summaryrefslogtreecommitdiff
path: root/src/conf_mode/policy-route.py
diff options
context:
space:
mode:
authorsarthurdev <965089+sarthurdev@users.noreply.github.com>2022-01-27 18:21:16 +0100
committersarthurdev <965089+sarthurdev@users.noreply.github.com>2022-01-27 21:49:56 +0100
commit25e97e0b0224f3f8f1bffb77b36955d6fa129dd3 (patch)
tree0741e66817df220efb1f599de4e2a0e387c28434 /src/conf_mode/policy-route.py
parentf5a29d46656651035a9f53b5a12ee99ee7c1d704 (diff)
downloadvyos-1x-25e97e0b0224f3f8f1bffb77b36955d6fa129dd3.tar.gz
vyos-1x-25e97e0b0224f3f8f1bffb77b36955d6fa129dd3.zip
policy: T4213: Fix rule creation/deletion for IPv6 policy routes
Diffstat (limited to 'src/conf_mode/policy-route.py')
-rwxr-xr-xsrc/conf_mode/policy-route.py26
1 files changed, 14 insertions, 12 deletions
diff --git a/src/conf_mode/policy-route.py b/src/conf_mode/policy-route.py
index ee5197af0..7dcab4b58 100755
--- a/src/conf_mode/policy-route.py
+++ b/src/conf_mode/policy-route.py
@@ -205,6 +205,7 @@ def generate(policy):
def apply_table_marks(policy):
for route in ['route', 'route6']:
if route in policy:
+ cmd_str = 'ip' if route == 'route' else 'ip -6'
for name, pol_conf in policy[route].items():
if 'rule' in pol_conf:
for rule_id, rule_conf in pol_conf['rule'].items():
@@ -213,20 +214,21 @@ def apply_table_marks(policy):
if set_table == 'main':
set_table = '254'
table_mark = mark_offset - int(set_table)
- cmd(f'ip rule add fwmark {table_mark} table {set_table}')
+ cmd(f'{cmd_str} rule add pref {set_table} fwmark {table_mark} table {set_table}')
def cleanup_table_marks():
- json_rules = cmd('ip -j -N rule list')
- rules = loads(json_rules)
- for rule in rules:
- if 'fwmark' not in rule or 'table' not in rule:
- continue
- fwmark = rule['fwmark']
- table = int(rule['table'])
- if fwmark[:2] == '0x':
- fwmark = int(fwmark, 16)
- if (int(fwmark) == (mark_offset - table)):
- cmd(f'ip rule del fwmark {fwmark} table {table}')
+ for cmd_str in ['ip', 'ip -6']:
+ json_rules = cmd(f'{cmd_str} -j -N rule list')
+ rules = loads(json_rules)
+ for rule in rules:
+ if 'fwmark' not in rule or 'table' not in rule:
+ continue
+ fwmark = rule['fwmark']
+ table = int(rule['table'])
+ if fwmark[:2] == '0x':
+ fwmark = int(fwmark, 16)
+ if (int(fwmark) == (mark_offset - table)):
+ cmd(f'{cmd_str} rule del fwmark {fwmark} table {table}')
def apply(policy):
install_result = run(f'nft -f {nftables_conf}')