summaryrefslogtreecommitdiffstats
path: root/awall/modules/mark.lua
blob: bdc469c26c06b240b57f1def211d55f006682c78 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

--[[
Packet marking module for Alpine Wall
Copyright (C) 2012 Kaarle Ritvanen
Licensed under the terms of GPL2
]]--


module(..., package.seeall)

require 'awall.model'
require 'awall.optfrag'
require 'awall.util'

local model = awall.model


local MarkRule = model.class(model.ForwardOnlyRule)

function MarkRule:table() return 'mangle' end

function MarkRule:target()
   if not self.mark then self:error('Mark not specified') end
   return 'MARK --set-mark '..self.mark
end


local RouteTrackRule = model.class(MarkRule)

function RouteTrackRule:target() return self:newchain('mark') end

function RouteTrackRule:servoptfrags()
   return awall.optfrag.combinations(MarkRule.servoptfrags(self),
				     {{opts='-m mark --mark 0'}})
end

function RouteTrackRule:extraoptfrags()
   return {{chain=self:target(), opts='-j '..MarkRule.target(self)},
	   {chain=self:target(), opts='-j CONNMARK --save-mark'}}
end


classes = {{'route-track', RouteTrackRule},
	   {'mark', MarkRule}}

defrules = {}

function defrules.pre(config)
   local res = {}
   if awall.util.list(config['route-track'])[1] then
      for i, family in ipairs({'inet', 'inet6'}) do
	 for i, chain in ipairs({'OUTPUT', 'PREROUTING'}) do
	    table.insert(res,
			 {family=family,
			  table='mangle',
			  chain=chain,
			  opts='-m connmark ! --mark 0 -j CONNMARK --restore-mark'})
	 end
      end
   end
   return res
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-27 02:01:04 +0000