diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-01-27 22:28:51 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-01-27 22:28:51 +0100 |
| commit | a23cc19ad88bcf8ed32dbe77ebe25254448d8a9c (patch) | |
| tree | ff9e07493a6e4b1a4fcf79fe223185a0a1f199a0 | |
| parent | a414fa198a96ac5557bc1bd827e8dc18c3150825 (diff) | |
| parent | 25e97e0b0224f3f8f1bffb77b36955d6fa129dd3 (diff) | |
| download | vyos-1x-a23cc19ad88bcf8ed32dbe77ebe25254448d8a9c.tar.gz vyos-1x-a23cc19ad88bcf8ed32dbe77ebe25254448d8a9c.zip | |
Merge pull request #1194 from sarthurdev/T4213
policy: T4213: Fix rule creation/deletion for IPv6 policy routes
| -rwxr-xr-x | src/conf_mode/policy-route.py | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/src/conf_mode/policy-route.py b/src/conf_mode/policy-route.py index ee5197af0..7dcab4b58 100755 --- a/src/conf_mode/policy-route.py +++ b/src/conf_mode/policy-route.py @@ -205,6 +205,7 @@ def generate(policy): def apply_table_marks(policy): for route in ['route', 'route6']: if route in policy: + cmd_str = 'ip' if route == 'route' else 'ip -6' for name, pol_conf in policy[route].items(): if 'rule' in pol_conf: for rule_id, rule_conf in pol_conf['rule'].items(): @@ -213,20 +214,21 @@ def apply_table_marks(policy): if set_table == 'main': set_table = '254' table_mark = mark_offset - int(set_table) - cmd(f'ip rule add fwmark {table_mark} table {set_table}') + cmd(f'{cmd_str} rule add pref {set_table} fwmark {table_mark} table {set_table}') def cleanup_table_marks(): - json_rules = cmd('ip -j -N rule list') - rules = loads(json_rules) - for rule in rules: - if 'fwmark' not in rule or 'table' not in rule: - continue - fwmark = rule['fwmark'] - table = int(rule['table']) - if fwmark[:2] == '0x': - fwmark = int(fwmark, 16) - if (int(fwmark) == (mark_offset - table)): - cmd(f'ip rule del fwmark {fwmark} table {table}') + for cmd_str in ['ip', 'ip -6']: + json_rules = cmd(f'{cmd_str} -j -N rule list') + rules = loads(json_rules) + for rule in rules: + if 'fwmark' not in rule or 'table' not in rule: + continue + fwmark = rule['fwmark'] + table = int(rule['table']) + if fwmark[:2] == '0x': + fwmark = int(fwmark, 16) + if (int(fwmark) == (mark_offset - table)): + cmd(f'{cmd_str} rule del fwmark {fwmark} table {table}') def apply(policy): install_result = run(f'nft -f {nftables_conf}') |