B #6483: Add support for spoofing rules for alias NIC

This commit process NIC_ALIAS on ativation and creates flow rules to implment spoofing rules. The rules are installed on the same port as the parent NIC
2025-03-22 18:50:08 +03:00 · 2024-01-29 14:52:47 +01:00 · 2024-01-29 14:52:47 +01:00 · 6c388414e2
commit 6c388414e2
parent 73e1ecdafa
2 changed files with 23 additions and 0 deletions
--- a/src/vnm_mad/remotes/lib/vm.rb
+++ b/src/vnm_mad/remotes/lib/vm.rb
@ -120,6 +120,14 @@ module VNMMAD
                end
            end

+            def parent(nic_alias)
+                @nics.each do |the_nic|
+                    return the_nic if the_nic[:nic_id] == nic_alias[:parent_id]
+                end
+
+                nil
+            end
+
            # Access an XML Element of the VM
            #   @param element [String] element name
            #   @return [String] value of the element or nil if not found
--- a/src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb
+++ b/src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb
@ -136,6 +136,21 @@ class OpenvSwitchVLAN < VNMMAD::VNMDriver
            ip_spoofing if nic[:filter_ip_spoofing] =~ /yes/i
        end

+        # MAC-spoofing & IP-spoofing for NIC ALIAS
+        process_alias do |nalias|
+            nparent = @vm.parent(nalias)
+
+            next unless nparent
+
+            nalias[:port] = nparent[:port]
+
+            @nic = nalias
+
+            mac_spoofing if nalias[:filter_mac_spoofing] =~ /yes/i
+
+            ip_spoofing if nalias[:filter_ip_spoofing] =~ /yes/i
+        end
+
        unlock

        0