link: allow isolating bridge ports

This is the equivalent of: bridge link set dev <foo> isolated on|off Add more bridge port netlink attributes Imported from include/uapi/linux/if_link.h in Linux v6.3. Signed-off-by: Robin Jarry <rjarry@redhat.com>
2023-05-24 13:14:53 +02:00 · 2023-05-24 13:14:53 +02:00 · 19c6398aa9
parent b4489369dd
commit 19c6398aa9
5 changed files with 62 additions and 1 deletions
--- a/link_linux.go
+++ b/link_linux.go
@ -2357,6 +2357,14 @@ func (h *Handle) LinkSetFlood(link Link, mode bool) error {
 	return h.setProtinfoAttr(link, mode, nl.IFLA_BRPORT_UNICAST_FLOOD)
 }

+func LinkSetIsolated(link Link, mode bool) error {
+	return pkgHandle.LinkSetIsolated(link, mode)
+}
+
+func (h *Handle) LinkSetIsolated(link Link, mode bool) error {
+	return h.setProtinfoAttr(link, mode, nl.IFLA_BRPORT_ISOLATED)
+}
+
 func LinkSetBrProxyArp(link Link, mode bool) error {
 	return pkgHandle.LinkSetBrProxyArp(link, mode)
 }
--- a/nl/link_linux.go
+++ b/nl/link_linux.go
@ -85,7 +85,37 @@ const (
 	IFLA_BRPORT_PROXYARP
 	IFLA_BRPORT_LEARNING_SYNC
 	IFLA_BRPORT_PROXYARP_WIFI
-	IFLA_BRPORT_MAX = IFLA_BRPORT_PROXYARP_WIFI
+	IFLA_BRPORT_ROOT_ID
+	IFLA_BRPORT_BRIDGE_ID
+	IFLA_BRPORT_DESIGNATED_PORT
+	IFLA_BRPORT_DESIGNATED_COST
+	IFLA_BRPORT_ID
+	IFLA_BRPORT_NO
+	IFLA_BRPORT_TOPOLOGY_CHANGE_ACK
+	IFLA_BRPORT_CONFIG_PENDING
+	IFLA_BRPORT_MESSAGE_AGE_TIMER
+	IFLA_BRPORT_FORWARD_DELAY_TIMER
+	IFLA_BRPORT_HOLD_TIMER
+	IFLA_BRPORT_FLUSH
+	IFLA_BRPORT_MULTICAST_ROUTER
+	IFLA_BRPORT_PAD
+	IFLA_BRPORT_MCAST_FLOOD
+	IFLA_BRPORT_MCAST_TO_UCAST
+	IFLA_BRPORT_VLAN_TUNNEL
+	IFLA_BRPORT_BCAST_FLOOD
+	IFLA_BRPORT_GROUP_FWD_MASK
+	IFLA_BRPORT_NEIGH_SUPPRESS
+	IFLA_BRPORT_ISOLATED
+	IFLA_BRPORT_BACKUP_PORT
+	IFLA_BRPORT_MRP_RING_OPEN
+	IFLA_BRPORT_MRP_IN_OPEN
+	IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT
+	IFLA_BRPORT_MCAST_EHT_HOSTS_CNT
+	IFLA_BRPORT_LOCKED
+	IFLA_BRPORT_MAB
+	IFLA_BRPORT_MCAST_N_GROUPS
+	IFLA_BRPORT_MCAST_MAX_GROUPS
+	IFLA_BRPORT_MAX = IFLA_BRPORT_MCAST_MAX_GROUPS
 )

 const (
--- a/protinfo.go
+++ b/protinfo.go
@ -14,6 +14,7 @@ type Protinfo struct {
 	Flood        bool
 	ProxyArp     bool
 	ProxyArpWiFi bool
+	Isolated     bool
 }

 // String returns a list of enabled flags
@ -47,6 +48,9 @@ func (prot *Protinfo) String() string {
 	if prot.ProxyArpWiFi {
 		boolStrings = append(boolStrings, "ProxyArpWiFi")
 	}
+	if prot.Isolated {
+		boolStrings = append(boolStrings, "Isolated")
+	}
 	return strings.Join(boolStrings, " ")
 }

--- a/protinfo_linux.go
+++ b/protinfo_linux.go
@ -68,6 +68,8 @@ func parseProtinfo(infos []syscall.NetlinkRouteAttr) (pi Protinfo) {
 			pi.ProxyArp = byteToBool(info.Value[0])
 		case nl.IFLA_BRPORT_PROXYARP_WIFI:
 			pi.ProxyArpWiFi = byteToBool(info.Value[0])
+		case nl.IFLA_BRPORT_ISOLATED:
+			pi.Isolated = byteToBool(info.Value[0])
 		}
 	}
 	return
--- a/protinfo_test.go
+++ b/protinfo_test.go
@ -62,6 +62,9 @@ func TestProtinfo(t *testing.T) {
 	if !pi1.RootBlock {
 		t.Fatalf("RootBlock is not enabled for %s, but should", iface1.Name)
 	}
+	if pi1.Isolated {
+		t.Fatalf("Isolated mode is enabled for %s, but shouldn't", iface1.Name)
+	}
 	if pi1.ProxyArp != oldpi1.ProxyArp {
 		t.Fatalf("ProxyArp field was changed for %s but shouldn't", iface1.Name)
 	}
@ -158,4 +161,18 @@ func TestProtinfo(t *testing.T) {
 	if pi4.Flood != oldpi4.Flood {
 		t.Fatalf("Flood field was changed for %s but shouldn't", iface4.Name)
 	}
+
+	// Setting kernel requirement for next tests which require BRPORT_ISOLATED
+	minKernelRequired(t, 4, 18)
+
+	if err := LinkSetIsolated(iface1, true); err != nil {
+		t.Fatal(err)
+	}
+	pi1, err = LinkGetProtinfo(iface1)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !pi1.Isolated {
+		t.Fatalf("Isolated mode is not enabled for %s, but should", iface1.Name)
+	}
 }