1 |
А можете пояснить вот этот блок: |
2 |
|
3 |
local x="rules_${IFVAR}[@]" |
4 |
local -a rules=( "${!x}" ) |
5 |
if [[ -n ${rules} ]] ; then |
6 |
|
7 |
? |
8 |
|
9 |
|
10 |
Я в postdown() заменил |
11 |
|
12 |
ip rule list | grep " iif ${IFACE}[ ]*" | { |
13 |
|
14 |
на |
15 |
|
16 |
ip rule list | grep `ifconfig ${IFACE} | grep 'inet addr' | cut -d: -f2 |
17 |
| awk '{print $1}'` | { |
18 |
|
19 |
Т.е. ищем правила, где присутствует IP текущего интерфейса и удаляем их. |
20 |
|
21 |
|
22 |
|
23 |
On 10/22/10 14:54, Vladimir Solomatin wrote: |
24 |
> On 10/22/2010 03:21 PM, Vladimir Solomatin wrote: |
25 |
> |
26 |
> правила забыл указать |
27 |
> |
28 |
> rules_eth2=( |
29 |
> "from 77.241.x.x/28 to all table isp1 priority 530" |
30 |
> "from 213.129.x.x/28 to all table isp2 priority 630" |
31 |
> "from 213.128.x.x/28 to all table isp3 priority 730" |
32 |
> ) |
33 |
> |
34 |
> Правила как добавляются так и удаляются. |
35 |
> |
36 |
> host ~# /etc/init.d/net.eth2 restart |
37 |
> * Stopping eth2 |
38 |
> * Bringing down eth2 |
39 |
> * Shutting down eth2 |
40 |
> ... [ ok ] |
41 |
> * Running postdown function |
42 |
> * Removing IP policy routing rules |
43 |
> * from 77.241.x.x/28 to all table isp1 priority 530 |
44 |
> ... [ ok ] |
45 |
> * from 213.129.x.x/28 to all table isp2 priority 630 |
46 |
> ... [ ok ] |
47 |
> * from 213.128.x.x/28 to all table isp3 priority 730 ... |
48 |
> [ ok ] |
49 |
> * Starting eth2 |
50 |
> * Bringing up eth2 |
51 |
> * |
52 |
> 77.241.x.x/28 |
53 |
> [ ok ] |
54 |
> * |
55 |
> 213.128.x.x/28 |
56 |
> [ ok ] |
57 |
> * |
58 |
> 213.129.x.x/28 |
59 |
> [ ok ] |
60 |
> * Adding routes |
61 |
> * 77.241.x.x/28 dev eth2 src 77.241.x.x table artnet proto static |
62 |
> ... [ ok ] |
63 |
> * 77.241.x.x/28 dev eth2 src 77.241.x.x table uvttk proto static |
64 |
> ... [ ok ] |
65 |
> * 77.241.x.x/28 dev eth2 src 77.241.x.x table sibintek proto |
66 |
> static ... [ ok ] |
67 |
> * 77.241.x.x/28 dev eth2 src 77.241.x.x table domolink proto |
68 |
> static ... [ ok ] |
69 |
> * 213.128.218.16/28 dev eth2 src 213.128.x.x table artnet proto |
70 |
> static ... [ ok ] |
71 |
> * 213.128.218.16/28 dev eth2 src 213.128.x.x table uvttk proto |
72 |
> static ... [ ok ] |
73 |
> * 213.128.218.16/28 dev eth2 src 213.128.x.x table sibintek proto |
74 |
> static ... [ ok ] |
75 |
> * 213.128.218.16/28 dev eth2 src 213.128.x.x table domolink proto |
76 |
> static ... [ ok ] |
77 |
> * 213.129.x.x/28 dev eth2 src 213.129.x.x table artnet proto |
78 |
> static ... [ ok ] |
79 |
> * 213.129.x.x/28 dev eth2 src 213.129.x.x table uvttk proto static |
80 |
> ... [ ok ] |
81 |
> * 213.129.x.x/28 dev eth2 src 213.129.x.x table sibintek proto |
82 |
> static ... [ ok ] |
83 |
> * 213.129.x.x/28 dev eth2 src 213.129.x.x table domolink proto |
84 |
> static ... [ ok ] |
85 |
> * Running postup function |
86 |
> * Adding IP policy routing rules |
87 |
> * from 77.241.x.x/28 to all table isp1 priority 530 |
88 |
> ... [ ok ] |
89 |
> * from 213.129.x.x/28 to all table isp2 priority 630 |
90 |
> ... [ ok ] |
91 |
> * from 213.128.x.x/28 to all table isp3 priority 730 |
92 |
> ... [ ok ] |
93 |
> |
94 |
>>>>> Добавка: если убрать концовку dev "${IFACE}" в postup в строке |
95 |
>>>>> ip rule add ${x} dev "${IFACE}" |
96 |
>>>>> то postdown не сможет найти свои правила (т.к. оно их находит grepом по |
97 |
>>>>> iif ${IFACE}). |
98 |
>>>> Заменил ip rule add ${x} dev "${IFACE}" на ip rule add ${x} - работает. |
99 |
>>>> |
100 |
>>>> Сейчас буду думать как бы привязать правила к интерфейсу, чтобы |
101 |
>>>> postdown() могла их корректно удалить... |
102 |
>>>> |
103 |
>>> Можно попробовать получать список правил для удаления не из ip rule show |
104 |
>>> | grep что-нибудь, а из той же самой rules_... |
105 |
>>> |
106 |
>> |
107 |
>> В общем, вам либо поменять функции и убрать это добавление iif $IFACE, |
108 |
>> либо добавлять правила другим способом. |
109 |
> |
110 |
>> config_eth2=( |
111 |
>> "77.241.x.x/28 brd 77.241.x.x" |
112 |
>> "213.128.x.x/28 brd 213.128.x.x" |
113 |
>> "213.129.x.x/28 brd 213.129.x.x" |
114 |
>> ) |
115 |
>> |
116 |
>> routes_eth2=( |
117 |
>> "77.241.x.x/28 dev eth2 src 77.241.x.x table isp1 proto static" |
118 |
>> "77.241.x.x/28 dev eth2 src 77.241.x.x table isp2 proto static" |
119 |
>> "77.241.x.x/28 dev eth2 src 77.241.x.x table isp3 proto static" |
120 |
>> "77.241.x.x/28 dev eth2 src 77.241.x.x table isp4 proto static" |
121 |
>> "213.128.x.x/28 dev eth2 src 213.128.x.x table isp1 proto static" |
122 |
>> "213.128.x.x/28 dev eth2 src 213.128.x.x table isp2 proto static" |
123 |
>> "213.128.x.x/28 dev eth2 src 213.128.x.x table isp3 proto static" |
124 |
>> "213.128.x.x/28 dev eth2 src 213.128.x.x table isp4 proto static" |
125 |
>> "213.129.x.x/28 dev eth2 src 213.129.x.x table isp1 proto static" |
126 |
>> "213.129.x.x/28 dev eth2 src 213.129.x.x table isp2 proto static" |
127 |
>> "213.129.x.x/28 dev eth2 src 213.129.x.x table isp3 proto static" |
128 |
>> "213.129.x.x/28 dev eth2 src 213.129.x.x table isp4 proto static" |
129 |
>> ) |
130 |
>> |
131 |
>> postup() { |
132 |
>> local x="rules_${IFVAR}[@]" |
133 |
>> local -a rules=( "${!x}" ) |
134 |
>> if [[ -n ${rules} ]] ; then |
135 |
>> einfo "Adding IP policy routing rules" |
136 |
>> eindent |
137 |
>> # Ensure that the kernel supports policy routing |
138 |
>> if ! ip rule list | grep -q "^" ; then |
139 |
>> eerror "You need to enable IP Policy Routing |
140 |
>> (CONFIG_IP_MULTIPLE_TABLES)" |
141 |
>> eerror "in your kernel to use ip rules" |
142 |
>> else |
143 |
>> for x in "${rules[@]}" ; do |
144 |
>> ebegin "${x}" |
145 |
>> # ip rule add ${x} dev "${IFACE}" |
146 |
>> ip rule add ${x} |
147 |
>> eend $? |
148 |
>> done |
149 |
>> fi |
150 |
>> eoutdent |
151 |
>> # Flush the cache |
152 |
>> ip route flush cache dev "${IFACE}" |
153 |
>> fi |
154 |
>> } |
155 |
>> |
156 |
>> postdown() { |
157 |
>> # Automatically erase any ip rules created in the example postup |
158 |
>> above |
159 |
>> if interface_exists "${IFACE}" ; then |
160 |
>> local x="rules_${IFVAR}[@]" |
161 |
>> local -a rules=( "${!x}" ) |
162 |
>> if [[ -n ${rules} ]] ; then |
163 |
>> einfo "Removing IP policy routing rules" |
164 |
>> eindent |
165 |
>> for x in "${rules[@]}" ; do |
166 |
>> ebegin "${x}" |
167 |
>> ip rule del ${x} |
168 |
>> eend $? |
169 |
>> done |
170 |
>> eoutdent |
171 |
>> # Flush the route cache |
172 |
>> ip route flush cache dev "${IFACE}" |
173 |
>> fi |
174 |
>> fi |
175 |
>> |
176 |
>> # Return 0 always |
177 |
>> return 0 |
178 |
>> } |
179 |
>> |
180 |
>> см. http://geekscrap.com/2010/02/multiple-ip-uplinks-with-gentoo/ |
181 |
>> -- |
182 |
>> Vladimir Solomatin (slash@×××××.ru) |
183 |
>> Phone: + 7 (4732) 711711 |
184 |
>> Relex Inc, Voronezh. |
185 |
> |
186 |
> |
187 |
> -- |
188 |
> Vladimir Solomatin (slash@×××××.ru) |
189 |
> Phone: + 7 (4732) 711711 |
190 |
> Relex Inc, Voronezh. |
191 |
> |