summaryrefslogtreecommitdiff
path: root/lib/Vyatta/Qos/Match.pm
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Vyatta/Qos/Match.pm')
-rw-r--r--lib/Vyatta/Qos/Match.pm113
1 files changed, 16 insertions, 97 deletions
diff --git a/lib/Vyatta/Qos/Match.pm b/lib/Vyatta/Qos/Match.pm
index 2b22c30..c8078b6 100644
--- a/lib/Vyatta/Qos/Match.pm
+++ b/lib/Vyatta/Qos/Match.pm
@@ -26,7 +26,7 @@ sub getPort {
if ( $str =~ /^([0-9]+)|(0x[0-9a-fA-F]+)$/ ) {
die "$str is not a valid port number\n"
- if ( $str <= 0 || $str > 65535 );
+ if ( $str <= 0 || $str > 65535 );
return $str;
}
@@ -47,8 +47,8 @@ sub new {
# special case for match all
unless ($config) {
- $self->{'ether'} = { protocol => 'all' };
- return $self;
+ $self->{'ether'} = { protocol => 'all' };
+ return $self;
}
foreach my $af (qw(ip ipv6 ether)) {
@@ -88,7 +88,7 @@ sub new {
}
}
- # if the hash is empty then we didn't generate a match rule
+ # if the hash is empty then we didn't generate a match rule
# this usually means user left an uncompleted match in the config
my @keys = keys(%fields);
if ($#keys < 0) {
@@ -120,82 +120,6 @@ sub new {
return $self;
}
-sub small_ip_filter {
- my ( $dev, $parent, $prio, $classid ) = @_;
- my $protoip = "ip";
- my $synack = 2; # hash table id, arbitrary number
- $parent = sprintf("%x", $parent);
- $classid = sprintf("%x", $classid);
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip u32\n";
- # make a linked hash table
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip handle $synack: u32 divisor 1\n";
- # tcp syn bit
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip u32 ht $synack:";
- print " match u8 0x02 0x02 at 13";
- print " flowid $parent:$classid\n";
- # tcp ack bit
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip u32 ht $synack:";
- print " match u8 0x10 0x10 at 13";
- print " flowid $parent:$classid\n";
- # ipv4/icmp
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip u32";
- print " match ip protocol 1 0xff";
- print " flowid $parent:$classid\n";
- # ipv4/tcp, total len<256, tos=0x10 == minimum delay
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip u32";
- print " match ip protocol 6 0xff";
- print " match u16 0x0000 0xff00 at 2";
- print " match ip tos 0x10 0xff";
- print " flowid $parent:$classid\n";
- # ipv4/tcp, total len<128, not fragmented
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip u32";
- print " match ip protocol 6 0xff";
- print " match u16 0x0000 0xff80 at 2";
- print " match ip nofrag";
- print " offset at 0 mask 0x0f00 shift 6 eat";
- print " link $synack:\n";
-}
-
-sub small_ip6_filter {
- my ( $dev, $parent, $prio, $classid ) = @_;
- my $protoip6 = "ipv6";
- my $synack6 = 3; # hash table id, arbitrary number
- $parent = sprintf("%x", $parent);
- $classid = sprintf("%x", $classid);
- # setup base filter
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip6 u32\n";
- # make a linked hash table
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip6 handle $synack6: u32 divisor 1\n";
- # tcp syn bit
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip6 u32 ht $synack6: ";
- print " match u8 0x02 0x02 at 13";
- print " flowid $parent:$classid\n";
- # tcp ack bit
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip6 u32 ht $synack6:";
- print " match u8 0x10 0x10 at 13";
- print " flowid $parent:$classid\n";
- # ipv6/icmpv6
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip6 u32";
- print " match ip6 protocol 58 0xff";
- print " flowid $parent:$classid\n";
- # ipv6/tcp, payload len<128, priority=0x10 == minimum delay
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip6 u32";
- print " match ip6 protocol 6 0xff";
- print " match u16 0x0000 0xff80 at 4";
- print " match ip6 priority 0x10 0xff";
- print " flowid $parent:$classid\n";
- # ipv6/tcp, payload len<64, not fragmented since the next header is a tcp header
- # this does not handle packets with other ipv6 extension headers that might be
- # present between the ipv6 header and the tcp header
- print "filter add dev $dev parent $parent: prior $prio protocol $protoip6 u32";
- print " match ip6 protocol 6 0xff";
- print " match u16 0x0000 0xffc0 at 4";
- print " offset plus 40 eat";
- print " link $synack6:\n";
-}
-
-
-
sub filter {
my ( $self, $dev, $parent, $classid, $prio, $dsmark, $police ) = @_;
@@ -210,9 +134,9 @@ sub filter {
next unless $ip && $$ip{dsfield};
printf "filter add dev %s parent %x: protocol %s prio %d",
- $dev, $parent, $ipver, $prio;
+ $dev, $parent, $ipver, $prio;
printf " handle %s tcindex classid %x:%x\n",
- $$ip{dsfield}, $parent, $classid;
+ $$ip{dsfield}, $parent, $classid;
$prio += 1;
}
@@ -224,18 +148,12 @@ sub filter {
my $p = $self->{$proto};
next unless $p;
- if (defined($$p{small})) {
- small_ip_filter($dev, $parent, $prio, $classid) if ($proto eq 'ip');
- small_ip6_filter($dev, $parent, $prio, $classid) if ($proto eq 'ipv6');
- next;
- }
-
printf "filter add dev %s parent %x: prio %d", $dev, $parent, $prio;
if ( $proto eq 'ether' ) {
my $type = $$p{protocol};
$type = 'all' unless $type;
- print " protocol $type u32";
+ print " protocol $type u32";
if ( defined( $$p{src} ) || defined( $$p{dst} ) ) {
print " match ether src $$p{src}" if $$p{src};
print " match ether dst $$p{dst}" if $$p{dst};
@@ -293,8 +211,8 @@ sub filter {
}
}
- print " match mark $fwmark 0xff" if $fwmark;
- print " $police" if $police;
+ print " match mark $fwmark 0xff" if $fwmark;
+ print " $police" if $police;
printf " flowid %x:%x\n", $parent, $classid;
return;
}
@@ -303,17 +221,18 @@ sub filter {
my $vif = $self->{_vif};
if ( defined($vif) || defined($indev) ) {
printf "filter add dev %s parent %x: prio %d", $dev, $parent, $prio;
- print " protocol all basic";
- print " match meta\(rt_iif eq $indev\)" if $indev;
- print " match meta\(vlan mask 0xfff eq $vif\)" if $vif;
- print " match meta\(fwmark eq $fwmark\)" if $fwmark;
- print " $police" if $police;
+ print " protocol all basic";
+ print " match meta\(rt_iif eq $indev\)" if $indev;
+ print " match meta\(vlan mask 0xfff eq $vif\)" if $vif;
+ print " match meta\(fwmark eq $fwmark\)" if $fwmark;
+
+ print " $police" if $police;
printf " flowid %x:%x\n", $parent, $classid;
}
elsif ($fwmark) {
printf "filter add dev %s parent %x: prio %d", $dev, $parent, $prio;
printf " protocol all handle %d fw", $fwmark;
- print " $police" if $police;
+ print " $police" if $police;
printf " flowid %x:%x\n", $parent, $classid;
}
}