Sākums Izpētīt Palīdzība
Pierakstīties
OWEALs
/
netifd
spogulis no https://git.openwrt.org/project/netifd.git
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Pārlūkot izejas kodu

iprule: add support for uidrange

Allow for per-user routing policies via the uidrange iprule option.
Option allows for a single UID or range of UIDs.

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Matthew Hagan 2 gadi atpakaļ
vecāks
3043206e94
revīzija
ed71876846
3 mainītis faili ar 28 papildinājumiem un 0 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 14 0
      iprule.c
  2. 5 0
      iprule.h
  3. 9 0
      system-linux.c

+ 14 - 0
iprule.c
Parādīt failu 

@@ -44,6 +44,7 @@ enum {
 
 	RULE_ACTION,
 
 	RULE_GOTO,
 
 	RULE_SUP_PREFIXLEN,
 
+	RULE_UIDRANGE,
 
 	RULE_DISABLED,
 
 	__RULE_MAX
 
 };
 
@@ -59,6 +60,7 @@ static const struct blobmsg_policy rule_attr[__RULE_MAX] = {
 
 	[RULE_FWMARK] = { .name = "mark", .type = BLOBMSG_TYPE_STRING },
 
 	[RULE_LOOKUP] = { .name = "lookup", .type = BLOBMSG_TYPE_STRING },
 
 	[RULE_SUP_PREFIXLEN] = { .name = "suppress_prefixlength", .type = BLOBMSG_TYPE_INT32 },
 
+	[RULE_UIDRANGE] = { .name = "uidrange", .type = BLOBMSG_TYPE_STRING },
 
 	[RULE_ACTION] = { .name = "action", .type = BLOBMSG_TYPE_STRING },
 
 	[RULE_GOTO]   = { .name = "goto", .type = BLOBMSG_TYPE_INT32 },
 
 	[RULE_DISABLED] = { .name = "disabled", .type = BLOBMSG_TYPE_BOOL },
 
@@ -282,6 +284,18 @@ iprule_add(struct blob_attr *attr, bool v6)
 
 		rule->flags |= IPRULE_SUP_PREFIXLEN;
 
 	}
 
 
+	if ((cur = tb[RULE_UIDRANGE]) != NULL) {
 
+		int ret = sscanf(blobmsg_get_string(cur), "%u-%u", &rule->uidrange_start, &rule->uidrange_end);
 
+
 
+		if (ret == 1)
 
+			rule->uidrange_end = rule->uidrange_start;
 
+		else if (ret != 2) {
 
+			DPRINTF("Failed to parse UID range: %s\n", (char *) blobmsg_data(cur));
 
+			goto error;
 
+		}
 
+		rule->flags |= IPRULE_UIDRANGE;
 
+	}
 
+
 
 	if ((cur = tb[RULE_ACTION]) != NULL) {
 
 		if (!system_resolve_iprule_action(blobmsg_data(cur), &rule->action)) {
 
 			DPRINTF("Failed to parse rule action: %s\n", (char *) blobmsg_data(cur));

+ 5 - 0
iprule.h
Parādīt failu 

@@ -63,6 +63,9 @@ enum iprule_flags {
 
 
 	/* rule suppresses results by prefix length */
 
 	IPRULE_SUP_PREFIXLEN	= (1 << 13),
 
+
 
+	/* rule specifies uidrange */
 
+	IPRULE_UIDRANGE		= (1 << 14),
 
 };
 
 
 struct iprule {
 
@@ -102,6 +105,8 @@ struct iprule {
 
 
 	unsigned int lookup;
 
 	unsigned int sup_prefixlen;
 
+	unsigned int uidrange_start;
 
+	unsigned int uidrange_end;
 
 	unsigned int action;
 
 	unsigned int gotoid;
 
 };

+ 9 - 0
system-linux.c
Parādīt failu 

@@ -2954,6 +2954,15 @@ static int system_iprule(struct iprule *rule, int cmd)
 
 	if (rule->flags & IPRULE_SUP_PREFIXLEN)
 
 		nla_put_u32(msg, FRA_SUPPRESS_PREFIXLEN, rule->sup_prefixlen);
 
 
+	if (rule->flags & IPRULE_UIDRANGE) {
 
+		struct fib_rule_uid_range uidrange = {
 
+			.start = rule->uidrange_start,
 
+			.end = rule->uidrange_end
 
+		};
 
+
 
+		nla_put(msg, FRA_UID_RANGE, sizeof(uidrange), &uidrange);
 
+	}
 
+
 
 	if (rule->flags & IPRULE_GOTO)
 
 		nla_put_u32(msg, FRA_GOTO, rule->gotoid);