diff mbox series

[iproute2] q_cake: Add support for setting the fwmark option

Message ID 20190404130910.19948-1-toke@redhat.com
State Accepted
Delegated to: stephen hemminger
Headers show
Series [iproute2] q_cake: Add support for setting the fwmark option | expand

Commit Message

Toke Høiland-Jørgensen April 4, 2019, 1:09 p.m. UTC
This adds support for the newly added fwmark option to CAKE, which allows
overriding the tin selection from the per-packet firewall marks. The fwmark
field is a bitmask that is applied to the fwmark to select the tin.

Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
---
 man/man8/tc-cake.8 | 16 ++++++++++++++++
 tc/q_cake.c        | 24 ++++++++++++++++++++++++
 2 files changed, 40 insertions(+)

Comments

Stephen Hemminger April 5, 2019, 10:02 p.m. UTC | #1
On Thu,  4 Apr 2019 15:09:10 +0200
Toke Høiland-Jørgensen <toke@redhat.com> wrote:

> This adds support for the newly added fwmark option to CAKE, which allows
> overriding the tin selection from the per-packet firewall marks. The fwmark
> field is a bitmask that is applied to the fwmark to select the tin.
> 
> Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>

Applied. Thanks
diff mbox series

Patch

diff --git a/man/man8/tc-cake.8 b/man/man8/tc-cake.8
index eda436e1..8c57eadd 100644
--- a/man/man8/tc-cake.8
+++ b/man/man8/tc-cake.8
@@ -91,6 +91,10 @@  TIME |
 LIMIT ]
 .br
 [
+.BR fwmark
+MASK ]
+.br
+[
 .BR ptm
 |
 .BR atm
@@ -524,6 +528,18 @@  preset on the modern Internet is firmly discouraged.
 .br
 		Voice (CS7, CS6, EF, VA, TOS4), 25% threshold, reduced Codel interval.
 
+.PP
+.B fwmark
+MASK
+.br
+	This options turns on fwmark-based overriding of CAKE's tin selection.
+If set, the option specifies a bitmask that will be applied to the fwmark
+associated with each packet. If the result of this masking is non-zero, the
+result will be right-shifted by the number of least-significant unset bits in
+the mask value, and the result will be used as a the tin number for that packet.
+This can be used to set policies in a firewall script that will override CAKE's
+built-in tin selection.
+
 .SH OTHER PARAMETERS
 .B memlimit
 LIMIT
diff --git a/tc/q_cake.c b/tc/q_cake.c
index e827e3f1..307a12c0 100644
--- a/tc/q_cake.c
+++ b/tc/q_cake.c
@@ -82,6 +82,7 @@  static void explain(void)
 "                [ split-gso* | no-split-gso ]\n"
 "                [ ack-filter | ack-filter-aggressive | no-ack-filter* ]\n"
 "                [ memlimit LIMIT ]\n"
+"                [ fwmark MASK ]\n"
 "                [ ptm | atm | noatm* ] [ overhead N | conservative | raw* ]\n"
 "                [ mpu N ] [ ingress | egress* ]\n"
 "                (* marks defaults)\n");
@@ -106,6 +107,7 @@  static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
 	int autorate = -1;
 	int ingress = -1;
 	int overhead = 0;
+	int fwmark = -1;
 	int wash = -1;
 	int nat = -1;
 	int atm = -1;
@@ -332,6 +334,16 @@  static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
 					"Illegal value for \"memlimit\": \"%s\"\n", *argv);
 				return -1;
 			}
+		} else if (strcmp(*argv, "fwmark") == 0) {
+			unsigned int fwm;
+
+			NEXT_ARG();
+			if (get_u32(&fwm, *argv, 0)) {
+				fprintf(stderr,
+					"Illegal value for \"fwmark\": \"%s\"\n", *argv);
+				return -1;
+			}
+			fwmark = fwm;
 		} else if (strcmp(*argv, "help") == 0) {
 			explain();
 			return -1;
@@ -376,6 +388,9 @@  static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
 	if (memlimit)
 		addattr_l(n, 1024, TCA_CAKE_MEMORY, &memlimit,
 			  sizeof(memlimit));
+	if (fwmark != -1)
+		addattr_l(n, 1024, TCA_CAKE_FWMARK, &fwmark,
+			  sizeof(fwmark));
 	if (nat != -1)
 		addattr_l(n, 1024, TCA_CAKE_NAT, &nat, sizeof(nat));
 	if (wash != -1)
@@ -409,6 +424,7 @@  static int cake_print_opt(struct qdisc_util *qu, FILE *f, struct rtattr *opt)
 	struct rtattr *tb[TCA_CAKE_MAX + 1];
 	unsigned int interval = 0;
 	unsigned int memlimit = 0;
+	unsigned int fwmark = 0;
 	__u64 bandwidth = 0;
 	int ack_filter = 0;
 	int split_gso = 0;
@@ -507,6 +523,10 @@  static int cake_print_opt(struct qdisc_util *qu, FILE *f, struct rtattr *opt)
 	    RTA_PAYLOAD(tb[TCA_CAKE_RTT]) >= sizeof(__u32)) {
 		interval = rta_getattr_u32(tb[TCA_CAKE_RTT]);
 	}
+	if (tb[TCA_CAKE_FWMARK] &&
+	    RTA_PAYLOAD(tb[TCA_CAKE_FWMARK]) >= sizeof(__u32)) {
+		fwmark = rta_getattr_u32(tb[TCA_CAKE_FWMARK]);
+	}
 
 	if (wash)
 		print_string(PRINT_FP, NULL, "wash ", NULL);
@@ -559,6 +579,10 @@  static int cake_print_opt(struct qdisc_util *qu, FILE *f, struct rtattr *opt)
 			     sprint_size(memlimit, b1));
 	}
 
+	if (fwmark)
+		print_uint(PRINT_FP, NULL, "fwmark 0x%x ", fwmark);
+	print_0xhex(PRINT_JSON, "fwmark", NULL, fwmark);
+
 	return 0;
 }