-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy path8311-fix-vlans.sh
executable file
·131 lines (100 loc) · 4.6 KB
/
8311-fix-vlans.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#!/bin/sh
# Location of detect-config script, required if CONFIG file does not exist
DETECT_CONFIG="/root/8311-detect-config.sh"
# Location of configuration file, will be generated if it doesn't exist
CONFIG_FILE="/tmp/8311-config.sh"
####################################################
. /root/8311-vlans-lib.sh
### Configuration
UNICAST_IFACE=eth0_0
MULTICAST_IFACE=eth0_0_2
CONFIG_FILE=${CONFIG_FILE:-"/tmp/8311-config.sh"}
DETECT_CONFIG=${DETECT_CONFIG:-"/root/8311-detect-config.sh"}
if [ ! -e "$DETECT_CONFIG" ]; then
echo "Required detection script '$DETECT_CONFIG' missing." >&2
exit 1
fi
# Read config file if it exists
STATE_HASH=
FIX_ENABLED=
[ -f "$CONFIG_FILE" ] && . "$CONFIG_FILE"
if [ -n "$FIX_ENABLED" ] && [ "$FIX_ENABLED" -eq 0 ] 2>/dev/null; then
exit 69
fi
NEW_STATE_HASH=$("$DETECT_CONFIG" -H)
CONFIG_RESET=0
if [ ! -f "$CONFIG_FILE" ] || [ "$NEW_STATE_HASH" != "$STATE_HASH" ]; then
echo "Config file '$CONFIG_FILE' does not exist or state changed, detecting configuration..."
"$DETECT_CONFIG" -c "$CONFIG_FILE" > /dev/null
if [ ! -f "$CONFIG_FILE" ]; then
echo "Error: Unable to detect configuration." >&2
exit 1
fi
CONFIG_RESET=1
fi
. "$CONFIG_FILE"
if [ -n "$FIX_ENABLED" ] && [ "$FIX_ENABLED" -eq 0 ] 2>/dev/null; then
exit 69
fi
if ! { [ -n "$INTERNET_VLAN" ] && [ -n "$INTERNET_PMAP" ] && [ -n "$UNICAST_VLAN" ]; }; then
echo "Required variables INTERNET_VLAN, INTERNET_PMAP, and UNICAST_VLAN are not properly set." >&2
exit 1
fi
### Downstream
internet_pmap_ds_rules() {
if [ "$INTERNET_VLAN" -ne 0 ]; then
# Tagged
tc_flower_add dev $INTERNET_PMAP ingress handle 0x1 protocol 802.1Q pref 1 flower skip_sw action vlan modify id $INTERNET_VLAN protocol 802.1Q pass
else
# Untagged
tc_flower_add dev $INTERNET_PMAP ingress handle 0x1 protocol 802.1Q pref 1 flower skip_sw action vlan pop pass
fi
}
services_pmap_ds_rules() {
tc_flower_add dev $SERVICES_PMAP ingress handle 0x1 protocol 802.1Q pref 1 flower skip_sw action vlan modify id $SERVICES_VLAN protocol 802.1Q pass
}
multicast_iface_ds_rules() {
tc_flower_add dev $MULTICAST_IFACE egress handle 0x1 protocol 802.1Q pref 1 flower skip_sw action vlan modify id $SERVICES_VLAN priority 5 protocol 802.1Q pass
}
## Internet
[ "$CONFIG_RESET" -eq 1 ] && tc_flower_clear dev $INTERNET_PMAP ingress
internet_pmap_ds_rules || { tc_flower_clear dev $INTERNET_PMAP ingress; internet_pmap_ds_rules; }
# Services
if [ -n "$SERVICES_PMAP" ]; then
[ "$CONFIG_RESET" -eq 1 ] && tc_flower_clear dev $SERVICES_PMAP ingress
services_pmap_ds_rules || { tc_flower_clear dev $SERVICES_PMAP ingress; services_pmap_ds_rules; }
fi
# Multicast
if [ -n "$SERVICES_PMAP" ] && [ -n "$MULTICAST_GEM" ] ; then
[ "$CONFIG_RESET" -eq 1 ] && tc_flower_clear dev $MULTICAST_IFACE egress
multicast_iface_ds_rules || { tc_flower_clear dev $MULTICAST_IFACE egress; multicast_iface_ds_rules; }
fi
### Upstream
internet_pmap_us_rules() {
if [ "$INTERNET_VLAN" -ne 0 ]; then
# Tagged
tc_flower_add dev $INTERNET_PMAP egress handle 0x1 protocol 802.1Q pref 1 flower vlan_id $INTERNET_VLAN skip_sw action vlan modify id $UNICAST_VLAN protocol 802.1Q pass &&
tc_flower_add dev $INTERNET_PMAP egress handle 0x2 protocol 802.1Q pref 2 flower skip_sw action drop &&
tc_flower_add dev $INTERNET_PMAP egress handle 0x3 protocol all pref 3 flower skip_sw action drop
else
# Untag
tc_flower_add dev $INTERNET_PMAP egress handle 0x1 protocol 802.1Q pref 1 flower skip_sw action drop &&
tc_flower_add dev $INTERNET_PMAP egress handle 0x2 protocol all pref 2 flower skip_sw action vlan push id $UNICAST_VLAN priority 0 protocol 802.1Q pass
fi
}
services_pmap_us_rules() {
tc_flower_add dev $SERVICES_PMAP egress handle 0x1 protocol 802.1Q pref 1 flower vlan_id $SERVICES_VLAN skip_sw action vlan modify id $UNICAST_VLAN protocol 802.1Q pass &&
tc_flower_add dev $SERVICES_PMAP egress handle 0x2 protocol 802.1Q pref 2 flower skip_sw action drop &&
tc_flower_add dev $SERVICES_PMAP egress handle 0x3 protocol all pref 3 flower skip_sw action drop
}
# Internet
[ "$CONFIG_RESET" -eq 1 ] && tc_flower_clear dev $INTERNET_PMAP egress
internet_pmap_us_rules || { tc_flower_clear dev $INTERNET_PMAP egress; internet_pmap_us_rules; }
# Services
if [ -n "$SERVICES_PMAP" ]; then
[ "$CONFIG_RESET" -eq 1 ] && tc_flower_clear dev $SERVICES_PMAP egress
services_pmap_us_rules || { tc_flower_clear dev $SERVICES_PMAP egress; services_pmap_us_rules; }
fi
# Cleanup
tc_flower_clear dev $UNICAST_IFACE egress
tc_flower_clear dev $UNICAST_IFACE ingress