summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarie Rannou2009-10-28 10:13:29 +0100
committerMarie Rannou2009-10-28 10:13:29 +0100
commit6d3ebceed4efc0200135088332c101152c355237 (patch)
tree64c717f0d75cbdcbcb83a12986a300e46a9410b6
parent630cc4392fb9648c89691c95d9965397b7274d68 (diff)
[ndd] First draft of igmp snooping implementation in autoconf
-rw-r--r--application/ndd/src/config_creator.c47
-rw-r--r--application/spidlib/inc/path.h4
2 files changed, 51 insertions, 0 deletions
diff --git a/application/ndd/src/config_creator.c b/application/ndd/src/config_creator.c
index 244ceea4c1..24de40dce8 100644
--- a/application/ndd/src/config_creator.c
+++ b/application/ndd/src/config_creator.c
@@ -40,6 +40,7 @@ extern int tag_vlan_one_port (spidlib_service_type_t* service_type, int* slave_i
extern int tag_vlan_several_ports(int* nb_ports, spidlib_service_type_t* service_type, int* slave_index, int* vid_tag) ;
extern int get_slave_config(char* mac, spidlib_service_type_t* service_type, int* slave_index);
extern int config_creator(char* mac_address, unsigned int * nb_eth_ports, unsigned int* architecture);
+extern int create_IGMP_snooping_file (char* mac);
static unsigned char output_level_values[10] = {SPIDLIB_WHITELIST_OUTPUT_LEVEL_MIN, 105, 108, 111, 114, 117, 120, 123, 126, SPIDLIB_WHITELIST_OUTPUT_LEVEL_MAX};
@@ -1055,6 +1056,49 @@ int find_config(char* mac, char* path)
return -1;
}
+/*-----------------------------------------------------------------------------
+ Function: create_IGMP_snooping_file
+ Description: Create rules to prevent all multicast IGMP packets
+ for not allowed slaves in igmp whitelist
+ Input: slave mac address
+Output: 0 - execution is correct
+ -1 - there are errors
+ Error handling: Only return value should be checked, errno is not used.
+-----------------------------------------------------------------------------*/
+int create_IGMP_snooping_file(char* mac)
+{
+ int fd_exec_slave = -1, ret = -1;
+ char temp[256];
+ char line [MAX_LINE_LEN];
+ int elt_number = 2;
+ char *elt[elt_number];
+ char mac_address_search[18];
+
+ /* Save mac address*/
+ strcpy(mac_address_search, mac);
+
+ /* Get status of this slave concerning IGMP snooping*/
+ ret = spidlib_read_line(SPIDLIB_IGMP_WL_PATH, " ", mac_address_search, &elt_number, elt, line, MAX_LINE_LEN);
+ if (ret != 0)
+ return -1;
+
+
+ /* In case of this slave is not allowed, launch rules to
+ prevent from all multicast IGMP packets
+ Fill in 88slave */
+ if ((fd_exec_slave = open(SLAVE_FILE, O_WRONLY| O_CREAT | O_APPEND, 0777)) < 0)
+ return -1;
+
+ if (*elt[1] == '0')
+ {
+ write(fd_exec_slave, "\n#IGMP Snooping\n",17);
+ memset(temp, 0, sizeof(temp));
+ sprintf(temp, "ebtables -p 0x0800 --ip-protocol 0x02 -j DROP \nebtables -p 0x8100 --vlan-encap 0x0800 --vlan-ip-protocol 0x02 -j DROP\n");
+ write(fd_exec_slave, temp, strlen(temp));
+ }
+ close (fd_exec_slave);
+ return 0;
+}
/*-----------------------------------------------------------------------------
Function: get_slave_config
@@ -1164,6 +1208,9 @@ int config_creator(char* mac_address, unsigned int * nb_eth_ports, unsigned int*
if (create_DBA_PIR_file(nb_eth_ports, &service_type, &slave_index, &vid_tag) != 0)
syslog(LOG_WARNING, "config_creator: couldn't create DBA PIR rules for slave %s\n", mac_address);
+ /*IGMP snooping management*/
+ if (create_IGMP_snooping_file(mac_address) != 0)
+ syslog(LOG_WARNING, "config_creator: couldn't create IGMP Snooping rules for slave %s\n", mac_address);
/* Check if no config file for this slave still exists*/
diff --git a/application/spidlib/inc/path.h b/application/spidlib/inc/path.h
index f61ac08260..a20b227325 100644
--- a/application/spidlib/inc/path.h
+++ b/application/spidlib/inc/path.h
@@ -67,4 +67,8 @@
#define SPIDLIB_ALARM_ANALOG_CONF_PATH "/etc/alarm_analog.conf"
#define SPIDLIB_ALARM_CURRENT_INFO_PATH "/etc/alarm.info"
+// IGMP snooping
+#define SPIDLIB_IGMP_WL_PATH "/usr/local/etc/igmp_snooping"
+ //MRA
+
#endif