From: Hristo Venev <hristo@venev.name>
Date: Tue, 22 Jun 2021 09:29:03 +0000 (+0300)
Subject: networkd: Permit all-zero RoutingPolicyRule prefixes
X-Git-Tag: v249-rc2~30
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2e8a32afbc300e0fe6b624174cd3f3d03467fed8;p=thirdparty%2Fsystemd.git

networkd: Permit all-zero RoutingPolicyRule prefixes

For example this `From` address range is no longer ignored:

    [RoutingPolicyRule]
    From=0.0.0.0/8
---

diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c
index 39b773fcc0e..411022a24f6 100644
--- a/src/network/networkd-routing-policy-rule.c
+++ b/src/network/networkd-routing-policy-rule.c
@@ -402,7 +402,7 @@ static int routing_policy_rule_set_netlink_message(const RoutingPolicyRule *rule
 
         /* link may be NULL. */
 
-        if (in_addr_is_set(rule->family, &rule->from)) {
+        if (rule->from_prefixlen > 0) {
                 r = netlink_message_append_in_addr_union(m, FRA_SRC, rule->family, &rule->from);
                 if (r < 0)
                         return log_link_error_errno(link, r, "Could not append FRA_SRC attribute: %m");
@@ -412,7 +412,7 @@ static int routing_policy_rule_set_netlink_message(const RoutingPolicyRule *rule
                         return log_link_error_errno(link, r, "Could not set source prefix length: %m");
         }
 
-        if (in_addr_is_set(rule->family, &rule->to)) {
+        if (rule->to_prefixlen > 0) {
                 r = netlink_message_append_in_addr_union(m, FRA_DST, rule->family, &rule->to);
                 if (r < 0)
                         return log_link_error_errno(link, r, "Could not append FRA_DST attribute: %m");
diff --git a/test/test-network/conf/routing-policy-rule-test1.network b/test/test-network/conf/routing-policy-rule-test1.network
index 3594602cbb3..2afd3277c47 100644
--- a/test/test-network/conf/routing-policy-rule-test1.network
+++ b/test/test-network/conf/routing-policy-rule-test1.network
@@ -14,6 +14,7 @@ OutgoingInterface=test1
 
 [RoutingPolicyRule]
 IncomingInterface=test1
+From=::/0
 Table=8
 Priority=100
 Family=ipv6
@@ -23,3 +24,9 @@ IncomingInterface=test1
 Table=9
 Priority=101
 Family=both
+
+[RoutingPolicyRule]
+IncomingInterface=test1
+From=0.0.0.0/8
+Table=10
+Priority=102
diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py
index 2f1b1198090..cea66a0e8da 100755
--- a/test/test-network/systemd-networkd-tests.py
+++ b/test/test-network/systemd-networkd-tests.py
@@ -1858,7 +1858,7 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities):
         'routing-policy-rule-reconfigure2.network',
     ]
 
-    routing_policy_rule_tables = ['7', '8', '9', '1011']
+    routing_policy_rule_tables = ['7', '8', '9', '10', '1011']
     routes = [['blackhole', '202.54.1.2'], ['unreachable', '202.54.1.3'], ['prohibit', '202.54.1.4']]
 
     def setUp(self):
@@ -2108,6 +2108,13 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities):
         self.assertRegex(output, 'iif test1')
         self.assertRegex(output, 'lookup 8')
 
+        output = check_output('ip rule list iif test1 priority 102')
+        print(output)
+        self.assertRegex(output, '102:')
+        self.assertRegex(output, 'from 0.0.0.0/8')
+        self.assertRegex(output, 'iif test1')
+        self.assertRegex(output, 'lookup 10')
+
     def test_routing_policy_rule_issue_11280(self):
         copy_unit_to_networkd_unit_path('routing-policy-rule-test1.network', '11-dummy.netdev',
                                         'routing-policy-rule-dummy98.network', '12-dummy.netdev')