Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

tunneldigger-broker: add option to isolate bridge ports

Browse source 
Add new option to a config bridge section to indicate
if a bridge port added to the bridge should be isolated
or not.  The default is 0 (no isolation).

example

config bridge
     option interface 'br-mybridge1446'
     option mtu '1446'
     option isolate '1' # default '0'

Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
This commit is contained in:
Perry Melange 2023-07-29 21:50:28 +02:00 committed by Nick Hainke
parent ab2b1ade27
commit 49cdf15da4
3 changed files with 43 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
net/tunneldigger-broker/files/hook-mtu-changed
View file

@ -21,10 +21,14 @@ if [ -z "$new_bridge" ]; then
exit 1 exit 1
fi fi
# Get the isolation option for this bridge
tunneldigger_get_bridge_isolate isolate "${NEW_MTU}"
# Remove interface from old bridge. # Remove interface from old bridge.
ip link set dev ${INTERFACE} nomaster ip link set dev ${INTERFACE} nomaster
ip link set dev ${old_bridge} mtu ${OLD_MTU} ip link set dev ${old_bridge} mtu ${OLD_MTU}
# Change interface bridge and MTU. # Change interface bridge and MTU.
ip link set dev ${INTERFACE} master ${new_bridge} mtu ${NEW_MTU} ip link set dev ${INTERFACE} master ${new_bridge} mtu ${NEW_MTU}
echo $isolate > /sys/class/net/${INTERFACE}/brport/isolated
ip link set dev ${new_bridge} mtu ${NEW_MTU} ip link set dev ${new_bridge} mtu ${NEW_MTU}

5
net/tunneldigger-broker/files/hook-setup
View file

@ -13,9 +13,14 @@ if [ -z "$bridge" ]; then
exit 1 exit 1
fi fi
# Get the isolation option for this bridge
tunneldigger_get_bridge_isolate isolate "${MTU}"
# Disable IPv6 on this interface as it will be bridged. # Disable IPv6 on this interface as it will be bridged.
echo 1 > /proc/sys/net/ipv6/conf/${INTERFACE}/disable_ipv6 echo 1 > /proc/sys/net/ipv6/conf/${INTERFACE}/disable_ipv6
# Add the interface to the proper bridge and bring it up. # Add the interface to the proper bridge and bring it up.
ip link set dev ${INTERFACE} master ${bridge} mtu ${MTU} up ip link set dev ${INTERFACE} master ${bridge} mtu ${MTU} up
# Isolate the bridge port, if so configured
echo $isolate > /sys/class/net/${INTERFACE}/brport/isolated
# Ensure bridge MTU. # Ensure bridge MTU.
ip link set dev ${bridge} mtu ${MTU} ip link set dev ${bridge} mtu ${MTU}

34
net/tunneldigger-broker/files/tunneldigger.sh
View file

@ -34,3 +34,37 @@ tunneldigger_get_bridge() {
export ${NO_EXPORT:+-n} "$1=$variable" export ${NO_EXPORT:+-n} "$1=$variable"
} }
# Get the isolation option for this bridge
tunneldigger_get_bridge_isolate() {
local variable="$1"
local mtr="$2"
# Overwrite the destination variable.
unset $variable
# Discover the configured bridge.
unset _isolate_bridge
_isolate_bridge=""
handle_bridge() {
local cfg="$1"
config_get cfg_mtu "$cfg" mtu
config_get isolate "$cfg" isolate 0
if [ "$cfg_mtu" != "$mtu" ]; then
return
fi
_isolate_bridge="$isolate"
}
config_load tunneldigger-broker
config_foreach handle_bridge bridge $mtu
if [ -z "$_isolate_bridge" ]; then
return
fi
variable="$_isolate_bridge"
export ${NO_EXPORT:+-n} "$1=$variable"
}