From b6c7c4a87b28abadb84c1eaf05d68f7a8734fd57 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 03:12:38 +0900 Subject: [PATCH 1/8] network: update log message for rtnl messages --- src/network/networkd-manager.c | 37 ++++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index 344fc08c5b..f400738f05 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -691,7 +691,7 @@ int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message, switch (type) { case RTM_NEWNEIGH: if (neighbor) - log_link_debug(link, "Remembering neighbor: %s->%s", + log_link_debug(link, "Received remembered neighbor: %s->%s", strnull(addr_str), strnull(lladdr_str)); else { /* A neighbor appeared that we did not request */ @@ -1181,9 +1181,12 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, voi switch (type) { case RTM_NEWRULE: - if (!rule) { + if (rule) + log_debug("Received remembered routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", + strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); + else { log_debug("Remembering foreign routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", - from, tmp->from_prefixlen, to, tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); + strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); r = routing_policy_rule_add_foreign(m, tmp, &rule); if (r < 0) { log_warning_errno(r, "Could not remember foreign rule, ignoring: %m"); @@ -1192,10 +1195,13 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, voi } break; case RTM_DELRULE: - log_debug("Forgetting routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", - from, tmp->from_prefixlen, to, tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); - routing_policy_rule_free(rule); - + if (rule) { + log_debug("Forgetting routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", + strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); + routing_policy_rule_free(rule); + } else + log_debug("Kernel removed a routing policy rule we don't remember: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u, ignoring.", + strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); break; default: @@ -1298,19 +1304,24 @@ int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message, switch (type) { case RTM_NEWNEXTHOP: - if (!nexthop) { - log_debug("Remembering foreign nexthop: %s, oif: %d, id: %d", gateway, tmp->oif, tmp->id); + if (nexthop) + log_link_debug(link, "Received remembered nexthop: %s, oif: %d, id: %d", strna(gateway), tmp->oif, tmp->id); + else { + log_link_debug(link, "Remembering foreign nexthop: %s, oif: %d, id: %d", strna(gateway), tmp->oif, tmp->id); r = nexthop_add_foreign(link, tmp, &nexthop); if (r < 0) { - log_warning_errno(r, "Could not remember foreign nexthop, ignoring: %m"); + log_link_warning_errno(link, r, "Could not remember foreign nexthop, ignoring: %m"); return 0; } } break; case RTM_DELNEXTHOP: - log_debug("Forgetting foreign nexthop: %s, oif: %d, id: %d", gateway, tmp->oif, tmp->id); - nexthop_free(nexthop); - + if (nexthop) { + log_link_debug(link, "Forgetting nexthop: %s, oif: %d, id: %d", strna(gateway), tmp->oif, tmp->id); + nexthop_free(nexthop); + } else + log_link_debug(link, "Kernel removed a nexthop we don't remember: %s, oif: %d, id: %d, ignoring.", + strna(gateway), tmp->oif, tmp->id); break; default: From 755dbda35514556647290a3e19a0410b9886cc72 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 03:49:14 +0900 Subject: [PATCH 2/8] network: also logs priority of routing policy rules --- src/network/networkd-manager.c | 16 ++++++++-------- src/network/networkd-routing-policy-rule.c | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index f400738f05..329020c451 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -1182,11 +1182,11 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, voi switch (type) { case RTM_NEWRULE: if (rule) - log_debug("Received remembered routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", - strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); + log_debug("Received remembered routing policy rule: priority: %"PRIu32", %s/%u -> %s/%u, iif: %s, oif: %s, table: %"PRIu32, + tmp->priority, strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); else { - log_debug("Remembering foreign routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", - strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); + log_debug("Remembering foreign routing policy rule: priority: %"PRIu32", %s/%u -> %s/%u, iif: %s, oif: %s, table: %"PRIu32, + tmp->priority, strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); r = routing_policy_rule_add_foreign(m, tmp, &rule); if (r < 0) { log_warning_errno(r, "Could not remember foreign rule, ignoring: %m"); @@ -1196,12 +1196,12 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, voi break; case RTM_DELRULE: if (rule) { - log_debug("Forgetting routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", - strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); + log_debug("Forgetting routing policy rule: priority: %"PRIu32", %s/%u -> %s/%u, iif: %s, oif: %s, table: %"PRIu32, + tmp->priority, strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); routing_policy_rule_free(rule); } else - log_debug("Kernel removed a routing policy rule we don't remember: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u, ignoring.", - strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); + log_debug("Kernel removed a routing policy rule we don't remember: priority: %"PRIu32", %s/%u -> %s/%u, iif: %s, oif: %s, table: %"PRIu32", ignoring.", + tmp->priority, strna(from), tmp->from_prefixlen, strna(to), tmp->to_prefixlen, strna(tmp->iif), strna(tmp->oif), tmp->table); break; default: diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 0905056cf7..caff3ee77c 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -473,8 +473,8 @@ int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, link_netl (void) in_addr_to_string(rule->family, &rule->to, &to); log_link_debug(link, - "Configuring routing policy rule: %s/%u -> %s/%u, iif: %s, oif: %s, table: %u", - from, rule->from_prefixlen, to, rule->to_prefixlen, strna(rule->iif), strna(rule->oif), rule->table); + "Configuring routing policy rule: priority: %"PRIu32", %s/%u -> %s/%u, iif: %s, oif: %s, table: %"PRIu32, + rule->priority, strna(from), rule->from_prefixlen, strna(to), rule->to_prefixlen, strna(rule->iif), strna(rule->oif), rule->table); } r = sd_rtnl_message_new_routing_policy_rule(link->manager->rtnl, &m, RTM_NEWRULE, rule->family); From d85b0d69f1aa6cf256f396454608f2df91ef387c Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 03:50:08 +0900 Subject: [PATCH 3/8] network: add debug log for removing routing policy rules --- src/network/networkd-routing-policy-rule.c | 31 +++++++++++++++------- src/network/networkd-routing-policy-rule.h | 4 +-- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index caff3ee77c..5fa295fa1a 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -333,37 +333,48 @@ static int routing_policy_rule_remove_handler(sd_netlink *rtnl, sd_netlink_messa return 1; } -int routing_policy_rule_remove(RoutingPolicyRule *routing_policy_rule, Link *link, link_netlink_message_handler_t callback) { +int routing_policy_rule_remove(RoutingPolicyRule *rule, Link *link, link_netlink_message_handler_t callback) { _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; int r; - assert(routing_policy_rule); + assert(rule); assert(link); assert(link->manager); assert(link->manager->rtnl); assert(link->ifindex > 0); - assert(IN_SET(routing_policy_rule->family, AF_INET, AF_INET6)); + assert(IN_SET(rule->family, AF_INET, AF_INET6)); - r = sd_rtnl_message_new_routing_policy_rule(link->manager->rtnl, &m, RTM_DELRULE, routing_policy_rule->family); + if (DEBUG_LOGGING) { + _cleanup_free_ char *from = NULL, *to = NULL; + + (void) in_addr_to_string(rule->family, &rule->from, &from); + (void) in_addr_to_string(rule->family, &rule->to, &to); + + log_link_debug(link, + "Removing routing policy rule: priority: %"PRIu32", %s/%u -> %s/%u, iif: %s, oif: %s, table: %"PRIu32, + rule->priority, strna(from), rule->from_prefixlen, strna(to), rule->to_prefixlen, strna(rule->iif), strna(rule->oif), rule->table); + } + + r = sd_rtnl_message_new_routing_policy_rule(link->manager->rtnl, &m, RTM_DELRULE, rule->family); if (r < 0) return log_link_error_errno(link, r, "Could not allocate RTM_DELRULE message: %m"); - if (in_addr_is_null(routing_policy_rule->family, &routing_policy_rule->from) == 0) { - r = netlink_message_append_in_addr_union(m, FRA_SRC, routing_policy_rule->family, &routing_policy_rule->from); + if (in_addr_is_null(rule->family, &rule->from) == 0) { + r = netlink_message_append_in_addr_union(m, FRA_SRC, rule->family, &rule->from); if (r < 0) return log_link_error_errno(link, r, "Could not append FRA_SRC attribute: %m"); - r = sd_rtnl_message_routing_policy_rule_set_rtm_src_prefixlen(m, routing_policy_rule->from_prefixlen); + r = sd_rtnl_message_routing_policy_rule_set_rtm_src_prefixlen(m, rule->from_prefixlen); if (r < 0) return log_link_error_errno(link, r, "Could not set source prefix length: %m"); } - if (in_addr_is_null(routing_policy_rule->family, &routing_policy_rule->to) == 0) { - r = netlink_message_append_in_addr_union(m, FRA_DST, routing_policy_rule->family, &routing_policy_rule->to); + if (in_addr_is_null(rule->family, &rule->to) == 0) { + r = netlink_message_append_in_addr_union(m, FRA_DST, rule->family, &rule->to); if (r < 0) return log_link_error_errno(link, r, "Could not append FRA_DST attribute: %m"); - r = sd_rtnl_message_routing_policy_rule_set_rtm_dst_prefixlen(m, routing_policy_rule->to_prefixlen); + r = sd_rtnl_message_routing_policy_rule_set_rtm_dst_prefixlen(m, rule->to_prefixlen); if (r < 0) return log_link_error_errno(link, r, "Could not set destination prefix length: %m"); } diff --git a/src/network/networkd-routing-policy-rule.h b/src/network/networkd-routing-policy-rule.h index 21ca0e8021..af954e8fb5 100644 --- a/src/network/networkd-routing-policy-rule.h +++ b/src/network/networkd-routing-policy-rule.h @@ -62,8 +62,8 @@ void routing_policy_rule_free(RoutingPolicyRule *rule); DEFINE_NETWORK_SECTION_FUNCTIONS(RoutingPolicyRule, routing_policy_rule_free); int routing_policy_rule_section_verify(RoutingPolicyRule *rule); -int routing_policy_rule_configure(RoutingPolicyRule *address, Link *link, link_netlink_message_handler_t callback); -int routing_policy_rule_remove(RoutingPolicyRule *routing_policy_rule, Link *link, link_netlink_message_handler_t callback); +int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, link_netlink_message_handler_t callback); +int routing_policy_rule_remove(RoutingPolicyRule *rule, Link *link, link_netlink_message_handler_t callback); int routing_policy_rule_add_foreign(Manager *m, RoutingPolicyRule *rule, RoutingPolicyRule **ret); int routing_policy_rule_get(Manager *m, RoutingPolicyRule *rule, RoutingPolicyRule **ret); From c2d6fcb1478129cbd2971298cc4b095c462242ac Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 04:26:49 +0900 Subject: [PATCH 4/8] network: do not assign return value if the parse_fwmark_fwmask() fails This also removes redundant logs, and makes input string not copied if it does not contain '/'. --- src/network/networkd-routing-policy-rule.c | 43 ++++++++++++---------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 5fa295fa1a..94bae87a88 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -655,31 +655,36 @@ int routing_policy_rule_section_verify(RoutingPolicyRule *rule) { return 0; } -static int parse_fwmark_fwmask(const char *s, uint32_t *fwmark, uint32_t *fwmask) { - _cleanup_free_ char *f = NULL; - char *p; +static int parse_fwmark_fwmask(const char *s, uint32_t *ret_fwmark, uint32_t *ret_fwmask) { + _cleanup_free_ char *fwmark_str = NULL; + uint32_t fwmark, fwmask = 0; + const char *slash; int r; assert(s); + assert(ret_fwmark); + assert(ret_fwmask); - f = strdup(s); - if (!f) - return -ENOMEM; - - p = strchr(f, '/'); - if (p) - *p++ = '\0'; - - r = safe_atou32(f, fwmark); - if (r < 0) - return log_error_errno(r, "Failed to parse RPDB rule firewall mark, ignoring: %s", f); - - if (p) { - r = safe_atou32(p, fwmask); - if (r < 0) - return log_error_errno(r, "Failed to parse RPDB rule mask, ignoring: %s", f); + slash = strchr(s, '/'); + if (slash) { + fwmark_str = strndup(s, slash - s); + if (!fwmark_str) + return -ENOMEM; } + r = safe_atou32(fwmark_str ?: s, &fwmark); + if (r < 0) + return r; + + if (slash) { + r = safe_atou32(slash + 1, &fwmask); + if (r < 0) + return r; + } + + *ret_fwmark = fwmark; + *ret_fwmask = fwmask; + return 0; } From bd1000b4a074a856026ddb3da5f77076803f64a5 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 04:45:54 +0900 Subject: [PATCH 5/8] network: fix the default mask for FirewallMark= And always send FRA_FWMASK if FirewallMark= is set. C.f. https://github.com/torvalds/linux/commit/b8964ed9fa727109c9084abc807652ebfb681c18 Partially fixes #16784. --- src/network/networkd-routing-policy-rule.c | 19 +++++++++++-------- src/network/test-routing-policy-rule.c | 2 +- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 94bae87a88..69608e9e48 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -540,9 +540,7 @@ int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, link_netl r = sd_netlink_message_append_u32(m, FRA_FWMARK, rule->fwmark); if (r < 0) return log_link_error_errno(link, r, "Could not append FRA_FWMARK attribute: %m"); - } - if (rule->fwmask > 0) { r = sd_netlink_message_append_u32(m, FRA_FWMASK, rule->fwmask); if (r < 0) return log_link_error_errno(link, r, "Could not append FRA_FWMASK attribute: %m"); @@ -676,10 +674,13 @@ static int parse_fwmark_fwmask(const char *s, uint32_t *ret_fwmark, uint32_t *re if (r < 0) return r; - if (slash) { - r = safe_atou32(slash + 1, &fwmask); - if (r < 0) - return r; + if (fwmark > 0) { + if (slash) { + r = safe_atou32(slash + 1, &fwmask); + if (r < 0) + return r; + } else + fwmask = UINT32_MAX; } *ret_fwmark = fwmark; @@ -1239,9 +1240,11 @@ int routing_policy_serialize_rules(Set *rules, FILE *f) { } if (rule->fwmark != 0) { - fprintf(f, "%sfwmark=%"PRIu32"/%"PRIu32, + fprintf(f, "%sfwmark=%"PRIu32, space ? " " : "", - rule->fwmark, rule->fwmask); + rule->fwmark); + if (rule->fwmask != UINT32_MAX) + fprintf(f, "/%"PRIu32, rule->fwmask); space = true; } diff --git a/src/network/test-routing-policy-rule.c b/src/network/test-routing-policy-rule.c index 85924bc0c9..78755927c7 100644 --- a/src/network/test-routing-policy-rule.c +++ b/src/network/test-routing-policy-rule.c @@ -67,7 +67,7 @@ int main(int argc, char **argv) { test_rule_serialization("ignored values", "RULE=something=to=ignore from=1.2.3.4/32 from=1.2.3.4/32" " \t to=2.3.4.5/24 to=2.3.4.5/32 tos=5 fwmark=2 fwmark=1 table=10 table=20", - "RULE=family=AF_INET from=1.2.3.4/32 to=2.3.4.5/32 tos=5 fwmark=1/0 invert_rule=no table=20"); + "RULE=family=AF_INET from=1.2.3.4/32 to=2.3.4.5/32 tos=5 fwmark=1 invert_rule=no table=20"); test_rule_serialization("ipv6", "RULE=family=AF_INET6 from=1::2/64 to=2::3/64 invert_rule=yes table=6", NULL); From 2102d33cfbb88e1867317185a63c4f3284478ea4 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 04:59:39 +0900 Subject: [PATCH 6/8] network: also process RTM_NEWRULE or RTM_DELRULE message which does not contain src and dst addresses Fixes #16784. --- src/network/networkd-manager.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index 329020c451..dbbc6b64bc 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -1082,9 +1082,6 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, voi assert_not_reached("Received rule message with unsupported address family"); } - if (tmp->from_prefixlen == 0 && tmp->to_prefixlen == 0) - return 0; - r = sd_rtnl_message_routing_policy_rule_get_flags(message, &flags); if (r < 0) { log_warning_errno(r, "rtnl: received rule message without valid flag, ignoring: %m"); From 17d2b2e4eff151e6e6bf20e97c70defd76218cc2 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 05:05:08 +0900 Subject: [PATCH 7/8] network: replace FRA_IFNAME -> FRA_IIFNAME No functional change, as FRA_IFNAME is an alias of FRA_IIFNAME. --- src/network/networkd-routing-policy-rule.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 69608e9e48..3b95ea76b0 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -547,9 +547,9 @@ int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, link_netl } if (rule->iif) { - r = sd_netlink_message_append_string(m, FRA_IFNAME, rule->iif); + r = sd_netlink_message_append_string(m, FRA_IIFNAME, rule->iif); if (r < 0) - return log_link_error_errno(link, r, "Could not append FRA_IFNAME attribute: %m"); + return log_link_error_errno(link, r, "Could not append FRA_IIFNAME attribute: %m"); } if (rule->oif) { From 87adeabfb7edd0c2c626a135bcffbc02229d8425 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 9 Sep 2020 05:09:58 +0900 Subject: [PATCH 8/8] test-network: update tests for issue #16784 --- .../routing-policy-rule-reconfigure.network | 33 ++++++++++ test/test-network/systemd-networkd-tests.py | 65 +++++++++++-------- 2 files changed, 70 insertions(+), 28 deletions(-) create mode 100644 test/test-network/conf/routing-policy-rule-reconfigure.network diff --git a/test/test-network/conf/routing-policy-rule-reconfigure.network b/test/test-network/conf/routing-policy-rule-reconfigure.network new file mode 100644 index 0000000000..ca38b78f13 --- /dev/null +++ b/test/test-network/conf/routing-policy-rule-reconfigure.network @@ -0,0 +1,33 @@ +[Match] +Name=test1 + +[Network] +IPv6AcceptRA=no + +# fwmark +[RoutingPolicyRule] +Table=1011 +Family=ipv4 +Priority=10111 +FirewallMark=1011 + +# oif +[RoutingPolicyRule] +Table=1011 +Family=ipv4 +Priority=10112 +OutgoingInterface=test1 + +# iif +[RoutingPolicyRule] +Table=1011 +Family=ipv4 +Priority=10113 +IncomingInterface=test1 + +# source +[RoutingPolicyRule] +Table=1011 +Family=ipv4 +Priority=10114 +From=192.168.8.254 diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py index 951b2d1edb..838850178e 100755 --- a/test/test-network/systemd-networkd-tests.py +++ b/test/test-network/systemd-networkd-tests.py @@ -1735,9 +1735,11 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities): '25-vrf.network', '26-link-local-addressing-ipv6.network', 'routing-policy-rule-dummy98.network', - 'routing-policy-rule-test1.network'] + 'routing-policy-rule-test1.network', + 'routing-policy-rule-reconfigure.network', + ] - routing_policy_rule_tables = ['7', '8', '9'] + routing_policy_rule_tables = ['7', '8', '9', '1011'] routes = [['blackhole', '202.54.1.2'], ['unreachable', '202.54.1.3'], ['prohibit', '202.54.1.4']] def setUp(self): @@ -1970,32 +1972,6 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities): self.assertRegex(output, 'iif test1') self.assertRegex(output, 'lookup 8') - output = check_output('ip -6 rule list iif test1 priority 101') - print(output) - self.assertRegex(output, '101:') - self.assertRegex(output, 'from all') - self.assertRegex(output, 'iif test1') - self.assertRegex(output, 'lookup 9') - - run('ip rule delete iif test1 priority 111') - - output = check_output('ip rule list iif test1 priority 111') - print(output) - self.assertEqual(output, '') - - run(*networkctl_cmd, 'reconfigure', 'test1', env=env) - - self.wait_online(['test1:degraded']) - - output = check_output('ip rule list iif test1 priority 111') - print(output) - self.assertRegex(output, '111:') - self.assertRegex(output, 'from 192.168.100.18') - self.assertRegex(output, r'tos (0x08|throughput)\s') - self.assertRegex(output, 'iif test1') - self.assertRegex(output, 'oif test1') - self.assertRegex(output, 'lookup 7') - def test_routing_policy_rule_issue_11280(self): copy_unit_to_networkd_unit_path('routing-policy-rule-test1.network', '11-dummy.netdev', 'routing-policy-rule-dummy98.network', '12-dummy.netdev') @@ -2016,6 +1992,39 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities): stop_networkd(remove_state_files=False) + def test_routing_policy_rule_reconfigure(self): + copy_unit_to_networkd_unit_path('routing-policy-rule-reconfigure.network', '11-dummy.netdev') + start_networkd() + self.wait_online(['test1:degraded']) + + output = check_output('ip rule list table 1011') + print(output) + self.assertRegex(output, '10111: from all fwmark 0x3f3 lookup 1011') + self.assertRegex(output, '10112: from all oif test1 lookup 1011') + self.assertRegex(output, '10113: from all iif test1 lookup 1011') + self.assertRegex(output, '10114: from 192.168.8.254 lookup 1011') + + run('ip rule delete priority 10111') + run('ip rule delete priority 10112') + run('ip rule delete priority 10113') + run('ip rule delete priority 10114') + run('ip rule delete priority 10115') + + output = check_output('ip rule list table 1011') + print(output) + self.assertEqual(output, '') + + run(*networkctl_cmd, 'reconfigure', 'test1', env=env) + + self.wait_online(['test1:degraded']) + + output = check_output('ip rule list table 1011') + print(output) + self.assertRegex(output, '10111: from all fwmark 0x3f3 lookup 1011') + self.assertRegex(output, '10112: from all oif test1 lookup 1011') + self.assertRegex(output, '10113: from all iif test1 lookup 1011') + self.assertRegex(output, '10114: from 192.168.8.254 lookup 1011') + @expectedFailureIfRoutingPolicyPortRangeIsNotAvailable() def test_routing_policy_rule_port_range(self): copy_unit_to_networkd_unit_path('25-fibrule-port-range.network', '11-dummy.netdev')