xen-utils-common 4.9.2-0ubuntu1 / etc / xen / scripts / colo-proxy-setup

This file is indexed.

/etc/xen/scripts/colo-proxy-setup is in xen-utils-common 4.9.2-0ubuntu1.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#! /bin/bash

dir=$(dirname "$0")
. "$dir/xen-hotplug-common.sh"
. "$dir/hotplugpath.sh"

findCommand "$@"

if [ "$command" != "setup" -a  "$command" != "teardown" ]
then
    echo "Invalid command: $command"
    log err "Invalid command: $command"
    exit 1
fi

evalVariables "$@"

: ${vifname:?}
: ${forwarddev:?}
: ${mode:?}
: ${index:?}
: ${bridge:?}

forwardbr="colobr0"

if [ "$mode" != "primary" -a "$mode" != "secondary" ]
then
    echo "Invalid mode: $mode"
    log err "Invalid mode: $mode"
    exit 1
fi

if [ $index -lt 0 ] || [ $index -gt 100 ]; then
    echo "index overflow"
    exit 1
fi

function setup_primary()
{
    do_without_error tc qdisc add dev $vifname root handle 1: prio
    do_without_error tc filter add dev $vifname parent 1: protocol ip prio 10 \
        u32 match u32 0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
    do_without_error tc filter add dev $vifname parent 1: protocol arp prio 11 \
        u32 match u32 0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
    do_without_error tc filter add dev $vifname parent 1: protocol ipv6 prio \
        12 u32 match u32 0 0 flowid 1:2 action mirred egress mirror \
        dev $forwarddev

    do_without_error modprobe nf_conntrack_ipv4
    do_without_error modprobe xt_PMYCOLO sec_dev=$forwarddev

    iptables -t mangle -I PREROUTING -m physdev --physdev-in \
        $vifname -j PMYCOLO --index $index
    ip6tables -t mangle -I PREROUTING -m physdev --physdev-in \
        $vifname -j PMYCOLO --index $index
    do_without_error arptables -I INPUT -i $forwarddev -j MARK --set-mark $index
}

function teardown_primary()
{
    do_without_error tc filter del dev $vifname parent 1: protocol ip prio 10 u32 match u32 \
        0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
    do_without_error tc filter del dev $vifname parent 1: protocol arp prio 11 u32 match u32 \
        0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
    do_without_error tc filter del dev $vifname parent 1: protocol ipv6 prio 12 u32 match u32 \
        0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
    do_without_error tc qdisc del dev $vifname root handle 1: prio

    do_without_error iptables -t mangle -D PREROUTING -m physdev --physdev-in \
        $vifname -j PMYCOLO --index $index
    do_without_error ip6tables -t mangle -D PREROUTING -m physdev --physdev-in \
        $vifname -j PMYCOLO --index $index
    do_without_error arptables -F
    do_without_error rmmod xt_PMYCOLO
}

function setup_secondary()
{
    do_without_error brctl delif $bridge $vifname
    do_without_error brctl addbr $forwardbr
    do_without_error brctl addif $forwardbr $vifname
    do_without_error brctl addif $forwardbr $forwarddev
    do_without_error ip link set dev $forwardbr up
    do_without_error modprobe xt_SECCOLO

    iptables -t mangle -I PREROUTING -m physdev --physdev-in \
        $vifname -j SECCOLO --index $index
    ip6tables -t mangle -I PREROUTING -m physdev --physdev-in \
        $vifname -j SECCOLO --index $index
}

function teardown_secondary()
{
    do_without_error brctl delif $forwardbr $forwarddev
    do_without_error brctl delif $forwardbr $vifname
    do_without_error brctl delbr $forwardbr
    do_without_error brctl addif $bridge $vifname

    do_without_error iptables -t mangle -D PREROUTING -m physdev --physdev-in \
        $vifname -j SECCOLO --index $index
    do_without_error ip6tables -t mangle -D PREROUTING -m physdev --physdev-in \
        $vifname -j SECCOLO --index $index
    do_without_error rmmod xt_SECCOLO
}

case "$command" in
    setup)
        if [ "$mode" = "primary" ]
        then
            setup_primary
        else
            setup_secondary
        fi

        success
        ;;
    teardown)
        if [ "$mode" = "primary" ]
        then
            teardown_primary
        else
            teardown_secondary
        fi
        ;;
esac

if [ "$mode" = "primary" ]
then
    log debug "Successful colo-proxy-setup $command for $vifname." \
              " vifname: $vifname, index: $index, forwarddev: $forwarddev."
else
    log debug "Successful colo-proxy-setup $command for $vifname." \
              " vifname: $vifname, index: $index, forwarddev: $forwarddev,"\
              " forwardbr: $forwardbr."
fi

APT Browse - Built by Thomas Orozco.