[mirror_iproute2.git] / ip / link_ip6tnl.c

/*
 * link_ip6tnl.c	ip6tnl driver module
 *
 *		This program is free software; you can redistribute it and/or
 *		modify it under the terms of the GNU General Public License
 *		as published by the Free Software Foundation; either version
 *		2 of the License, or (at your option) any later version.
 *
 * Authors:	Nicolas Dichtel <nicolas.dichtel@6wind.com>
 *
 */

#include <string.h>
#include <net/if.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>

#include <linux/ip.h>
#include <linux/if_tunnel.h>
#include <linux/ip6_tunnel.h>
#include "rt_names.h"
#include "utils.h"
#include "ip_common.h"
#include "tunnel.h"

#define IP6_FLOWINFO_TCLASS	htonl(0x0FF00000)
#define IP6_FLOWINFO_FLOWLABEL	htonl(0x000FFFFF)

#define DEFAULT_TNL_HOP_LIMIT	(64)

static void ip6tunnel_print_help(struct link_util *lu, int argc, char **argv,
				 FILE *f)
{
	fprintf(f,
		"Usage: ... %-6s	[ remote ADDR ]\n"
		"			[ local ADDR ]\n"
		"			[ encaplimit ELIM ]\n"
		"			[ hoplimit HLIM ]\n"
		"			[ tclass TCLASS ]\n"
		"			[ flowlabel FLOWLABEL ]\n"
		"			[ dscp inherit ]\n"
		"			[ [no]allow-localremote ]\n"
		"			[ dev PHYS_DEV ]\n"
		"			[ fwmark MARK ]\n"
		"			[ external ]\n"
		"			[ noencap ]\n"
		"			[ encap { fou | gue | none } ]\n"
		"			[ encap-sport PORT ]\n"
		"			[ encap-dport PORT ]\n"
		"			[ [no]encap-csum ]\n"
		"			[ [no]encap-csum6 ]\n"
		"			[ [no]encap-remcsum ]\n"
		"			[ mode { ip6ip6 | ipip6 | any } ]\n"
		"\n"
		"Where:	ADDR	  := IPV6_ADDRESS\n"
		"	ELIM	  := { none | 0..255 }(default=%d)\n"
		"	HLIM	  := 0..255 (default=%d)\n"
		"	TCLASS    := { 0x0..0xff | inherit }\n"
		"	FLOWLABEL := { 0x0..0xfffff | inherit }\n"
		"	MARK	  := { 0x0..0xffffffff | inherit }\n",
		lu->id,
		IPV6_DEFAULT_TNL_ENCAP_LIMIT, DEFAULT_TNL_HOP_LIMIT);
}

static int ip6tunnel_parse_opt(struct link_util *lu, int argc, char **argv,
			       struct nlmsghdr *n)
{
	struct ifinfomsg *ifi = NLMSG_DATA(n);
	struct {
		struct nlmsghdr n;
		struct ifinfomsg i;
	} req = {
		.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi)),
		.n.nlmsg_flags = NLM_F_REQUEST,
		.n.nlmsg_type = RTM_GETLINK,
		.i.ifi_family = preferred_family,
		.i.ifi_index = ifi->ifi_index,
	};
	struct nlmsghdr *answer;
	struct rtattr *tb[IFLA_MAX + 1];
	struct rtattr *linkinfo[IFLA_INFO_MAX+1];
	struct rtattr *iptuninfo[IFLA_IPTUN_MAX + 1];
	int len;
	inet_prefix saddr, daddr;
	__u8 hop_limit = DEFAULT_TNL_HOP_LIMIT;
	__u8 encap_limit = IPV6_DEFAULT_TNL_ENCAP_LIMIT;
	__u32 flowinfo = 0;
	__u32 flags = 0;
	__u8 proto = 0;
	__u32 link = 0;
	__u16 encaptype = 0;
	__u16 encapflags = TUNNEL_ENCAP_FLAG_CSUM6;
	__u16 encapsport = 0;
	__u16 encapdport = 0;
	__u8 metadata = 0;
	__u32 fwmark = 0;

	inet_prefix_reset(&saddr);
	inet_prefix_reset(&daddr);

	if (!(n->nlmsg_flags & NLM_F_CREATE)) {
		const struct rtattr *rta;

		if (rtnl_talk(&rth, &req.n, &answer) < 0) {
get_failed:
			fprintf(stderr,
				"Failed to get existing tunnel info.\n");
			return -1;
		}

		len = answer->nlmsg_len;
		len -= NLMSG_LENGTH(sizeof(*ifi));
		if (len < 0)
			goto get_failed;

		parse_rtattr(tb, IFLA_MAX, IFLA_RTA(NLMSG_DATA(answer)), len);

		if (!tb[IFLA_LINKINFO])
			goto get_failed;

		parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);

		if (!linkinfo[IFLA_INFO_DATA])
			goto get_failed;

		parse_rtattr_nested(iptuninfo, IFLA_IPTUN_MAX,
				    linkinfo[IFLA_INFO_DATA]);

		rta = iptuninfo[IFLA_IPTUN_LOCAL];
		if (rta && get_addr_rta(&saddr, rta, AF_INET6))
			goto get_failed;

		rta = iptuninfo[IFLA_IPTUN_REMOTE];
		if (rta && get_addr_rta(&daddr, rta, AF_INET6))
			goto get_failed;

		if (iptuninfo[IFLA_IPTUN_TTL])
			hop_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_TTL]);

		if (iptuninfo[IFLA_IPTUN_ENCAP_LIMIT])
			encap_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_ENCAP_LIMIT]);

		if (iptuninfo[IFLA_IPTUN_FLOWINFO])
			flowinfo = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLOWINFO]);

		if (iptuninfo[IFLA_IPTUN_FLAGS])
			flags = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLAGS]);

		if (iptuninfo[IFLA_IPTUN_LINK])
			link = rta_getattr_u32(iptuninfo[IFLA_IPTUN_LINK]);

		if (iptuninfo[IFLA_IPTUN_PROTO])
			proto = rta_getattr_u8(iptuninfo[IFLA_IPTUN_PROTO]);
		if (iptuninfo[IFLA_IPTUN_COLLECT_METADATA])
			metadata = 1;

		if (iptuninfo[IFLA_IPTUN_FWMARK])
			fwmark = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FWMARK]);

		free(answer);
	}

	while (argc > 0) {
		if (strcmp(*argv, "mode") == 0) {
			NEXT_ARG();
			if (strcmp(*argv, "ipv6/ipv6") == 0 ||
			    strcmp(*argv, "ip6ip6") == 0)
				proto = IPPROTO_IPV6;
			else if (strcmp(*argv, "ip/ipv6") == 0 ||
				 strcmp(*argv, "ipv4/ipv6") == 0 ||
				 strcmp(*argv, "ipip6") == 0 ||
				 strcmp(*argv, "ip4ip6") == 0)
				proto = IPPROTO_IPIP;
			else if (strcmp(*argv, "any/ipv6") == 0 ||
				 strcmp(*argv, "any") == 0)
				proto = 0;
			else
				invarg("Cannot guess tunnel mode.", *argv);
		} else if (strcmp(*argv, "remote") == 0) {
			NEXT_ARG();
			get_addr(&daddr, *argv, AF_INET6);
		} else if (strcmp(*argv, "local") == 0) {
			NEXT_ARG();
			get_addr(&saddr, *argv, AF_INET6);
		} else if (matches(*argv, "dev") == 0) {
			NEXT_ARG();
			link = ll_name_to_index(*argv);
			if (!link)
				exit(nodev(*argv));
		} else if (strcmp(*argv, "ttl") == 0 ||
			   strcmp(*argv, "hoplimit") == 0 ||
			   strcmp(*argv, "hlim") == 0) {
			NEXT_ARG();
			if (strcmp(*argv, "inherit") != 0) {
				if (get_u8(&hop_limit, *argv, 0))
					invarg("invalid HLIM\n", *argv);
			} else
				hop_limit = 0;
		} else if (strcmp(*argv, "encaplimit") == 0) {
			NEXT_ARG();
			if (strcmp(*argv, "none") == 0) {
				flags |= IP6_TNL_F_IGN_ENCAP_LIMIT;
			} else {
				__u8 uval;

				if (get_u8(&uval, *argv, 0) < -1)
					invarg("invalid ELIM", *argv);
				encap_limit = uval;
				flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT;
			}
		} else if (strcmp(*argv, "tos") == 0 ||
			   strcmp(*argv, "tclass") == 0 ||
			   strcmp(*argv, "tc") == 0 ||
			   matches(*argv, "dsfield") == 0) {
			__u8 uval;

			NEXT_ARG();
			flowinfo &= ~IP6_FLOWINFO_TCLASS;
			if (strcmp(*argv, "inherit") == 0)
				flags |= IP6_TNL_F_USE_ORIG_TCLASS;
			else {
				if (get_u8(&uval, *argv, 16))
					invarg("invalid TClass", *argv);
				flowinfo |= htonl((__u32)uval << 20) & IP6_FLOWINFO_TCLASS;
				flags &= ~IP6_TNL_F_USE_ORIG_TCLASS;
			}
		} else if (strcmp(*argv, "flowlabel") == 0 ||
			   strcmp(*argv, "fl") == 0) {
			__u32 uval;

			NEXT_ARG();
			flowinfo &= ~IP6_FLOWINFO_FLOWLABEL;
			if (strcmp(*argv, "inherit") == 0)
				flags |= IP6_TNL_F_USE_ORIG_FLOWLABEL;
			else {
				if (get_u32(&uval, *argv, 16))
					invarg("invalid Flowlabel", *argv);
				if (uval > 0xFFFFF)
					invarg("invalid Flowlabel", *argv);
				flowinfo |= htonl(uval) & IP6_FLOWINFO_FLOWLABEL;
				flags &= ~IP6_TNL_F_USE_ORIG_FLOWLABEL;
			}
		} else if (strcmp(*argv, "dscp") == 0) {
			NEXT_ARG();
			if (strcmp(*argv, "inherit") != 0)
				invarg("not inherit", *argv);
			flags |= IP6_TNL_F_RCV_DSCP_COPY;
		} else if (strcmp(*argv, "fwmark") == 0) {
			NEXT_ARG();
			if (strcmp(*argv, "inherit") == 0) {
				flags |= IP6_TNL_F_USE_ORIG_FWMARK;
				fwmark = 0;
			} else {
				if (get_u32(&fwmark, *argv, 0))
					invarg("invalid fwmark\n", *argv);
				flags &= ~IP6_TNL_F_USE_ORIG_FWMARK;
			}
		} else if (strcmp(*argv, "allow-localremote") == 0) {
			flags |= IP6_TNL_F_ALLOW_LOCAL_REMOTE;
		} else if (strcmp(*argv, "noallow-localremote") == 0) {
			flags &= ~IP6_TNL_F_ALLOW_LOCAL_REMOTE;
		} else if (strcmp(*argv, "noencap") == 0) {
			encaptype = TUNNEL_ENCAP_NONE;
		} else if (strcmp(*argv, "encap") == 0) {
			NEXT_ARG();
			if (strcmp(*argv, "fou") == 0)
				encaptype = TUNNEL_ENCAP_FOU;
			else if (strcmp(*argv, "gue") == 0)
				encaptype = TUNNEL_ENCAP_GUE;
			else if (strcmp(*argv, "none") == 0)
				encaptype = TUNNEL_ENCAP_NONE;
			else
				invarg("Invalid encap type.", *argv);
		} else if (strcmp(*argv, "encap-sport") == 0) {
			NEXT_ARG();
			if (strcmp(*argv, "auto") == 0)
				encapsport = 0;
			else if (get_u16(&encapsport, *argv, 0))
				invarg("Invalid source port.", *argv);
		} else if (strcmp(*argv, "encap-dport") == 0) {
			NEXT_ARG();
			if (get_u16(&encapdport, *argv, 0))
				invarg("Invalid destination port.", *argv);
		} else if (strcmp(*argv, "encap-csum") == 0) {
			encapflags |= TUNNEL_ENCAP_FLAG_CSUM;
		} else if (strcmp(*argv, "noencap-csum") == 0) {
			encapflags &= ~TUNNEL_ENCAP_FLAG_CSUM;
		} else if (strcmp(*argv, "encap-udp6-csum") == 0) {
			encapflags |= TUNNEL_ENCAP_FLAG_CSUM6;
		} else if (strcmp(*argv, "noencap-udp6-csum") == 0) {
			encapflags &= ~TUNNEL_ENCAP_FLAG_CSUM6;
		} else if (strcmp(*argv, "encap-remcsum") == 0) {
			encapflags |= TUNNEL_ENCAP_FLAG_REMCSUM;
		} else if (strcmp(*argv, "noencap-remcsum") == 0) {
			encapflags &= ~TUNNEL_ENCAP_FLAG_REMCSUM;
		} else if (strcmp(*argv, "external") == 0) {
			metadata = 1;
		} else {
			ip6tunnel_print_help(lu, argc, argv, stderr);
			return -1;
		}
		argc--, argv++;
	}

	addattr8(n, 1024, IFLA_IPTUN_PROTO, proto);
	if (metadata) {
		addattr_l(n, 1024, IFLA_IPTUN_COLLECT_METADATA, NULL, 0);
		return 0;
	}

	if (is_addrtype_inet_not_unspec(&saddr)) {
		addattr_l(n, 1024, IFLA_IPTUN_LOCAL,
			  saddr.data, saddr.bytelen);
	}
	if (is_addrtype_inet_not_unspec(&daddr)) {
		addattr_l(n, 1024, IFLA_IPTUN_REMOTE,
			  daddr.data, daddr.bytelen);
	}
	addattr8(n, 1024, IFLA_IPTUN_TTL, hop_limit);
	addattr8(n, 1024, IFLA_IPTUN_ENCAP_LIMIT, encap_limit);
	addattr32(n, 1024, IFLA_IPTUN_FLOWINFO, flowinfo);
	addattr32(n, 1024, IFLA_IPTUN_FLAGS, flags);
	addattr32(n, 1024, IFLA_IPTUN_LINK, link);
	addattr32(n, 1024, IFLA_IPTUN_FWMARK, fwmark);

	addattr16(n, 1024, IFLA_IPTUN_ENCAP_TYPE, encaptype);
	addattr16(n, 1024, IFLA_IPTUN_ENCAP_FLAGS, encapflags);
	addattr16(n, 1024, IFLA_IPTUN_ENCAP_SPORT, htons(encapsport));
	addattr16(n, 1024, IFLA_IPTUN_ENCAP_DPORT, htons(encapdport));

	return 0;
}

static void ip6tunnel_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
{
	char s2[64];
	__u32 flags = 0;
	__u32 flowinfo = 0;
	__u8 ttl = 0;

	if (!tb)
		return;

	if (tb[IFLA_IPTUN_COLLECT_METADATA]) {
		print_bool(PRINT_ANY, "external", "external ", true);
		return;
	}

	if (tb[IFLA_IPTUN_FLAGS])
		flags = rta_getattr_u32(tb[IFLA_IPTUN_FLAGS]);

	if (tb[IFLA_IPTUN_FLOWINFO])
		flowinfo = rta_getattr_u32(tb[IFLA_IPTUN_FLOWINFO]);

	if (tb[IFLA_IPTUN_PROTO]) {
		switch (rta_getattr_u8(tb[IFLA_IPTUN_PROTO])) {
		case IPPROTO_IPIP:
			print_string(PRINT_ANY, "proto", "%s ", "ipip6");
			break;
		case IPPROTO_IPV6:
			print_string(PRINT_ANY, "proto", "%s ", "ip6ip6");
			break;
		case 0:
			print_string(PRINT_ANY, "proto", "%s ", "any");
			break;
		}
	}

	tnl_print_endpoint("remote", tb[IFLA_IPTUN_REMOTE], AF_INET6);
	tnl_print_endpoint("local", tb[IFLA_IPTUN_LOCAL], AF_INET6);

	if (tb[IFLA_IPTUN_LINK]) {
		__u32 link = rta_getattr_u32(tb[IFLA_IPTUN_LINK]);

		if (link) {
			print_string(PRINT_ANY, "link", "dev %s ",
				     ll_index_to_name(link));
		}
	}

	if (tb[IFLA_IPTUN_TTL])
		ttl = rta_getattr_u8(tb[IFLA_IPTUN_TTL]);
	if (is_json_context() || ttl)
		print_uint(PRINT_ANY, "ttl", "hoplimit %u ", ttl);
	else
		print_string(PRINT_FP, NULL, "hoplimit %s ", "inherit");

	if (flags & IP6_TNL_F_IGN_ENCAP_LIMIT) {
		print_bool(PRINT_ANY,
			   "ip6_tnl_f_ign_encap_limit",
			   "encaplimit none ",
			   true);
	} else if (tb[IFLA_IPTUN_ENCAP_LIMIT]) {
		__u8 val = rta_getattr_u8(tb[IFLA_IPTUN_ENCAP_LIMIT]);

		print_uint(PRINT_ANY, "encap_limit", "encaplimit %u ", val);
	}

	if (flags & IP6_TNL_F_USE_ORIG_TCLASS) {
		print_bool(PRINT_ANY,
			   "ip6_tnl_f_use_orig_tclass",
			   "tclass inherit ",
			   true);
	} else if (tb[IFLA_IPTUN_FLOWINFO]) {
		__u32 val = ntohl(flowinfo & IP6_FLOWINFO_TCLASS) >> 20;

		snprintf(s2, sizeof(s2), "0x%02x", val);
		print_string(PRINT_ANY, "tclass", "tclass %s ", s2);
	}

	if (flags & IP6_TNL_F_USE_ORIG_FLOWLABEL) {
		print_bool(PRINT_ANY,
			   "ip6_tnl_f_use_orig_flowlabel",
			   "flowlabel inherit ",
			   true);
	} else if (tb[IFLA_IPTUN_FLOWINFO]) {
		__u32 val = ntohl(flowinfo & IP6_FLOWINFO_FLOWLABEL);

		snprintf(s2, sizeof(s2), "0x%05x", val);
		print_string(PRINT_ANY, "flowlabel", "flowlabel %s ", s2);
	}

	if (flags & IP6_TNL_F_RCV_DSCP_COPY)
		print_bool(PRINT_ANY,
			   "ip6_tnl_f_rcv_dscp_copy",
			   "dscp inherit ",
			   true);

	if (flags & IP6_TNL_F_MIP6_DEV)
		print_bool(PRINT_ANY, "ip6_tnl_f_mip6_dev", "mip6 ", true);

	if (flags & IP6_TNL_F_ALLOW_LOCAL_REMOTE)
		print_bool(PRINT_ANY,
			   "ip6_tnl_f_allow_local_remote",
			   "allow-localremote ",
			   true);

	if (flags & IP6_TNL_F_USE_ORIG_FWMARK) {
		print_bool(PRINT_ANY,
			   "ip6_tnl_f_use_orig_fwmark",
			   "fwmark inherit ",
			   true);
	} else if (tb[IFLA_IPTUN_FWMARK]) {
		__u32 fwmark = rta_getattr_u32(tb[IFLA_IPTUN_FWMARK]);

		if (fwmark) {
			print_0xhex(PRINT_ANY,
				    "fwmark", "fwmark %#llx ", fwmark);
		}
	}

	tnl_print_encap(tb,
			IFLA_IPTUN_ENCAP_TYPE,
			IFLA_IPTUN_ENCAP_FLAGS,
			IFLA_IPTUN_ENCAP_SPORT,
			IFLA_IPTUN_ENCAP_DPORT);
}

struct link_util ip6tnl_link_util = {
	.id = "ip6tnl",
	.maxattr = IFLA_IPTUN_MAX,
	.parse_opt = ip6tunnel_parse_opt,
	.print_opt = ip6tunnel_print_opt,
	.print_help = ip6tunnel_print_help,
};
Commit	Line	Data
9d0efc10 ND	1	/*
	2	* link_ip6tnl.c ip6tnl driver module
	3	*
	4	* This program is free software; you can redistribute it and/or
	5	* modify it under the terms of the GNU General Public License
	6	* as published by the Free Software Foundation; either version
	7	* 2 of the License, or (at your option) any later version.
	8	*
	9	* Authors: Nicolas Dichtel <nicolas.dichtel@6wind.com>
	10	*
	11	*/
	12
	13	#include <string.h>
	14	#include <net/if.h>
	15	#include <sys/types.h>
	16	#include <sys/socket.h>
	17	#include <arpa/inet.h>
	18
	19	#include <linux/ip.h>
	20	#include <linux/if_tunnel.h>
	21	#include <linux/ip6_tunnel.h>
	22	#include "rt_names.h"
	23	#include "utils.h"
	24	#include "ip_common.h"
	25	#include "tunnel.h"
	26
	27	#define IP6_FLOWINFO_TCLASS htonl(0x0FF00000)
	28	#define IP6_FLOWINFO_FLOWLABEL htonl(0x000FFFFF)
	29
	30	#define DEFAULT_TNL_HOP_LIMIT (64)
	31
06e3975f SP	32	static void ip6tunnel_print_help(struct link_util lu, int argc, char *argv,
06e3975f SP	33	FILE *f)
9d0efc10	34	{
06e3975f	35	fprintf(f,
8589eb4e MC	36	"Usage: ... %-6s [ remote ADDR ]\n"
	37	" [ local ADDR ]\n"
	38	" [ encaplimit ELIM ]\n"
	39	" [ hoplimit HLIM ]\n"
	40	" [ tclass TCLASS ]\n"
	41	" [ flowlabel FLOWLABEL ]\n"
	42	" [ dscp inherit ]\n"
	43	" [ [no]allow-localremote ]\n"
	44	" [ dev PHYS_DEV ]\n"
	45	" [ fwmark MARK ]\n"
	46	" [ external ]\n"
	47	" [ noencap ]\n"
	48	" [ encap { fou \| gue \| none } ]\n"
	49	" [ encap-sport PORT ]\n"
	50	" [ encap-dport PORT ]\n"
	51	" [ [no]encap-csum ]\n"
	52	" [ [no]encap-csum6 ]\n"
	53	" [ [no]encap-remcsum ]\n"
	54	" [ mode { ip6ip6 \| ipip6 \| any } ]\n"
	55	"\n"
	56	"Where: ADDR := IPV6_ADDRESS\n"
	57	" ELIM := { none \| 0..255 }(default=%d)\n"
	58	" HLIM := 0..255 (default=%d)\n"
	59	" TCLASS := { 0x0..0xff \| inherit }\n"
	60	" FLOWLABEL := { 0x0..0xfffff \| inherit }\n"
	61	" MARK := { 0x0..0xffffffff \| inherit }\n",
	62	lu->id,
	63	IPV6_DEFAULT_TNL_ENCAP_LIMIT, DEFAULT_TNL_HOP_LIMIT);
561e650e	64	}
561e650e	65
9d0efc10 ND	66	static int ip6tunnel_parse_opt(struct link_util lu, int argc, char *argv,
	67	struct nlmsghdr *n)
	68	{
28254695	69	struct ifinfomsg *ifi = NLMSG_DATA(n);
9d0efc10 ND	70	struct {
	71	struct nlmsghdr n;
	72	struct ifinfomsg i;
d17b136f PS	73	} req = {
	74	.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi)),
	75	.n.nlmsg_flags = NLM_F_REQUEST,
	76	.n.nlmsg_type = RTM_GETLINK,
	77	.i.ifi_family = preferred_family,
	78	.i.ifi_index = ifi->ifi_index,
	79	};
08ede25f	80	struct nlmsghdr *answer;
9d0efc10 ND	81	struct rtattr *tb[IFLA_MAX + 1];
	82	struct rtattr *linkinfo[IFLA_INFO_MAX+1];
	83	struct rtattr *iptuninfo[IFLA_IPTUN_MAX + 1];
	84	int len;
7bda9fd3	85	inet_prefix saddr, daddr;
9d0efc10 ND	86	__u8 hop_limit = DEFAULT_TNL_HOP_LIMIT;
	87	__u8 encap_limit = IPV6_DEFAULT_TNL_ENCAP_LIMIT;
	88	__u32 flowinfo = 0;
	89	__u32 flags = 0;
9d0efc10	90	__u8 proto = 0;
5bd93795	91	__u32 link = 0;
73516e12 TH	92	__u16 encaptype = 0;
	93	__u16 encapflags = TUNNEL_ENCAP_FLAG_CSUM6;
	94	__u16 encapsport = 0;
	95	__u16 encapdport = 0;
4bfe6825	96	__u8 metadata = 0;
ad4b1425	97	__u32 fwmark = 0;
9d0efc10	98
7bda9fd3 SP	99	inet_prefix_reset(&saddr);
	100	inet_prefix_reset(&daddr);
	101
9d0efc10	102	if (!(n->nlmsg_flags & NLM_F_CREATE)) {
7bda9fd3 SP	103	const struct rtattr *rta;
7bda9fd3 SP	104
86bf43c7	105	if (rtnl_talk(&rth, &req.n, &answer) < 0) {
9d0efc10 ND	106	get_failed:
	107	fprintf(stderr,
	108	"Failed to get existing tunnel info.\n");
	109	return -1;
	110	}
	111
86bf43c7	112	len = answer->nlmsg_len;
9d0efc10 ND	113	len -= NLMSG_LENGTH(sizeof(*ifi));
	114	if (len < 0)
	115	goto get_failed;
	116
86bf43c7	117	parse_rtattr(tb, IFLA_MAX, IFLA_RTA(NLMSG_DATA(answer)), len);
9d0efc10 ND	118
	119	if (!tb[IFLA_LINKINFO])
	120	goto get_failed;
	121
	122	parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);
	123
	124	if (!linkinfo[IFLA_INFO_DATA])
	125	goto get_failed;
	126
	127	parse_rtattr_nested(iptuninfo, IFLA_IPTUN_MAX,
	128	linkinfo[IFLA_INFO_DATA]);
	129
7bda9fd3 SP	130	rta = iptuninfo[IFLA_IPTUN_LOCAL];
	131	if (rta && get_addr_rta(&saddr, rta, AF_INET6))
	132	goto get_failed;
9d0efc10	133
7bda9fd3 SP	134	rta = iptuninfo[IFLA_IPTUN_REMOTE];
	135	if (rta && get_addr_rta(&daddr, rta, AF_INET6))
	136	goto get_failed;
9d0efc10 ND	137
	138	if (iptuninfo[IFLA_IPTUN_TTL])
	139	hop_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_TTL]);
	140
	141	if (iptuninfo[IFLA_IPTUN_ENCAP_LIMIT])
	142	encap_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_ENCAP_LIMIT]);
	143
	144	if (iptuninfo[IFLA_IPTUN_FLOWINFO])
	145	flowinfo = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLOWINFO]);
	146
	147	if (iptuninfo[IFLA_IPTUN_FLAGS])
	148	flags = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLAGS]);
	149
	150	if (iptuninfo[IFLA_IPTUN_LINK])
	151	link = rta_getattr_u32(iptuninfo[IFLA_IPTUN_LINK]);
	152
	153	if (iptuninfo[IFLA_IPTUN_PROTO])
	154	proto = rta_getattr_u8(iptuninfo[IFLA_IPTUN_PROTO]);
4bfe6825 AS	155	if (iptuninfo[IFLA_IPTUN_COLLECT_METADATA])
4bfe6825 AS	156	metadata = 1;
ad4b1425 CG	157
	158	if (iptuninfo[IFLA_IPTUN_FWMARK])
	159	fwmark = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FWMARK]);
86bf43c7 HL	160
86bf43c7 HL	161	free(answer);
9d0efc10 ND	162	}
	163
	164	while (argc > 0) {
5bd93795	165	if (strcmp(*argv, "mode") == 0) {
9d0efc10 ND	166	NEXT_ARG();
	167	if (strcmp(*argv, "ipv6/ipv6") == 0 \|\|
	168	strcmp(*argv, "ip6ip6") == 0)
	169	proto = IPPROTO_IPV6;
	170	else if (strcmp(*argv, "ip/ipv6") == 0 \|\|
	171	strcmp(*argv, "ipv4/ipv6") == 0 \|\|
	172	strcmp(*argv, "ipip6") == 0 \|\|
	173	strcmp(*argv, "ip4ip6") == 0)
	174	proto = IPPROTO_IPIP;
	175	else if (strcmp(*argv, "any/ipv6") == 0 \|\|
	176	strcmp(*argv, "any") == 0)
	177	proto = 0;
	178	else
	179	invarg("Cannot guess tunnel mode.", *argv);
	180	} else if (strcmp(*argv, "remote") == 0) {
9d0efc10	181	NEXT_ARG();
7bda9fd3	182	get_addr(&daddr, *argv, AF_INET6);
9d0efc10	183	} else if (strcmp(*argv, "local") == 0) {
9d0efc10	184	NEXT_ARG();
7bda9fd3	185	get_addr(&saddr, *argv, AF_INET6);
9d0efc10 ND	186	} else if (matches(*argv, "dev") == 0) {
9d0efc10 ND	187	NEXT_ARG();
7a14358b	188	link = ll_name_to_index(*argv);
fe99adbc SP	189	if (!link)
fe99adbc SP	190	exit(nodev(*argv));
c4743c4d SP	191	} else if (strcmp(*argv, "ttl") == 0 \|\|
c4743c4d SP	192	strcmp(*argv, "hoplimit") == 0 \|\|
9d0efc10	193	strcmp(*argv, "hlim") == 0) {
9d0efc10	194	NEXT_ARG();
c4743c4d SP	195	if (strcmp(*argv, "inherit") != 0) {
	196	if (get_u8(&hop_limit, *argv, 0))
	197	invarg("invalid HLIM\n", *argv);
	198	} else
	199	hop_limit = 0;
73516e12	200	} else if (strcmp(*argv, "encaplimit") == 0) {
9d0efc10 ND	201	NEXT_ARG();
	202	if (strcmp(*argv, "none") == 0) {
	203	flags \|= IP6_TNL_F_IGN_ENCAP_LIMIT;
	204	} else {
	205	__u8 uval;
56f5daac	206
9d0efc10 ND	207	if (get_u8(&uval, *argv, 0) < -1)
	208	invarg("invalid ELIM", *argv);
	209	encap_limit = uval;
	210	flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT;
	211	}
5bd93795 SP	212	} else if (strcmp(*argv, "tos") == 0 \|\|
5bd93795 SP	213	strcmp(*argv, "tclass") == 0 \|\|
9d0efc10	214	strcmp(*argv, "tc") == 0 \|\|
9d0efc10 ND	215	matches(*argv, "dsfield") == 0) {
9d0efc10 ND	216	__u8 uval;
56f5daac	217
9d0efc10 ND	218	NEXT_ARG();
	219	flowinfo &= ~IP6_FLOWINFO_TCLASS;
	220	if (strcmp(*argv, "inherit") == 0)
	221	flags \|= IP6_TNL_F_USE_ORIG_TCLASS;
	222	else {
	223	if (get_u8(&uval, *argv, 16))
	224	invarg("invalid TClass", *argv);
	225	flowinfo \|= htonl((__u32)uval << 20) & IP6_FLOWINFO_TCLASS;
	226	flags &= ~IP6_TNL_F_USE_ORIG_TCLASS;
	227	}
	228	} else if (strcmp(*argv, "flowlabel") == 0 \|\|
	229	strcmp(*argv, "fl") == 0) {
	230	__u32 uval;
56f5daac	231
9d0efc10 ND	232	NEXT_ARG();
	233	flowinfo &= ~IP6_FLOWINFO_FLOWLABEL;
	234	if (strcmp(*argv, "inherit") == 0)
	235	flags \|= IP6_TNL_F_USE_ORIG_FLOWLABEL;
	236	else {
	237	if (get_u32(&uval, *argv, 16))
	238	invarg("invalid Flowlabel", *argv);
	239	if (uval > 0xFFFFF)
	240	invarg("invalid Flowlabel", *argv);
	241	flowinfo \|= htonl(uval) & IP6_FLOWINFO_FLOWLABEL;
	242	flags &= ~IP6_TNL_F_USE_ORIG_FLOWLABEL;
	243	}
	244	} else if (strcmp(*argv, "dscp") == 0) {
	245	NEXT_ARG();
	246	if (strcmp(*argv, "inherit") != 0)
	247	invarg("not inherit", *argv);
	248	flags \|= IP6_TNL_F_RCV_DSCP_COPY;
	249	} else if (strcmp(*argv, "fwmark") == 0) {
	250	NEXT_ARG();
ad4b1425 CG	251	if (strcmp(*argv, "inherit") == 0) {
	252	flags \|= IP6_TNL_F_USE_ORIG_FWMARK;
	253	fwmark = 0;
	254	} else {
	255	if (get_u32(&fwmark, *argv, 0))
	256	invarg("invalid fwmark\n", *argv);
	257	flags &= ~IP6_TNL_F_USE_ORIG_FWMARK;
	258	}
21440d19 SL	259	} else if (strcmp(*argv, "allow-localremote") == 0) {
	260	flags \|= IP6_TNL_F_ALLOW_LOCAL_REMOTE;
	261	} else if (strcmp(*argv, "noallow-localremote") == 0) {
	262	flags &= ~IP6_TNL_F_ALLOW_LOCAL_REMOTE;
73516e12 TH	263	} else if (strcmp(*argv, "noencap") == 0) {
	264	encaptype = TUNNEL_ENCAP_NONE;
	265	} else if (strcmp(*argv, "encap") == 0) {
	266	NEXT_ARG();
	267	if (strcmp(*argv, "fou") == 0)
	268	encaptype = TUNNEL_ENCAP_FOU;
	269	else if (strcmp(*argv, "gue") == 0)
	270	encaptype = TUNNEL_ENCAP_GUE;
	271	else if (strcmp(*argv, "none") == 0)
	272	encaptype = TUNNEL_ENCAP_NONE;
	273	else
	274	invarg("Invalid encap type.", *argv);
	275	} else if (strcmp(*argv, "encap-sport") == 0) {
	276	NEXT_ARG();
	277	if (strcmp(*argv, "auto") == 0)
	278	encapsport = 0;
	279	else if (get_u16(&encapsport, *argv, 0))
	280	invarg("Invalid source port.", *argv);
	281	} else if (strcmp(*argv, "encap-dport") == 0) {
	282	NEXT_ARG();
	283	if (get_u16(&encapdport, *argv, 0))
	284	invarg("Invalid destination port.", *argv);
	285	} else if (strcmp(*argv, "encap-csum") == 0) {
	286	encapflags \|= TUNNEL_ENCAP_FLAG_CSUM;
	287	} else if (strcmp(*argv, "noencap-csum") == 0) {
	288	encapflags &= ~TUNNEL_ENCAP_FLAG_CSUM;
	289	} else if (strcmp(*argv, "encap-udp6-csum") == 0) {
	290	encapflags \|= TUNNEL_ENCAP_FLAG_CSUM6;
	291	} else if (strcmp(*argv, "noencap-udp6-csum") == 0) {
	292	encapflags &= ~TUNNEL_ENCAP_FLAG_CSUM6;
	293	} else if (strcmp(*argv, "encap-remcsum") == 0) {
	294	encapflags \|= TUNNEL_ENCAP_FLAG_REMCSUM;
	295	} else if (strcmp(*argv, "noencap-remcsum") == 0) {
147ade01	296	encapflags &= ~TUNNEL_ENCAP_FLAG_REMCSUM;
4bfe6825 AS	297	} else if (strcmp(*argv, "external") == 0) {
4bfe6825 AS	298	metadata = 1;
06e3975f SP	299	} else {
	300	ip6tunnel_print_help(lu, argc, argv, stderr);
	301	return -1;
	302	}
9d0efc10 ND	303	argc--, argv++;
	304	}
	305
	306	addattr8(n, 1024, IFLA_IPTUN_PROTO, proto);
4bfe6825 AS	307	if (metadata) {
	308	addattr_l(n, 1024, IFLA_IPTUN_COLLECT_METADATA, NULL, 0);
	309	return 0;
	310	}
5bd93795	311
fa1e658e	312	if (is_addrtype_inet_not_unspec(&saddr)) {
7bda9fd3 SP	313	addattr_l(n, 1024, IFLA_IPTUN_LOCAL,
	314	saddr.data, saddr.bytelen);
	315	}
fa1e658e	316	if (is_addrtype_inet_not_unspec(&daddr)) {
7bda9fd3 SP	317	addattr_l(n, 1024, IFLA_IPTUN_REMOTE,
	318	daddr.data, daddr.bytelen);
	319	}
9d0efc10 ND	320	addattr8(n, 1024, IFLA_IPTUN_TTL, hop_limit);
	321	addattr8(n, 1024, IFLA_IPTUN_ENCAP_LIMIT, encap_limit);
	322	addattr32(n, 1024, IFLA_IPTUN_FLOWINFO, flowinfo);
	323	addattr32(n, 1024, IFLA_IPTUN_FLAGS, flags);
	324	addattr32(n, 1024, IFLA_IPTUN_LINK, link);
ad4b1425	325	addattr32(n, 1024, IFLA_IPTUN_FWMARK, fwmark);
9d0efc10	326
73516e12 TH	327	addattr16(n, 1024, IFLA_IPTUN_ENCAP_TYPE, encaptype);
	328	addattr16(n, 1024, IFLA_IPTUN_ENCAP_FLAGS, encapflags);
	329	addattr16(n, 1024, IFLA_IPTUN_ENCAP_SPORT, htons(encapsport));
	330	addattr16(n, 1024, IFLA_IPTUN_ENCAP_DPORT, htons(encapdport));
	331
9d0efc10 ND	332	return 0;
	333	}
	334
	335	static void ip6tunnel_print_opt(struct link_util lu, FILE f, struct rtattr *tb[])
	336	{
9d0efc10	337	char s2[64];
5bd93795	338	__u32 flags = 0;
9d0efc10	339	__u32 flowinfo = 0;
375560c4	340	__u8 ttl = 0;
9d0efc10 ND	341
	342	if (!tb)
	343	return;
	344
00ff4b8e	345	if (tb[IFLA_IPTUN_COLLECT_METADATA]) {
d6abae5a	346	print_bool(PRINT_ANY, "external", "external ", true);
00ff4b8e SP	347	return;
00ff4b8e SP	348	}
7b178324	349
9d0efc10 ND	350	if (tb[IFLA_IPTUN_FLAGS])
	351	flags = rta_getattr_u32(tb[IFLA_IPTUN_FLAGS]);
	352
	353	if (tb[IFLA_IPTUN_FLOWINFO])
	354	flowinfo = rta_getattr_u32(tb[IFLA_IPTUN_FLOWINFO]);
	355
	356	if (tb[IFLA_IPTUN_PROTO]) {
	357	switch (rta_getattr_u8(tb[IFLA_IPTUN_PROTO])) {
	358	case IPPROTO_IPIP:
1facc1c6	359	print_string(PRINT_ANY, "proto", "%s ", "ipip6");
9d0efc10 ND	360	break;
9d0efc10 ND	361	case IPPROTO_IPV6:
1facc1c6	362	print_string(PRINT_ANY, "proto", "%s ", "ip6ip6");
9d0efc10 ND	363	break;
9d0efc10 ND	364	case 0:
1facc1c6	365	print_string(PRINT_ANY, "proto", "%s ", "any");
9d0efc10 ND	366	break;
	367	}
	368	}
	369
b761fc41 SP	370	tnl_print_endpoint("remote", tb[IFLA_IPTUN_REMOTE], AF_INET6);
b761fc41 SP	371	tnl_print_endpoint("local", tb[IFLA_IPTUN_LOCAL], AF_INET6);
9d0efc10	372
45d3a6ef	373	if (tb[IFLA_IPTUN_LINK]) {
5bd93795	374	__u32 link = rta_getattr_u32(tb[IFLA_IPTUN_LINK]);
9d0efc10	375
45d3a6ef SP	376	if (link) {
	377	print_string(PRINT_ANY, "link", "dev %s ",
	378	ll_index_to_name(link));
	379	}
9d0efc10 ND	380	}
9d0efc10 ND	381
375560c4 SP	382	if (tb[IFLA_IPTUN_TTL])
	383	ttl = rta_getattr_u8(tb[IFLA_IPTUN_TTL]);
	384	if (is_json_context() \|\| ttl)
	385	print_uint(PRINT_ANY, "ttl", "hoplimit %u ", ttl);
	386	else
	387	print_string(PRINT_FP, NULL, "hoplimit %s ", "inherit");
cc899123	388
e3945d92	389	if (flags & IP6_TNL_F_IGN_ENCAP_LIMIT) {
1facc1c6 JF	390	print_bool(PRINT_ANY,
	391	"ip6_tnl_f_ign_encap_limit",
	392	"encaplimit none ",
	393	true);
e3945d92 SP	394	} else if (tb[IFLA_IPTUN_ENCAP_LIMIT]) {
	395	__u8 val = rta_getattr_u8(tb[IFLA_IPTUN_ENCAP_LIMIT]);
	396
	397	print_uint(PRINT_ANY, "encap_limit", "encaplimit %u ", val);
	398	}
9d0efc10	399
090524f8	400	if (flags & IP6_TNL_F_USE_ORIG_TCLASS) {
1facc1c6 JF	401	print_bool(PRINT_ANY,
	402	"ip6_tnl_f_use_orig_tclass",
	403	"tclass inherit ",
	404	true);
090524f8 SP	405	} else if (tb[IFLA_IPTUN_FLOWINFO]) {
090524f8 SP	406	__u32 val = ntohl(flowinfo & IP6_FLOWINFO_TCLASS) >> 20;
9d0efc10	407
090524f8 SP	408	snprintf(s2, sizeof(s2), "0x%02x", val);
090524f8 SP	409	print_string(PRINT_ANY, "tclass", "tclass %s ", s2);
1facc1c6 JF	410	}
	411
	412	if (flags & IP6_TNL_F_USE_ORIG_FLOWLABEL) {
	413	print_bool(PRINT_ANY,
	414	"ip6_tnl_f_use_orig_flowlabel",
	415	"flowlabel inherit ",
	416	true);
a0fd0c3a SP	417	} else if (tb[IFLA_IPTUN_FLOWINFO]) {
a0fd0c3a SP	418	__u32 val = ntohl(flowinfo & IP6_FLOWINFO_FLOWLABEL);
1facc1c6	419
a0fd0c3a SP	420	snprintf(s2, sizeof(s2), "0x%05x", val);
a0fd0c3a SP	421	print_string(PRINT_ANY, "flowlabel", "flowlabel %s ", s2);
9d0efc10 ND	422	}
9d0efc10 ND	423
9d0efc10	424	if (flags & IP6_TNL_F_RCV_DSCP_COPY)
1facc1c6 JF	425	print_bool(PRINT_ANY,
	426	"ip6_tnl_f_rcv_dscp_copy",
	427	"dscp inherit ",
	428	true);
9d0efc10 ND	429
9d0efc10 ND	430	if (flags & IP6_TNL_F_MIP6_DEV)
1facc1c6 JF	431	print_bool(PRINT_ANY, "ip6_tnl_f_mip6_dev", "mip6 ", true);
1facc1c6 JF	432
e97ad3d2 SP	433	if (flags & IP6_TNL_F_ALLOW_LOCAL_REMOTE)
	434	print_bool(PRINT_ANY,
	435	"ip6_tnl_f_allow_local_remote",
	436	"allow-localremote ",
	437	true);
	438
1facc1c6 JF	439	if (flags & IP6_TNL_F_USE_ORIG_FWMARK) {
	440	print_bool(PRINT_ANY,
	441	"ip6_tnl_f_use_orig_fwmark",
	442	"fwmark inherit ",
	443	true);
	444	} else if (tb[IFLA_IPTUN_FWMARK]) {
	445	__u32 fwmark = rta_getattr_u32(tb[IFLA_IPTUN_FWMARK]);
9d0efc10	446
1facc1c6	447	if (fwmark) {
e97ad3d2	448	print_0xhex(PRINT_ANY,
90c5c969	449	"fwmark", "fwmark %#llx ", fwmark);
1facc1c6 JF	450	}
1facc1c6 JF	451	}
73516e12	452
bad76e6b SP	453	tnl_print_encap(tb,
	454	IFLA_IPTUN_ENCAP_TYPE,
	455	IFLA_IPTUN_ENCAP_FLAGS,
	456	IFLA_IPTUN_ENCAP_SPORT,
	457	IFLA_IPTUN_ENCAP_DPORT);
9d0efc10 ND	458	}
	459
	460	struct link_util ip6tnl_link_util = {
	461	.id = "ip6tnl",
	462	.maxattr = IFLA_IPTUN_MAX,
	463	.parse_opt = ip6tunnel_parse_opt,
	464	.print_opt = ip6tunnel_print_opt,
561e650e	465	.print_help = ip6tunnel_print_help,
9d0efc10	466	};