[PATCH 1/6] add device setting for ip forwarding

Joerg Vehlow lkml at jv-coder.de
Thu Nov 3 23:20:48 PDT 2022 

From: Joerg Vehlow <joerg.vehlow at aox.de>

This allows changing the ip_forwarding setting per device
for ipv4 and ipv6 with ip_forwarding and ip6_forwarding
---
 device.c       | 18 ++++++++++++++++++
 device.h       |  6 ++++++
 system-linux.c | 37 +++++++++++++++++++++++++++++++++++++
 3 files changed, 61 insertions(+)

diff --git a/device.c b/device.c
index b3d0e85..4f55906 100644
--- a/device.c
+++ b/device.c
@@ -63,6 +63,8 @@ static const struct blobmsg_policy dev_attrs[__DEV_ATTR_MAX] = {
 	[DEV_ATTR_AUTH] = { .name = "auth", .type = BLOBMSG_TYPE_BOOL },
 	[DEV_ATTR_SPEED] = { .name = "speed", .type = BLOBMSG_TYPE_INT32 },
 	[DEV_ATTR_DUPLEX] = { .name = "duplex", .type = BLOBMSG_TYPE_BOOL },
+	[DEV_ATTR_IP_FORWARDING] = { .name = "ip_forwarding", .type = BLOBMSG_TYPE_BOOL},
+	[DEV_ATTR_IP6_FORWARDING] = { .name = "ip6_forwarding", .type = BLOBMSG_TYPE_BOOL},
 };
 
 const struct uci_blob_param_list device_attr_list = {
@@ -280,6 +282,8 @@ device_merge_settings(struct device *dev, struct device_settings *n)
 	n->auth = s->flags & DEV_OPT_AUTH ? s->auth : os->auth;
 	n->speed = s->flags & DEV_OPT_SPEED ? s->speed : os->speed;
 	n->duplex = s->flags & DEV_OPT_DUPLEX ? s->duplex : os->duplex;
+	n->ip_forwarding = s->flags & DEV_OPT_IP_FORWARDING ? s->ip_forwarding : os->ip_forwarding;
+	n->ip6_forwarding = s->flags & DEV_OPT_IP6_FORWARDING ? s->ip6_forwarding : os->ip6_forwarding;
 	n->flags = s->flags | os->flags | os->valid_flags;
 }
 
@@ -464,6 +468,16 @@ device_init_settings(struct device *dev, struct blob_attr **tb)
 		s->flags |= DEV_OPT_DUPLEX;
 	}
 
+	if ((cur = tb[DEV_ATTR_IP_FORWARDING])) {
+		s->ip_forwarding = blobmsg_get_bool(cur);
+		s->flags |= DEV_OPT_IP_FORWARDING;
+	}
+
+	if ((cur = tb[DEV_ATTR_IP6_FORWARDING])) {
+		s->ip6_forwarding = blobmsg_get_bool(cur);
+		s->flags |= DEV_OPT_IP6_FORWARDING;
+	}
+
 	device_set_disabled(dev, disabled);
 }
 
@@ -1210,6 +1224,10 @@ device_dump_status(struct blob_buf *b, struct device *dev)
 			blobmsg_add_u8(b, "arp_accept", st.arp_accept);
 		if (st.flags & DEV_OPT_AUTH)
 			blobmsg_add_u8(b, "auth", st.auth);
+		if (st.flags & DEV_OPT_IP_FORWARDING)
+			blobmsg_add_u8(b, "ip_forwarding", st.ip_forwarding);
+		if (st.flags & DEV_OPT_IP6_FORWARDING)
+			blobmsg_add_u8(b, "ip6_forwarding", st.ip6_forwarding);
 	}
 
 	s = blobmsg_open_table(b, "statistics");
diff --git a/device.h b/device.h
index 37f8c37..066f537 100644
--- a/device.h
+++ b/device.h
@@ -62,6 +62,8 @@ enum {
 	DEV_ATTR_AUTH,
 	DEV_ATTR_SPEED,
 	DEV_ATTR_DUPLEX,
+	DEV_ATTR_IP_FORWARDING,
+	DEV_ATTR_IP6_FORWARDING,
 	__DEV_ATTR_MAX,
 };
 
@@ -126,6 +128,8 @@ enum {
 	DEV_OPT_ARP_ACCEPT		= (1ULL << 29),
 	DEV_OPT_SPEED			= (1ULL << 30),
 	DEV_OPT_DUPLEX			= (1ULL << 31),
+	DEV_OPT_IP_FORWARDING   = (1ULL << 32),
+	DEV_OPT_IP6_FORWARDING  = (1ULL << 33),
 };
 
 /* events broadcasted to all users of a device */
@@ -203,6 +207,8 @@ struct device_settings {
 	bool auth;
 	unsigned int speed;
 	bool duplex;
+	bool ip_forwarding;
+	bool ip6_forwarding;
 };
 
 /*
diff --git a/system-linux.c b/system-linux.c
index 0f13a99..6232a26 100644
--- a/system-linux.c
+++ b/system-linux.c
@@ -460,6 +460,16 @@ static void system_set_arp_accept(struct device *dev, const char *val)
 	system_set_dev_sysctl("ipv4/conf", "arp_accept", dev->ifname, val);
 }
 
+static void system_set_ip_forwarding(struct device *dev, const char *val)
+{
+	system_set_dev_sysctl("ipv4/conf", "forwarding", dev->ifname, val);
+}
+
+static void system_set_ip6_forwarding(struct device *dev, const char *val)
+{
+	system_set_dev_sysctl("ipv6/conf", "forwarding", dev->ifname, val);
+}
+
 static void system_bridge_set_multicast_to_unicast(struct device *dev, const char *val)
 {
 	system_set_dev_sysfs("brport/multicast_to_unicast", dev->ifname, val);
@@ -621,6 +631,18 @@ static int system_get_arp_accept(struct device *dev, char *buf, const size_t buf
 			dev->ifname, buf, buf_sz);
 }
 
+static int system_get_ip_forwarding(struct device *dev, char *buf, const size_t buf_sz)
+{
+	return system_get_dev_sysctl("ipv4/conf", "forwarding",
+			dev->ifname, buf, buf_sz);
+}
+
+static int system_get_ip6_forwarding(struct device *dev, char *buf, const size_t buf_sz)
+{
+	return system_get_dev_sysctl("ipv6/conf", "forwarding",
+			dev->ifname, buf, buf_sz);
+}
+
 /* Evaluate netlink messages */
 static int cb_rtnl_event(struct nl_msg *msg, void *arg)
 {
@@ -1795,6 +1817,16 @@ system_if_get_settings(struct device *dev, struct device_settings *s)
 		s->arp_accept = strtoul(buf, NULL, 0);
 		s->flags |= DEV_OPT_ARP_ACCEPT;
 	}
+
+	if (!system_get_ip_forwarding(dev, buf, sizeof(buf))) {
+		s->ip_forwarding = strtoul(buf, NULL, 0);
+		s->flags |= DEV_OPT_IP_FORWARDING;
+	}
+
+	if (!system_get_ip6_forwarding(dev, buf, sizeof(buf))) {
+		s->ip6_forwarding = strtoul(buf, NULL, 0);
+		s->flags |= DEV_OPT_IP6_FORWARDING;
+	}
 }
 
 void
@@ -1893,6 +1925,11 @@ system_if_apply_settings(struct device *dev, struct device_settings *s, uint64_t
 		system_set_drop_unsolicited_na(dev, s->drop_unsolicited_na ? "1" : "0");
 	if (apply_mask & DEV_OPT_ARP_ACCEPT)
 		system_set_arp_accept(dev, s->arp_accept ? "1" : "0");
+	if (apply_mask & DEV_OPT_IP_FORWARDING)
+		system_set_ip_forwarding(dev, s->ip_forwarding ? "1" : "0");
+	if (apply_mask & DEV_OPT_IP6_FORWARDING)
+		system_set_ip6_forwarding(dev, s->ip6_forwarding ? "1" : "0");
+
 	system_set_ethtool_settings(dev, s);
 }
 
-- 
2.25.1

More information about the openwrt-devel mailing list