matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

[ebtbles] Replace binary config file to text config file for ebtables (#5252)

Browse Source 
Issue: Binary ebtables config file is CPU arch dependent
Fix: Load the text config during firsttime boot and
     Generate the binary persistent atomic file

Signed-off-by: Antony Rheneus <arheneus@marvell.com>
This commit is contained in:
arheneus@marvell.com 2020-09-04 05:57:07 +05:30 committed by GitHub
parent 47a925cac6
commit f136fd0623
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build_debian.sh
View File

@ -486,7 +486,7 @@ fi
sudo cp -f files/image_config/ebtables/ebtables.default $FILESYSTEM_ROOT/etc/default/ebtables
sudo cp -f files/image_config/ebtables/ebtables.init $FILESYSTEM_ROOT/etc/init.d/ebtables
sudo cp -f files/image_config/ebtables/ebtables.service $FILESYSTEM_ROOT/lib/systemd/system/ebtables.service
sudo cp files/image_config/ebtables/ebtables.filter ${FILESYSTEM_ROOT}/etc
sudo cp files/image_config/ebtables/ebtables.filter.cfg ${FILESYSTEM_ROOT}/etc
sudo LANG=C chroot $FILESYSTEM_ROOT update-alternatives --set ebtables /usr/sbin/ebtables-legacy
sudo LANG=C chroot $FILESYSTEM_ROOT systemctl enable ebtables.service

BIN
files/image_config/ebtables/ebtables.filter
View File

Binary file not shown.

11
files/image_config/ebtables/ebtables.filter.cfg Normal file
View File

@ -0,0 +1,11 @@
# SONiC ebtables filter table configuration
# Generated using ebtables-save
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
-A FORWARD -d BGA -j DROP
-A FORWARD -p ARP -j DROP
-A FORWARD -p 802_1Q --vlan-encap ARP -j DROP

10
files/image_config/platform/rc.local
View File

@ -123,6 +123,13 @@ program_console_speed()
systemctl daemon-reload
}
ebtables_config()
{
# Generate atomic config file and save it persistent
/usr/sbin/ebtables-restore < /etc/ebtables.filter.cfg
/usr/sbin/ebtables -t filter --atomic-file /etc/ebtables.filter --atomic-save
}
#### Begin Main Body ####
logger "SONiC version ${SONIC_VERSION} starting up..."
@ -341,6 +348,9 @@ if [ -f $FIRST_BOOT_FILE ]; then
# Create dir where following scripts put their output files
mkdir -p /var/platform
# Firsttime ebtables configuration
ebtables_config
firsttime_exit
fi