diff options
| -rw-r--r-- | scripts/vyatta-wanloadbalance.pl | 6 | ||||
| -rw-r--r-- | src/lbdata.hh | 1 | ||||
| -rw-r--r-- | src/lbdatafactory.cc | 21 | ||||
| -rw-r--r-- | src/lbdatafactory.hh | 3 | ||||
| -rw-r--r-- | src/lbdecision.cc | 12 | ||||
| -rw-r--r-- | templates/load-balancing/wan/interface-health/node.tag/nexthop/node.def | 2 | ||||
| -rw-r--r-- | templates/load-balancing/wan/rule/node.tag/inbound-interface/node.def | 2 |
7 files changed, 45 insertions, 2 deletions
diff --git a/scripts/vyatta-wanloadbalance.pl b/scripts/vyatta-wanloadbalance.pl index 2c64a5e..2339ec5 100644 --- a/scripts/vyatta-wanloadbalance.pl +++ b/scripts/vyatta-wanloadbalance.pl @@ -160,6 +160,12 @@ sub write_rules { } print FILE_LCK "\t}\n"; + #inbound-interface + $option = $config->returnValue("$rule inbound-interface"); + if (defined $option) { + print FILE_LCK "\tinbound-interface " . $option . "\n" + } + #interface $config->setLevel("load-balancing wan rule $rule interface"); my @eths = $config->listNodes(); diff --git a/src/lbdata.hh b/src/lbdata.hh index 857c25a..532bc2f 100644 --- a/src/lbdata.hh +++ b/src/lbdata.hh @@ -36,6 +36,7 @@ class LBRule { string _d_port; string _d_port_ipt; + string _in_iface; InterfaceDistColl _iface_dist_coll; }; diff --git a/src/lbdatafactory.cc b/src/lbdatafactory.cc index 877c78e..1655a12 100644 --- a/src/lbdatafactory.cc +++ b/src/lbdatafactory.cc @@ -130,6 +130,9 @@ LBDataFactory::process(const vector<string> &path, int depth, const string &key, else if (depth > 0 && path[1] == "destination") { process_rule_destination(l_key,l_value); } + else if (depth > 0 && path[1] == "inbound-interface") { + process_rule_inbound_interface(l_key,l_value); + } else if (depth > 1 && path[1] == "interface") { process_rule_interface(l_key,l_value); } @@ -290,6 +293,24 @@ LBDataFactory::process_rule_destination(const string &key, const string &value) } void +LBDataFactory::process_rule_inbound_interface(const string &key, const string &value) +{ + if (_debug) { + cout << "LBDataFactory::process_rule_inbound_interface(): " << key << ", " << value << endl; + } + if (key == "inbound-interface") { + _rule_iter->second._in_iface = value; + } + else { + if (_debug) { + cerr << "LBDataFactory::process_rule(): " << "don't understand this symbol: " << key << endl; + } + } +} + + + +void LBDataFactory::process_rule_interface(const string &key, const string &value) { if (_debug) { diff --git a/src/lbdatafactory.hh b/src/lbdatafactory.hh index 449caa2..a9c6a3e 100644 --- a/src/lbdatafactory.hh +++ b/src/lbdatafactory.hh @@ -61,6 +61,9 @@ private: void process_rule_interface(const string &key, const string &value); + void + process_rule_inbound_interface(const string &key, const string &value); + private: bool _debug; LBHealth _lb_health; diff --git a/src/lbdecision.cc b/src/lbdecision.cc index c959303..9c13017 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -99,7 +99,9 @@ if so then this stuff goes here! LBData::InterfaceHealthIter iter = lbdata._iface_health_coll.begin(); while (iter != lbdata._iface_health_coll.end()) { string iface = iter->first; + sprintf(buf,"%d",ct); + /* execute(string("iptables -t mangle -N ISP_") + buf); execute(string("iptables -t mangle -F ISP_") + buf); execute(string("iptables -t mangle -A ISP_") + buf + " -j CONNMARK --set-mark " + buf); @@ -107,6 +109,7 @@ if so then this stuff goes here! //NOTE, WILL NEED A WAY TO CLEAN UP THIS RULE ON RESTART... execute(string("iptables -t mangle -A ISP_") + buf + " -j ACCEPT"); + */ execute(string("ip route replace table ") + buf + " default dev " + iface + " via " + iter->second._nexthop); execute(string("ip rule add fwmark ") + buf + " table " + buf); @@ -169,14 +172,15 @@ LBDecision::run(LBData &lb_data) while (w_iter != w_end) { sprintf(fbuf,"%f",w_iter->second); sprintf(dbuf,"%d",w_iter->first); - execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW,ESTABLISHED -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf); + execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW -m statistic --mode random --probability " + fbuf + " -j CONNMARK --set-mark " + dbuf); ++w_iter; } //last one is special case, the catch all rule ++w_iter; sprintf(dbuf,"%d",w_iter->first); - execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW,ESTABLISHED -j ISP_" + dbuf); + execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW -j CONNMARK --set-mark " + dbuf); + execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -j CONNMARK --restore-mark"); ++iter; } } @@ -272,6 +276,10 @@ LBDecision::get_application_cmd(LBRule &rule) { string filter; + if (rule._in_iface.empty() == false) { + filter += "-i " + rule._in_iface + " "; + } + if (rule._proto.empty() == false) { filter += "--proto " + rule._proto + " "; } diff --git a/templates/load-balancing/wan/interface-health/node.tag/nexthop/node.def b/templates/load-balancing/wan/interface-health/node.tag/nexthop/node.def new file mode 100644 index 0000000..34101b6 --- /dev/null +++ b/templates/load-balancing/wan/interface-health/node.tag/nexthop/node.def @@ -0,0 +1,2 @@ +type: ipv4 +help: Set interface nexthop diff --git a/templates/load-balancing/wan/rule/node.tag/inbound-interface/node.def b/templates/load-balancing/wan/rule/node.tag/inbound-interface/node.def new file mode 100644 index 0000000..a55acba --- /dev/null +++ b/templates/load-balancing/wan/rule/node.tag/inbound-interface/node.def @@ -0,0 +1,2 @@ +type: txt +help: Set inbound interface name |