From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RaNci-0001U1-Us for garchives@archives.gentoo.org; Tue, 13 Dec 2011 08:22:05 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4284821C021; Tue, 13 Dec 2011 08:21:55 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id EEF3021C021 for ; Tue, 13 Dec 2011 08:21:54 +0000 (UTC) Received: from pelican.gentoo.org (unknown [66.219.59.40]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 5F9591B4014 for ; Tue, 13 Dec 2011 08:21:54 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by pelican.gentoo.org (Postfix) with ESMTP id 986D28004A for ; Tue, 13 Dec 2011 08:21:53 +0000 (UTC) From: "Robin H. Johnson" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Robin H. Johnson" Message-ID: <06f6ce408cb7a7099c763ad13e1ad527e761b75f.robbat2@gentoo> Subject: [gentoo-commits] proj/openrc:master commit in: net/, doc/ X-VCS-Repository: proj/openrc X-VCS-Files: doc/net.example.Linux.in net/iproute2.sh X-VCS-Directories: net/ doc/ X-VCS-Committer: robbat2 X-VCS-Committer-Name: Robin H. Johnson X-VCS-Revision: 06f6ce408cb7a7099c763ad13e1ad527e761b75f Date: Tue, 13 Dec 2011 08:21:53 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 041eb7e4-327e-4e76-8663-5cd2ec6533ea X-Archives-Hash: 1b66d14cc51dd260e3351dd5a07fb98b commit: 06f6ce408cb7a7099c763ad13e1ad527e761b75f Author: Robin H. Johnson gentoo org> AuthorDate: Tue Dec 13 08:17:22 2011 +0000 Commit: Robin H. Johnson gentoo org> CommitDate: Tue Dec 13 08:19:58 2011 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/openrc.git;a=3D= commit;h=3D06f6ce40 net/iproute2: Support routing policy for IPv6 per bug #385833 For creation of routing policy entries for IPv6, the family must be explicitly specified to 'ip'. X-Gentoo-Bug: 385833 X-Gentoo-Bug-URL: https://bugs.gentoo.org/385833 Signed-off-by: Robin H. Johnson gentoo.org> --- doc/net.example.Linux.in | 7 +++++ net/iproute2.sh | 56 ++++++++++++++++++++++++++++++++++++++--= ----- 2 files changed, 54 insertions(+), 9 deletions(-) diff --git a/doc/net.example.Linux.in b/doc/net.example.Linux.in index a86eebc..0ee83a6 100644 --- a/doc/net.example.Linux.in +++ b/doc/net.example.Linux.in @@ -932,6 +932,8 @@ # /etc/iproute2/rt_tables, an example follows: # 2 oob # 3 external +# +# IPv6 RPDB entries are to be found in the rules6_IFVAR variables: =20 #rules_eth0=3D" #from ZZZ.ZZZ.200.128/27 table oob priority 500 @@ -946,6 +948,11 @@ #XXX.XXX.112.0/24 dev eth1 table external scope link #default via XXX.XXX.112.1 dev eth1" =20 +# IPv6 example: +#rules6_eth0=3D" +#from 2001:0DB8:AAAA:BBBB::/64 table vpn priority 100 +#to 2001:0DB8:AAAA:BBBB::/64 table vpn priority 150" + =20 #-----------------------------------------------------------------------= ------ # System diff --git a/net/iproute2.sh b/net/iproute2.sh index e177c6d..4e7e88c 100644 --- a/net/iproute2.sh +++ b/net/iproute2.sh @@ -211,7 +211,16 @@ _trim() { # This is our interface to Routing Policy Database RPDB # This allows for advanced routing tricks _ip_rule_runner() { - local cmd rules OIFS=3D"${IFS}" + local cmd rules OIFS=3D"${IFS}" family + if [ "x$1" =3D "-4" ]; then + family=3D"$1" + shift + elif [ "x$1" =3D "-6" ]; then + family=3D"$1" + shift + else + family=3D"-4" + fi cmd=3D"$1" rules=3D"$2" veindent @@ -221,7 +230,7 @@ _ip_rule_runner() { ruN=3D"$(_trim "${ru}")" [ -z "${ruN}" ] && continue vebegin "${cmd} ${ruN}" - ip rule ${cmd} ${ru} + ip $family rule ${cmd} ${ru} veend $? local IFS=3D"$__IFS" done @@ -277,15 +286,30 @@ iproute2_post_start() if [ -e /proc/net/route ]; then local rules=3D"$(_get_array "rules_${IFVAR}")" if [ -n "${rules}" ]; then - if ! ip rule list | grep -q "^"; then + if ! ip -4 rule list | grep -q "^"; then eerror "IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES) needed for ip = rule" else service_set_value "ip_rule" "${rules}" - einfo "Adding RPDB rules" - _ip_rule_runner add "${rules}" + einfo "Adding IPv4 RPDB rules" + _ip_rule_runner -4 add "${rules}" fi fi - ip route flush table cache dev "${IFACE}" + ip -4 route flush table cache dev "${IFACE}" + fi + + # Kernel may not have IPv6 built in + if [ -e /proc/net/ipv6_route ]; then + local rules=3D"$(_get_array "rules6_${IFVAR}")" + if [ -n "${rules}" ]; then + if ! ip -6 rule list | grep -q "^"; then + eerror "IPv6 Policy Routing (CONFIG_IPV6_MULTIPLE_TABLES) needed for= ip rule" + else + service_set_value "ip6_rule" "${rules}" + einfo "Adding IPv6 RPDB rules" + _ip_rule_runner -6 add "${rules}" + fi + fi + ip -6 route flush table cache dev "${IFACE}" fi =20 if _iproute2_ipv6_tentative; then @@ -308,13 +332,27 @@ iproute2_post_stop() if [ -e /proc/net/route ]; then local rules=3D"$(service_get_value "ip_rule")" if [ -n "${rules}" ]; then - einfo "Removing RPDB rules" - _ip_rule_runner del "${rules}" + einfo "Removing IPv4 RPDB rules" + _ip_rule_runner -4 del "${rules}" + fi + + # Only do something if the interface actually exist + if _exists; then + ip -4 route flush table cache dev "${IFACE}" + fi + fi +=09 + # Kernel may not have IPv6 built in + if [ -e /proc/net/ipv6_route ]; then + local rules=3D"$(service_get_value "ip6_rule")" + if [ -n "${rules}" ]; then + einfo "Removing IPv6 RPDB rules" + _ip_rule_runner -6 del "${rules}" fi =20 # Only do something if the interface actually exist if _exists; then - ip route flush table cache dev "${IFACE}" + ip -6 route flush table cache dev "${IFACE}" fi fi =20