From f3e06e81b347bbdec1c6c71603328b6e442728d4 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Mon, 20 Nov 2023 19:03:06 +0100 Subject: [PATCH] wireless: add bridge_isolate option This enables the device bridge port isolate flag Signed-off-by: Felix Fietkau --- device.c | 5 +++- scripts/netifd-wireless.sh | 2 ++ wireless.c | 48 +++++++++++++++++++++++++++----------- wireless.h | 2 ++ 4 files changed, 42 insertions(+), 15 deletions(-) diff --git a/device.c b/device.c index 199622f..839f7ec 100644 --- a/device.c +++ b/device.c @@ -354,7 +354,10 @@ device_init_settings(struct device *dev, struct blob_attr **tb) struct ether_addr *ea; bool disabled = false; - s->flags = 0; + if (dev->wireless) + s->flags &= DEV_OPT_ISOLATE; + else + s->flags = 0; if ((cur = tb[DEV_ATTR_ENABLED])) disabled = !blobmsg_get_bool(cur); diff --git a/scripts/netifd-wireless.sh b/scripts/netifd-wireless.sh index 7f088cc..5b852e0 100644 --- a/scripts/netifd-wireless.sh +++ b/scripts/netifd-wireless.sh @@ -378,10 +378,12 @@ _wdev_common_device_config() { _wdev_common_iface_config() { config_add_string mode ssid encryption 'key:wpakey' + config_add_boolean bridge_isolate } _wdev_common_vlan_config() { config_add_string name vid iface + config_add_boolean bridge_isolate } _wdev_common_station_config() { diff --git a/wireless.c b/wireless.c index 91663e8..654c87e 100644 --- a/wireless.c +++ b/wireless.c @@ -63,6 +63,7 @@ enum { VIF_ATTR_DISABLED, VIF_ATTR_NETWORK, VIF_ATTR_NETWORK_VLAN, + VIF_ATTR_BRIDGE_ISOLATE, VIF_ATTR_ISOLATE, VIF_ATTR_MODE, VIF_ATTR_PROXYARP, @@ -74,6 +75,7 @@ static const struct blobmsg_policy vif_policy[__VIF_ATTR_MAX] = { [VIF_ATTR_DISABLED] = { .name = "disabled", .type = BLOBMSG_TYPE_BOOL }, [VIF_ATTR_NETWORK] = { .name = "network", .type = BLOBMSG_TYPE_ARRAY }, [VIF_ATTR_NETWORK_VLAN] = { .name = "network_vlan", .type = BLOBMSG_TYPE_ARRAY }, + [VIF_ATTR_BRIDGE_ISOLATE] = { .name = "bridge_isolate", .type = BLOBMSG_TYPE_BOOL }, [VIF_ATTR_ISOLATE] = { .name = "isolate", .type = BLOBMSG_TYPE_BOOL }, [VIF_ATTR_MODE] = { .name = "mode", .type = BLOBMSG_TYPE_STRING }, [VIF_ATTR_PROXYARP] = { .name = "proxy_arp", .type = BLOBMSG_TYPE_BOOL }, @@ -89,6 +91,7 @@ enum { VLAN_ATTR_DISABLED, VLAN_ATTR_NETWORK, VLAN_ATTR_NETWORK_VLAN, + VLAN_ATTR_BRIDGE_ISOLATE, VLAN_ATTR_ISOLATE, VLAN_ATTR_MCAST_TO_UCAST, __VLAN_ATTR_MAX, @@ -98,6 +101,7 @@ static const struct blobmsg_policy vlan_policy[__VLAN_ATTR_MAX] = { [VLAN_ATTR_DISABLED] = { .name = "disabled", .type = BLOBMSG_TYPE_BOOL }, [VLAN_ATTR_NETWORK] = { .name = "network", .type = BLOBMSG_TYPE_ARRAY }, [VLAN_ATTR_NETWORK_VLAN] = { .name = "network_vlan", .type = BLOBMSG_TYPE_ARRAY }, + [VLAN_ATTR_BRIDGE_ISOLATE] = { .name = "bridge_isolate", .type = BLOBMSG_TYPE_BOOL }, [VLAN_ATTR_ISOLATE] = { .name = "isolate", .type = BLOBMSG_TYPE_BOOL }, [VLAN_ATTR_MCAST_TO_UCAST] = { .name = "multicast_to_unicast", .type = BLOBMSG_TYPE_BOOL }, }; @@ -338,6 +342,7 @@ static void wireless_interface_handle_link(struct wireless_interface *vif, const struct interface *iface; struct blob_attr *cur; const char *network; + struct device *dev; size_t rem; if (!vif->network || !vif->ifname) @@ -346,19 +351,27 @@ static void wireless_interface_handle_link(struct wireless_interface *vif, const if (!ifname) ifname = vif->ifname; - if (up) { - struct device *dev = __device_get(ifname, 2, false); + if (!up) + goto out; - if (dev && !strcmp(ifname, vif->ifname)) { - dev->wireless_isolate = vif->isolate; - dev->wireless_proxyarp = vif->proxyarp; - dev->wireless = true; - dev->wireless_ap = vif->ap_mode; - wireless_device_set_mcast_to_unicast(dev, vif->multicast_to_unicast); - dev->bpdu_filter = dev->wireless_ap; - } - } + dev = __device_get(ifname, 2, false); + if (!dev) + goto out; + dev->wireless = true; + dev->settings.flags |= DEV_OPT_ISOLATE; + dev->settings.isolate = vif->bridge_isolate; + + if (strcmp(ifname, vif->ifname) != 0) + goto out; + + dev->wireless_isolate = vif->isolate; + dev->wireless_proxyarp = vif->proxyarp; + dev->wireless_ap = vif->ap_mode; + wireless_device_set_mcast_to_unicast(dev, vif->multicast_to_unicast); + dev->bpdu_filter = dev->wireless_ap; + +out: blobmsg_for_each_attr(cur, vif->network, rem) { network = blobmsg_data(cur); @@ -387,6 +400,8 @@ static void wireless_vlan_handle_link(struct wireless_vlan *vlan, bool up) dev->wireless = true; dev->wireless_ap = true; dev->bpdu_filter = true; + dev->settings.flags |= DEV_OPT_ISOLATE; + dev->settings.isolate = vlan->bridge_isolate; wireless_device_set_mcast_to_unicast(dev, vlan->multicast_to_unicast); } } @@ -834,8 +849,11 @@ wireless_interface_init_config(struct wireless_interface *vif) cur = tb[VIF_ATTR_MODE]; vif->ap_mode = cur && !strcmp(blobmsg_get_string(cur), "ap"); + cur = tb[VIF_ATTR_BRIDGE_ISOLATE]; + vif->bridge_isolate = cur && blobmsg_get_bool(cur); + cur = tb[VIF_ATTR_ISOLATE]; - vif->isolate = vif->ap_mode && cur && blobmsg_get_bool(cur); + vif->isolate = cur && blobmsg_get_bool(cur); cur = tb[VIF_ATTR_PROXYARP]; vif->proxyarp = vif->ap_mode && cur && blobmsg_get_bool(cur); @@ -912,9 +930,11 @@ wireless_vlan_init_config(struct wireless_vlan *vlan) if ((cur = tb[VLAN_ATTR_NETWORK_VLAN])) vlan->network_vlan = cur; + cur = tb[VLAN_ATTR_BRIDGE_ISOLATE]; + vlan->bridge_isolate = cur && blobmsg_get_bool(cur); + cur = tb[VLAN_ATTR_ISOLATE]; - if (cur) - vlan->isolate = blobmsg_get_bool(cur); + vlan->isolate = cur && blobmsg_get_bool(cur); cur = tb[VLAN_ATTR_MCAST_TO_UCAST]; vlan->multicast_to_unicast = cur ? blobmsg_get_bool(cur) : -1; diff --git a/wireless.h b/wireless.h index f8bbd2f..7059723 100644 --- a/wireless.h +++ b/wireless.h @@ -90,6 +90,7 @@ struct wireless_interface { struct blob_attr *network_vlan; bool proxyarp; bool isolate; + bool bridge_isolate; bool ap_mode; int multicast_to_unicast; int vlan_idx; @@ -110,6 +111,7 @@ struct wireless_vlan { struct blob_attr *network_vlan; int multicast_to_unicast; bool isolate; + bool bridge_isolate; }; struct wireless_station { -- 2.30.2