Skip to content

Commit 1d3c853

Browse files
jampejampe
authored
add so_mark sockopt support (#1331)
1 parent 2fb018c commit 1d3c853

File tree

2 files changed

+29
-0
lines changed

2 files changed

+29
-0
lines changed

examples/config.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -144,6 +144,11 @@ listen:
144144
# valid values: always, never, private
145145
# This setting is reloadable.
146146
#send_recv_error: always
147+
# The so_sock option is a Linux-specific feature that allows all outgoing Nebula packets to be tagged with a specific identifier.
148+
# This tagging enables IP rule-based filtering. For example, it supports 0.0.0.0/0 unsafe_routes,
149+
# allowing for more precise routing decisions based on the packet tags. Default is 0 meaning no mark is set.
150+
# This setting is reloadable.
151+
#so_mark: 0
147152

148153
# Routines is the number of thread pairs to run that consume from the tun and UDP queues.
149154
# Currently, this defaults to 1 which means we have 1 tun queue reader and 1

udp/udp_linux.go

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,10 @@ func (u *StdConn) SetSendBuffer(n int) error {
8484
return unix.SetsockoptInt(u.sysFd, unix.SOL_SOCKET, unix.SO_SNDBUFFORCE, n)
8585
}
8686

87+
func (u *StdConn) SetSoMark(mark int) error {
88+
return unix.SetsockoptInt(u.sysFd, unix.SOL_SOCKET, unix.SO_MARK, mark)
89+
}
90+
8791
func (u *StdConn) GetRecvBuffer() (int, error) {
8892
return unix.GetsockoptInt(int(u.sysFd), unix.SOL_SOCKET, unix.SO_RCVBUF)
8993
}
@@ -92,6 +96,10 @@ func (u *StdConn) GetSendBuffer() (int, error) {
9296
return unix.GetsockoptInt(int(u.sysFd), unix.SOL_SOCKET, unix.SO_SNDBUF)
9397
}
9498

99+
func (u *StdConn) GetSoMark() (int, error) {
100+
return unix.GetsockoptInt(int(u.sysFd), unix.SOL_SOCKET, unix.SO_MARK)
101+
}
102+
95103
func (u *StdConn) LocalAddr() (netip.AddrPort, error) {
96104
sa, err := unix.Getsockname(u.sysFd)
97105
if err != nil {
@@ -270,6 +278,22 @@ func (u *StdConn) ReloadConfig(c *config.C) {
270278
u.l.WithError(err).Error("Failed to set listen.write_buffer")
271279
}
272280
}
281+
282+
b = c.GetInt("listen.so_mark", 0)
283+
s, err := u.GetSoMark()
284+
if b > 0 || (err == nil && s != 0) {
285+
err := u.SetSoMark(b)
286+
if err == nil {
287+
s, err := u.GetSoMark()
288+
if err == nil {
289+
u.l.WithField("mark", s).Info("listen.so_mark was set")
290+
} else {
291+
u.l.WithError(err).Warn("Failed to get listen.so_mark")
292+
}
293+
} else {
294+
u.l.WithError(err).Error("Failed to set listen.so_mark")
295+
}
296+
}
273297
}
274298

275299
func (u *StdConn) getMemInfo(meminfo *[unix.SK_MEMINFO_VARS]uint32) error {

0 commit comments

Comments
 (0)