diff options
| author | Ido Schimmel <idosch@nvidia.com> | 2023-07-11 09:59:03 +0300 |
|---|---|---|
| committer | Stephen Hemminger <stephen@networkplumber.org> | 2023-07-13 15:47:17 -0700 |
| commit | 61695c493ec14a63740bbb81e0564f753bd054dd (patch) | |
| tree | c9e547b7b4b482a688000cb76c40101d5db3874d | |
| parent | a28ffdcf45e80623833722e1970a9276a2657a23 (diff) | |
| download | iproute2-61695c493ec14a63740bbb81e0564f753bd054dd.tar.gz | |
f_flower: Treat port 0 as valid
It is not currently possible to add a filter matching on port 0 despite
it being a valid port number. This is caused by cited commit which
treats a value of 0 as an indication that the port was not specified.
Instead of inferring that a port range was specified by checking that both
the minimum and the maximum ports are non-zero, simply add a boolean
argument to parse_range() and set it after parsing a port range.
Before:
# tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass
Illegal "src_port"
# tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass
Illegal "dst_port"
# tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass
Illegal "src_port"
# tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass
Illegal "dst_port"
After:
# tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass
# tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass
# tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass
# tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass
# tc filter show dev swp1 ingress | grep _port
src_port 0
dst_port 0
src_port 0-100
dst_port 0-100
Fixes: 767b6fd620dd ("tc: flower: fix port value truncation")
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Petr Machata <petrm@nvidia.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
| -rw-r--r-- | tc/f_flower.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/tc/f_flower.c b/tc/f_flower.c index c71394f75..737df199a 100644 --- a/tc/f_flower.c +++ b/tc/f_flower.c @@ -735,7 +735,7 @@ static int flower_port_range_attr_type(__u8 ip_proto, enum flower_endpoint type, } /* parse range args in format 10-20 */ -static int parse_range(char *str, __be16 *min, __be16 *max) +static int parse_range(char *str, __be16 *min, __be16 *max, bool *p_is_range) { char *sep; @@ -748,6 +748,8 @@ static int parse_range(char *str, __be16 *min, __be16 *max) if (get_be16(max, sep + 1, 10)) return -1; + + *p_is_range = true; } else { if (get_be16(min, str, 10)) return -1; @@ -759,19 +761,20 @@ static int flower_parse_port(char *str, __u8 ip_proto, enum flower_endpoint endpoint, struct nlmsghdr *n) { + bool is_range = false; char *slash = NULL; __be16 min = 0; __be16 max = 0; int ret; - ret = parse_range(str, &min, &max); + ret = parse_range(str, &min, &max, &is_range); if (ret) { slash = strchr(str, '/'); if (!slash) return -1; } - if (min && max) { + if (is_range) { __be16 min_port_type, max_port_type; if (ntohs(max) <= ntohs(min)) { @@ -784,7 +787,7 @@ static int flower_parse_port(char *str, __u8 ip_proto, addattr16(n, MAX_MSG, min_port_type, min); addattr16(n, MAX_MSG, max_port_type, max); - } else if (slash || (min && !max)) { + } else { int type; type = flower_port_attr_type(ip_proto, endpoint); @@ -802,8 +805,6 @@ static int flower_parse_port(char *str, __u8 ip_proto, return -1; return flower_parse_u16(str, type, mask_type, n, true); } - } else { - return -1; } return 0; } |