From: "Robin H. Johnson" <robbat2@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/openrc:master commit in: net/, doc/
Date: Tue, 13 Dec 2011 08:21:53 +0000 (UTC) [thread overview]
Message-ID: <06f6ce408cb7a7099c763ad13e1ad527e761b75f.robbat2@gentoo> (raw)
commit: 06f6ce408cb7a7099c763ad13e1ad527e761b75f
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Tue Dec 13 08:17:22 2011 +0000
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Tue Dec 13 08:19:58 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/openrc.git;a=commit;h=06f6ce40
net/iproute2: Support routing policy for IPv6 per bug #385833
For creation of routing policy entries for IPv6, the family must be
explicitly specified to 'ip'.
X-Gentoo-Bug: 385833
X-Gentoo-Bug-URL: https://bugs.gentoo.org/385833
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
---
doc/net.example.Linux.in | 7 +++++
net/iproute2.sh | 56 ++++++++++++++++++++++++++++++++++++++-------
2 files changed, 54 insertions(+), 9 deletions(-)
diff --git a/doc/net.example.Linux.in b/doc/net.example.Linux.in
index a86eebc..0ee83a6 100644
--- a/doc/net.example.Linux.in
+++ b/doc/net.example.Linux.in
@@ -932,6 +932,8 @@
# /etc/iproute2/rt_tables, an example follows:
# 2 oob
# 3 external
+#
+# IPv6 RPDB entries are to be found in the rules6_IFVAR variables:
#rules_eth0="
#from ZZZ.ZZZ.200.128/27 table oob priority 500
@@ -946,6 +948,11 @@
#XXX.XXX.112.0/24 dev eth1 table external scope link
#default via XXX.XXX.112.1 dev eth1"
+# IPv6 example:
+#rules6_eth0="
+#from 2001:0DB8:AAAA:BBBB::/64 table vpn priority 100
+#to 2001:0DB8:AAAA:BBBB::/64 table vpn priority 150"
+
#-----------------------------------------------------------------------------
# System
diff --git a/net/iproute2.sh b/net/iproute2.sh
index e177c6d..4e7e88c 100644
--- a/net/iproute2.sh
+++ b/net/iproute2.sh
@@ -211,7 +211,16 @@ _trim() {
# This is our interface to Routing Policy Database RPDB
# This allows for advanced routing tricks
_ip_rule_runner() {
- local cmd rules OIFS="${IFS}"
+ local cmd rules OIFS="${IFS}" family
+ if [ "x$1" = "-4" ]; then
+ family="$1"
+ shift
+ elif [ "x$1" = "-6" ]; then
+ family="$1"
+ shift
+ else
+ family="-4"
+ fi
cmd="$1"
rules="$2"
veindent
@@ -221,7 +230,7 @@ _ip_rule_runner() {
ruN="$(_trim "${ru}")"
[ -z "${ruN}" ] && continue
vebegin "${cmd} ${ruN}"
- ip rule ${cmd} ${ru}
+ ip $family rule ${cmd} ${ru}
veend $?
local IFS="$__IFS"
done
@@ -277,15 +286,30 @@ iproute2_post_start()
if [ -e /proc/net/route ]; then
local rules="$(_get_array "rules_${IFVAR}")"
if [ -n "${rules}" ]; then
- if ! ip rule list | grep -q "^"; then
+ if ! ip -4 rule list | grep -q "^"; then
eerror "IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES) needed for ip rule"
else
service_set_value "ip_rule" "${rules}"
- einfo "Adding RPDB rules"
- _ip_rule_runner add "${rules}"
+ einfo "Adding IPv4 RPDB rules"
+ _ip_rule_runner -4 add "${rules}"
fi
fi
- ip route flush table cache dev "${IFACE}"
+ ip -4 route flush table cache dev "${IFACE}"
+ fi
+
+ # Kernel may not have IPv6 built in
+ if [ -e /proc/net/ipv6_route ]; then
+ local rules="$(_get_array "rules6_${IFVAR}")"
+ if [ -n "${rules}" ]; then
+ if ! ip -6 rule list | grep -q "^"; then
+ eerror "IPv6 Policy Routing (CONFIG_IPV6_MULTIPLE_TABLES) needed for ip rule"
+ else
+ service_set_value "ip6_rule" "${rules}"
+ einfo "Adding IPv6 RPDB rules"
+ _ip_rule_runner -6 add "${rules}"
+ fi
+ fi
+ ip -6 route flush table cache dev "${IFACE}"
fi
if _iproute2_ipv6_tentative; then
@@ -308,13 +332,27 @@ iproute2_post_stop()
if [ -e /proc/net/route ]; then
local rules="$(service_get_value "ip_rule")"
if [ -n "${rules}" ]; then
- einfo "Removing RPDB rules"
- _ip_rule_runner del "${rules}"
+ einfo "Removing IPv4 RPDB rules"
+ _ip_rule_runner -4 del "${rules}"
+ fi
+
+ # Only do something if the interface actually exist
+ if _exists; then
+ ip -4 route flush table cache dev "${IFACE}"
+ fi
+ fi
+
+ # Kernel may not have IPv6 built in
+ if [ -e /proc/net/ipv6_route ]; then
+ local rules="$(service_get_value "ip6_rule")"
+ if [ -n "${rules}" ]; then
+ einfo "Removing IPv6 RPDB rules"
+ _ip_rule_runner -6 del "${rules}"
fi
# Only do something if the interface actually exist
if _exists; then
- ip route flush table cache dev "${IFACE}"
+ ip -6 route flush table cache dev "${IFACE}"
fi
fi
next reply other threads:[~2011-12-13 8:22 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-13 8:21 Robin H. Johnson [this message]
-- strict thread matches above, loose matches on Subject: below --
2012-11-05 23:22 [gentoo-commits] proj/openrc:master commit in: net/, doc/ William Hubbs
2012-07-20 17:20 Robin H. Johnson
2011-12-13 4:12 William Hubbs
2011-10-26 16:31 William Hubbs
2011-04-19 17:49 Robin H. Johnson
2011-04-19 17:19 Robin H. Johnson
2011-02-22 2:59 Robin H. Johnson
2011-02-21 9:44 Robin H. Johnson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=06f6ce408cb7a7099c763ad13e1ad527e761b75f.robbat2@gentoo \
--to=robbat2@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox