matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

iprule: add oif classification support 

David Miller wrote:
> From: Patrick McHardy <kaber@trash.net>
> Date: Mon, 30 Nov 2009 19:00:14 +0100
>
>> This patch contains iproute support for iprule oif classification
>> for the send-to-self RFC I just sent out.
>
> Patrick, you need to submit a new version of this patch with
> the FIB_RULE_* macro fixed, just like the kernel version got
> fixed.

Thanks for reminind me of this. New patch attached.

commit 0fe5164cbaa1d65dda341075710be71bf1f32d10
Author: Patrick McHardy <kaber@trash.net>
Date:   Fri Dec 4 07:06:18 2009 +0100

    iprule: add oif classification support

    Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Patrick McHardy 2009-12-03 20:07:14 +00:00 committed by Stephen Hemminger
parent e04dd30a38
commit 85eae222d2
2 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ip/iprule.c
View File

@ -34,7 +34,7 @@ static void usage(void)
{ {
fprintf(stderr, "Usage: ip rule [ list | add | del | flush ] SELECTOR ACTION\n"); fprintf(stderr, "Usage: ip rule [ list | add | del | flush ] SELECTOR ACTION\n");
fprintf(stderr, "SELECTOR := [ not ] [ from PREFIX ] [ to PREFIX ] [ tos TOS ] [ fwmark FWMARK[/MASK] ]\n"); fprintf(stderr, "SELECTOR := [ not ] [ from PREFIX ] [ to PREFIX ] [ tos TOS ] [ fwmark FWMARK[/MASK] ]\n");
fprintf(stderr, " [ dev STRING ] [ pref NUMBER ]\n"); fprintf(stderr, " [ iif STRING ] [ oif STRING ] [ pref NUMBER ]\n");
fprintf(stderr, "ACTION := [ table TABLE_ID ]\n"); fprintf(stderr, "ACTION := [ table TABLE_ID ]\n");
fprintf(stderr, " [ prohibit | reject | unreachable ]\n"); fprintf(stderr, " [ prohibit | reject | unreachable ]\n");
fprintf(stderr, " [ realms [SRCREALM/]DSTREALM ]\n"); fprintf(stderr, " [ realms [SRCREALM/]DSTREALM ]\n");
@ -142,7 +142,13 @@ int print_rule(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
if (tb[FRA_IFNAME]) { if (tb[FRA_IFNAME]) {
fprintf(fp, "iif %s ", (char*)RTA_DATA(tb[FRA_IFNAME])); fprintf(fp, "iif %s ", (char*)RTA_DATA(tb[FRA_IFNAME]));
if (r->rtm_flags & FIB_RULE_DEV_DETACHED) if (r->rtm_flags & FIB_RULE_IIF_DETACHED)
fprintf(fp, "[detached] ");
}
if (tb[FRA_OIFNAME]) {
fprintf(fp, "oif %s ", (char*)RTA_DATA(tb[FRA_OIFNAME]));
if (r->rtm_flags & FIB_RULE_OIF_DETACHED)
fprintf(fp, "[detached] "); fprintf(fp, "[detached] ");
} }
@ -307,6 +313,9 @@ static int iprule_modify(int cmd, int argc, char **argv)
strcmp(*argv, "iif") == 0) { strcmp(*argv, "iif") == 0) {
NEXT_ARG(); NEXT_ARG();
addattr_l(&req.n, sizeof(req), FRA_IFNAME, *argv, strlen(*argv)+1); addattr_l(&req.n, sizeof(req), FRA_IFNAME, *argv, strlen(*argv)+1);
} else if (strcmp(*argv, "oif") == 0) {
NEXT_ARG();
addattr_l(&req.n, sizeof(req), FRA_OIFNAME, *argv, strlen(*argv)+1);
} else if (strcmp(*argv, "nat") == 0 || } else if (strcmp(*argv, "nat") == 0 ||
matches(*argv, "map-to") == 0) { matches(*argv, "map-to") == 0) {
NEXT_ARG(); NEXT_ARG();

10
man/man8/ip.8
View File

@ -240,7 +240,9 @@ throw " | " unreachable " | " prohibit " | " blackhole " | " nat " ]"
.IR TOS " ] [ " .IR TOS " ] [ "
.B fwmark .B fwmark
.IR FWMARK[/MASK] " ] [ " .IR FWMARK[/MASK] " ] [ "
.B dev .B iif
.IR STRING " ] [ "
.B oif
.IR STRING " ] [ " .IR STRING " ] [ "
.B pref .B pref
.IR NUMBER " ]" .IR NUMBER " ]"
@ -1935,6 +1937,12 @@ the rule only matches packets originating from this host. This means
that you may create separate routing tables for forwarded and local that you may create separate routing tables for forwarded and local
packets and, hence, completely segregate them. packets and, hence, completely segregate them.
.TP
.BI oif " NAME"
select the outgoing device to match. The outgoing interface is only
available for packets originating from local sockets that are bound to
a device.
.TP .TP
.BI tos " TOS" .BI tos " TOS"
.TP .TP