diff options
| author | Perry Melange <isprotejesvalkata@gmail.com> | 2023-07-29 21:50:28 +0200 |
|---|---|---|
| committer | Nick Hainke <vincent@systemli.org> | 2023-08-20 02:25:27 +0200 |
| commit | 49cdf15da458c384d6c0cd19b228e2d84ba205f4 (patch) | |
| tree | 3c8c929259b8beccf201ab12dab215a0dd2e18a8 /net | |
| parent | ab2b1ade2792c4218725ff5f0851141197ac0188 (diff) | |
tunneldigger-broker: add option to isolate bridge ports
Add new option to a config bridge section to indicate
if a bridge port added to the bridge should be isolated
or not. The default is 0 (no isolation).
example
config bridge
option interface 'br-mybridge1446'
option mtu '1446'
option isolate '1' # default '0'
Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
Diffstat (limited to 'net')
| -rwxr-xr-x | net/tunneldigger-broker/files/hook-mtu-changed | 4 | ||||
| -rwxr-xr-x | net/tunneldigger-broker/files/hook-setup | 5 | ||||
| -rw-r--r-- | net/tunneldigger-broker/files/tunneldigger.sh | 34 |
3 files changed, 43 insertions, 0 deletions
diff --git a/net/tunneldigger-broker/files/hook-mtu-changed b/net/tunneldigger-broker/files/hook-mtu-changed index 3cfc59a14..9be884d66 100755 --- a/net/tunneldigger-broker/files/hook-mtu-changed +++ b/net/tunneldigger-broker/files/hook-mtu-changed @@ -21,10 +21,14 @@ if [ -z "$new_bridge" ]; then exit 1 fi +# Get the isolation option for this bridge +tunneldigger_get_bridge_isolate isolate "${NEW_MTU}" + # Remove interface from old bridge. ip link set dev ${INTERFACE} nomaster ip link set dev ${old_bridge} mtu ${OLD_MTU} # Change interface bridge and MTU. ip link set dev ${INTERFACE} master ${new_bridge} mtu ${NEW_MTU} +echo $isolate > /sys/class/net/${INTERFACE}/brport/isolated ip link set dev ${new_bridge} mtu ${NEW_MTU} diff --git a/net/tunneldigger-broker/files/hook-setup b/net/tunneldigger-broker/files/hook-setup index ed809ad6d..08fd17754 100755 --- a/net/tunneldigger-broker/files/hook-setup +++ b/net/tunneldigger-broker/files/hook-setup @@ -13,9 +13,14 @@ if [ -z "$bridge" ]; then exit 1 fi +# Get the isolation option for this bridge +tunneldigger_get_bridge_isolate isolate "${MTU}" + # Disable IPv6 on this interface as it will be bridged. echo 1 > /proc/sys/net/ipv6/conf/${INTERFACE}/disable_ipv6 # Add the interface to the proper bridge and bring it up. ip link set dev ${INTERFACE} master ${bridge} mtu ${MTU} up +# Isolate the bridge port, if so configured +echo $isolate > /sys/class/net/${INTERFACE}/brport/isolated # Ensure bridge MTU. ip link set dev ${bridge} mtu ${MTU} diff --git a/net/tunneldigger-broker/files/tunneldigger.sh b/net/tunneldigger-broker/files/tunneldigger.sh index 3c7b8fff8..5b492d699 100644 --- a/net/tunneldigger-broker/files/tunneldigger.sh +++ b/net/tunneldigger-broker/files/tunneldigger.sh @@ -34,3 +34,37 @@ tunneldigger_get_bridge() { export ${NO_EXPORT:+-n} "$1=$variable" } +# Get the isolation option for this bridge +tunneldigger_get_bridge_isolate() { + local variable="$1" + local mtr="$2" + + # Overwrite the destination variable. + unset $variable + + # Discover the configured bridge. + unset _isolate_bridge + _isolate_bridge="" + handle_bridge() { + local cfg="$1" + + config_get cfg_mtu "$cfg" mtu + config_get isolate "$cfg" isolate 0 + + if [ "$cfg_mtu" != "$mtu" ]; then + return + fi + + _isolate_bridge="$isolate" + } + + config_load tunneldigger-broker + config_foreach handle_bridge bridge $mtu + if [ -z "$_isolate_bridge" ]; then + return + fi + + variable="$_isolate_bridge" + export ${NO_EXPORT:+-n} "$1=$variable" + +} |