openvswitch: add option for failure mode

When Open vSwitch is configured to use a controller, but is unable to
connect to it, Open vSwitch will setup flows to allow all traffic, if
the failure mode is not configured, or set to standalone.

As this might be a security hazard, it is also possible to configure
Open vSwitch in a secure failure mode. Enabling this mode causes Open
vSwitch to drop all traffic if it is unable to connect to the
controller.

Redirect stderr of the command to /dev/null as it does not support the
--if-exists option.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

diff --git a/net/openvswitch/Makefile b/net/openvswitch/Makefile
index bbe8b461404ce828c30155b66e31bd5d899e5062..1fdc11c070d738360aef4b7cdcc39554e1baa73b 100644 (file)
--- a/net/openvswitch/Makefile
+++ b/net/openvswitch/Makefile
@@ -17,7 +17,7 @@ include ./openvswitch.mk
 #
 PKG_NAME:=openvswitch
 PKG_VERSION:=$(ovs_version)
-PKG_RELEASE:=8
+PKG_RELEASE:=9
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.openvswitch.org/releases/
 PKG_HASH:=7d5797f2bf2449c6a266149e88f72123540f7fe7f31ad52902057ae8d8f88c38

diff --git a/net/openvswitch/README.md b/net/openvswitch/README.md
index cb7c3b466886f06383bed09acd6f0e35a8305cb3..b5911a597f463814b7bf88e35ce7a3e9ef4648e1 100644 (file)
--- a/net/openvswitch/README.md
+++ b/net/openvswitch/README.md
@@ -92,6 +92,7 @@ for initialising a virtual bridge with an OpenFlow controller.
 | controller    | string  | no       | (none)                         | The endpoint of an OpenFlow controller for this bridge     |
 | datapath_id   | string  | no       | (none)                         | The OpenFlow datapath ID for this bridge                   |
 | datapath_desc | string  | no       | (none)                         | The OpenFlow datapath description for this bridge          |
+| fail_mode     | string  | no       | standalone                     | The bridge failure mode                                    |
 
 The ovs_port section can be used to add ports to a bridge. It supports the options below.
 

diff --git a/net/openvswitch/files/openvswitch.config b/net/openvswitch/files/openvswitch.config
index a7222b776301b87df5eba61f87b3c0e42425f5bf..8fb9d1a799cfcd2ecd17bb86b2e4f7f374a75b3e 100644 (file)
--- a/net/openvswitch/files/openvswitch.config
+++ b/net/openvswitch/files/openvswitch.config
@@ -16,6 +16,7 @@ config ovs_bridge
        option controller 'tcp:192.168.0.1'
        option datapath_desc ''
        option datapath_id ''
+       option fail_mode 'standalone'
 
 config ovs_port
        option disabled 1

diff --git a/net/openvswitch/files/openvswitch.init b/net/openvswitch/files/openvswitch.init
index 53259d5133a3aaeccc0d0d1db910ff20ef44d31d..f4a88edcfaf5a7cd22073e13cd9e09b2eb58895f 100755 (executable)
--- a/net/openvswitch/files/openvswitch.init
+++ b/net/openvswitch/files/openvswitch.init
@@ -198,6 +198,20 @@ ovs_bridge_validate_datapath_desc() {
        fi
 }
 
+ovs_bridge_validate_fail_mode() {
+       local fail_mode="$1"
+
+       case "$fail_mode" in
+               secure|standalone)
+                       return 0
+                       ;;
+               *)
+                       logger -t openvswitch "invalid fail_mode: $fail_mode"
+                       return 1
+                       ;;
+       esac
+}
+
 ovs_bridge_init() {
        local cfg="$1"
 
@@ -226,6 +240,17 @@ ovs_bridge_init() {
                }
        }
 
+       config_get fail_mode "$cfg" fail_mode
+       [ -n "$fail_mode" ] && {
+               ovs_bridge_validate_fail_mode "$fail_mode" && {
+                       ovs-vsctl set-fail-mode "$name" "$fail_mode" 2> /dev/null
+               } || {
+                       ovs-vsctl del-fail-mode "$name" 2> /dev/null
+               }
+       } || {
+               ovs-vsctl del-fail-mode "$name" 2> /dev/null
+       }
+
        config_list_foreach "$cfg" "ports" ovs_bridge_port_add
        config_foreach ovs_bridge_port_add_complex ovs_port "$name"
        config_get_bool drop "$cfg" "drop_unknown_ports" 0