为了向前兼容，发布版本中默认禁用Decrypted Traffic Steering Policy Route

author: luwenpeng <[email protected]> 2022-12-23 13:58:44 +0800
committer: luwenpeng <[email protected]> 2022-12-23 13:58:44 +0800
commit: 340af20739aea579140306515f885797d5395c75 (patch)
tree: 21a35a76a0c75b9dcbefe590401d41b06566b501
parent: 9d12fe730408f175dfa12ea65362068f69d0ff1f (diff)
1 files changed, 66 insertions, 66 deletions
diff --git a/script/service/tfe-env.service b/script/service/tfe-env.service
index 2fa7f3f..6c38f49 100644
--- a/script/service/tfe-env.service
+++ b/script/service/tfe-env.service
@@ -50,72 +50,72 @@ ExecStopPost=/usr/sbin/ip -6 route del local default dev lo table 102
 ExecStopPost=/usr/sbin/ip addr del fd00::02/64 dev ${TFE_DEVICE_DATA_INCOMING}
 ExecStopPost=/usr/sbin/ip link set ${TFE_DEVICE_DATA_INCOMING} down
 
-###########################################################
-# Add Decrypted Traffic Steering Policy Route
-###########################################################
-
-ExecStartPost=/usr/sbin/ethtool --offload ${STEERING_CLIENT_DEV_NAME} rx off tx off
-ExecStartPost=/usr/sbin/ethtool --offload ${STEERING_SERVER_DEV_NAME} rx off tx off
-
-ExecStartPost=/usr/sbin/ip link set ${STEERING_CLIENT_DEV_NAME} up
-ExecStartPost=/usr/sbin/ip link set ${STEERING_SERVER_DEV_NAME} up
-ExecStartPost=/usr/sbin/ip addr flush dev ${STEERING_CLIENT_DEV_NAME}
-ExecStartPost=/usr/sbin/ip addr flush dev ${STEERING_SERVER_DEV_NAME}
-
-ExecStartPost=/usr/sbin/ip addr add 2.2.2.2/24 dev ${STEERING_CLIENT_DEV_NAME}
-ExecStartPost=/usr/sbin/ip addr add 3.3.3.3/24 dev ${STEERING_SERVER_DEV_NAME}
-ExecStartPost=/usr/sbin/ip -4 neigh flush dev ${STEERING_CLIENT_DEV_NAME}
-ExecStartPost=/usr/sbin/ip -4 neigh flush dev ${STEERING_SERVER_DEV_NAME}
-ExecStartPost=/usr/sbin/ip -4 neigh add 2.2.2.1 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
-ExecStartPost=/usr/sbin/ip -4 neigh add 3.3.3.1 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
-ExecStartPost=/usr/sbin/ip -4 rule add fwmark 0x11 lookup 111
-ExecStartPost=/usr/sbin/ip -4 rule add fwmark 0x22 lookup 222
-ExecStartPost=/usr/sbin/ip -4 route add default dev ${STEERING_CLIENT_DEV_NAME} via 2.2.2.1 table 111
-ExecStartPost=/usr/sbin/ip -4 route add default dev ${STEERING_SERVER_DEV_NAME} via 3.3.3.1 table 222
-ExecStartPost=/usr/sbin/ip -4 rule add iif ${STEERING_CLIENT_DEV_NAME} tab 100
-ExecStartPost=/usr/sbin/ip -4 rule add iif ${STEERING_SERVER_DEV_NAME} tab 100
-
-ExecStartPost=/usr/sbin/ip addr add fd02::02/64 dev ${STEERING_CLIENT_DEV_NAME}
-ExecStartPost=/usr/sbin/ip addr add fd03::03/64 dev ${STEERING_SERVER_DEV_NAME}
-ExecStartPost=/usr/sbin/ip -6 neigh flush dev ${STEERING_CLIENT_DEV_NAME}
-ExecStartPost=/usr/sbin/ip -6 neigh flush dev ${STEERING_SERVER_DEV_NAME}
-ExecStartPost=/usr/sbin/ip -6 neigh add fd02::01 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
-ExecStartPost=/usr/sbin/ip -6 neigh add fd03::01 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
-ExecStartPost=/usr/sbin/ip -6 rule add fwmark 0x11 lookup 333
-ExecStartPost=/usr/sbin/ip -6 rule add fwmark 0x22 lookup 444
-ExecStartPost=/usr/sbin/ip -6 route add default dev ${STEERING_CLIENT_DEV_NAME} via fd02::01 table 333
-ExecStartPost=/usr/sbin/ip -6 route add default dev ${STEERING_SERVER_DEV_NAME} via fd03::01 table 444
-ExecStartPost=/usr/sbin/ip -6 rule add iif ${STEERING_CLIENT_DEV_NAME} tab 102
-ExecStartPost=/usr/sbin/ip -6 rule add iif ${STEERING_SERVER_DEV_NAME} tab 102
-
-###########################################################
-# Del Decrypted Traffic Steering Policy Route
-###########################################################
-
-ExecStopPost=/usr/sbin/ip -6 rule del iif ${STEERING_CLIENT_DEV_NAME} tab 102
-ExecStopPost=/usr/sbin/ip -6 rule del iif ${STEERING_SERVER_DEV_NAME} tab 102
-ExecStopPost=/usr/sbin/ip -6 route del default dev ${STEERING_CLIENT_DEV_NAME} via fd02::01 table 333
-ExecStopPost=/usr/sbin/ip -6 route del default dev ${STEERING_SERVER_DEV_NAME} via fd03::01 table 444
-ExecStopPost=/usr/sbin/ip -6 rule del fwmark 0x11 lookup 333
-ExecStopPost=/usr/sbin/ip -6 rule del fwmark 0x22 lookup 444
-ExecStopPost=/usr/sbin/ip -6 neigh del fd02::01 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
-ExecStopPost=/usr/sbin/ip -6 neigh del fd03::01 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
-ExecStopPost=/usr/sbin/ip addr del fd02::02/64 dev ${STEERING_CLIENT_DEV_NAME}
-ExecStopPost=/usr/sbin/ip addr del fd03::03/64 dev ${STEERING_SERVER_DEV_NAME}
-
-ExecStopPost=/usr/sbin/ip -4 rule del iif ${STEERING_CLIENT_DEV_NAME} tab 100
-ExecStopPost=/usr/sbin/ip -4 rule del iif ${STEERING_SERVER_DEV_NAME} tab 100
-ExecStopPost=/usr/sbin/ip -4 route del default dev ${STEERING_CLIENT_DEV_NAME} via 2.2.2.1 table 111
-ExecStopPost=/usr/sbin/ip -4 route del default dev ${STEERING_SERVER_DEV_NAME} via 3.3.3.1 table 222
-ExecStopPost=/usr/sbin/ip -4 rule del fwmark 0x11 lookup 111
-ExecStopPost=/usr/sbin/ip -4 rule del fwmark 0x22 lookup 222
-ExecStopPost=/usr/sbin/ip -4 neigh del 2.2.2.1 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
-ExecStopPost=/usr/sbin/ip -4 neigh del 3.3.3.1 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
-ExecStopPost=/usr/sbin/ip -4 addr del 2.2.2.2/24 dev ${STEERING_CLIENT_DEV_NAME}
-ExecStopPost=/usr/sbin/ip -4 addr del 3.3.3.3/24 dev ${STEERING_SERVER_DEV_NAME}
-
-ExecStopPost=/usr/sbin/ip link set ${STEERING_CLIENT_DEV_NAME} down
-ExecStopPost=/usr/sbin/ip link set ${STEERING_SERVER_DEV_NAME} down
+#############################################################
+## Add Decrypted Traffic Steering Policy Route
+############################################################
+#
+#ExecStartPost=/usr/sbin/ethtool --offload ${STEERING_CLIENT_DEV_NAME} rx off tx off
+#ExecStartPost=/usr/sbin/ethtool --offload ${STEERING_SERVER_DEV_NAME} rx off tx off
+#
+#ExecStartPost=/usr/sbin/ip link set ${STEERING_CLIENT_DEV_NAME} up
+#ExecStartPost=/usr/sbin/ip link set ${STEERING_SERVER_DEV_NAME} up
+#ExecStartPost=/usr/sbin/ip addr flush dev ${STEERING_CLIENT_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip addr flush dev ${STEERING_SERVER_DEV_NAME}
+#
+#ExecStartPost=/usr/sbin/ip addr add 2.2.2.2/24 dev ${STEERING_CLIENT_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip addr add 3.3.3.3/24 dev ${STEERING_SERVER_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip -4 neigh flush dev ${STEERING_CLIENT_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip -4 neigh flush dev ${STEERING_SERVER_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip -4 neigh add 2.2.2.1 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
+#ExecStartPost=/usr/sbin/ip -4 neigh add 3.3.3.1 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
+#ExecStartPost=/usr/sbin/ip -4 rule add fwmark 0x11 lookup 111
+#ExecStartPost=/usr/sbin/ip -4 rule add fwmark 0x22 lookup 222
+#ExecStartPost=/usr/sbin/ip -4 route add default dev ${STEERING_CLIENT_DEV_NAME} via 2.2.2.1 table 111
+#ExecStartPost=/usr/sbin/ip -4 route add default dev ${STEERING_SERVER_DEV_NAME} via 3.3.3.1 table 222
+#ExecStartPost=/usr/sbin/ip -4 rule add iif ${STEERING_CLIENT_DEV_NAME} tab 100
+#ExecStartPost=/usr/sbin/ip -4 rule add iif ${STEERING_SERVER_DEV_NAME} tab 100
+#
+#ExecStartPost=/usr/sbin/ip addr add fd02::02/64 dev ${STEERING_CLIENT_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip addr add fd03::03/64 dev ${STEERING_SERVER_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip -6 neigh flush dev ${STEERING_CLIENT_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip -6 neigh flush dev ${STEERING_SERVER_DEV_NAME}
+#ExecStartPost=/usr/sbin/ip -6 neigh add fd02::01 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
+#ExecStartPost=/usr/sbin/ip -6 neigh add fd03::01 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
+#ExecStartPost=/usr/sbin/ip -6 rule add fwmark 0x11 lookup 333
+#ExecStartPost=/usr/sbin/ip -6 rule add fwmark 0x22 lookup 444
+#ExecStartPost=/usr/sbin/ip -6 route add default dev ${STEERING_CLIENT_DEV_NAME} via fd02::01 table 333
+#ExecStartPost=/usr/sbin/ip -6 route add default dev ${STEERING_SERVER_DEV_NAME} via fd03::01 table 444
+#ExecStartPost=/usr/sbin/ip -6 rule add iif ${STEERING_CLIENT_DEV_NAME} tab 102
+#ExecStartPost=/usr/sbin/ip -6 rule add iif ${STEERING_SERVER_DEV_NAME} tab 102
+#
+############################################################
+## Del Decrypted Traffic Steering Policy Route
+############################################################
+#
+#ExecStopPost=/usr/sbin/ip -6 rule del iif ${STEERING_CLIENT_DEV_NAME} tab 102
+#ExecStopPost=/usr/sbin/ip -6 rule del iif ${STEERING_SERVER_DEV_NAME} tab 102
+#ExecStopPost=/usr/sbin/ip -6 route del default dev ${STEERING_CLIENT_DEV_NAME} via fd02::01 table 333
+#ExecStopPost=/usr/sbin/ip -6 route del default dev ${STEERING_SERVER_DEV_NAME} via fd03::01 table 444
+#ExecStopPost=/usr/sbin/ip -6 rule del fwmark 0x11 lookup 333
+#ExecStopPost=/usr/sbin/ip -6 rule del fwmark 0x22 lookup 444
+#ExecStopPost=/usr/sbin/ip -6 neigh del fd02::01 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
+#ExecStopPost=/usr/sbin/ip -6 neigh del fd03::01 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
+#ExecStopPost=/usr/sbin/ip addr del fd02::02/64 dev ${STEERING_CLIENT_DEV_NAME}
+#ExecStopPost=/usr/sbin/ip addr del fd03::03/64 dev ${STEERING_SERVER_DEV_NAME}
+#
+#ExecStopPost=/usr/sbin/ip -4 rule del iif ${STEERING_CLIENT_DEV_NAME} tab 100
+#ExecStopPost=/usr/sbin/ip -4 rule del iif ${STEERING_SERVER_DEV_NAME} tab 100
+#ExecStopPost=/usr/sbin/ip -4 route del default dev ${STEERING_CLIENT_DEV_NAME} via 2.2.2.1 table 111
+#ExecStopPost=/usr/sbin/ip -4 route del default dev ${STEERING_SERVER_DEV_NAME} via 3.3.3.1 table 222
+#ExecStopPost=/usr/sbin/ip -4 rule del fwmark 0x11 lookup 111
+#ExecStopPost=/usr/sbin/ip -4 rule del fwmark 0x22 lookup 222
+#ExecStopPost=/usr/sbin/ip -4 neigh del 2.2.2.1 lladdr ${STEERING_SERVER_DEV_MAC} dev ${STEERING_CLIENT_DEV_NAME} nud permanent
+#ExecStopPost=/usr/sbin/ip -4 neigh del 3.3.3.1 lladdr ${STEERING_CLIENT_DEV_MAC} dev ${STEERING_SERVER_DEV_NAME} nud permanent
+#ExecStopPost=/usr/sbin/ip -4 addr del 2.2.2.2/24 dev ${STEERING_CLIENT_DEV_NAME}
+#ExecStopPost=/usr/sbin/ip -4 addr del 3.3.3.3/24 dev ${STEERING_SERVER_DEV_NAME}
+#
+#ExecStopPost=/usr/sbin/ip link set ${STEERING_CLIENT_DEV_NAME} down
+#ExecStopPost=/usr/sbin/ip link set ${STEERING_SERVER_DEV_NAME} down
 
 [Install]
 RequiredBy=tfe.service
author	luwenpeng <[email protected]>	2022-12-23 13:58:44 +0800
committer	luwenpeng <[email protected]>	2022-12-23 13:58:44 +0800
commit	340af20739aea579140306515f885797d5395c75 (patch)
tree	21a35a76a0c75b9dcbefe590401d41b06566b501
parent	9d12fe730408f175dfa12ea65362068f69d0ff1f (diff)