network: fix the default mask for FirewallMark=

And always send FRA_FWMASK if FirewallMark= is set. C.f. b8964ed9fa Partially fixes #16784.
2025-01-22 22:03:43 +03:00 · 2020-09-09 04:45:54 +09:00 · 2020-09-09 04:45:54 +09:00 · bd1000b4a0
commit bd1000b4a0
parent c2d6fcb147
2 changed files with 12 additions and 9 deletions
--- a/src/network/networkd-routing-policy-rule.c
+++ b/src/network/networkd-routing-policy-rule.c
@ -540,9 +540,7 @@ int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, link_netl
                r = sd_netlink_message_append_u32(m, FRA_FWMARK, rule->fwmark);
                if (r < 0)
                        return log_link_error_errno(link, r, "Could not append FRA_FWMARK attribute: %m");
-        }

-        if (rule->fwmask > 0) {
                r = sd_netlink_message_append_u32(m, FRA_FWMASK, rule->fwmask);
                if (r < 0)
                        return log_link_error_errno(link, r, "Could not append FRA_FWMASK attribute: %m");
@ -676,10 +674,13 @@ static int parse_fwmark_fwmask(const char *s, uint32_t *ret_fwmark, uint32_t *re
        if (r < 0)
                return r;

-        if (slash) {
-                r = safe_atou32(slash + 1, &fwmask);
-                if (r < 0)
-                        return r;
+        if (fwmark > 0) {
+                if (slash) {
+                        r = safe_atou32(slash + 1, &fwmask);
+                        if (r < 0)
+                                return r;
+                } else
+                        fwmask = UINT32_MAX;
        }

        *ret_fwmark = fwmark;
@ -1239,9 +1240,11 @@ int routing_policy_serialize_rules(Set *rules, FILE *f) {
                }

                if (rule->fwmark != 0) {
-                        fprintf(f, "%sfwmark=%"PRIu32"/%"PRIu32,
+                        fprintf(f, "%sfwmark=%"PRIu32,
                                space ? " " : "",
-                                rule->fwmark, rule->fwmask);
+                                rule->fwmark);
+                        if (rule->fwmask != UINT32_MAX)
+                                fprintf(f, "/%"PRIu32, rule->fwmask);
                        space = true;
                }

--- a/src/network/test-routing-policy-rule.c
+++ b/src/network/test-routing-policy-rule.c
@ -67,7 +67,7 @@ int main(int argc, char **argv) {
        test_rule_serialization("ignored values",
                                "RULE=something=to=ignore from=1.2.3.4/32 from=1.2.3.4/32"
                                "   \t  to=2.3.4.5/24 to=2.3.4.5/32 tos=5 fwmark=2 fwmark=1 table=10 table=20",
-                                "RULE=family=AF_INET from=1.2.3.4/32 to=2.3.4.5/32 tos=5 fwmark=1/0 invert_rule=no table=20");
+                                "RULE=family=AF_INET from=1.2.3.4/32 to=2.3.4.5/32 tos=5 fwmark=1 invert_rule=no table=20");

        test_rule_serialization("ipv6",
                                "RULE=family=AF_INET6 from=1::2/64 to=2::3/64 invert_rule=yes table=6", NULL);