wireless: add bridge_isolate option

This enables the device bridge port isolate flag

Signed-off-by: Felix Fietkau <nbd@nbd.name>

device.c

@@ -354,7 +354,10 @@ device_init_settings(struct device *dev, struct blob_attr **tb)
 	struct ether_addr *ea;
 	bool disabled = false;
 
-	s->flags = 0;
+	if (dev->wireless)
+		s->flags &= DEV_OPT_ISOLATE;
+	else
+		s->flags = 0;
 	if ((cur = tb[DEV_ATTR_ENABLED]))
 		disabled = !blobmsg_get_bool(cur);
 

scripts/netifd-wireless.sh

@@ -378,10 +378,12 @@ _wdev_common_device_config() {
 
 _wdev_common_iface_config() {
 	config_add_string mode ssid encryption 'key:wpakey'
+	config_add_boolean bridge_isolate
 }
 
 _wdev_common_vlan_config() {
 	config_add_string name vid iface
+	config_add_boolean bridge_isolate
 }
 
 _wdev_common_station_config() {

wireless.c

@@ -63,6 +63,7 @@ enum {
 	VIF_ATTR_DISABLED,
 	VIF_ATTR_NETWORK,
 	VIF_ATTR_NETWORK_VLAN,
+	VIF_ATTR_BRIDGE_ISOLATE,
 	VIF_ATTR_ISOLATE,
 	VIF_ATTR_MODE,
 	VIF_ATTR_PROXYARP,
@@ -74,6 +75,7 @@ static const struct blobmsg_policy vif_policy[__VIF_ATTR_MAX] = {
 	[VIF_ATTR_DISABLED] = { .name = "disabled", .type = BLOBMSG_TYPE_BOOL },
 	[VIF_ATTR_NETWORK] = { .name = "network", .type = BLOBMSG_TYPE_ARRAY },
 	[VIF_ATTR_NETWORK_VLAN] = { .name = "network_vlan", .type = BLOBMSG_TYPE_ARRAY },
+	[VIF_ATTR_BRIDGE_ISOLATE] = { .name = "bridge_isolate", .type = BLOBMSG_TYPE_BOOL },
 	[VIF_ATTR_ISOLATE] = { .name = "isolate", .type = BLOBMSG_TYPE_BOOL },
 	[VIF_ATTR_MODE] = { .name = "mode", .type = BLOBMSG_TYPE_STRING },
 	[VIF_ATTR_PROXYARP] = { .name = "proxy_arp", .type = BLOBMSG_TYPE_BOOL },
@@ -89,6 +91,7 @@ enum {
 	VLAN_ATTR_DISABLED,
 	VLAN_ATTR_NETWORK,
 	VLAN_ATTR_NETWORK_VLAN,
+	VLAN_ATTR_BRIDGE_ISOLATE,
 	VLAN_ATTR_ISOLATE,
 	VLAN_ATTR_MCAST_TO_UCAST,
 	__VLAN_ATTR_MAX,
@@ -98,6 +101,7 @@ static const struct blobmsg_policy vlan_policy[__VLAN_ATTR_MAX] = {
 	[VLAN_ATTR_DISABLED] = { .name = "disabled", .type = BLOBMSG_TYPE_BOOL },
 	[VLAN_ATTR_NETWORK] = { .name = "network", .type = BLOBMSG_TYPE_ARRAY },
 	[VLAN_ATTR_NETWORK_VLAN] = { .name = "network_vlan", .type = BLOBMSG_TYPE_ARRAY },
+	[VLAN_ATTR_BRIDGE_ISOLATE] = { .name = "bridge_isolate", .type = BLOBMSG_TYPE_BOOL },
 	[VLAN_ATTR_ISOLATE] = { .name = "isolate", .type = BLOBMSG_TYPE_BOOL },
 	[VLAN_ATTR_MCAST_TO_UCAST] = { .name = "multicast_to_unicast", .type = BLOBMSG_TYPE_BOOL },
 };
@@ -338,6 +342,7 @@ static void wireless_interface_handle_link(struct wireless_interface *vif, const
 	struct interface *iface;
 	struct blob_attr *cur;
 	const char *network;
+	struct device *dev;
 	size_t rem;
 
 	if (!vif->network || !vif->ifname)
@@ -346,19 +351,27 @@ static void wireless_interface_handle_link(struct wireless_interface *vif, const
 	if (!ifname)
 		ifname = vif->ifname;
 
-	if (up) {
-		struct device *dev = __device_get(ifname, 2, false);
+	if (!up)
+		goto out;
 
-		if (dev && !strcmp(ifname, vif->ifname)) {
-			dev->wireless_isolate = vif->isolate;
-			dev->wireless_proxyarp = vif->proxyarp;
-			dev->wireless = true;
-			dev->wireless_ap = vif->ap_mode;
-			wireless_device_set_mcast_to_unicast(dev, vif->multicast_to_unicast);
-			dev->bpdu_filter = dev->wireless_ap;
-		}
-	}
+	dev = __device_get(ifname, 2, false);
+	if (!dev)
+		goto out;
 
+	dev->wireless = true;
+	dev->settings.flags |= DEV_OPT_ISOLATE;
+	dev->settings.isolate = vif->bridge_isolate;
+
+	if (strcmp(ifname, vif->ifname) != 0)
+		goto out;
+
+	dev->wireless_isolate = vif->isolate;
+	dev->wireless_proxyarp = vif->proxyarp;
+	dev->wireless_ap = vif->ap_mode;
+	wireless_device_set_mcast_to_unicast(dev, vif->multicast_to_unicast);
+	dev->bpdu_filter = dev->wireless_ap;
+
+out:
 	blobmsg_for_each_attr(cur, vif->network, rem) {
 		network = blobmsg_data(cur);
 
@@ -387,6 +400,8 @@ static void wireless_vlan_handle_link(struct wireless_vlan *vlan, bool up)
 			dev->wireless = true;
 			dev->wireless_ap = true;
 			dev->bpdu_filter = true;
+			dev->settings.flags |= DEV_OPT_ISOLATE;
+			dev->settings.isolate = vlan->bridge_isolate;
 			wireless_device_set_mcast_to_unicast(dev, vlan->multicast_to_unicast);
 		}
 	}
@@ -834,8 +849,11 @@ wireless_interface_init_config(struct wireless_interface *vif)
 	cur = tb[VIF_ATTR_MODE];
 	vif->ap_mode = cur && !strcmp(blobmsg_get_string(cur), "ap");
 
+	cur = tb[VIF_ATTR_BRIDGE_ISOLATE];
+	vif->bridge_isolate = cur && blobmsg_get_bool(cur);
+
 	cur = tb[VIF_ATTR_ISOLATE];
-	vif->isolate = vif->ap_mode && cur && blobmsg_get_bool(cur);
+	vif->isolate = cur && blobmsg_get_bool(cur);
 
 	cur = tb[VIF_ATTR_PROXYARP];
 	vif->proxyarp = vif->ap_mode && cur && blobmsg_get_bool(cur);
@@ -912,9 +930,11 @@ wireless_vlan_init_config(struct wireless_vlan *vlan)
 	if ((cur = tb[VLAN_ATTR_NETWORK_VLAN]))
 		vlan->network_vlan = cur;
 
+	cur = tb[VLAN_ATTR_BRIDGE_ISOLATE];
+	vlan->bridge_isolate = cur && blobmsg_get_bool(cur);
+
 	cur = tb[VLAN_ATTR_ISOLATE];
-	if (cur)
-		vlan->isolate = blobmsg_get_bool(cur);
+	vlan->isolate = cur && blobmsg_get_bool(cur);
 
 	cur = tb[VLAN_ATTR_MCAST_TO_UCAST];
 	vlan->multicast_to_unicast = cur ? blobmsg_get_bool(cur) : -1;

wireless.h

@@ -90,6 +90,7 @@ struct wireless_interface {
 	struct blob_attr *network_vlan;
 	bool proxyarp;
 	bool isolate;
+	bool bridge_isolate;
 	bool ap_mode;
 	int multicast_to_unicast;
 	int vlan_idx;
@@ -110,6 +111,7 @@ struct wireless_vlan {
 	struct blob_attr *network_vlan;
 	int multicast_to_unicast;
 	bool isolate;
+	bool bridge_isolate;
 };
 
 struct wireless_station {