]>
Commit | Line | Data |
---|---|---|
8bc98059 PJ |
1 | /* |
2 | * IS-IS Rout(e)ing protocol - isis_pfpacket.c | |
3 | * | |
4 | * Copyright (C) 2001,2002 Sampo Saaristo | |
d62a17ae | 5 | * Tampere University of Technology |
8bc98059 PJ |
6 | * Institute of Communications Engineering |
7 | * | |
d62a17ae | 8 | * This program is free software; you can redistribute it and/or modify it |
9 | * under the terms of the GNU General Public Licenseas published by the Free | |
10 | * Software Foundation; either version 2 of the License, or (at your option) | |
8bc98059 PJ |
11 | * any later version. |
12 | * | |
d62a17ae | 13 | * This program is distributed in the hope that it will be useful,but WITHOUT |
14 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | |
15 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for | |
8bc98059 | 16 | * more details. |
896014f4 DL |
17 | * |
18 | * You should have received a copy of the GNU General Public License along | |
19 | * with this program; see the file COPYING; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
8bc98059 PJ |
21 | */ |
22 | ||
23 | #include <zebra.h> | |
745bf05f | 24 | #if ISIS_METHOD == ISIS_METHOD_PFPACKET |
d62a17ae | 25 | #include <net/ethernet.h> /* the L2 protocols */ |
8bc98059 PJ |
26 | #include <netpacket/packet.h> |
27 | ||
4fa80053 DL |
28 | #include <linux/filter.h> |
29 | ||
8bc98059 | 30 | #include "log.h" |
cfd1f27b | 31 | #include "network.h" |
8bc98059 PJ |
32 | #include "stream.h" |
33 | #include "if.h" | |
38937bd5 | 34 | #include "lib_errors.h" |
caa18d49 | 35 | #include "vrf.h" |
8bc98059 | 36 | |
8bc98059 PJ |
37 | #include "isisd/isis_constants.h" |
38 | #include "isisd/isis_common.h" | |
39 | #include "isisd/isis_circuit.h" | |
40 | #include "isisd/isis_flags.h" | |
41 | #include "isisd/isisd.h" | |
42 | #include "isisd/isis_constants.h" | |
43 | #include "isisd/isis_circuit.h" | |
44 | #include "isisd/isis_network.h" | |
45 | ||
46 | #include "privs.h" | |
47 | ||
4fa80053 | 48 | /* tcpdump -i eth0 'isis' -dd */ |
2b64873d | 49 | static const struct sock_filter isisfilter[] = { |
996c9314 LB |
50 | /* NB: we're in SOCK_DGRAM, so src/dst mac + length are stripped |
51 | * off! | |
52 | * (OTOH it's a bit more lower-layer agnostic and might work | |
53 | * over GRE?) */ | |
54 | /* { 0x28, 0, 0, 0x0000000c - 14 }, */ | |
55 | /* { 0x25, 5, 0, 0x000005dc }, */ | |
56 | {0x28, 0, 0, 0x0000000e - 14}, {0x15, 0, 3, 0x0000fefe}, | |
57 | {0x30, 0, 0, 0x00000011 - 14}, {0x15, 0, 1, 0x00000083}, | |
58 | {0x6, 0, 0, 0x00040000}, {0x6, 0, 0, 0x00000000}, | |
4fa80053 DL |
59 | }; |
60 | ||
2b64873d | 61 | static const struct sock_fprog bpf = { |
4fa80053 | 62 | .len = array_size(isisfilter), |
2b64873d | 63 | .filter = (struct sock_filter *)isisfilter, |
4fa80053 DL |
64 | }; |
65 | ||
8bc98059 PJ |
66 | /* |
67 | * Table 9 - Architectural constants for use with ISO 8802 subnetworks | |
68 | * ISO 10589 - 8.4.8 | |
69 | */ | |
70 | ||
2b64873d DL |
71 | static const uint8_t ALL_L1_ISS[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x14}; |
72 | static const uint8_t ALL_L2_ISS[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x15}; | |
73 | static const uint8_t ALL_ISS[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x05}; | |
74 | static const uint8_t ALL_ESS[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x04}; | |
8bc98059 | 75 | |
f2bce9a5 | 76 | static uint8_t discard_buff[8192]; |
8bc98059 PJ |
77 | |
78 | /* | |
79 | * if level is 0 we are joining p2p multicast | |
80 | * FIXME: and the p2p multicast being ??? | |
81 | */ | |
d62a17ae | 82 | static int isis_multicast_join(int fd, int registerto, int if_num) |
8bc98059 | 83 | { |
d62a17ae | 84 | struct packet_mreq mreq; |
85 | ||
86 | memset(&mreq, 0, sizeof(mreq)); | |
87 | mreq.mr_ifindex = if_num; | |
88 | if (registerto) { | |
89 | mreq.mr_type = PACKET_MR_MULTICAST; | |
90 | mreq.mr_alen = ETH_ALEN; | |
91 | if (registerto == 1) | |
92 | memcpy(&mreq.mr_address, ALL_L1_ISS, ETH_ALEN); | |
93 | else if (registerto == 2) | |
94 | memcpy(&mreq.mr_address, ALL_L2_ISS, ETH_ALEN); | |
95 | else if (registerto == 3) | |
96 | memcpy(&mreq.mr_address, ALL_ISS, ETH_ALEN); | |
97 | else | |
98 | memcpy(&mreq.mr_address, ALL_ESS, ETH_ALEN); | |
99 | ||
100 | } else { | |
101 | mreq.mr_type = PACKET_MR_ALLMULTI; | |
102 | } | |
8bc98059 | 103 | #ifdef EXTREME_DEBUG |
b0814935 PG |
104 | if (IS_DEBUG_EVENTS) |
105 | zlog_debug( | |
106 | "isis_multicast_join(): fd=%d, reg_to=%d, if_num=%d, address = %02x:%02x:%02x:%02x:%02x:%02x", | |
107 | fd, registerto, if_num, mreq.mr_address[0], | |
108 | mreq.mr_address[1], mreq.mr_address[2], | |
109 | mreq.mr_address[3], mreq.mr_address[4], | |
110 | mreq.mr_address[5]); | |
8bc98059 | 111 | #endif /* EXTREME_DEBUG */ |
d62a17ae | 112 | if (setsockopt(fd, SOL_PACKET, PACKET_ADD_MEMBERSHIP, &mreq, |
113 | sizeof(struct packet_mreq))) { | |
114 | zlog_warn("isis_multicast_join(): setsockopt(): %s", | |
115 | safe_strerror(errno)); | |
116 | return ISIS_WARNING; | |
117 | } | |
118 | ||
119 | return ISIS_OK; | |
8bc98059 PJ |
120 | } |
121 | ||
d62a17ae | 122 | static int open_packet_socket(struct isis_circuit *circuit) |
8bc98059 | 123 | { |
d62a17ae | 124 | struct sockaddr_ll s_addr; |
125 | int fd, retval = ISIS_OK; | |
caa18d49 K |
126 | struct vrf *vrf = NULL; |
127 | ||
096f7609 | 128 | vrf = circuit->interface->vrf; |
caa18d49 | 129 | |
096f7609 IR |
130 | fd = vrf_socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL), vrf->vrf_id, |
131 | vrf->name); | |
d62a17ae | 132 | |
d62a17ae | 133 | if (fd < 0) { |
134 | zlog_warn("open_packet_socket(): socket() failed %s", | |
135 | safe_strerror(errno)); | |
136 | return ISIS_WARNING; | |
137 | } | |
138 | ||
139 | if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, &bpf, sizeof(bpf))) { | |
140 | zlog_warn("open_packet_socket(): SO_ATTACH_FILTER failed: %s", | |
141 | safe_strerror(errno)); | |
142 | } | |
143 | ||
144 | /* | |
145 | * Bind to the physical interface | |
146 | */ | |
6006b807 | 147 | memset(&s_addr, 0, sizeof(s_addr)); |
d62a17ae | 148 | s_addr.sll_family = AF_PACKET; |
149 | s_addr.sll_protocol = htons(ETH_P_ALL); | |
150 | s_addr.sll_ifindex = circuit->interface->ifindex; | |
151 | ||
152 | if (bind(fd, (struct sockaddr *)(&s_addr), sizeof(struct sockaddr_ll)) | |
153 | < 0) { | |
154 | zlog_warn("open_packet_socket(): bind() failed: %s", | |
155 | safe_strerror(errno)); | |
156 | close(fd); | |
157 | return ISIS_WARNING; | |
158 | } | |
159 | ||
160 | circuit->fd = fd; | |
161 | ||
162 | if (if_is_broadcast(circuit->interface)) { | |
163 | /* | |
164 | * Join to multicast groups | |
165 | * according to | |
166 | * 8.4.2 - Broadcast subnetwork IIH PDUs | |
167 | * FIXME: is there a case only one will fail?? | |
168 | */ | |
169 | /* joining ALL_L1_ISS */ | |
170 | retval |= isis_multicast_join(circuit->fd, 1, | |
171 | circuit->interface->ifindex); | |
172 | /* joining ALL_L2_ISS */ | |
173 | retval |= isis_multicast_join(circuit->fd, 2, | |
174 | circuit->interface->ifindex); | |
175 | /* joining ALL_ISS (used in RFC 5309 p2p-over-lan as well) */ | |
176 | retval |= isis_multicast_join(circuit->fd, 3, | |
177 | circuit->interface->ifindex); | |
178 | } else { | |
179 | retval = isis_multicast_join(circuit->fd, 0, | |
180 | circuit->interface->ifindex); | |
181 | } | |
182 | ||
183 | return retval; | |
8bc98059 PJ |
184 | } |
185 | ||
186 | /* | |
187 | * Create the socket and set the tx/rx funcs | |
188 | */ | |
d62a17ae | 189 | int isis_sock_init(struct isis_circuit *circuit) |
8bc98059 | 190 | { |
d62a17ae | 191 | int retval = ISIS_OK; |
192 | ||
0cf6db21 | 193 | frr_with_privs(&isisd_privs) { |
d62a17ae | 194 | |
01b9e3fd | 195 | retval = open_packet_socket(circuit); |
d62a17ae | 196 | |
01b9e3fd | 197 | if (retval != ISIS_OK) { |
633fc9b1 DL |
198 | zlog_warn("%s: could not initialize the socket", |
199 | __func__); | |
01b9e3fd DL |
200 | break; |
201 | } | |
d62a17ae | 202 | |
203 | /* Assign Rx and Tx callbacks are based on real if type */ | |
01b9e3fd DL |
204 | if (if_is_broadcast(circuit->interface)) { |
205 | circuit->tx = isis_send_pdu_bcast; | |
206 | circuit->rx = isis_recv_pdu_bcast; | |
207 | } else if (if_is_pointopoint(circuit->interface)) { | |
208 | circuit->tx = isis_send_pdu_p2p; | |
209 | circuit->rx = isis_recv_pdu_p2p; | |
210 | } else { | |
211 | zlog_warn("isis_sock_init(): unknown circuit type"); | |
212 | retval = ISIS_WARNING; | |
213 | break; | |
214 | } | |
633fc9b1 | 215 | } |
8bc98059 | 216 | |
d62a17ae | 217 | return retval; |
8bc98059 PJ |
218 | } |
219 | ||
d7c0a89a | 220 | static inline int llc_check(uint8_t *llc) |
8bc98059 | 221 | { |
d62a17ae | 222 | if (*llc != ISO_SAP || *(llc + 1) != ISO_SAP || *(llc + 2) != 3) |
223 | return 0; | |
8bc98059 | 224 | |
d62a17ae | 225 | return 1; |
8bc98059 PJ |
226 | } |
227 | ||
d7c0a89a | 228 | int isis_recv_pdu_bcast(struct isis_circuit *circuit, uint8_t *ssnpa) |
8bc98059 | 229 | { |
d62a17ae | 230 | int bytesread, addr_len; |
231 | struct sockaddr_ll s_addr; | |
d7c0a89a | 232 | uint8_t llc[LLC_LEN]; |
d62a17ae | 233 | |
234 | addr_len = sizeof(s_addr); | |
235 | ||
6006b807 | 236 | memset(&s_addr, 0, sizeof(s_addr)); |
d62a17ae | 237 | |
238 | bytesread = | |
239 | recvfrom(circuit->fd, (void *)&llc, LLC_LEN, MSG_PEEK, | |
240 | (struct sockaddr *)&s_addr, (socklen_t *)&addr_len); | |
241 | ||
242 | if ((bytesread < 0) | |
243 | || (s_addr.sll_ifindex != (int)circuit->interface->ifindex)) { | |
244 | if (bytesread < 0) { | |
245 | zlog_warn( | |
3efd0893 | 246 | "isis_recv_packet_bcast(): ifname %s, fd %d, bytesread %d, recvfrom(): %s", |
d62a17ae | 247 | circuit->interface->name, circuit->fd, |
248 | bytesread, safe_strerror(errno)); | |
249 | } | |
250 | if (s_addr.sll_ifindex != (int)circuit->interface->ifindex) { | |
251 | zlog_warn( | |
3efd0893 | 252 | "packet is received on multiple interfaces: socket interface %d, circuit interface %d, packet type %u", |
d62a17ae | 253 | s_addr.sll_ifindex, circuit->interface->ifindex, |
254 | s_addr.sll_pkttype); | |
255 | } | |
256 | ||
257 | /* get rid of the packet */ | |
258 | bytesread = recvfrom(circuit->fd, discard_buff, | |
259 | sizeof(discard_buff), MSG_DONTWAIT, | |
260 | (struct sockaddr *)&s_addr, | |
261 | (socklen_t *)&addr_len); | |
262 | ||
263 | if (bytesread < 0) | |
264 | zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed"); | |
265 | ||
266 | return ISIS_WARNING; | |
267 | } | |
268 | /* | |
269 | * Filtering by llc field, discard packets sent by this host (other | |
270 | * circuit) | |
271 | */ | |
272 | if (!llc_check(llc) || s_addr.sll_pkttype == PACKET_OUTGOING) { | |
273 | /* Read the packet into discard buff */ | |
274 | bytesread = recvfrom(circuit->fd, discard_buff, | |
275 | sizeof(discard_buff), MSG_DONTWAIT, | |
276 | (struct sockaddr *)&s_addr, | |
277 | (socklen_t *)&addr_len); | |
278 | if (bytesread < 0) | |
279 | zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed"); | |
280 | return ISIS_WARNING; | |
281 | } | |
282 | ||
32fed393 EDP |
283 | /* Ensure that we have enough space for a pdu padded to fill the mtu */ |
284 | unsigned int max_size = | |
285 | circuit->interface->mtu > circuit->interface->mtu6 | |
286 | ? circuit->interface->mtu | |
287 | : circuit->interface->mtu6; | |
288 | uint8_t temp_buff[max_size]; | |
289 | bytesread = | |
290 | recvfrom(circuit->fd, temp_buff, max_size, MSG_DONTWAIT, | |
291 | (struct sockaddr *)&s_addr, (socklen_t *)&addr_len); | |
d62a17ae | 292 | if (bytesread < 0) { |
32fed393 | 293 | zlog_warn("%s: recvfrom() failed", __func__); |
d62a17ae | 294 | return ISIS_WARNING; |
295 | } | |
d62a17ae | 296 | /* then we lose the LLC */ |
32fed393 | 297 | stream_write(circuit->rcv_stream, temp_buff + LLC_LEN, |
d62a17ae | 298 | bytesread - LLC_LEN); |
d62a17ae | 299 | memcpy(ssnpa, &s_addr.sll_addr, s_addr.sll_halen); |
300 | ||
301 | return ISIS_OK; | |
8bc98059 PJ |
302 | } |
303 | ||
d7c0a89a | 304 | int isis_recv_pdu_p2p(struct isis_circuit *circuit, uint8_t *ssnpa) |
8bc98059 | 305 | { |
d62a17ae | 306 | int bytesread, addr_len; |
307 | struct sockaddr_ll s_addr; | |
308 | ||
6006b807 | 309 | memset(&s_addr, 0, sizeof(s_addr)); |
d62a17ae | 310 | addr_len = sizeof(s_addr); |
311 | ||
312 | /* we can read directly to the stream */ | |
aa979109 A |
313 | (void)stream_recvfrom( |
314 | circuit->rcv_stream, circuit->fd, circuit->interface->mtu, 0, | |
315 | (struct sockaddr *)&s_addr, (socklen_t *)&addr_len); | |
d62a17ae | 316 | |
317 | if (s_addr.sll_pkttype == PACKET_OUTGOING) { | |
318 | /* Read the packet into discard buff */ | |
319 | bytesread = recvfrom(circuit->fd, discard_buff, | |
320 | sizeof(discard_buff), MSG_DONTWAIT, | |
321 | (struct sockaddr *)&s_addr, | |
322 | (socklen_t *)&addr_len); | |
323 | if (bytesread < 0) | |
324 | zlog_warn("isis_recv_pdu_p2p(): recvfrom() failed"); | |
325 | return ISIS_WARNING; | |
326 | } | |
327 | ||
328 | /* If we don't have protocol type 0x00FE which is | |
329 | * ISO over GRE we exit with pain :) | |
330 | */ | |
331 | if (ntohs(s_addr.sll_protocol) != 0x00FE) { | |
332 | zlog_warn("isis_recv_pdu_p2p(): protocol mismatch(): %X", | |
333 | ntohs(s_addr.sll_protocol)); | |
334 | return ISIS_WARNING; | |
335 | } | |
336 | ||
337 | memcpy(ssnpa, &s_addr.sll_addr, s_addr.sll_halen); | |
338 | ||
339 | return ISIS_OK; | |
8bc98059 PJ |
340 | } |
341 | ||
d62a17ae | 342 | int isis_send_pdu_bcast(struct isis_circuit *circuit, int level) |
8bc98059 | 343 | { |
d62a17ae | 344 | struct msghdr msg; |
345 | struct iovec iov[2]; | |
32fed393 | 346 | char temp_buff[LLC_LEN]; |
d62a17ae | 347 | |
348 | /* we need to do the LLC in here because of P2P circuits, which will | |
349 | * not need it | |
350 | */ | |
351 | struct sockaddr_ll sa; | |
352 | ||
353 | stream_set_getp(circuit->snd_stream, 0); | |
6006b807 | 354 | memset(&sa, 0, sizeof(sa)); |
d62a17ae | 355 | sa.sll_family = AF_PACKET; |
356 | ||
357 | size_t frame_size = stream_get_endp(circuit->snd_stream) + LLC_LEN; | |
358 | sa.sll_protocol = htons(isis_ethertype(frame_size)); | |
359 | sa.sll_ifindex = circuit->interface->ifindex; | |
360 | sa.sll_halen = ETH_ALEN; | |
361 | /* RFC5309 section 4.1 recommends ALL_ISS */ | |
362 | if (circuit->circ_type == CIRCUIT_T_P2P) | |
363 | memcpy(&sa.sll_addr, ALL_ISS, ETH_ALEN); | |
364 | else if (level == 1) | |
365 | memcpy(&sa.sll_addr, ALL_L1_ISS, ETH_ALEN); | |
366 | else | |
367 | memcpy(&sa.sll_addr, ALL_L2_ISS, ETH_ALEN); | |
368 | ||
369 | /* on a broadcast circuit */ | |
370 | /* first we put the LLC in */ | |
32fed393 EDP |
371 | temp_buff[0] = 0xFE; |
372 | temp_buff[1] = 0xFE; | |
373 | temp_buff[2] = 0x03; | |
d62a17ae | 374 | |
375 | memset(&msg, 0, sizeof(msg)); | |
376 | msg.msg_name = &sa; | |
377 | msg.msg_namelen = sizeof(struct sockaddr_ll); | |
378 | msg.msg_iov = iov; | |
379 | msg.msg_iovlen = 2; | |
32fed393 | 380 | iov[0].iov_base = temp_buff; |
d62a17ae | 381 | iov[0].iov_len = LLC_LEN; |
382 | iov[1].iov_base = circuit->snd_stream->data; | |
383 | iov[1].iov_len = stream_get_endp(circuit->snd_stream); | |
384 | ||
385 | if (sendmsg(circuit->fd, &msg, 0) < 0) { | |
386 | zlog_warn("IS-IS pfpacket: could not transmit packet on %s: %s", | |
387 | circuit->interface->name, safe_strerror(errno)); | |
388 | if (ERRNO_IO_RETRY(errno)) | |
389 | return ISIS_WARNING; | |
390 | return ISIS_ERROR; | |
391 | } | |
392 | return ISIS_OK; | |
8bc98059 PJ |
393 | } |
394 | ||
d62a17ae | 395 | int isis_send_pdu_p2p(struct isis_circuit *circuit, int level) |
8bc98059 | 396 | { |
d62a17ae | 397 | struct sockaddr_ll sa; |
398 | ssize_t rv; | |
399 | ||
400 | stream_set_getp(circuit->snd_stream, 0); | |
6006b807 | 401 | memset(&sa, 0, sizeof(sa)); |
d62a17ae | 402 | sa.sll_family = AF_PACKET; |
403 | sa.sll_ifindex = circuit->interface->ifindex; | |
404 | sa.sll_halen = ETH_ALEN; | |
405 | if (level == 1) | |
406 | memcpy(&sa.sll_addr, ALL_L1_ISS, ETH_ALEN); | |
407 | else | |
408 | memcpy(&sa.sll_addr, ALL_L2_ISS, ETH_ALEN); | |
409 | ||
410 | ||
411 | /* lets try correcting the protocol */ | |
412 | sa.sll_protocol = htons(0x00FE); | |
413 | rv = sendto(circuit->fd, circuit->snd_stream->data, | |
414 | stream_get_endp(circuit->snd_stream), 0, | |
415 | (struct sockaddr *)&sa, sizeof(struct sockaddr_ll)); | |
416 | if (rv < 0) { | |
417 | zlog_warn("IS-IS pfpacket: could not transmit packet on %s: %s", | |
418 | circuit->interface->name, safe_strerror(errno)); | |
419 | if (ERRNO_IO_RETRY(errno)) | |
420 | return ISIS_WARNING; | |
421 | return ISIS_ERROR; | |
422 | } | |
423 | return ISIS_OK; | |
8bc98059 | 424 | } |
745bf05f DL |
425 | |
426 | #endif /* ISIS_METHOD == ISIS_METHOD_PFPACKET */ |