diff options
author | Hristo Venev <hristo@venev.name> | 2021-06-22 12:29:03 +0300 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2021-07-12 13:30:53 +0200 |
commit | f218838a76a0e31c187ca9f865974f0a0be8459c (patch) | |
tree | 702dba74609e89a43dd3b2e7f6995b71ee6ad7f5 | |
parent | e74329ce9fa7ccb025960f9b220dff9e556a80e5 (diff) | |
download | systemd-f218838a76a0e31c187ca9f865974f0a0be8459c.tar.gz |
networkd: Permit all-zero RoutingPolicyRule prefixes
For example this `From` address range is no longer ignored:
[RoutingPolicyRule]
From=0.0.0.0/8
(cherry picked from commit 2e8a32afbc300e0fe6b624174cd3f3d03467fed8)
-rw-r--r-- | src/network/networkd-routing-policy-rule.c | 4 | ||||
-rw-r--r-- | test/test-network/conf/routing-policy-rule-test1.network | 7 | ||||
-rwxr-xr-x | test/test-network/systemd-networkd-tests.py | 9 |
3 files changed, 17 insertions, 3 deletions
diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index a7fddfd58f..d783a3d3cb 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -420,7 +420,7 @@ static int routing_policy_rule_set_netlink_message(const RoutingPolicyRule *rule /* link may be NULL. */ - if (in_addr_is_set(rule->family, &rule->from)) { + if (rule->from_prefixlen > 0) { r = netlink_message_append_in_addr_union(m, FRA_SRC, rule->family, &rule->from); if (r < 0) return log_link_error_errno(link, r, "Could not append FRA_SRC attribute: %m"); @@ -430,7 +430,7 @@ static int routing_policy_rule_set_netlink_message(const RoutingPolicyRule *rule return log_link_error_errno(link, r, "Could not set source prefix length: %m"); } - if (in_addr_is_set(rule->family, &rule->to)) { + if (rule->to_prefixlen > 0) { r = netlink_message_append_in_addr_union(m, FRA_DST, rule->family, &rule->to); if (r < 0) return log_link_error_errno(link, r, "Could not append FRA_DST attribute: %m"); diff --git a/test/test-network/conf/routing-policy-rule-test1.network b/test/test-network/conf/routing-policy-rule-test1.network index 3594602cbb..2afd3277c4 100644 --- a/test/test-network/conf/routing-policy-rule-test1.network +++ b/test/test-network/conf/routing-policy-rule-test1.network @@ -14,6 +14,7 @@ OutgoingInterface=test1 [RoutingPolicyRule] IncomingInterface=test1 +From=::/0 Table=8 Priority=100 Family=ipv6 @@ -23,3 +24,9 @@ IncomingInterface=test1 Table=9 Priority=101 Family=both + +[RoutingPolicyRule] +IncomingInterface=test1 +From=0.0.0.0/8 +Table=10 +Priority=102 diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py index fc88fefd0f..bd8c019a10 100755 --- a/test/test-network/systemd-networkd-tests.py +++ b/test/test-network/systemd-networkd-tests.py @@ -1848,7 +1848,7 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities): 'routing-policy-rule-reconfigure2.network', ] - routing_policy_rule_tables = ['7', '8', '9', '1011'] + routing_policy_rule_tables = ['7', '8', '9', '10', '1011'] routes = [['blackhole', '202.54.1.2'], ['unreachable', '202.54.1.3'], ['prohibit', '202.54.1.4']] def setUp(self): @@ -2098,6 +2098,13 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities): self.assertRegex(output, 'iif test1') self.assertRegex(output, 'lookup 8') + output = check_output('ip rule list iif test1 priority 102') + print(output) + self.assertRegex(output, '102:') + self.assertRegex(output, 'from 0.0.0.0/8') + self.assertRegex(output, 'iif test1') + self.assertRegex(output, 'lookup 10') + def test_routing_policy_rule_issue_11280(self): copy_unit_to_networkd_unit_path('routing-policy-rule-test1.network', '11-dummy.netdev', 'routing-policy-rule-dummy98.network', '12-dummy.netdev') |