $fwmark = $self->{_fwmark}; - if ( $fwmark ) { - printf "filter add dev %s parent %x: prio %d", $dev, $parent, $prio; - printf " protocol all handle %d fw", $fwmark; - print " $police" if $police; - printf " flowid %x:%x\n", $parent, $classid; - return; - } - my $indev = $self->{_indev}; my $vif = $self->{_vif}; if ( defined($vif) || defined($indev) ) { @@ -163,9 +151,15 @@ sub filter { print " protocol all basic"; print " match meta\(rt_iif eq $indev\)" if $indev; print " match meta\(vlan mask 0xfff eq $vif\)" if $vif; + print " match meta\(fw_mark eq $fwmark\)" if $fwmark; print " $police" if $police; printf " flowid %x:%x\n", $parent, $classid; + } elsif ( $fwmark ) { + printf "filter add dev %s parent %x: prio %d", $dev, $parent, $prio; + printf " protocol all handle %d fw", $fwmark; + print " $police" if $police; + printf " flowid %x:%x\n", $parent, $classid; } } |