ip rule processing partly broken (21.02 and Master)

Jo-Philipp Wich jo at mein.io
Mon Jun 14 07:42:01 PDT 2021


the ip rules encoded in /etc/config/network are processed by netifd C
code directly, they're not translated into busybox ip calls.

The entire busybox ip.c code contains not a single instance of
FIB_RULE_INVERT so it simply does not implement inversion. It will also
not be able to report inverted rules properly, since there is no code to
print the FIB_RULE_INVERT flag.

Are you absolutely sure that the uci rules are improperly applied or is
this just a case of busybox ip rule displaying them wrongly without the
"not" flag?

Can you install ip-full or ip-tiny from the iproute2 suite and verify
the "ip rule" output again?

~ Jo

More information about the openwrt-devel mailing list