This repository has been archived by the owner on Aug 17, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ip.go
69 lines (53 loc) · 2.22 KB
/
ip.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package main
import (
"bytes"
"fmt"
)
// ConfigMacAntiSpoof configures MAC anti-spoofing according to input config
func ConfigMacAntiSpoof(cfg []MacAntiSpoofConfig) error {
// prefix for antispoof config errors logging
const errPrefix = "antispoof config error:"
for _, c := range cfg {
// create upper macvlan device with mode 'source'
cmd := RunCommand("ip", "link", "add", "link", c.ParentDevice, "name", c.ChildDevice, "type", "macvlan", "mode", "source")
if cmd.ReturnCode != 0 && cmd.ReturnCode != 2 { // return code 2 is for RTNETLINK answers: File exists
e := fmt.Errorf("%s running command '%s' failed with exit code '%d', output '%s'", errPrefix, cmd.Command, cmd.ReturnCode, cmd.CombinedOutput)
Logger.Println(e)
return e
}
// set allowed MAC in upper device, this MAC is taken from Libvirt interface config
cmd = RunCommand("ip", "link", "set", "link", "dev", c.ChildDevice, "type", "macvlan", "macaddr", "set", c.MAC)
if cmd.ReturnCode != 0 {
e := fmt.Errorf("%s running command '%s' failed with exit code '%d', output '%s'", errPrefix, cmd.Command, cmd.ReturnCode, cmd.CombinedOutput)
Logger.Println(e)
return e
}
}
return nil
}
// UnConfigMacAntiSpoof removes upper macvlan (in mode source) interface from system
func UnConfigMacAntiSpoof(cfg []MacAntiSpoofConfig) error {
// prefix for antispoof config errors logging
const errPrefix = "antispoof config error:"
for _, c := range cfg {
// get extended information for defined parent interface
cmd := RunCommand("ip", "-o", "-d", "l", "show", c.ChildDevice, "type", "macvlan")
if cmd.ReturnCode != 0 {
e := fmt.Errorf("%s running command '%s' failed with exit code '%d', output '%s'", errPrefix, cmd.Command, cmd.ReturnCode, cmd.CombinedOutput)
Logger.Println(e)
return e
}
// skip interfaces not in mode 'source'
if !bytes.Contains(cmd.CombinedOutput, []byte("macvlan mode source")) {
continue
}
// remove parent interface
cmd = RunCommand("ip", "l", "del", c.ChildDevice, "type", "macvlan")
if cmd.ReturnCode != 0 {
e := fmt.Errorf("%s running command '%s' failed with exit code '%d', output '%s'", errPrefix, cmd.Command, cmd.ReturnCode, cmd.CombinedOutput)
Logger.Println(e)
return e
}
}
return nil
}