1#! /bin/bash
2
3dir=$(dirname "$0")
4. "$dir/xen-hotplug-common.sh"
5. "$dir/hotplugpath.sh"
6
7findCommand "$@"
8
9if [ "$command" != "setup" -a  "$command" != "teardown" ]
10then
11    echo "Invalid command: $command"
12    log err "Invalid command: $command"
13    exit 1
14fi
15
16evalVariables "$@"
17
18: ${vifname:?}
19: ${forwarddev:?}
20: ${mode:?}
21: ${index:?}
22: ${bridge:?}
23
24forwardbr="colobr0"
25
26if [ "$mode" != "primary" -a "$mode" != "secondary" ]
27then
28    echo "Invalid mode: $mode"
29    log err "Invalid mode: $mode"
30    exit 1
31fi
32
33if [ $index -lt 0 ] || [ $index -gt 100 ]; then
34    echo "index overflow"
35    exit 1
36fi
37
38function setup_primary()
39{
40    do_without_error tc qdisc add dev $vifname root handle 1: prio
41    do_without_error tc filter add dev $vifname parent 1: protocol ip prio 10 \
42        u32 match u32 0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
43    do_without_error tc filter add dev $vifname parent 1: protocol arp prio 11 \
44        u32 match u32 0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
45    do_without_error tc filter add dev $vifname parent 1: protocol ipv6 prio \
46        12 u32 match u32 0 0 flowid 1:2 action mirred egress mirror \
47        dev $forwarddev
48
49    do_without_error modprobe nf_conntrack_ipv4
50    do_without_error modprobe xt_PMYCOLO sec_dev=$forwarddev
51
52    iptables -t mangle -I PREROUTING -m physdev --physdev-in \
53        $vifname -j PMYCOLO --index $index
54    ip6tables -t mangle -I PREROUTING -m physdev --physdev-in \
55        $vifname -j PMYCOLO --index $index
56    do_without_error arptables -I INPUT -i $forwarddev -j MARK --set-mark $index
57}
58
59function teardown_primary()
60{
61    do_without_error tc filter del dev $vifname parent 1: protocol ip prio 10 u32 match u32 \
62        0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
63    do_without_error tc filter del dev $vifname parent 1: protocol arp prio 11 u32 match u32 \
64        0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
65    do_without_error tc filter del dev $vifname parent 1: protocol ipv6 prio 12 u32 match u32 \
66        0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
67    do_without_error tc qdisc del dev $vifname root handle 1: prio
68
69    do_without_error iptables -t mangle -D PREROUTING -m physdev --physdev-in \
70        $vifname -j PMYCOLO --index $index
71    do_without_error ip6tables -t mangle -D PREROUTING -m physdev --physdev-in \
72        $vifname -j PMYCOLO --index $index
73    do_without_error arptables -F
74    do_without_error rmmod xt_PMYCOLO
75}
76
77function setup_secondary()
78{
79    do_without_error brctl delif $bridge $vifname
80    do_without_error brctl addbr $forwardbr
81    do_without_error brctl addif $forwardbr $vifname
82    do_without_error brctl addif $forwardbr $forwarddev
83    do_without_error ip link set dev $forwardbr up
84    do_without_error modprobe xt_SECCOLO
85
86    iptables -t mangle -I PREROUTING -m physdev --physdev-in \
87        $vifname -j SECCOLO --index $index
88    ip6tables -t mangle -I PREROUTING -m physdev --physdev-in \
89        $vifname -j SECCOLO --index $index
90}
91
92function teardown_secondary()
93{
94    do_without_error brctl delif $forwardbr $forwarddev
95    do_without_error brctl delif $forwardbr $vifname
96    do_without_error brctl delbr $forwardbr
97    do_without_error brctl addif $bridge $vifname
98
99    do_without_error iptables -t mangle -D PREROUTING -m physdev --physdev-in \
100        $vifname -j SECCOLO --index $index
101    do_without_error ip6tables -t mangle -D PREROUTING -m physdev --physdev-in \
102        $vifname -j SECCOLO --index $index
103    do_without_error rmmod xt_SECCOLO
104}
105
106case "$command" in
107    setup)
108        if [ "$mode" = "primary" ]
109        then
110            setup_primary
111        else
112            setup_secondary
113        fi
114
115        success
116        ;;
117    teardown)
118        if [ "$mode" = "primary" ]
119        then
120            teardown_primary
121        else
122            teardown_secondary
123        fi
124        ;;
125esac
126
127if [ "$mode" = "primary" ]
128then
129    log debug "Successful colo-proxy-setup $command for $vifname." \
130              " vifname: $vifname, index: $index, forwarddev: $forwarddev."
131else
132    log debug "Successful colo-proxy-setup $command for $vifname." \
133              " vifname: $vifname, index: $index, forwarddev: $forwarddev,"\
134              " forwardbr: $forwardbr."
135fi
136