Skip to content

Commit

Permalink
Merge pull request #252 from polycube-network/jpi-iptables
Browse files Browse the repository at this point in the history
fix pcn-iptables interface matching issue
  • Loading branch information
frisso authored Jan 8, 2020
2 parents a9d5f85 + c53deef commit 4f237e7
Show file tree
Hide file tree
Showing 5 changed files with 6 additions and 3 deletions.
2 changes: 1 addition & 1 deletion src/components/iptables/iptables
Submodule iptables updated 1 files
+4 −4 libiptc/libiptc.c
3 changes: 3 additions & 0 deletions src/polycubed/src/base_cube.h
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,9 @@ class BaseCube : virtual public BaseCubeIface {
protected:
static const int _POLYCUBE_MAX_BPF_PROGRAMS = 64;
static const int _POLYCUBE_MAX_PORTS = 128;
static_assert(_POLYCUBE_MAX_PORTS <= 0xffff,
"_POLYCUBE_MAX_PORTS shouldn't be great than 0xffff, "
"id 0xffff was used by iptables wild card index");
static std::vector<std::string> cflags;

virtual int load(ebpf::BPF &bpf, ProgramType type) = 0;
Expand Down
2 changes: 1 addition & 1 deletion src/services/pcn-iptables/src/Utils.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -523,7 +523,7 @@ bool Chain::interfaceFromRulesToMap(
if (interfaces.size() != 0 && dont_care_rules.size() != 0) {
std::vector<uint64_t> bitVector(
FROM_NRULES_TO_NELEMENTS(Iptables::max_rules_));
interfaces.insert(std::pair<uint16_t, std::vector<uint64_t>>(0, bitVector));
interfaces.insert(std::pair<uint16_t, std::vector<uint64_t>>(0xffff, bitVector));
for (auto const &ruleNumber : dont_care_rules) {
for (auto &interface : interfaces) {
SET_BIT((interface.second)[ruleNumber / 63], ruleNumber % 63);
Expand Down
2 changes: 1 addition & 1 deletion src/services/pcn-iptables/src/modules/InterfaceLookup.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ Iptables::InterfaceLookup::InterfaceLookup(
: ProgramType::INGRESS) {
this->type_ = type;

auto it = ports.find(0);
auto it = ports.find(0xffff);
if (it == ports.end()) {
wildcard_rule_ = false;
wildcard_string_ = "";
Expand Down

0 comments on commit 4f237e7

Please sign in to comment.