Skip to content

O
OpenXG-RAN
Commit 0f4a66cd authored by Lionel Gauthier's avatar Lionel Gauthier
Browse files
Options

iptables on SGW for local/remote eNB 

git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7204 818b1a75-f10b-46b9-bf7c-635c3b92a50f
parent ea7df917
Hide whitespace changes
Inline Side-by-side
Showing with 39 additions and 31 deletions
openair-cn/SGW-LITE/sgw_lite_handlers.c
View file @ 0f4a66cd
......@@ -655,7 +655,6 @@ sgw_lite_handle_sgi_endpoint_updated(
task_id_t to_task;
#if defined (ENABLE_USE_GTPU_IN_KERNEL)
static uint8_t iptable_uplink_remove_gtpu = FALSE;
char *chain = NULL;
char cmd[256];
int ret;
#endif
......@@ -715,7 +714,8 @@ sgw_lite_handle_sgi_endpoint_updated(
#if defined (ENABLE_USE_GTPU_IN_KERNEL)
ret = snprintf(cmd,
256,
"iptables -t mangle -I POSTROUTING -d %u.%u.%u.%u -m mark --mark %u -j GTPUAH --own-ip %u.%u.%u.%u --own-tun %u --peer-ip %u.%u.%u.%u --peer-tun %u --action add",
"iptables -t mangle -I %s -d %u.%u.%u.%u -m mark --mark %u -j GTPUAH --own-ip %u.%u.%u.%u --own-tun %u --peer-ip %u.%u.%u.%u --peer-tun %u --action add",
(spgw_config.sgw_config.local_to_eNB) ? "INPUT":"POSTROUTING",
eps_bearer_entry_p->paa.ipv4_address[0],
eps_bearer_entry_p->paa.ipv4_address[1],
eps_bearer_entry_p->paa.ipv4_address[2],
......@@ -751,7 +751,8 @@ sgw_lite_handle_sgi_endpoint_updated(
if ((resp_pP->eps_bearer_id == 5) && (spgw_config.pgw_config.pgw_masquerade_SGI == 0)) {
ret = snprintf(cmd,
256,
"iptables -t mangle -A POSTROUTING -d %u.%u.%u.%u -m mark --mark 0 -j GTPUAH --own-ip %u.%u.%u.%u --own-tun %u --peer-ip %u.%u.%u.%u --peer-tun %u --action add",
"iptables -t mangle -A %s -d %u.%u.%u.%u -m mark --mark 0 -j GTPUAH --own-ip %u.%u.%u.%u --own-tun %u --peer-ip %u.%u.%u.%u --peer-tun %u --action add",
(spgw_config.sgw_config.local_to_eNB) ? "INPUT":"POSTROUTING",
eps_bearer_entry_p->paa.ipv4_address[0],
eps_bearer_entry_p->paa.ipv4_address[1],
eps_bearer_entry_p->paa.ipv4_address[2],
......@@ -778,16 +779,10 @@ sgw_lite_handle_sgi_endpoint_updated(
}
if (iptable_uplink_remove_gtpu == FALSE) {
if (strncasecmp("tun",spgw_config.sgw_config.ipv4.sgw_interface_name_for_S1u_S12_S4_up, strlen("tun")) == 0) {
chain = "OUTPUT";
} else {
chain = "PREROUTING";
}
ret = snprintf(cmd,
256,
"iptables -t raw -I %s -s %u.%u.%u.%u -d %u.%u.%u.%u -p udp --dport 2152 -j GTPURH --own-ip %u.%u.%u.%u --own-tun %u --peer-ip %u.%u.%u.%u --peer-tun %u --action remove",
chain,
(spgw_config.sgw_config.local_to_eNB) ? "OUTPUT":"PREROUTING",
eps_bearer_entry_p->enb_ip_address_for_S1u.address.ipv4_address[0],
eps_bearer_entry_p->enb_ip_address_for_S1u.address.ipv4_address[1],
eps_bearer_entry_p->enb_ip_address_for_S1u.address.ipv4_address[2],
......
openair-cn/SGW-LITE/spgw_config.c
View file @ 0f4a66cd
......@@ -162,6 +162,7 @@ int spgw_config_process(spgw_config_t* config_pP)
int ret = 0;
if (strncasecmp("tun",config_pP->sgw_config.ipv4.sgw_interface_name_for_S1u_S12_S4_up, strlen("tun")) == 0) {
config_pP->sgw_config.local_to_eNB = TRUE;
if (snprintf(system_cmd, 256,
"ip link set %s down ;sync;openvpn --rmtun --dev %s;sync",
config_pP->sgw_config.ipv4.sgw_interface_name_for_S1u_S12_S4_up,
......@@ -232,6 +233,7 @@ int spgw_config_process(spgw_config_t* config_pP)
ret = -1;
}
} else {
config_pP->sgw_config.local_to_eNB = FALSE;
if (snprintf(system_cmd, 256,
"insmod $OPENAIR_TARGETS/bin/xt_GTPUAH.ko tunnel_local=0 gtpu_port=%u mtu=%u",
config_pP->sgw_config.sgw_udp_port_for_S1u_S12_S4_up,
......@@ -298,31 +300,41 @@ int spgw_config_process(spgw_config_t* config_pP)
// }
#if defined (ENABLE_USE_GTPU_IN_KERNEL)
if (snprintf(system_cmd, 256,
if (config_pP->sgw_config.local_to_eNB) {
if (snprintf(system_cmd, 256,
"iptables -I OUTPUT -t mangle -m mark ! --mark 0 ! --protocol sctp -j CONNMARK --save-mark") > 0) {
ret += spgw_system(system_cmd, SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
} else {
SPGW_APP_ERROR("Save mark\n");
ret = -1;
}
if (snprintf(system_cmd, 256,
"iptables -I INPUT -t mangle -i %s ! --protocol sctp -j CONNMARK --restore-mark",
config_pP->pgw_config.ipv4.pgw_interface_name_for_SGI) > 0) {
ret += spgw_system(system_cmd, SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
} else {
SPGW_APP_ERROR("Restore mark\n");
ret = -1;
}
} else {
if (snprintf(system_cmd, 256,
"iptables -I POSTROUTING -t mangle -o %s -m mark ! --mark 0 ! --protocol sctp -j CONNMARK --save-mark",
config_pP->pgw_config.ipv4.pgw_interface_name_for_SGI) > 0) {
ret += spgw_system(system_cmd, SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
} else {
SPGW_APP_ERROR("Save mark\n");
ret = -1;
}
if (snprintf(system_cmd, 256,
"iptables -I OUTPUT -t mangle -m mark ! --mark 0 ! --protocol sctp -j CONNMARK --save-mark") > 0) {
ret += spgw_system(system_cmd, SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
} else {
SPGW_APP_ERROR("Save mark\n");
ret = -1;
ret += spgw_system(system_cmd, SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
} else {
SPGW_APP_ERROR("Save mark\n");
ret = -1;
}
if (snprintf(system_cmd, 256,
"iptables -I PREROUTING -t mangle -i %s ! --protocol sctp -j CONNMARK --restore-mark",
config_pP->pgw_config.ipv4.pgw_interface_name_for_SGI) > 0) {
ret += spgw_system(system_cmd, SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
} else {
SPGW_APP_ERROR("Restore mark\n");
ret = -1;
}
}
if (snprintf(system_cmd, 256,
"iptables -I PREROUTING -t mangle -i %s ! --protocol sctp -j CONNMARK --restore-mark",
config_pP->pgw_config.ipv4.pgw_interface_name_for_SGI) > 0) {
ret += spgw_system(system_cmd, SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
} else {
SPGW_APP_ERROR("Restore mark\n");
ret = -1;
}
#endif
return ret;
......
openair-cn/SGW-LITE/spgw_config.h
View file @ 0f4a66cd
......@@ -100,6 +100,7 @@ typedef struct sgw_config_s {
uint8_t sgw_drop_uplink_traffic;
uint8_t sgw_drop_downlink_traffic;
uint8_t local_to_eNB;
} sgw_config_t;
// may be more
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment