bug 11191: rp_filter changes.

The following are summary of changes: 1) when network.disable.rpfilter is set to true, then rp_filter will be disadbled(set to 0) on all the public interfaces and also default setting of the system. 2) when network.disable.rpfilter is set to false, then rp_filter will be enabled(set to 1) on all the public interfaces and also default setting of the system. 2) here public public interface means , eth2 ... ethN. default setting means (/proc/sys/net/ipv4/conf/default/rp_filter). 3) Default setting change will have impact on non-public interface.if there is no specific setting for other interfaces in /etc/sysctl.conf or otherexplict setting , they will follow this default settings. currently non-public interface like eth0 ,eth1 does not have any specific setting in sysctl.conf, due to this there rp_filters will be changed when ever network.disable.rpfilter setting is changed. 4) default setting is required to changes beacuse when a new public interface is created, new interface will take rp_filter value from the default setting.
2011-11-01 16:27:18 +05:30 · 2011-11-01 16:27:18 +05:30 · 0cd22457a3
parent d245a4f188
commit 0cd22457a3
1 changed files with 33 additions and 7 deletions
--- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config
+++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
@ -221,17 +221,43 @@ disable_rpfilter() {
  sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 0/" /etc/sysctl.conf 
 }

+get_public_vif_list() {
+  local vif_list=""
+  for i in /sys/class/net/eth*; do
+    vif=$(basename $i);
+    if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
+    then
+      vif_list="$vif_list $vif";
+    fi
+  done
+  
+  echo $vif_list
+}
+
 disable_rpfilter_domR() {
-  log_it "cloud: disable rp_filter"
-  log_it "disable rpfilter"
+  log_it "cloud: Tuning rp_filter on public interfaces"
+  
+  VIF_LIST=$(get_public_vif_list)
+  log_it "rpfilter public interfaces :  $VIF_LIST"
  if [ "$DISABLE_RP_FILTER" == "true" ]
  then
      log_it "cloud: disable rp_filter on public interfaces"
-#FIXME : currently public interfaces are assumed  as eth2 and eth3.
-      sed -i "s/net.ipv4.conf.eth2.rp_filter.*$/net.ipv4.conf.eth2.rp_filter = 0/" /etc/sysctl.conf 
-      sed -i "s/net.ipv4.conf.eth3.rp_filter.*$/net.ipv4.conf.eth3.rp_filter = 0/" /etc/sysctl.conf 
-      echo "0" > /proc/sys/net/ipv4/conf/eth2/rp_filter
-      echo "0" > /proc/sys/net/ipv4/conf/eth3/rp_filter
+      sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 0/" /etc/sysctl.conf 
+      echo "0" > /proc/sys/net/ipv4/conf/default/rp_filter
+      for vif in $VIF_LIST; do
+         log_it "cloud: disable rp_filter on public interface: $vif"
+         sed -i "s/net.ipv4.conf.$vif.rp_filter.*$/net.ipv4.conf.$vif.rp_filter = 0/" /etc/sysctl.conf 
+         echo "0" > /proc/sys/net/ipv4/conf/$vif/rp_filter
+      done
+  else
+      log_it "cloud: enable rp_filter on public interfaces"
+      sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 1/" /etc/sysctl.conf 
+      echo "1" > /proc/sys/net/ipv4/conf/default/rp_filter
+      for vif in $VIF_LIST; do
+         log_it "cloud: enable rp_filter on public interface: $vif"
+         sed -i "s/net.ipv4.conf.$vif.rp_filter.*$/net.ipv4.conf.$vif.rp_filter = 1/" /etc/sysctl.conf 
+         echo "1" > /proc/sys/net/ipv4/conf/$vif/rp_filter
+      done
  fi
 }