mirror/iopsys-feed
1
0
Fork 0
mirror of https://dev.iopsys.eu/feed/iopsys.git synced 2025-12-10 07:44:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

qosmngr: Add option to match on ICMP/ICMPv6 type.

Browse source
This commit is contained in:
Markus Gothe 2024-05-30 11:53:44 +02:00
parent 4b57a9dcd5
commit 04be1d3efd
5 changed files with 91 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
qosmngr/files/airoha/lib/qos/chains.ebtables.sh
View file

@ -25,6 +25,7 @@ broute_ipv4_rule_options()
local cid="$1" local cid="$1"
config_get protocol "$cid" "proto" config_get protocol "$cid" "proto"
config_get dscp_filter "$cid" "dscp_filter" config_get dscp_filter "$cid" "dscp_filter"
config_get icmp_type "$cid" "icmp_type"
set_ip_addr "$cid" ebt_match_src_ip ebt_match_dst_ip set_ip_addr "$cid" ebt_match_src_ip ebt_match_dst_ip
@ -43,6 +44,8 @@ broute_ipv4_rule_options()
if [ "$proto_num" == "6" ] || [ "$proto_num" == "17" ] || [ "$proto_num" = "132" ] ; then if [ "$proto_num" == "6" ] || [ "$proto_num" == "17" ] || [ "$proto_num" = "132" ] ; then
set_ports "$cid" ebt_match_ip_src_port ebt_match_ip_dst_port set_ports "$cid" ebt_match_ip_src_port ebt_match_ip_dst_port
elif [ "$proto_num" = "1" -a -n "$icmp_type" ]; then
ebt_match_ip_icmp_type "$icmp_type"
fi fi
fi fi
} }
@ -53,6 +56,7 @@ broute_ipv6_rule_options()
config_get protocol "$cid" "proto" config_get protocol "$cid" "proto"
config_get dscp_filter "$cid" "dscp_filter" config_get dscp_filter "$cid" "dscp_filter"
config_get icmp_type "$cid" "icmp_type"
set_ip_addr "$cid" ebt_match_ipv6_src_ip ebt_match_ipv6_dst_ip set_ip_addr "$cid" ebt_match_ipv6_src_ip ebt_match_ipv6_dst_ip
@ -71,6 +75,8 @@ broute_ipv6_rule_options()
if [ "$proto_num" = "6" ] || [ "$proto_num" = "17" ] || [ "$proto_num" = "132" ] ; then if [ "$proto_num" = "6" ] || [ "$proto_num" = "17" ] || [ "$proto_num" = "132" ] ; then
set_ports "$cid" ebt_match_ipv6_src_port ebt_match_ipv6_dst_port set_ports "$cid" ebt_match_ipv6_src_port ebt_match_ipv6_dst_port
elif [ "$proto_num" = "58" -a -n "$icmp_type" ]; then
ebt_match_ipv6_icmp_type "$icmp_type"
fi fi
fi fi
} }

6
qosmngr/files/broadcom/lib/qos/qos.sh
View file

@ -223,6 +223,7 @@ broute_ipv4_rule_options()
local cid=$1 local cid=$1
config_get protocol "$cid" "proto" config_get protocol "$cid" "proto"
config_get dscp_filter "$cid" "dscp_filter" config_get dscp_filter "$cid" "dscp_filter"
config_get icmp_type "$cid" "icmp_type"
set_ip_addr $cid ebt_match_src_ip ebt_match_dst_ip set_ip_addr $cid ebt_match_src_ip ebt_match_dst_ip
@ -237,6 +238,8 @@ broute_ipv4_rule_options()
#port installation for protol tcp/udp/sctp #port installation for protol tcp/udp/sctp
if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ] ; then if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ] ; then
set_ports "$cid" ebt_match_ip_src_port ebt_match_ip_dst_port set_ports "$cid" ebt_match_ip_src_port ebt_match_ip_dst_port
elif [ "$proto_num" = "1" -a -n "$icmp_type" ]; then
ebt_match_ip_icmp_type "$icmp_type"
fi fi
fi fi
} }
@ -247,6 +250,7 @@ broute_ipv6_rule_options()
config_get protocol "$cid" "proto" config_get protocol "$cid" "proto"
config_get dscp_filter "$cid" "dscp_filter" config_get dscp_filter "$cid" "dscp_filter"
config_get icmp_type "$cid" "icmp_type"
set_ip_addr $cid ebt_match_ipv6_src_ip ebt_match_ipv6_dst_ip set_ip_addr $cid ebt_match_ipv6_src_ip ebt_match_ipv6_dst_ip
@ -266,6 +270,8 @@ broute_ipv6_rule_options()
#port installation for protol tcp/udp/sctp #port installation for protol tcp/udp/sctp
if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ]; then if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ]; then
set_ports "$cid" ebt_match_ipv6_src_port ebt_match_ipv6_dst_port set_ports "$cid" ebt_match_ipv6_src_port ebt_match_ipv6_dst_port
elif [ "$proto_num" = "58" -a -n "$icmp_type" ]; then
ebt_match_ipv6_icmp_type "$icmp_type"
fi fi
fi fi
} }

23
qosmngr/files/common/lib/qos/ebtables.sh
View file

@ -93,7 +93,11 @@ ebt_match_ipv6_dst_port() {
} }
ebt_match_ip_protocol() { ebt_match_ip_protocol() {
BR_RULE="$BR_RULE --ip-proto $1" BR_RULE="$BR_RULE --ip-proto $1"
}
ebt_match_ip_icmp_type() {
BR_RULE="$BR_RULE --ip-icmp-type $1"
} }
ebt_match_ipv6_protocol() { ebt_match_ipv6_protocol() {
@ -107,6 +111,17 @@ ebt_match_ipv6_protocol() {
fi fi
} }
ebt_match_ipv6_icmp_type() {
#when ethertype is not configured by user then both proto rules of ipv4
#and ipv6 to be installed so update BR6_RULE string as well otherwise
#update BR_RULE only for installation of ipv6 proto rule only.
if [ -n "$BR6_RULE" ]; then
BR6_RULE="$BR6_RULE --ip6-icmp-type $1"
else
BR_RULE="$BR_RULE --ip6-icmp-type $1"
fi
}
broute_filter_on_vid() { broute_filter_on_vid() {
if [ -z "$1" ] || [ "$1" -lt 0 ]; then if [ -z "$1" ] || [ "$1" -lt 0 ]; then
@ -183,9 +198,6 @@ protocol_string_to_num()
local value="-1" local value="-1"
case "$1" in case "$1" in
*[0-9]*)
value="$1"
;;
TCP|tcp) TCP|tcp)
value=6 value=6
;; ;;
@ -204,6 +216,9 @@ protocol_string_to_num()
SCTP|sctp) SCTP|sctp)
value=132 value=132
;; ;;
*[0-9]*)
value="$1"
;;
*) *)
value=-1 value=-1
;; ;;

55
qosmngr/files/common/lib/qos/iptables.sh
View file

@ -15,6 +15,14 @@ iptables_filter_proto() {
IP_RULE="$IP_RULE -p $1" IP_RULE="$IP_RULE -p $1"
} }
iptables_filter_icmp() {
IP_RULE="$IP_RULE --icmp-type $1"
}
iptables_filter_icmpv6() {
IP_RULE="$IP_RULE --icmpv6-type $1"
}
iptables_filter_ip_src() { iptables_filter_ip_src() {
IP_RULE="$IP_RULE -s $1" IP_RULE="$IP_RULE -s $1"
} }
@ -66,10 +74,44 @@ append_rule_to_mangle_table() {
fi fi
} }
protocol_string_to_num()
{
local value="-1"
case "$1" in
TCP|tcp)
value=6
;;
UDP|udp)
value=17
;;
ICMP|icmp)
value=1
;;
ICMPv6|icmpv6)
value=58
;;
IGMP|igmp)
value=2
;;
SCTP|sctp)
value=132
;;
*[0-9]*)
value="$1"
;;
*)
value=-1
;;
esac
echo $value
}
handle_iptables_rules() { handle_iptables_rules() {
local cid="$1" local cid="$1"
local ip_version=0 local ip_version=0
local is_l3_rule=0 local is_l3_rule=0
local proto_num=-1
traffic_class=$2 traffic_class=$2
init_iptables_rule init_iptables_rule
@ -94,6 +136,7 @@ handle_iptables_rules() {
config_get ip_len_max "$cid" "ip_len_max" config_get ip_len_max "$cid" "ip_len_max"
config_get ifname "$cid" "ifname" config_get ifname "$cid" "ifname"
config_get all_interfaces "$cid" "all_interfaces" config_get all_interfaces "$cid" "all_interfaces"
config_get icmp_type "$cid" "icmp_type"
#check version of ip #check version of ip
case $src_ip$dest_ip in case $src_ip$dest_ip in
@ -116,7 +159,17 @@ handle_iptables_rules() {
# filter proto # filter proto
if [ -n "$proto" ]; then if [ -n "$proto" ]; then
iptables_filter_proto "$proto" proto_num=$(protocol_string_to_num "$proto")
iptables_filter_proto "$proto_num"
if [ -n "$icmp_type" -a \( "$proto_num" = "58" -o "$proto_num" = "1" \) ]; then
if [ "$proto_num" = "1" ]; then
iptables_filter_icmp "$icmp_type"
ip_version=4
else
iptables_filter_icmpv6 "$icmp_type"
ip_version=6
fi
fi
is_l3_rule=1 is_l3_rule=1
fi fi

6
qosmngr/files/linux/lib/qos/qos.sh
View file

@ -221,6 +221,7 @@ broute_ipv4_rule_options()
local cid=$1 local cid=$1
config_get protocol "$cid" "proto" config_get protocol "$cid" "proto"
config_get dscp_filter "$cid" "dscp_filter" config_get dscp_filter "$cid" "dscp_filter"
config_get icmp_type "$cid" "icmp_type"
set_ip_addr $cid ebt_match_src_ip ebt_match_dst_ip set_ip_addr $cid ebt_match_src_ip ebt_match_dst_ip
@ -240,6 +241,8 @@ broute_ipv4_rule_options()
#port installation for protol tcp/udp/sctp #port installation for protol tcp/udp/sctp
if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ] ; then if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ] ; then
set_ports "$cid" ebt_match_ip_src_port ebt_match_ip_dst_port set_ports "$cid" ebt_match_ip_src_port ebt_match_ip_dst_port
elif [ "$proto_num" = "1" -a -n "$icmp_type" ]; then
ebt_match_ip_icmp_type "$icmp_type"
fi fi
fi fi
} }
@ -250,6 +253,7 @@ broute_ipv6_rule_options()
config_get protocol "$cid" "proto" config_get protocol "$cid" "proto"
config_get dscp_filter "$cid" "dscp_filter" config_get dscp_filter "$cid" "dscp_filter"
config_get icmp_type "$cid" "icmp_type"
set_ip_addr $cid ebt_match_ipv6_src_ip ebt_match_ipv6_dst_ip set_ip_addr $cid ebt_match_ipv6_src_ip ebt_match_ipv6_dst_ip
@ -269,6 +273,8 @@ broute_ipv6_rule_options()
#port installation for protol tcp/udp/sctp #port installation for protol tcp/udp/sctp
if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ]; then if [ $proto_num = "6" ] || [ $proto_num = "17" ] || [ $proto_num = "132" ]; then
set_ports "$cid" ebt_match_ipv6_src_port ebt_match_ipv6_dst_port set_ports "$cid" ebt_match_ipv6_src_port ebt_match_ipv6_dst_port
elif [ "$proto_num" = "58" -a -n "$icmp_type" ]; then
ebt_match_ipv6_icmp_type "$icmp_type"
fi fi
fi fi
} }