]> git.proxmox.com Git - mirror_iproute2.git/blame - tc/f_flower.c
projects / mirror_iproute2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'master' into next
[mirror_iproute2.git] / tc / f_flower.c
CommitLineData
30eb304e
JP		 1/*
2 * f_flower.c Flower Classifier
3 *
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Jiri Pirko <jiri@resnulli.us>
10 */
11
12#include <stdio.h>
13#include <stdlib.h>
14#include <unistd.h>
30eb304e
JP		 15#include <string.h>
16#include <net/if.h>
28747146 17#include <linux/limits.h>
f888f4e2 18#include <linux/if_arp.h>
30eb304e
JP		 19#include <linux/if_ether.h>
20#include <linux/ip.h>
745d9172 21#include <linux/tc_act/tc_vlan.h>
7638ee13 22#include <linux/mpls.h>
30eb304e
JP		 23
24#include "utils.h"
25#include "tc_util.h"
26#include "rt_names.h"
27
08f66c80
PB		 28enum flower_matching_flags {
29 FLOWER_IP_FLAGS,
30};
31
6910d656
SH		 32enum flower_endpoint {
33 FLOWER_ENDPOINT_SRC,
34 FLOWER_ENDPOINT_DST
35};
36
eb3b5696
SH		 37enum flower_icmp_field {
38 FLOWER_ICMP_FIELD_TYPE,
39 FLOWER_ICMP_FIELD_CODE
40};
41
30eb304e
JP		 42static void explain(void)
43{
512caeb2 44 fprintf(stderr,
8589eb4e
MC		 45 "Usage: ... flower [ MATCH-LIST ] [ verbose ]\n"
46 " [ skip_sw | skip_hw ]\n"
47 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
512caeb2
SH		 48 "\n"
49 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
8589eb4e
MC		 50 " MATCH := { indev DEV-NAME |\n"
51 " vlan_id VID |\n"
52 " vlan_prio PRIORITY |\n"
53 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
54 " cvlan_id VID |\n"
55 " cvlan_prio PRIORITY |\n"
56 " cvlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
57 " dst_mac MASKED-LLADDR |\n"
58 " src_mac MASKED-LLADDR |\n"
59 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
60 " ip_tos MASKED-IP_TOS |\n"
61 " ip_ttl MASKED-IP_TTL |\n"
62 " mpls_label LABEL |\n"
63 " mpls_tc TC |\n"
64 " mpls_bos BOS |\n"
65 " mpls_ttl TTL |\n"
66 " dst_ip PREFIX |\n"
67 " src_ip PREFIX |\n"
68 " dst_port PORT-NUMBER |\n"
69 " src_port PORT-NUMBER |\n"
70 " tcp_flags MASKED-TCP_FLAGS |\n"
71 " type MASKED-ICMP-TYPE |\n"
72 " code MASKED-ICMP-CODE |\n"
73 " arp_tip IPV4-PREFIX |\n"
74 " arp_sip IPV4-PREFIX |\n"
75 " arp_op [ request | reply | OP ] |\n"
76 " arp_tha MASKED-LLADDR |\n"
77 " arp_sha MASKED-LLADDR |\n"
78 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
79 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
80 " enc_key_id [ KEY-ID ] |\n"
81 " enc_tos MASKED-IP_TOS |\n"
82 " enc_ttl MASKED-IP_TTL |\n"
83 " geneve_opts MASKED-OPTIONS |\n"
84 " ip_flags IP-FLAGS | \n"
2fffb1c0
PB		 85 " enc_dst_port [ port_number ] |\n"
86 " ct_state MASKED_CT_STATE |\n"
87 " ct_label MASKED_CT_LABEL |\n"
88 " ct_mark MASKED_CT_MARK |\n"
89 " ct_zone MASKED_CT_ZONE }\n"
8589eb4e
MC		 90 " FILTERID := X:Y:Z\n"
91 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
2fffb1c0 92 " MASKED_CT_STATE := combination of {+|-} and flags trk,est,new\n"
8589eb4e 93 " ACTION-SPEC := ... look at individual actions\n"
512caeb2 94 "\n"
8589eb4e
MC		 95 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
96 "NOTE: There can be only used one mask per one prio. If user needs\n"
97 " to specify different mask, he has to use different prio.\n");
30eb304e
JP		 98}
99
100static int flower_parse_eth_addr(char *str, int addr_type, int mask_type,
101 struct nlmsghdr *n)
102{
c2078f8d
SH		 103 int ret, err = -1;
104 char addr[ETH_ALEN], *slash;
105
106 slash = strchr(str, '/');
107 if (slash)
108 *slash = '\0';
30eb304e
JP		 109
110 ret = ll_addr_a2n(addr, sizeof(addr), str);
111 if (ret < 0)
c2078f8d 112 goto err;
30eb304e 113 addattr_l(n, MAX_MSG, addr_type, addr, sizeof(addr));
c2078f8d
SH		 114
115 if (slash) {
116 unsigned bits;
117
118 if (!get_unsigned(&bits, slash + 1, 10)) {
119 uint64_t mask;
120
121 /* Extra 16 bit shift to push mac address into
122 * high bits of uint64_t
123 */
124 mask = htonll(0xffffffffffffULL << (16 + 48 - bits));
125 memcpy(addr, &mask, ETH_ALEN);
126 } else {
127 ret = ll_addr_a2n(addr, sizeof(addr), slash + 1);
128 if (ret < 0)
129 goto err;
130 }
131 } else {
132 memset(addr, 0xff, ETH_ALEN);
133 }
30eb304e 134 addattr_l(n, MAX_MSG, mask_type, addr, sizeof(addr));
c2078f8d
SH		 135
136 err = 0;
137err:
138 if (slash)
139 *slash = '/';
140 return err;
30eb304e
JP		 141}
142
1f0a5dfd
JL		 143static bool eth_type_vlan(__be16 ethertype)
144{
145 return ethertype == htons(ETH_P_8021Q) ||
146 ethertype == htons(ETH_P_8021AD);
147}
148
745d9172 149static int flower_parse_vlan_eth_type(char *str, __be16 eth_type, int type,
512caeb2
SH		 150 __be16 *p_vlan_eth_type,
151 struct nlmsghdr *n)
745d9172
HHZ		 152{
153 __be16 vlan_eth_type;
154
1f0a5dfd
JL		 155 if (!eth_type_vlan(eth_type)) {
156 fprintf(stderr, "Can't set \"%s\" if ethertype isn't 802.1Q or 802.1AD\n",
157 type == TCA_FLOWER_KEY_VLAN_ETH_TYPE ? "vlan_ethtype" : "cvlan_ethtype");
745d9172
HHZ		 158 return -1;
159 }
160
161 if (ll_proto_a2n(&vlan_eth_type, str))
162 invarg("invalid vlan_ethtype", str);
163 addattr16(n, MAX_MSG, type, vlan_eth_type);
164 *p_vlan_eth_type = vlan_eth_type;
165 return 0;
166}
167
08f66c80
PB		 168struct flag_to_string {
169 int flag;
170 enum flower_matching_flags type;
171 char *string;
172};
22a8f019 173
08f66c80
PB		 174static struct flag_to_string flags_str[] = {
175 { TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT, FLOWER_IP_FLAGS, "frag" },
fb4e6abf 176 { TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST, FLOWER_IP_FLAGS, "firstfrag" },
08f66c80 177};
22a8f019 178
08f66c80
PB		 179static int flower_parse_matching_flags(char *str,
180 enum flower_matching_flags type,
181 __u32 *mtf, __u32 *mtf_mask)
182{
183 char *token;
184 bool no;
185 bool found;
186 int i;
22a8f019 187
08f66c80
PB		 188 token = strtok(str, "/");
189
190 while (token) {
191 if (!strncmp(token, "no", 2)) {
192 no = true;
193 token += 2;
194 } else
195 no = false;
196
197 found = false;
198 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
199 if (type != flags_str[i].type)
200 continue;
201
202 if (!strcmp(token, flags_str[i].string)) {
203 if (no)
204 *mtf &= ~flags_str[i].flag;
205 else
206 *mtf |= flags_str[i].flag;
207
208 *mtf_mask |= flags_str[i].flag;
209 found = true;
210 break;
211 }
212 }
213 if (!found)
22a8f019 214 return -1;
08f66c80
PB		 215
216 token = strtok(NULL, "/");
22a8f019
PB		 217 }
218
22a8f019
PB		 219 return 0;
220}
221
2fffb1c0
PB		 222static int flower_parse_u16(char *str, int value_type, int mask_type,
223 struct nlmsghdr *n)
224{
225 __u16 value, mask;
226 char *slash;
227
228 slash = strchr(str, '/');
229 if (slash)
230 *slash = '\0';
231
232 if (get_u16(&value, str, 0))
233 return -1;
234
235 if (slash) {
236 if (get_u16(&mask, slash + 1, 0))
237 return -1;
238 } else {
239 mask = UINT16_MAX;
240 }
241
242 addattr16(n, MAX_MSG, value_type, value);
243 addattr16(n, MAX_MSG, mask_type, mask);
244
245 return 0;
246}
247
248static int flower_parse_u32(char *str, int value_type, int mask_type,
249 struct nlmsghdr *n)
250{
251 __u32 value, mask;
252 char *slash;
253
254 slash = strchr(str, '/');
255 if (slash)
256 *slash = '\0';
257
258 if (get_u32(&value, str, 0))
259 return -1;
260
261 if (slash) {
262 if (get_u32(&mask, slash + 1, 0))
263 return -1;
264 } else {
265 mask = UINT32_MAX;
266 }
267
268 addattr32(n, MAX_MSG, value_type, value);
269 addattr32(n, MAX_MSG, mask_type, mask);
270
271 return 0;
272}
273
274static int flower_parse_ct_mark(char *str, struct nlmsghdr *n)
275{
276 return flower_parse_u32(str,
277 TCA_FLOWER_KEY_CT_MARK,
278 TCA_FLOWER_KEY_CT_MARK_MASK,
279 n);
280}
281
282static int flower_parse_ct_zone(char *str, struct nlmsghdr *n)
283{
284 return flower_parse_u16(str,
285 TCA_FLOWER_KEY_CT_ZONE,
286 TCA_FLOWER_KEY_CT_ZONE_MASK,
287 n);
288}
289
290static int flower_parse_ct_labels(char *str, struct nlmsghdr *n)
291{
292#define LABELS_SIZE 16
293 uint8_t labels[LABELS_SIZE], lmask[LABELS_SIZE];
294 char *slash, *mask = NULL;
295 size_t slen, slen_mask = 0;
296
297 slash = index(str, '/');
298 if (slash) {
299 *slash = 0;
300 mask = slash + 1;
301 slen_mask = strlen(mask);
302 }
303
304 slen = strlen(str);
305 if (slen > LABELS_SIZE * 2 || slen_mask > LABELS_SIZE * 2) {
306 char errmsg[128];
307
308 snprintf(errmsg, sizeof(errmsg),
309 "%zd Max allowed size %d",
310 slen, LABELS_SIZE*2);
311 invarg(errmsg, str);
312 }
313
314 if (hex2mem(str, labels, slen / 2) < 0)
315 invarg("labels must be a hex string\n", str);
316 addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS, labels, slen / 2);
317
318 if (mask) {
319 if (hex2mem(mask, lmask, slen_mask / 2) < 0)
320 invarg("labels mask must be a hex string\n", mask);
321 } else {
322 memset(lmask, 0xff, sizeof(lmask));
323 slen_mask = sizeof(lmask) * 2;
324 }
325 addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS_MASK, lmask,
326 slen_mask / 2);
327
328 return 0;
329}
330
331static struct flower_ct_states {
332 char *str;
333 int flag;
334} flower_ct_states[] = {
335 { "trk", TCA_FLOWER_KEY_CT_FLAGS_TRACKED },
336 { "new", TCA_FLOWER_KEY_CT_FLAGS_NEW },
337 { "est", TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED },
338};
339
340static int flower_parse_ct_state(char *str, struct nlmsghdr *n)
341{
342 int flags = 0, mask = 0, len, i;
343 bool p;
344
345 while (*str != '\0') {
346 if (*str == '+')
347 p = true;
348 else if (*str == '-')
349 p = false;
350 else
351 return -1;
352
353 for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
354 len = strlen(flower_ct_states[i].str);
355 if (strncmp(str + 1, flower_ct_states[i].str, len))
356 continue;
357
358 if (p)
359 flags |= flower_ct_states[i].flag;
360 mask |= flower_ct_states[i].flag;
361 break;
362 }
363
364 if (i == ARRAY_SIZE(flower_ct_states))
365 return -1;
366
367 str += len + 1;
368 }
369
370 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE, flags);
371 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE_MASK, mask);
372 return 0;
373}
374
30eb304e
JP		 375static int flower_parse_ip_proto(char *str, __be16 eth_type, int type,
376 __u8 *p_ip_proto, struct nlmsghdr *n)
377{
378 int ret;
379 __u8 ip_proto;
380
eb3b5696
SH		 381 if (eth_type != htons(ETH_P_IP) && eth_type != htons(ETH_P_IPV6))
382 goto err;
383
30eb304e
JP		 384 if (matches(str, "tcp") == 0) {
385 ip_proto = IPPROTO_TCP;
386 } else if (matches(str, "udp") == 0) {
387 ip_proto = IPPROTO_UDP;
a1fb0d48
SH		 388 } else if (matches(str, "sctp") == 0) {
389 ip_proto = IPPROTO_SCTP;
eb3b5696
SH		 390 } else if (matches(str, "icmp") == 0) {
391 if (eth_type != htons(ETH_P_IP))
392 goto err;
393 ip_proto = IPPROTO_ICMP;
394 } else if (matches(str, "icmpv6") == 0) {
395 if (eth_type != htons(ETH_P_IPV6))
396 goto err;
397 ip_proto = IPPROTO_ICMPV6;
30eb304e
JP		 398 } else {
399 ret = get_u8(&ip_proto, str, 16);
400 if (ret)
401 return -1;
402 }
403 addattr8(n, MAX_MSG, type, ip_proto);
404 *p_ip_proto = ip_proto;
405 return 0;
eb3b5696
SH		 406
407err:
408 fprintf(stderr, "Illegal \"eth_type\" for ip proto\n");
409 return -1;
30eb304e
JP		 410}
411
f888f4e2
SH		 412static int __flower_parse_ip_addr(char *str, int family,
413 int addr4_type, int mask4_type,
414 int addr6_type, int mask6_type,
415 struct nlmsghdr *n)
30eb304e
JP		 416{
417 int ret;
418 inet_prefix addr;
30eb304e
JP		 419 int bits;
420 int i;
421
30eb304e
JP		 422 ret = get_prefix(&addr, str, family);
423 if (ret)
424 return -1;
425
bb9b63b1
AV		 426 if (family && (addr.family != family)) {
427 fprintf(stderr, "Illegal \"eth_type\" for ip address\n");
30eb304e 428 return -1;
bb9b63b1 429 }
30eb304e
JP		 430
431 addattr_l(n, MAX_MSG, addr.family == AF_INET ? addr4_type : addr6_type,
432 addr.data, addr.bytelen);
433
434 memset(addr.data, 0xff, addr.bytelen);
435 bits = addr.bitlen;
436 for (i = 0; i < addr.bytelen / 4; i++) {
437 if (!bits) {
438 addr.data[i] = 0;
439 } else if (bits / 32 >= 1) {
440 bits -= 32;
441 } else {
442 addr.data[i] <<= 32 - bits;
443 addr.data[i] = htonl(addr.data[i]);
444 bits = 0;
445 }
446 }
447
448 addattr_l(n, MAX_MSG, addr.family == AF_INET ? mask4_type : mask6_type,
449 addr.data, addr.bytelen);
450
451 return 0;
452}
453
f888f4e2
SH		 454static int flower_parse_ip_addr(char *str, __be16 eth_type,
455 int addr4_type, int mask4_type,
456 int addr6_type, int mask6_type,
457 struct nlmsghdr *n)
458{
459 int family;
460
461 if (eth_type == htons(ETH_P_IP)) {
462 family = AF_INET;
463 } else if (eth_type == htons(ETH_P_IPV6)) {
464 family = AF_INET6;
465 } else if (!eth_type) {
466 family = AF_UNSPEC;
467 } else {
468 return -1;
469 }
470
164a9ff4
RD		 471 return __flower_parse_ip_addr(str, family, addr4_type, mask4_type,
472 addr6_type, mask6_type, n);
f888f4e2
SH		 473}
474
475static bool flower_eth_type_arp(__be16 eth_type)
476{
477 return eth_type == htons(ETH_P_ARP) || eth_type == htons(ETH_P_RARP);
478}
479
480static int flower_parse_arp_ip_addr(char *str, __be16 eth_type,
481 int addr_type, int mask_type,
482 struct nlmsghdr *n)
483{
484 if (!flower_eth_type_arp(eth_type))
485 return -1;
486
487 return __flower_parse_ip_addr(str, AF_INET, addr_type, mask_type,
488 TCA_FLOWER_UNSPEC, TCA_FLOWER_UNSPEC, n);
489}
490
180136e5
SH		 491static int flower_parse_u8(char *str, int value_type, int mask_type,
492 int (*value_from_name)(const char *str,
493 __u8 *value),
494 bool (*value_validate)(__u8 value),
495 struct nlmsghdr *n)
f888f4e2
SH		 496{
497 char *slash;
498 int ret, err = -1;
180136e5 499 __u8 value, mask;
f888f4e2
SH		 500
501 slash = strchr(str, '/');
502 if (slash)
503 *slash = '\0';
504
180136e5
SH		 505 ret = value_from_name ? value_from_name(str, &value) : -1;
506 if (ret < 0) {
f888f4e2
SH		 507 ret = get_u8(&value, str, 10);
508 if (ret)
509 goto err;
f888f4e2
SH		 510 }
511
180136e5
SH		 512 if (value_validate && !value_validate(value))
513 goto err;
514
f888f4e2
SH		 515 if (slash) {
516 ret = get_u8(&mask, slash + 1, 10);
517 if (ret)
518 goto err;
519 }
520 else {
521 mask = UINT8_MAX;
522 }
523
180136e5 524 addattr8(n, MAX_MSG, value_type, value);
f888f4e2
SH		 525 addattr8(n, MAX_MSG, mask_type, mask);
526
527 err = 0;
528err:
529 if (slash)
530 *slash = '/';
531 return err;
532}
533
9d36e54f
SH		 534static const char *flower_print_arp_op_to_name(__u8 op)
535{
536 switch (op) {
537 case ARPOP_REQUEST:
538 return "request";
539 case ARPOP_REPLY:
540 return "reply";
541 default:
542 return NULL;
543 }
544}
545
180136e5
SH		 546static int flower_arp_op_from_name(const char *name, __u8 *op)
547{
548 if (!strcmp(name, "request"))
549 *op = ARPOP_REQUEST;
550 else if (!strcmp(name, "reply"))
551 *op = ARPOP_REPLY;
552 else
553 return -1;
554
555 return 0;
556}
557
558static bool flow_arp_op_validate(__u8 op)
559{
560 return !op || op == ARPOP_REQUEST || op == ARPOP_REPLY;
561}
562
563static int flower_parse_arp_op(char *str, __be16 eth_type,
564 int op_type, int mask_type,
565 struct nlmsghdr *n)
566{
567 if (!flower_eth_type_arp(eth_type))
568 return -1;
569
570 return flower_parse_u8(str, op_type, mask_type, flower_arp_op_from_name,
571 flow_arp_op_validate, n);
572}
573
eb3b5696
SH		 574static int flower_icmp_attr_type(__be16 eth_type, __u8 ip_proto,
575 enum flower_icmp_field field)
576{
577 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
578 return field == FLOWER_ICMP_FIELD_CODE ?
579 TCA_FLOWER_KEY_ICMPV4_CODE :
580 TCA_FLOWER_KEY_ICMPV4_TYPE;
581 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
582 return field == FLOWER_ICMP_FIELD_CODE ?
583 TCA_FLOWER_KEY_ICMPV6_CODE :
584 TCA_FLOWER_KEY_ICMPV6_TYPE;
585
586 return -1;
587}
588
6374961a
SH		 589static int flower_icmp_attr_mask_type(__be16 eth_type, __u8 ip_proto,
590 enum flower_icmp_field field)
591{
592 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
593 return field == FLOWER_ICMP_FIELD_CODE ?
594 TCA_FLOWER_KEY_ICMPV4_CODE_MASK :
595 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK;
596 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
597 return field == FLOWER_ICMP_FIELD_CODE ?
598 TCA_FLOWER_KEY_ICMPV6_CODE_MASK :
599 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK;
600
601 return -1;
602}
603
eb3b5696
SH		 604static int flower_parse_icmp(char *str, __u16 eth_type, __u8 ip_proto,
605 enum flower_icmp_field field, struct nlmsghdr *n)
606{
6374961a 607 int value_type, mask_type;
eb3b5696 608
6374961a
SH		 609 value_type = flower_icmp_attr_type(eth_type, ip_proto, field);
610 mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto, field);
611 if (value_type < 0 || mask_type < 0)
eb3b5696
SH		 612 return -1;
613
6374961a 614 return flower_parse_u8(str, value_type, mask_type, NULL, NULL, n);
eb3b5696
SH		 615}
616
6910d656 617static int flower_port_attr_type(__u8 ip_proto, enum flower_endpoint endpoint)
30eb304e 618{
6bd5b80c 619 if (ip_proto == IPPROTO_TCP)
6910d656
SH		 620 return endpoint == FLOWER_ENDPOINT_SRC ?
621 TCA_FLOWER_KEY_TCP_SRC :
a1fb0d48 622 TCA_FLOWER_KEY_TCP_DST;
6bd5b80c 623 else if (ip_proto == IPPROTO_UDP)
6910d656
SH		 624 return endpoint == FLOWER_ENDPOINT_SRC ?
625 TCA_FLOWER_KEY_UDP_SRC :
a1fb0d48 626 TCA_FLOWER_KEY_UDP_DST;
6bd5b80c 627 else if (ip_proto == IPPROTO_SCTP)
6910d656
SH		 628 return endpoint == FLOWER_ENDPOINT_SRC ?
629 TCA_FLOWER_KEY_SCTP_SRC :
a1fb0d48 630 TCA_FLOWER_KEY_SCTP_DST;
6bd5b80c 631 else
30eb304e 632 return -1;
a1fb0d48
SH		 633}
634
8930840e
AN		 635static int flower_port_range_attr_type(__u8 ip_proto, enum flower_endpoint type,
636 __be16 *min_port_type,
637 __be16 *max_port_type)
638{
639 if (ip_proto == IPPROTO_TCP || ip_proto == IPPROTO_UDP ||
640 ip_proto == IPPROTO_SCTP) {
641 if (type == FLOWER_ENDPOINT_SRC) {
642 *min_port_type = TCA_FLOWER_KEY_PORT_SRC_MIN;
643 *max_port_type = TCA_FLOWER_KEY_PORT_SRC_MAX;
644 } else {
645 *min_port_type = TCA_FLOWER_KEY_PORT_DST_MIN;
646 *max_port_type = TCA_FLOWER_KEY_PORT_DST_MAX;
647 }
648 } else {
649 return -1;
650 }
651 return 0;
652}
653
767b6fd6
LC		 654/* parse range args in format 10-20 */
655static int parse_range(char *str, __be16 *min, __be16 *max)
656{
657 char *sep;
658
659 sep = strchr(str, '-');
660 if (sep) {
661 *sep = '\0';
662
663 if (get_be16(min, str, 10))
664 return -1;
665
666 if (get_be16(max, sep + 1, 10))
667 return -1;
668 } else {
669 if (get_be16(min, str, 10))
670 return -1;
671 }
672 return 0;
673}
674
6910d656
SH		 675static int flower_parse_port(char *str, __u8 ip_proto,
676 enum flower_endpoint endpoint,
a1fb0d48
SH		 677 struct nlmsghdr *n)
678{
767b6fd6
LC		 679 __be16 min = 0;
680 __be16 max = 0;
a1fb0d48 681 int ret;
a1fb0d48 682
767b6fd6
LC		 683 ret = parse_range(str, &min, &max);
684 if (ret)
685 return -1;
30eb304e 686
767b6fd6 687 if (min && max) {
8930840e 688 __be16 min_port_type, max_port_type;
30eb304e 689
8930840e
AN		 690 if (max <= min) {
691 fprintf(stderr, "max value should be greater than min value\n");
692 return -1;
693 }
694 if (flower_port_range_attr_type(ip_proto, endpoint,
695 &min_port_type, &max_port_type))
696 return -1;
697
767b6fd6
LC		 698 addattr16(n, MAX_MSG, min_port_type, min);
699 addattr16(n, MAX_MSG, max_port_type, max);
700 } else if (min && !max) {
701 int type;
702
703 type = flower_port_attr_type(ip_proto, endpoint);
704 if (type < 0)
705 return -1;
706 addattr16(n, MAX_MSG, type, min);
8930840e
AN		 707 } else {
708 return -1;
709 }
30eb304e
JP		 710 return 0;
711}
712
0c30d14d
JP		 713#define TCP_FLAGS_MAX_MASK 0xfff
714
715static int flower_parse_tcp_flags(char *str, int flags_type, int mask_type,
716 struct nlmsghdr *n)
717{
718 char *slash;
719 int ret, err = -1;
720 __u16 flags;
721
722 slash = strchr(str, '/');
723 if (slash)
724 *slash = '\0';
725
726 ret = get_u16(&flags, str, 16);
727 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
728 goto err;
729
730 addattr16(n, MAX_MSG, flags_type, htons(flags));
731
732 if (slash) {
733 ret = get_u16(&flags, slash + 1, 16);
734 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
735 goto err;
736 } else {
737 flags = TCP_FLAGS_MAX_MASK;
738 }
739 addattr16(n, MAX_MSG, mask_type, htons(flags));
740
741 err = 0;
742err:
743 if (slash)
744 *slash = '/';
745 return err;
746}
747
6ea2c2b1
OG		 748static int flower_parse_ip_tos_ttl(char *str, int key_type, int mask_type,
749 struct nlmsghdr *n)
750{
751 char *slash;
752 int ret, err = -1;
753 __u8 tos_ttl;
754
755 slash = strchr(str, '/');
756 if (slash)
757 *slash = '\0';
758
759 ret = get_u8(&tos_ttl, str, 10);
760 if (ret < 0)
761 ret = get_u8(&tos_ttl, str, 16);
762 if (ret < 0)
763 goto err;
764
765 addattr8(n, MAX_MSG, key_type, tos_ttl);
766
767 if (slash) {
768 ret = get_u8(&tos_ttl, slash + 1, 16);
769 if (ret < 0)
770 goto err;
771 } else {
772 tos_ttl = 0xff;
773 }
774 addattr8(n, MAX_MSG, mask_type, tos_ttl);
775
776 err = 0;
777err:
778 if (slash)
779 *slash = '/';
780 return err;
781}
782
bb9b63b1
AV		 783static int flower_parse_key_id(const char *str, int type, struct nlmsghdr *n)
784{
785 int ret;
786 __be32 key_id;
787
788 ret = get_be32(&key_id, str, 10);
789 if (!ret)
790 addattr32(n, MAX_MSG, type, key_id);
791
792 return ret;
793}
794
41aa17ff
HHZ		 795static int flower_parse_enc_port(char *str, int type, struct nlmsghdr *n)
796{
797 int ret;
798 __be16 port;
799
800 ret = get_be16(&port, str, 10);
801 if (ret)
802 return -1;
803
804 addattr16(n, MAX_MSG, type, port);
805
806 return 0;
807}
808
56155d4d
PJV		 809static int flower_parse_geneve_opts(char *str, struct nlmsghdr *n)
810{
811 struct rtattr *nest;
812 char *token;
813 int i, err;
814
815 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_GENEVE);
816
817 i = 1;
818 token = strsep(&str, ":");
819 while (token) {
820 switch (i) {
821 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS:
822 {
823 __be16 opt_class;
824
825 if (!strlen(token))
826 break;
827 err = get_be16(&opt_class, token, 16);
828 if (err)
829 return err;
830
831 addattr16(n, MAX_MSG, i, opt_class);
832 break;
833 }
834 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE:
835 {
836 __u8 opt_type;
837
838 if (!strlen(token))
839 break;
840 err = get_u8(&opt_type, token, 16);
841 if (err)
842 return err;
843
844 addattr8(n, MAX_MSG, i, opt_type);
845 break;
846 }
847 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA:
848 {
849 size_t token_len = strlen(token);
850 __u8 *opts;
851
852 if (!token_len)
853 break;
854 opts = malloc(token_len / 2);
855 if (!opts)
856 return -1;
857 if (hex2mem(token, opts, token_len / 2) < 0) {
858 free(opts);
859 return -1;
860 }
861 addattr_l(n, MAX_MSG, i, opts, token_len / 2);
862 free(opts);
863
864 break;
865 }
866 default:
867 fprintf(stderr, "Unknown \"geneve_opts\" type\n");
868 return -1;
869 }
870
871 token = strsep(&str, ":");
872 i++;
873 }
874 addattr_nest_end(n, nest);
875
876 return 0;
877}
878
879static int flower_parse_enc_opt_part(char *str, struct nlmsghdr *n)
880{
881 char *token;
882 int err;
883
884 token = strsep(&str, ",");
885 while (token) {
886 err = flower_parse_geneve_opts(token, n);
887 if (err)
888 return err;
889
890 token = strsep(&str, ",");
891 }
892
893 return 0;
894}
895
896static int flower_check_enc_opt_key(char *key)
897{
898 int key_len, col_cnt = 0;
899
900 key_len = strlen(key);
901 while ((key = strchr(key, ':'))) {
902 if (strlen(key) == key_len)
903 return -1;
904
905 key_len = strlen(key) - 1;
906 col_cnt++;
907 key++;
908 }
909
910 if (col_cnt != 2 || !key_len)
911 return -1;
912
913 return 0;
914}
915
916static int flower_parse_enc_opts(char *str, struct nlmsghdr *n)
917{
918 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
919 int data_len, key_len, mask_len, err;
920 char *token, *slash;
921 struct rtattr *nest;
922
923 key_len = 0;
924 mask_len = 0;
925 token = strsep(&str, ",");
926 while (token) {
927 slash = strchr(token, '/');
928 if (slash)
929 *slash = '\0';
930
931 if ((key_len + strlen(token) > XATTR_SIZE_MAX) ||
932 flower_check_enc_opt_key(token))
933 return -1;
934
935 strcpy(&key[key_len], token);
936 key_len += strlen(token) + 1;
937 key[key_len - 1] = ',';
938
939 if (!slash) {
940 /* Pad out mask when not provided */
941 if (mask_len + strlen(token) > XATTR_SIZE_MAX)
942 return -1;
943
944 data_len = strlen(rindex(token, ':'));
945 sprintf(&mask[mask_len], "ffff:ff:");
946 mask_len += 8;
947 memset(&mask[mask_len], 'f', data_len - 1);
948 mask_len += data_len;
949 mask[mask_len - 1] = ',';
950 token = strsep(&str, ",");
951 continue;
952 }
953
954 if (mask_len + strlen(slash + 1) > XATTR_SIZE_MAX)
955 return -1;
956
957 strcpy(&mask[mask_len], slash + 1);
958 mask_len += strlen(slash + 1) + 1;
959 mask[mask_len - 1] = ',';
960
961 *slash = '/';
962 token = strsep(&str, ",");
963 }
964 key[key_len - 1] = '\0';
965 mask[mask_len - 1] = '\0';
966
967 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS);
968 err = flower_parse_enc_opt_part(key, n);
969 if (err)
970 return err;
971 addattr_nest_end(n, nest);
972
973 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_MASK);
974 err = flower_parse_enc_opt_part(mask, n);
975 if (err)
976 return err;
977 addattr_nest_end(n, nest);
978
979 return 0;
980}
981
30eb304e
JP		 982static int flower_parse_opt(struct filter_util *qu, char *handle,
983 int argc, char **argv, struct nlmsghdr *n)
984{
985 int ret;
986 struct tcmsg *t = NLMSG_DATA(n);
987 struct rtattr *tail;
488b41d0 988 __be16 eth_type = TC_H_MIN(t->tcm_info);
745d9172 989 __be16 vlan_ethtype = 0;
1f0a5dfd 990 __be16 cvlan_ethtype = 0;
30eb304e 991 __u8 ip_proto = 0xff;
cfcabf18 992 __u32 flags = 0;
08f66c80
PB		 993 __u32 mtf = 0;
994 __u32 mtf_mask = 0;
30eb304e 995
30eb304e
JP		 996 if (handle) {
997 ret = get_u32(&t->tcm_handle, handle, 0);
998 if (ret) {
999 fprintf(stderr, "Illegal \"handle\"\n");
1000 return -1;
1001 }
1002 }
1003
1004 tail = (struct rtattr *) (((void *) n) + NLMSG_ALIGN(n->nlmsg_len));
1005 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0);
1006
488b41d0
JHS		 1007 if (argc == 0) {
1008 /*at minimal we will match all ethertype packets */
1009 goto parse_done;
1010 }
1011
30eb304e
JP		 1012 while (argc > 0) {
1013 if (matches(*argv, "classid") == 0 ||
1014 matches(*argv, "flowid") == 0) {
32a121cb 1015 unsigned int handle;
30eb304e
JP		 1016
1017 NEXT_ARG();
1018 ret = get_tc_classid(&handle, *argv);
1019 if (ret) {
1020 fprintf(stderr, "Illegal \"classid\"\n");
1021 return -1;
1022 }
1023 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle, 4);
0d575c4d
AN		 1024 } else if (matches(*argv, "hw_tc") == 0) {
1025 unsigned int handle;
1026 __u32 tc;
1027 char *end;
1028
1029 NEXT_ARG();
1030 tc = strtoul(*argv, &end, 0);
1031 if (*end) {
1032 fprintf(stderr, "Illegal TC index\n");
1033 return -1;
1034 }
1035 if (tc >= TC_QOPT_MAX_QUEUE) {
1036 fprintf(stderr, "TC index exceeds max range\n");
1037 return -1;
1038 }
1039 handle = TC_H_MAKE(TC_H_MAJ(t->tcm_parent),
1040 TC_H_MIN(tc + TC_H_MIN_PRIORITY));
1041 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle,
1042 sizeof(handle));
08f66c80 1043 } else if (matches(*argv, "ip_flags") == 0) {
22a8f019
PB		 1044 NEXT_ARG();
1045 ret = flower_parse_matching_flags(*argv,
08f66c80
PB		 1046 FLOWER_IP_FLAGS,
1047 &mtf,
1048 &mtf_mask);
22a8f019 1049 if (ret < 0) {
08f66c80 1050 fprintf(stderr, "Illegal \"ip_flags\"\n");
22a8f019
PB		 1051 return -1;
1052 }
ac6a4c22
MRL		 1053 } else if (matches(*argv, "verbose") == 0) {
1054 flags |= TCA_CLS_FLAGS_VERBOSE;
cfcabf18
AV		 1055 } else if (matches(*argv, "skip_hw") == 0) {
1056 flags |= TCA_CLS_FLAGS_SKIP_HW;
1057 } else if (matches(*argv, "skip_sw") == 0) {
1058 flags |= TCA_CLS_FLAGS_SKIP_SW;
2fffb1c0
PB		 1059 } else if (matches(*argv, "ct_state") == 0) {
1060 NEXT_ARG();
1061 ret = flower_parse_ct_state(*argv, n);
1062 if (ret < 0) {
1063 fprintf(stderr, "Illegal \"ct_state\"\n");
1064 return -1;
1065 }
1066 } else if (matches(*argv, "ct_zone") == 0) {
1067 NEXT_ARG();
1068 ret = flower_parse_ct_zone(*argv, n);
1069 if (ret < 0) {
1070 fprintf(stderr, "Illegal \"ct_zone\"\n");
1071 return -1;
1072 }
1073 } else if (matches(*argv, "ct_mark") == 0) {
1074 NEXT_ARG();
1075 ret = flower_parse_ct_mark(*argv, n);
1076 if (ret < 0) {
1077 fprintf(stderr, "Illegal \"ct_mark\"\n");
1078 return -1;
1079 }
1080 } else if (matches(*argv, "ct_label") == 0) {
1081 NEXT_ARG();
1082 ret = flower_parse_ct_labels(*argv, n);
1083 if (ret < 0) {
1084 fprintf(stderr, "Illegal \"ct_label\"\n");
1085 return -1;
1086 }
30eb304e 1087 } else if (matches(*argv, "indev") == 0) {
30eb304e 1088 NEXT_ARG();
625df645
PS		 1089 if (check_ifname(*argv))
1090 invarg("\"indev\" not a valid ifname", *argv);
ee474849 1091 addattrstrz(n, MAX_MSG, TCA_FLOWER_INDEV, *argv);
745d9172
HHZ		 1092 } else if (matches(*argv, "vlan_id") == 0) {
1093 __u16 vid;
1094
1095 NEXT_ARG();
1f0a5dfd
JL		 1096 if (!eth_type_vlan(eth_type)) {
1097 fprintf(stderr, "Can't set \"vlan_id\" if ethertype isn't 802.1Q or 802.1AD\n");
745d9172
HHZ		 1098 return -1;
1099 }
1100 ret = get_u16(&vid, *argv, 10);
1101 if (ret < 0 || vid & ~0xfff) {
1102 fprintf(stderr, "Illegal \"vlan_id\"\n");
1103 return -1;
1104 }
1105 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_VLAN_ID, vid);
1106 } else if (matches(*argv, "vlan_prio") == 0) {
1107 __u8 vlan_prio;
1108
1109 NEXT_ARG();
1f0a5dfd
JL		 1110 if (!eth_type_vlan(eth_type)) {
1111 fprintf(stderr, "Can't set \"vlan_prio\" if ethertype isn't 802.1Q or 802.1AD\n");
745d9172
HHZ		 1112 return -1;
1113 }
1114 ret = get_u8(&vlan_prio, *argv, 10);
1115 if (ret < 0 || vlan_prio & ~0x7) {
1116 fprintf(stderr, "Illegal \"vlan_prio\"\n");
1117 return -1;
1118 }
512caeb2
SH		 1119 addattr8(n, MAX_MSG,
1120 TCA_FLOWER_KEY_VLAN_PRIO, vlan_prio);
745d9172
HHZ		 1121 } else if (matches(*argv, "vlan_ethtype") == 0) {
1122 NEXT_ARG();
1123 ret = flower_parse_vlan_eth_type(*argv, eth_type,
512caeb2
SH		 1124 TCA_FLOWER_KEY_VLAN_ETH_TYPE,
1125 &vlan_ethtype, n);
745d9172
HHZ		 1126 if (ret < 0)
1127 return -1;
1f0a5dfd
JL		 1128 } else if (matches(*argv, "cvlan_id") == 0) {
1129 __u16 vid;
1130
1131 NEXT_ARG();
1132 if (!eth_type_vlan(vlan_ethtype)) {
1133 fprintf(stderr, "Can't set \"cvlan_id\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1134 return -1;
1135 }
1136 ret = get_u16(&vid, *argv, 10);
1137 if (ret < 0 || vid & ~0xfff) {
1138 fprintf(stderr, "Illegal \"cvlan_id\"\n");
1139 return -1;
1140 }
1141 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CVLAN_ID, vid);
1142 } else if (matches(*argv, "cvlan_prio") == 0) {
1143 __u8 cvlan_prio;
1144
1145 NEXT_ARG();
1146 if (!eth_type_vlan(vlan_ethtype)) {
1147 fprintf(stderr, "Can't set \"cvlan_prio\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1148 return -1;
1149 }
1150 ret = get_u8(&cvlan_prio, *argv, 10);
1151 if (ret < 0 || cvlan_prio & ~0x7) {
1152 fprintf(stderr, "Illegal \"cvlan_prio\"\n");
1153 return -1;
1154 }
1155 addattr8(n, MAX_MSG,
1156 TCA_FLOWER_KEY_CVLAN_PRIO, cvlan_prio);
1157 } else if (matches(*argv, "cvlan_ethtype") == 0) {
1158 NEXT_ARG();
1159 ret = flower_parse_vlan_eth_type(*argv, vlan_ethtype,
1160 TCA_FLOWER_KEY_CVLAN_ETH_TYPE,
1161 &cvlan_ethtype, n);
1162 if (ret < 0)
1163 return -1;
7638ee13
BL		 1164 } else if (matches(*argv, "mpls_label") == 0) {
1165 __u32 label;
1166
1167 NEXT_ARG();
1168 if (eth_type != htons(ETH_P_MPLS_UC) &&
1169 eth_type != htons(ETH_P_MPLS_MC)) {
1170 fprintf(stderr,
1171 "Can't set \"mpls_label\" if ethertype isn't MPLS\n");
1172 return -1;
1173 }
1174 ret = get_u32(&label, *argv, 10);
1175 if (ret < 0 || label & ~(MPLS_LS_LABEL_MASK >> MPLS_LS_LABEL_SHIFT)) {
1176 fprintf(stderr, "Illegal \"mpls_label\"\n");
1177 return -1;
1178 }
1179 addattr32(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_LABEL, label);
1180 } else if (matches(*argv, "mpls_tc") == 0) {
1181 __u8 tc;
1182
1183 NEXT_ARG();
1184 if (eth_type != htons(ETH_P_MPLS_UC) &&
1185 eth_type != htons(ETH_P_MPLS_MC)) {
1186 fprintf(stderr,
1187 "Can't set \"mpls_tc\" if ethertype isn't MPLS\n");
1188 return -1;
1189 }
1190 ret = get_u8(&tc, *argv, 10);
1191 if (ret < 0 || tc & ~(MPLS_LS_TC_MASK >> MPLS_LS_TC_SHIFT)) {
1192 fprintf(stderr, "Illegal \"mpls_tc\"\n");
1193 return -1;
1194 }
1195 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TC, tc);
1196 } else if (matches(*argv, "mpls_bos") == 0) {
1197 __u8 bos;
1198
1199 NEXT_ARG();
1200 if (eth_type != htons(ETH_P_MPLS_UC) &&
1201 eth_type != htons(ETH_P_MPLS_MC)) {
1202 fprintf(stderr,
1203 "Can't set \"mpls_bos\" if ethertype isn't MPLS\n");
1204 return -1;
1205 }
1206 ret = get_u8(&bos, *argv, 10);
1207 if (ret < 0 || bos & ~(MPLS_LS_S_MASK >> MPLS_LS_S_SHIFT)) {
1208 fprintf(stderr, "Illegal \"mpls_bos\"\n");
1209 return -1;
1210 }
1211 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_BOS, bos);
1212 } else if (matches(*argv, "mpls_ttl") == 0) {
1213 __u8 ttl;
1214
1215 NEXT_ARG();
1216 if (eth_type != htons(ETH_P_MPLS_UC) &&
1217 eth_type != htons(ETH_P_MPLS_MC)) {
1218 fprintf(stderr,
1219 "Can't set \"mpls_ttl\" if ethertype isn't MPLS\n");
1220 return -1;
1221 }
1222 ret = get_u8(&ttl, *argv, 10);
1223 if (ret < 0 || ttl & ~(MPLS_LS_TTL_MASK >> MPLS_LS_TTL_SHIFT)) {
1224 fprintf(stderr, "Illegal \"mpls_ttl\"\n");
1225 return -1;
1226 }
1227 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TTL, ttl);
30eb304e
JP		 1228 } else if (matches(*argv, "dst_mac") == 0) {
1229 NEXT_ARG();
1230 ret = flower_parse_eth_addr(*argv,
1231 TCA_FLOWER_KEY_ETH_DST,
1232 TCA_FLOWER_KEY_ETH_DST_MASK,
1233 n);
1234 if (ret < 0) {
1235 fprintf(stderr, "Illegal \"dst_mac\"\n");
1236 return -1;
1237 }
1238 } else if (matches(*argv, "src_mac") == 0) {
1239 NEXT_ARG();
1240 ret = flower_parse_eth_addr(*argv,
1241 TCA_FLOWER_KEY_ETH_SRC,
1242 TCA_FLOWER_KEY_ETH_SRC_MASK,
1243 n);
1244 if (ret < 0) {
1245 fprintf(stderr, "Illegal \"src_mac\"\n");
1246 return -1;
1247 }
30eb304e
JP		 1248 } else if (matches(*argv, "ip_proto") == 0) {
1249 NEXT_ARG();
1f0a5dfd
JL		 1250 ret = flower_parse_ip_proto(*argv, cvlan_ethtype ?
1251 cvlan_ethtype : vlan_ethtype ?
745d9172 1252 vlan_ethtype : eth_type,
30eb304e
JP		 1253 TCA_FLOWER_KEY_IP_PROTO,
1254 &ip_proto, n);
1255 if (ret < 0) {
1256 fprintf(stderr, "Illegal \"ip_proto\"\n");
1257 return -1;
1258 }
6ea2c2b1
OG		 1259 } else if (matches(*argv, "ip_tos") == 0) {
1260 NEXT_ARG();
1261 ret = flower_parse_ip_tos_ttl(*argv,
1262 TCA_FLOWER_KEY_IP_TOS,
1263 TCA_FLOWER_KEY_IP_TOS_MASK,
1264 n);
1265 if (ret < 0) {
1266 fprintf(stderr, "Illegal \"ip_tos\"\n");
1267 return -1;
1268 }
1269 } else if (matches(*argv, "ip_ttl") == 0) {
1270 NEXT_ARG();
1271 ret = flower_parse_ip_tos_ttl(*argv,
1272 TCA_FLOWER_KEY_IP_TTL,
1273 TCA_FLOWER_KEY_IP_TTL_MASK,
1274 n);
1275 if (ret < 0) {
1276 fprintf(stderr, "Illegal \"ip_ttl\"\n");
1277 return -1;
1278 }
30eb304e
JP		 1279 } else if (matches(*argv, "dst_ip") == 0) {
1280 NEXT_ARG();
1f0a5dfd
JL		 1281 ret = flower_parse_ip_addr(*argv, cvlan_ethtype ?
1282 cvlan_ethtype : vlan_ethtype ?
745d9172 1283 vlan_ethtype : eth_type,
30eb304e
JP		 1284 TCA_FLOWER_KEY_IPV4_DST,
1285 TCA_FLOWER_KEY_IPV4_DST_MASK,
1286 TCA_FLOWER_KEY_IPV6_DST,
1287 TCA_FLOWER_KEY_IPV6_DST_MASK,
1288 n);
1289 if (ret < 0) {
1290 fprintf(stderr, "Illegal \"dst_ip\"\n");
1291 return -1;
1292 }
1293 } else if (matches(*argv, "src_ip") == 0) {
1294 NEXT_ARG();
1f0a5dfd
JL		 1295 ret = flower_parse_ip_addr(*argv, cvlan_ethtype ?
1296 cvlan_ethtype : vlan_ethtype ?
745d9172 1297 vlan_ethtype : eth_type,
30eb304e
JP		 1298 TCA_FLOWER_KEY_IPV4_SRC,
1299 TCA_FLOWER_KEY_IPV4_SRC_MASK,
1300 TCA_FLOWER_KEY_IPV6_SRC,
1301 TCA_FLOWER_KEY_IPV6_SRC_MASK,
1302 n);
1303 if (ret < 0) {
1304 fprintf(stderr, "Illegal \"src_ip\"\n");
1305 return -1;
1306 }
1307 } else if (matches(*argv, "dst_port") == 0) {
1308 NEXT_ARG();
dd7d522a
DA		 1309 ret = flower_parse_port(*argv, ip_proto,
1310 FLOWER_ENDPOINT_DST, n);
1311 if (ret < 0) {
1312 fprintf(stderr, "Illegal \"dst_port\"\n");
1313 return -1;
30eb304e
JP		 1314 }
1315 } else if (matches(*argv, "src_port") == 0) {
1316 NEXT_ARG();
dd7d522a
DA		 1317 ret = flower_parse_port(*argv, ip_proto,
1318 FLOWER_ENDPOINT_SRC, n);
1319 if (ret < 0) {
1320 fprintf(stderr, "Illegal \"src_port\"\n");
1321 return -1;
30eb304e 1322 }
0c30d14d
JP		 1323 } else if (matches(*argv, "tcp_flags") == 0) {
1324 NEXT_ARG();
1325 ret = flower_parse_tcp_flags(*argv,
1326 TCA_FLOWER_KEY_TCP_FLAGS,
1327 TCA_FLOWER_KEY_TCP_FLAGS_MASK,
1328 n);
1329 if (ret < 0) {
1330 fprintf(stderr, "Illegal \"tcp_flags\"\n");
1331 return -1;
1332 }
eb3b5696
SH		 1333 } else if (matches(*argv, "type") == 0) {
1334 NEXT_ARG();
1335 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1336 FLOWER_ICMP_FIELD_TYPE, n);
1337 if (ret < 0) {
1338 fprintf(stderr, "Illegal \"icmp type\"\n");
1339 return -1;
1340 }
1341 } else if (matches(*argv, "code") == 0) {
1342 NEXT_ARG();
1343 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1344 FLOWER_ICMP_FIELD_CODE, n);
1345 if (ret < 0) {
1346 fprintf(stderr, "Illegal \"icmp code\"\n");
1347 return -1;
1348 }
f888f4e2
SH		 1349 } else if (matches(*argv, "arp_tip") == 0) {
1350 NEXT_ARG();
1351 ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
1352 vlan_ethtype : eth_type,
1353 TCA_FLOWER_KEY_ARP_TIP,
1354 TCA_FLOWER_KEY_ARP_TIP_MASK,
1355 n);
1356 if (ret < 0) {
1357 fprintf(stderr, "Illegal \"arp_tip\"\n");
1358 return -1;
1359 }
1360 } else if (matches(*argv, "arp_sip") == 0) {
1361 NEXT_ARG();
1362 ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
1363 vlan_ethtype : eth_type,
1364 TCA_FLOWER_KEY_ARP_SIP,
1365 TCA_FLOWER_KEY_ARP_SIP_MASK,
1366 n);
1367 if (ret < 0) {
1368 fprintf(stderr, "Illegal \"arp_sip\"\n");
1369 return -1;
1370 }
1371 } else if (matches(*argv, "arp_op") == 0) {
1372 NEXT_ARG();
1373 ret = flower_parse_arp_op(*argv, vlan_ethtype ?
1374 vlan_ethtype : eth_type,
1375 TCA_FLOWER_KEY_ARP_OP,
1376 TCA_FLOWER_KEY_ARP_OP_MASK,
1377 n);
1378 if (ret < 0) {
1379 fprintf(stderr, "Illegal \"arp_op\"\n");
1380 return -1;
1381 }
1382 } else if (matches(*argv, "arp_tha") == 0) {
1383 NEXT_ARG();
1384 ret = flower_parse_eth_addr(*argv,
1385 TCA_FLOWER_KEY_ARP_THA,
1386 TCA_FLOWER_KEY_ARP_THA_MASK,
1387 n);
1388 if (ret < 0) {
1389 fprintf(stderr, "Illegal \"arp_tha\"\n");
1390 return -1;
1391 }
1392 } else if (matches(*argv, "arp_sha") == 0) {
1393 NEXT_ARG();
1394 ret = flower_parse_eth_addr(*argv,
1395 TCA_FLOWER_KEY_ARP_SHA,
1396 TCA_FLOWER_KEY_ARP_SHA_MASK,
1397 n);
1398 if (ret < 0) {
1399 fprintf(stderr, "Illegal \"arp_sha\"\n");
1400 return -1;
1401 }
bb9b63b1
AV		 1402 } else if (matches(*argv, "enc_dst_ip") == 0) {
1403 NEXT_ARG();
1404 ret = flower_parse_ip_addr(*argv, 0,
1405 TCA_FLOWER_KEY_ENC_IPV4_DST,
1406 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
1407 TCA_FLOWER_KEY_ENC_IPV6_DST,
1408 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
1409 n);
1410 if (ret < 0) {
1411 fprintf(stderr, "Illegal \"enc_dst_ip\"\n");
1412 return -1;
1413 }
1414 } else if (matches(*argv, "enc_src_ip") == 0) {
1415 NEXT_ARG();
1416 ret = flower_parse_ip_addr(*argv, 0,
1417 TCA_FLOWER_KEY_ENC_IPV4_SRC,
1418 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
1419 TCA_FLOWER_KEY_ENC_IPV6_SRC,
1420 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
1421 n);
1422 if (ret < 0) {
1423 fprintf(stderr, "Illegal \"enc_src_ip\"\n");
1424 return -1;
1425 }
1426 } else if (matches(*argv, "enc_key_id") == 0) {
1427 NEXT_ARG();
1428 ret = flower_parse_key_id(*argv,
1429 TCA_FLOWER_KEY_ENC_KEY_ID, n);
1430 if (ret < 0) {
1431 fprintf(stderr, "Illegal \"enc_key_id\"\n");
1432 return -1;
1433 }
41aa17ff
HHZ		 1434 } else if (matches(*argv, "enc_dst_port") == 0) {
1435 NEXT_ARG();
1436 ret = flower_parse_enc_port(*argv,
1437 TCA_FLOWER_KEY_ENC_UDP_DST_PORT, n);
1438 if (ret < 0) {
1439 fprintf(stderr, "Illegal \"enc_dst_port\"\n");
1440 return -1;
1441 }
761ec9e2
OG		 1442 } else if (matches(*argv, "enc_tos") == 0) {
1443 NEXT_ARG();
1444 ret = flower_parse_ip_tos_ttl(*argv,
1445 TCA_FLOWER_KEY_ENC_IP_TOS,
1446 TCA_FLOWER_KEY_ENC_IP_TOS_MASK,
1447 n);
1448 if (ret < 0) {
1449 fprintf(stderr, "Illegal \"enc_tos\"\n");
1450 return -1;
1451 }
1452 } else if (matches(*argv, "enc_ttl") == 0) {
1453 NEXT_ARG();
1454 ret = flower_parse_ip_tos_ttl(*argv,
1455 TCA_FLOWER_KEY_ENC_IP_TTL,
1456 TCA_FLOWER_KEY_ENC_IP_TTL_MASK,
1457 n);
1458 if (ret < 0) {
1459 fprintf(stderr, "Illegal \"enc_ttl\"\n");
1460 return -1;
1461 }
56155d4d
PJV		 1462 } else if (matches(*argv, "geneve_opts") == 0) {
1463 NEXT_ARG();
1464 ret = flower_parse_enc_opts(*argv, n);
1465 if (ret < 0) {
1466 fprintf(stderr, "Illegal \"geneve_opts\"\n");
1467 return -1;
1468 }
30eb304e
JP		 1469 } else if (matches(*argv, "action") == 0) {
1470 NEXT_ARG();
1471 ret = parse_action(&argc, &argv, TCA_FLOWER_ACT, n);
1472 if (ret) {
1473 fprintf(stderr, "Illegal \"action\"\n");
1474 return -1;
1475 }
1476 continue;
1477 } else if (strcmp(*argv, "help") == 0) {
1478 explain();
1479 return -1;
1480 } else {
1481 fprintf(stderr, "What is \"%s\"?\n", *argv);
1482 explain();
1483 return -1;
1484 }
1485 argc--; argv++;
1486 }
1487
488b41d0 1488parse_done:
c85609b2
RD		 1489 ret = addattr32(n, MAX_MSG, TCA_FLOWER_FLAGS, flags);
1490 if (ret)
1491 return ret;
cfcabf18 1492
08f66c80
PB		 1493 if (mtf_mask) {
1494 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS, htonl(mtf));
1495 if (ret)
1496 return ret;
1497
1498 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS_MASK, htonl(mtf_mask));
1499 if (ret)
1500 return ret;
1501 }
1502
4f7d406f
BL		 1503 if (eth_type != htons(ETH_P_ALL)) {
1504 ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, eth_type);
1505 if (ret)
1506 return ret;
1507 }
488b41d0 1508
32a121cb 1509 tail->rta_len = (((void *)n)+n->nlmsg_len) - (void *)tail;
30eb304e
JP		 1510
1511 return 0;
1512}
1513
1514static int __mask_bits(char *addr, size_t len)
1515{
1516 int bits = 0;
1517 bool hole = false;
1518 int i;
1519 int j;
1520
1521 for (i = 0; i < len; i++, addr++) {
1522 for (j = 7; j >= 0; j--) {
1523 if (((*addr) >> j) & 0x1) {
1524 if (hole)
1525 return -1;
1526 bits++;
1527 } else if (bits) {
1528 hole = true;
1529 } else{
1530 return -1;
1531 }
1532 }
1533 }
1534 return bits;
1535}
1536
e28b88a4 1537static void flower_print_eth_addr(char *name, struct rtattr *addr_attr,
30eb304e
JP		 1538 struct rtattr *mask_attr)
1539{
e28b88a4
JP		 1540 SPRINT_BUF(namefrm);
1541 SPRINT_BUF(out);
30eb304e 1542 SPRINT_BUF(b1);
e28b88a4 1543 size_t done;
30eb304e
JP		 1544 int bits;
1545
1546 if (!addr_attr || RTA_PAYLOAD(addr_attr) != ETH_ALEN)
1547 return;
e28b88a4
JP		 1548 done = sprintf(out, "%s",
1549 ll_addr_n2a(RTA_DATA(addr_attr), ETH_ALEN,
1550 0, b1, sizeof(b1)));
1551 if (mask_attr && RTA_PAYLOAD(mask_attr) == ETH_ALEN) {
1552 bits = __mask_bits(RTA_DATA(mask_attr), ETH_ALEN);
1553 if (bits < 0)
1554 sprintf(out + done, "/%s",
1555 ll_addr_n2a(RTA_DATA(mask_attr), ETH_ALEN,
1556 0, b1, sizeof(b1)));
1557 else if (bits < ETH_ALEN * 8)
1558 sprintf(out + done, "/%d", bits);
1559 }
1560
1561 sprintf(namefrm, "\n %s %%s", name);
1562 print_string(PRINT_ANY, name, namefrm, out);
30eb304e
JP		 1563}
1564
e28b88a4 1565static void flower_print_eth_type(__be16 *p_eth_type,
30eb304e
JP		 1566 struct rtattr *eth_type_attr)
1567{
e28b88a4 1568 SPRINT_BUF(out);
30eb304e
JP		 1569 __be16 eth_type;
1570
1571 if (!eth_type_attr)
1572 return;
1573
1574 eth_type = rta_getattr_u16(eth_type_attr);
30eb304e 1575 if (eth_type == htons(ETH_P_IP))
e28b88a4 1576 sprintf(out, "ipv4");
30eb304e 1577 else if (eth_type == htons(ETH_P_IPV6))
e28b88a4 1578 sprintf(out, "ipv6");
f888f4e2 1579 else if (eth_type == htons(ETH_P_ARP))
e28b88a4 1580 sprintf(out, "arp");
f888f4e2 1581 else if (eth_type == htons(ETH_P_RARP))
e28b88a4 1582 sprintf(out, "rarp");
30eb304e 1583 else
e28b88a4
JP		 1584 sprintf(out, "%04x", ntohs(eth_type));
1585
1586 print_string(PRINT_ANY, "eth_type", "\n eth_type %s", out);
30eb304e
JP		 1587 *p_eth_type = eth_type;
1588}
1589
e28b88a4 1590static void flower_print_ip_proto(__u8 *p_ip_proto,
30eb304e
JP		 1591 struct rtattr *ip_proto_attr)
1592{
e28b88a4 1593 SPRINT_BUF(out);
30eb304e
JP		 1594 __u8 ip_proto;
1595
1596 if (!ip_proto_attr)
1597 return;
1598
1599 ip_proto = rta_getattr_u8(ip_proto_attr);
30eb304e 1600 if (ip_proto == IPPROTO_TCP)
e28b88a4 1601 sprintf(out, "tcp");
30eb304e 1602 else if (ip_proto == IPPROTO_UDP)
e28b88a4 1603 sprintf(out, "udp");
a1fb0d48 1604 else if (ip_proto == IPPROTO_SCTP)
e28b88a4 1605 sprintf(out, "sctp");
eb3b5696 1606 else if (ip_proto == IPPROTO_ICMP)
e28b88a4 1607 sprintf(out, "icmp");
eb3b5696 1608 else if (ip_proto == IPPROTO_ICMPV6)
e28b88a4 1609 sprintf(out, "icmpv6");
30eb304e 1610 else
e28b88a4
JP		 1611 sprintf(out, "%02x", ip_proto);
1612
1613 print_string(PRINT_ANY, "ip_proto", "\n ip_proto %s", out);
30eb304e
JP		 1614 *p_ip_proto = ip_proto;
1615}
1616
e8bd3955 1617static void flower_print_ip_attr(const char *name, struct rtattr *key_attr,
6ea2c2b1
OG		 1618 struct rtattr *mask_attr)
1619{
e28b88a4
JP		 1620 SPRINT_BUF(namefrm);
1621 SPRINT_BUF(out);
1622 size_t done;
1623
6ea2c2b1
OG		 1624 if (!key_attr)
1625 return;
1626
e8bd3955 1627 done = sprintf(out, "0x%x", rta_getattr_u8(key_attr));
e28b88a4
JP		 1628 if (mask_attr)
1629 sprintf(out + done, "/%x", rta_getattr_u8(mask_attr));
1630
e8bd3955
KL		 1631 print_string(PRINT_FP, NULL, "%s ", _SL_);
1632 sprintf(namefrm, "%s %%s", name);
e28b88a4 1633 print_string(PRINT_ANY, name, namefrm, out);
6ea2c2b1
OG		 1634}
1635
e28b88a4 1636static void flower_print_matching_flags(char *name,
08f66c80 1637 enum flower_matching_flags type,
22a8f019
PB		 1638 struct rtattr *attr,
1639 struct rtattr *mask_attr)
1640{
08f66c80
PB		 1641 int i;
1642 int count = 0;
1643 __u32 mtf;
1644 __u32 mtf_mask;
1645
22a8f019
PB		 1646 if (!mask_attr || RTA_PAYLOAD(mask_attr) != 4)
1647 return;
1648
08f66c80
PB		 1649 mtf = ntohl(rta_getattr_u32(attr));
1650 mtf_mask = ntohl(rta_getattr_u32(mask_attr));
1651
1652 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
1653 if (type != flags_str[i].type)
1654 continue;
1655 if (mtf_mask & flags_str[i].flag) {
e28b88a4
JP		 1656 if (++count == 1) {
1657 print_string(PRINT_FP, NULL, "\n %s ", name);
1658 open_json_object(name);
1659 } else {
1660 print_string(PRINT_FP, NULL, "/", NULL);
1661 }
08f66c80 1662
e28b88a4
JP		 1663 print_bool(PRINT_JSON, flags_str[i].string, NULL,
1664 mtf & flags_str[i].flag);
08f66c80 1665 if (mtf & flags_str[i].flag)
e28b88a4
JP		 1666 print_string(PRINT_FP, NULL, "%s",
1667 flags_str[i].string);
08f66c80 1668 else
e28b88a4
JP		 1669 print_string(PRINT_FP, NULL, "no%s",
1670 flags_str[i].string);
08f66c80
PB		 1671 }
1672 }
e28b88a4
JP		 1673 if (count)
1674 close_json_object();
22a8f019
PB		 1675}
1676
e28b88a4 1677static void flower_print_ip_addr(char *name, __be16 eth_type,
30eb304e
JP		 1678 struct rtattr *addr4_attr,
1679 struct rtattr *mask4_attr,
1680 struct rtattr *addr6_attr,
1681 struct rtattr *mask6_attr)
1682{
30eb304e
JP		 1683 struct rtattr *addr_attr;
1684 struct rtattr *mask_attr;
e28b88a4
JP		 1685 SPRINT_BUF(namefrm);
1686 SPRINT_BUF(out);
1687 size_t done;
30eb304e
JP		 1688 int family;
1689 size_t len;
1690 int bits;
1691
1692 if (eth_type == htons(ETH_P_IP)) {
1693 family = AF_INET;
1694 addr_attr = addr4_attr;
1695 mask_attr = mask4_attr;
1696 len = 4;
1697 } else if (eth_type == htons(ETH_P_IPV6)) {
1698 family = AF_INET6;
1699 addr_attr = addr6_attr;
1700 mask_attr = mask6_attr;
1701 len = 16;
1702 } else {
1703 return;
1704 }
1705 if (!addr_attr || RTA_PAYLOAD(addr_attr) != len)
1706 return;
30eb304e
JP		 1707 if (!mask_attr || RTA_PAYLOAD(mask_attr) != len)
1708 return;
e28b88a4 1709 done = sprintf(out, "%s", rt_addr_n2a_rta(family, addr_attr));
30eb304e
JP		 1710 bits = __mask_bits(RTA_DATA(mask_attr), len);
1711 if (bits < 0)
e28b88a4 1712 sprintf(out + done, "/%s", rt_addr_n2a_rta(family, mask_attr));
30eb304e 1713 else if (bits < len * 8)
e28b88a4
JP		 1714 sprintf(out + done, "/%d", bits);
1715
1716 sprintf(namefrm, "\n %s %%s", name);
1717 print_string(PRINT_ANY, name, namefrm, out);
30eb304e 1718}
e28b88a4 1719static void flower_print_ip4_addr(char *name, struct rtattr *addr_attr,
f888f4e2
SH		 1720 struct rtattr *mask_attr)
1721{
e28b88a4 1722 return flower_print_ip_addr(name, htons(ETH_P_IP),
f888f4e2
SH		 1723 addr_attr, mask_attr, 0, 0);
1724}
30eb304e 1725
e28b88a4 1726static void flower_print_port(char *name, struct rtattr *attr)
30eb304e 1727{
e28b88a4
JP		 1728 SPRINT_BUF(namefrm);
1729
1730 if (!attr)
1731 return;
1732
1733 sprintf(namefrm,"\n %s %%u", name);
0b01f088 1734 print_hu(PRINT_ANY, name, namefrm, rta_getattr_be16(attr));
30eb304e
JP		 1735}
1736
8930840e
AN		 1737static void flower_print_port_range(char *name, struct rtattr *min_attr,
1738 struct rtattr *max_attr)
1739{
1740 if (!min_attr || !max_attr)
1741 return;
1742
1743 if (is_json_context()) {
1744 open_json_object(name);
1745 print_hu(PRINT_JSON, "start", NULL, rta_getattr_be16(min_attr));
1746 print_hu(PRINT_JSON, "end", NULL, rta_getattr_be16(max_attr));
1747 close_json_object();
1748 } else {
1749 SPRINT_BUF(namefrm);
1750 SPRINT_BUF(out);
1751 size_t done;
1752
1753 done = sprintf(out, "%u", rta_getattr_be16(min_attr));
1754 sprintf(out + done, "-%u", rta_getattr_be16(max_attr));
1755 sprintf(namefrm, "\n %s %%s", name);
1756 print_string(PRINT_ANY, name, namefrm, out);
1757 }
1758}
1759
e8bd3955 1760static void flower_print_tcp_flags(const char *name, struct rtattr *flags_attr,
e28b88a4 1761 struct rtattr *mask_attr)
0c30d14d 1762{
e28b88a4
JP		 1763 SPRINT_BUF(namefrm);
1764 SPRINT_BUF(out);
1765 size_t done;
1766
0c30d14d
JP		 1767 if (!flags_attr)
1768 return;
e28b88a4 1769
e8bd3955 1770 done = sprintf(out, "0x%x", rta_getattr_be16(flags_attr));
e28b88a4 1771 if (mask_attr)
e8bd3955 1772 sprintf(out + done, "/%x", rta_getattr_be16(mask_attr));
e28b88a4 1773
e8bd3955
KL		 1774 print_string(PRINT_FP, NULL, "%s ", _SL_);
1775 sprintf(namefrm, "%s %%s", name);
e28b88a4 1776 print_string(PRINT_ANY, name, namefrm, out);
0c30d14d
JP		 1777}
1778
2fffb1c0
PB		 1779static void flower_print_ct_state(struct rtattr *flags_attr,
1780 struct rtattr *mask_attr)
1781{
1782 SPRINT_BUF(out);
1783 uint16_t state;
1784 uint16_t state_mask;
1785 size_t done = 0;
1786 int i;
1787
1788 if (!flags_attr)
1789 return;
1790
1791 state = rta_getattr_u16(flags_attr);
1792 if (mask_attr)
1793 state_mask = rta_getattr_u16(mask_attr);
1794 else
1795 state_mask = UINT16_MAX;
1796
1797 for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
1798 if (!(state_mask & flower_ct_states[i].flag))
1799 continue;
1800
1801 if (state & flower_ct_states[i].flag)
1802 done += sprintf(out + done, "+%s",
1803 flower_ct_states[i].str);
1804 else
1805 done += sprintf(out + done, "-%s",
1806 flower_ct_states[i].str);
1807 }
1808
1809 print_string(PRINT_ANY, "ct_state", "\n ct_state %s", out);
1810}
1811
1812static void flower_print_ct_label(struct rtattr *attr,
1813 struct rtattr *mask_attr)
1814{
1815 const unsigned char *str;
1816 bool print_mask = false;
1817 int data_len, i;
1818 SPRINT_BUF(out);
1819 char *p;
1820
1821 if (!attr)
1822 return;
1823
1824 data_len = RTA_PAYLOAD(attr);
1825 hexstring_n2a(RTA_DATA(attr), data_len, out, sizeof(out));
1826 p = out + data_len*2;
1827
1828 data_len = RTA_PAYLOAD(attr);
1829 str = RTA_DATA(mask_attr);
1830 if (data_len != 16)
1831 print_mask = true;
1832 for (i = 0; !print_mask && i < data_len; i++) {
1833 if (str[i] != 0xff)
1834 print_mask = true;
1835 }
1836 if (print_mask) {
1837 *p++ = '/';
1838 hexstring_n2a(RTA_DATA(mask_attr), data_len, p,
1839 sizeof(out)-(p-out));
1840 p += data_len*2;
1841 }
1842 *p = '\0';
1843
1844 print_string(PRINT_ANY, "ct_label", "\n ct_label %s", out);
1845}
1846
1847static void flower_print_ct_zone(struct rtattr *attr,
1848 struct rtattr *mask_attr)
1849{
1850 print_masked_u16("ct_zone", attr, mask_attr);
1851}
1852
1853static void flower_print_ct_mark(struct rtattr *attr,
1854 struct rtattr *mask_attr)
1855{
1856 print_masked_u32("ct_mark", attr, mask_attr);
1857}
0c30d14d 1858
e28b88a4 1859static void flower_print_key_id(const char *name, struct rtattr *attr)
bb9b63b1 1860{
e28b88a4
JP		 1861 SPRINT_BUF(namefrm);
1862
1863 if (!attr)
1864 return;
1865
1866 sprintf(namefrm,"\n %s %%u", name);
1867 print_uint(PRINT_ANY, name, namefrm, rta_getattr_be32(attr));
bb9b63b1
AV		 1868}
1869
56155d4d
PJV		 1870static void flower_print_geneve_opts(const char *name, struct rtattr *attr,
1871 char *strbuf)
1872{
1873 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX + 1];
1874 int ii, data_len, offset = 0, slen = 0;
1875 struct rtattr *i = RTA_DATA(attr);
1876 int rem = RTA_PAYLOAD(attr);
1877 __u8 type, data_r[rem];
1878 char data[rem * 2 + 1];
1879 __u16 class;
1880
1881 open_json_array(PRINT_JSON, name);
1882 while (rem) {
1883 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX, i, rem);
1884 class = rta_getattr_be16(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS]);
1885 type = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE]);
1886 data_len = RTA_PAYLOAD(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]);
1887 hexstring_n2a(RTA_DATA(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]),
1888 data_len, data, sizeof(data));
1889 hex2mem(data, data_r, data_len);
1890 offset += data_len + 20;
1891 rem -= data_len + 20;
1892 i = RTA_DATA(attr) + offset;
1893
1894 open_json_object(NULL);
1895 print_uint(PRINT_JSON, "class", NULL, class);
1896 print_uint(PRINT_JSON, "type", NULL, type);
1897 open_json_array(PRINT_JSON, "data");
1898 for (ii = 0; ii < data_len; ii++)
1899 print_uint(PRINT_JSON, NULL, NULL, data_r[ii]);
1900 close_json_array(PRINT_JSON, "data");
1901 close_json_object();
1902
1903 slen += sprintf(strbuf + slen, "%04x:%02x:%s",
1904 class, type, data);
1905 if (rem)
1906 slen += sprintf(strbuf + slen, ",");
1907 }
1908 close_json_array(PRINT_JSON, name);
1909}
1910
1911static void flower_print_geneve_parts(const char *name, struct rtattr *attr,
1912 char *key, char *mask)
1913{
1914 char *namefrm = "\n geneve_opt %s";
1915 char *key_token, *mask_token, *out;
1916 int len;
1917
1918 out = malloc(RTA_PAYLOAD(attr) * 4 + 3);
1919 if (!out)
1920 return;
1921
1922 len = 0;
1923 key_token = strsep(&key, ",");
1924 mask_token = strsep(&mask, ",");
1925 while (key_token) {
1926 len += sprintf(&out[len], "%s/%s,", key_token, mask_token);
1927 mask_token = strsep(&mask, ",");
1928 key_token = strsep(&key, ",");
1929 }
1930
1931 out[len - 1] = '\0';
1932 print_string(PRINT_FP, name, namefrm, out);
1933 free(out);
1934}
1935
1936static void flower_print_enc_opts(const char *name, struct rtattr *attr,
1937 struct rtattr *mask_attr)
1938{
1939 struct rtattr *key_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
1940 struct rtattr *msk_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
1941 char *key, *msk;
1942
1943 if (!attr)
1944 return;
1945
1946 key = malloc(RTA_PAYLOAD(attr) * 2 + 1);
1947 if (!key)
1948 return;
1949
1950 msk = malloc(RTA_PAYLOAD(attr) * 2 + 1);
1951 if (!msk)
1952 goto err_key_free;
1953
1954 parse_rtattr_nested(key_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, attr);
1955 flower_print_geneve_opts("geneve_opt_key",
1956 key_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], key);
1957
1958 parse_rtattr_nested(msk_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, mask_attr);
1959 flower_print_geneve_opts("geneve_opt_mask",
1960 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], msk);
1961
1962 flower_print_geneve_parts(name, attr, key, msk);
1963
1964 free(msk);
1965err_key_free:
1966 free(key);
1967}
1968
e28b88a4 1969static void flower_print_masked_u8(const char *name, struct rtattr *attr,
9d36e54f
SH		 1970 struct rtattr *mask_attr,
1971 const char *(*value_to_str)(__u8 value))
f888f4e2 1972{
9d36e54f
SH		 1973 const char *value_str = NULL;
1974 __u8 value, mask;
e28b88a4
JP		 1975 SPRINT_BUF(namefrm);
1976 SPRINT_BUF(out);
1977 size_t done;
f888f4e2 1978
9d36e54f 1979 if (!attr)
f888f4e2
SH		 1980 return;
1981
9d36e54f 1982 value = rta_getattr_u8(attr);
f888f4e2 1983 mask = mask_attr ? rta_getattr_u8(mask_attr) : UINT8_MAX;
9d36e54f
SH		 1984 if (mask == UINT8_MAX && value_to_str)
1985 value_str = value_to_str(value);
f888f4e2 1986
9d36e54f 1987 if (value_str)
e28b88a4 1988 done = sprintf(out, "%s", value_str);
f888f4e2 1989 else
e28b88a4 1990 done = sprintf(out, "%d", value);
f888f4e2
SH		 1991
1992 if (mask != UINT8_MAX)
e28b88a4
JP		 1993 sprintf(out + done, "/%d", mask);
1994
1995 sprintf(namefrm,"\n %s %%s", name);
1996 print_string(PRINT_ANY, name, namefrm, out);
f888f4e2
SH		 1997}
1998
e28b88a4 1999static void flower_print_u8(const char *name, struct rtattr *attr)
7638ee13 2000{
e28b88a4 2001 flower_print_masked_u8(name, attr, NULL, NULL);
7638ee13
BL		 2002}
2003
e28b88a4 2004static void flower_print_u32(const char *name, struct rtattr *attr)
7638ee13 2005{
e28b88a4 2006 SPRINT_BUF(namefrm);
7638ee13
BL		 2007
2008 if (!attr)
2009 return;
2010
e28b88a4
JP		 2011 sprintf(namefrm,"\n %s %%u", name);
2012 print_uint(PRINT_ANY, name, namefrm, rta_getattr_u32(attr));
7638ee13
BL		 2013}
2014
e28b88a4 2015static void flower_print_arp_op(const char *name,
9d36e54f
SH		 2016 struct rtattr *op_attr,
2017 struct rtattr *mask_attr)
2018{
e28b88a4 2019 flower_print_masked_u8(name, op_attr, mask_attr,
9d36e54f
SH		 2020 flower_print_arp_op_to_name);
2021}
2022
30eb304e
JP		 2023static int flower_print_opt(struct filter_util *qu, FILE *f,
2024 struct rtattr *opt, __u32 handle)
2025{
2026 struct rtattr *tb[TCA_FLOWER_MAX + 1];
8930840e 2027 __be16 min_port_type, max_port_type;
6374961a 2028 int nl_type, nl_mask_type;
30eb304e
JP		 2029 __be16 eth_type = 0;
2030 __u8 ip_proto = 0xff;
2031
2032 if (!opt)
2033 return 0;
2034
2035 parse_rtattr_nested(tb, TCA_FLOWER_MAX, opt);
2036
2037 if (handle)
e28b88a4 2038 print_uint(PRINT_ANY, "handle", "handle 0x%x ", handle);
30eb304e
JP		 2039
2040 if (tb[TCA_FLOWER_CLASSID]) {
0d575c4d
AN		 2041 __u32 h = rta_getattr_u32(tb[TCA_FLOWER_CLASSID]);
2042
2043 if (TC_H_MIN(h) < TC_H_MIN_PRIORITY ||
2044 TC_H_MIN(h) > (TC_H_MIN_PRIORITY + TC_QOPT_MAX_QUEUE - 1)) {
2045 SPRINT_BUF(b1);
e28b88a4
JP		 2046 print_string(PRINT_ANY, "classid", "classid %s ",
2047 sprint_tc_classid(h, b1));
0d575c4d 2048 } else {
e28b88a4
JP		 2049 print_uint(PRINT_ANY, "hw_tc", "hw_tc %u ",
2050 TC_H_MIN(h) - TC_H_MIN_PRIORITY);
0d575c4d 2051 }
30eb304e
JP		 2052 }
2053
2054 if (tb[TCA_FLOWER_INDEV]) {
2055 struct rtattr *attr = tb[TCA_FLOWER_INDEV];
2056
e28b88a4
JP		 2057 print_string(PRINT_ANY, "indev", "\n indev %s",
2058 rta_getattr_str(attr));
30eb304e
JP		 2059 }
2060
e28b88a4
JP		 2061 open_json_object("keys");
2062
745d9172
HHZ		 2063 if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
2064 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ID];
2065
e28b88a4
JP		 2066 print_uint(PRINT_ANY, "vlan_id", "\n vlan_id %u",
2067 rta_getattr_u16(attr));
745d9172
HHZ		 2068 }
2069
2070 if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
2071 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_PRIO];
2072
e28b88a4
JP		 2073 print_uint(PRINT_ANY, "vlan_prio", "\n vlan_prio %d",
2074 rta_getattr_u8(attr));
745d9172
HHZ		 2075 }
2076
1f0a5dfd
JL		 2077 if (tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE]) {
2078 SPRINT_BUF(buf);
2079 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE];
2080
2081 print_string(PRINT_ANY, "vlan_ethtype", "\n vlan_ethtype %s",
2082 ll_proto_n2a(rta_getattr_u16(attr),
2083 buf, sizeof(buf)));
2084 }
2085
2086 if (tb[TCA_FLOWER_KEY_CVLAN_ID]) {
2087 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ID];
2088
2089 print_uint(PRINT_ANY, "cvlan_id", "\n cvlan_id %u",
2090 rta_getattr_u16(attr));
2091 }
2092
2093 if (tb[TCA_FLOWER_KEY_CVLAN_PRIO]) {
2094 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_PRIO];
2095
2096 print_uint(PRINT_ANY, "cvlan_prio", "\n cvlan_prio %d",
2097 rta_getattr_u8(attr));
2098 }
2099
2100 if (tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE]) {
2101 SPRINT_BUF(buf);
2102 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE];
2103
2104 print_string(PRINT_ANY, "cvlan_ethtype", "\n cvlan_ethtype %s",
2105 ll_proto_n2a(rta_getattr_u16(attr),
2106 buf, sizeof(buf)));
2107 }
2108
e28b88a4 2109 flower_print_eth_addr("dst_mac", tb[TCA_FLOWER_KEY_ETH_DST],
30eb304e 2110 tb[TCA_FLOWER_KEY_ETH_DST_MASK]);
e28b88a4 2111 flower_print_eth_addr("src_mac", tb[TCA_FLOWER_KEY_ETH_SRC],
30eb304e
JP		 2112 tb[TCA_FLOWER_KEY_ETH_SRC_MASK]);
2113
e28b88a4
JP		 2114 flower_print_eth_type(&eth_type, tb[TCA_FLOWER_KEY_ETH_TYPE]);
2115 flower_print_ip_proto(&ip_proto, tb[TCA_FLOWER_KEY_IP_PROTO]);
30eb304e 2116
e28b88a4 2117 flower_print_ip_attr("ip_tos", tb[TCA_FLOWER_KEY_IP_TOS],
6ea2c2b1 2118 tb[TCA_FLOWER_KEY_IP_TOS_MASK]);
e28b88a4 2119 flower_print_ip_attr("ip_ttl", tb[TCA_FLOWER_KEY_IP_TTL],
6ea2c2b1
OG		 2120 tb[TCA_FLOWER_KEY_IP_TTL_MASK]);
2121
e28b88a4
JP		 2122 flower_print_u32("mpls_label", tb[TCA_FLOWER_KEY_MPLS_LABEL]);
2123 flower_print_u8("mpls_tc", tb[TCA_FLOWER_KEY_MPLS_TC]);
2124 flower_print_u8("mpls_bos", tb[TCA_FLOWER_KEY_MPLS_BOS]);
2125 flower_print_u8("mpls_ttl", tb[TCA_FLOWER_KEY_MPLS_TTL]);
7638ee13 2126
e28b88a4 2127 flower_print_ip_addr("dst_ip", eth_type,
30eb304e
JP		 2128 tb[TCA_FLOWER_KEY_IPV4_DST],
2129 tb[TCA_FLOWER_KEY_IPV4_DST_MASK],
2130 tb[TCA_FLOWER_KEY_IPV6_DST],
2131 tb[TCA_FLOWER_KEY_IPV6_DST_MASK]);
2132
e28b88a4 2133 flower_print_ip_addr("src_ip", eth_type,
30eb304e
JP		 2134 tb[TCA_FLOWER_KEY_IPV4_SRC],
2135 tb[TCA_FLOWER_KEY_IPV4_SRC_MASK],
2136 tb[TCA_FLOWER_KEY_IPV6_SRC],
2137 tb[TCA_FLOWER_KEY_IPV6_SRC_MASK]);
2138
b2141de1 2139 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_DST);
6bd5b80c 2140 if (nl_type >= 0)
e28b88a4 2141 flower_print_port("dst_port", tb[nl_type]);
b2141de1 2142 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_SRC);
6bd5b80c 2143 if (nl_type >= 0)
e28b88a4 2144 flower_print_port("src_port", tb[nl_type]);
30eb304e 2145
8930840e
AN		 2146 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_DST,
2147 &min_port_type, &max_port_type))
2148 flower_print_port_range("dst_port",
2149 tb[min_port_type], tb[max_port_type]);
2150
2151 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_SRC,
2152 &min_port_type, &max_port_type))
2153 flower_print_port_range("src_port",
2154 tb[min_port_type], tb[max_port_type]);
2155
e28b88a4 2156 flower_print_tcp_flags("tcp_flags", tb[TCA_FLOWER_KEY_TCP_FLAGS],
0c30d14d
JP		 2157 tb[TCA_FLOWER_KEY_TCP_FLAGS_MASK]);
2158
81f6e5a7
SH		 2159 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
2160 FLOWER_ICMP_FIELD_TYPE);
6374961a
SH		 2161 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
2162 FLOWER_ICMP_FIELD_TYPE);
2163 if (nl_type >= 0 && nl_mask_type >= 0)
e28b88a4 2164 flower_print_masked_u8("icmp_type", tb[nl_type],
6374961a
SH		 2165 tb[nl_mask_type], NULL);
2166
81f6e5a7
SH		 2167 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
2168 FLOWER_ICMP_FIELD_CODE);
6374961a
SH		 2169 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
2170 FLOWER_ICMP_FIELD_CODE);
2171 if (nl_type >= 0 && nl_mask_type >= 0)
e28b88a4 2172 flower_print_masked_u8("icmp_code", tb[nl_type],
6374961a 2173 tb[nl_mask_type], NULL);
eb3b5696 2174
e28b88a4 2175 flower_print_ip4_addr("arp_sip", tb[TCA_FLOWER_KEY_ARP_SIP],
f888f4e2 2176 tb[TCA_FLOWER_KEY_ARP_SIP_MASK]);
e28b88a4 2177 flower_print_ip4_addr("arp_tip", tb[TCA_FLOWER_KEY_ARP_TIP],
f888f4e2 2178 tb[TCA_FLOWER_KEY_ARP_TIP_MASK]);
e28b88a4 2179 flower_print_arp_op("arp_op", tb[TCA_FLOWER_KEY_ARP_OP],
f888f4e2 2180 tb[TCA_FLOWER_KEY_ARP_OP_MASK]);
e28b88a4 2181 flower_print_eth_addr("arp_sha", tb[TCA_FLOWER_KEY_ARP_SHA],
f888f4e2 2182 tb[TCA_FLOWER_KEY_ARP_SHA_MASK]);
e28b88a4 2183 flower_print_eth_addr("arp_tha", tb[TCA_FLOWER_KEY_ARP_THA],
f888f4e2
SH		 2184 tb[TCA_FLOWER_KEY_ARP_THA_MASK]);
2185
e28b88a4 2186 flower_print_ip_addr("enc_dst_ip",
bb9b63b1
AV		 2187 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] ?
2188 htons(ETH_P_IP) : htons(ETH_P_IPV6),
2189 tb[TCA_FLOWER_KEY_ENC_IPV4_DST],
2190 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK],
2191 tb[TCA_FLOWER_KEY_ENC_IPV6_DST],
2192 tb[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK]);
2193
e28b88a4 2194 flower_print_ip_addr("enc_src_ip",
bb9b63b1
AV		 2195 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] ?
2196 htons(ETH_P_IP) : htons(ETH_P_IPV6),
2197 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC],
2198 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK],
2199 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC],
2200 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK]);
2201
e28b88a4 2202 flower_print_key_id("enc_key_id", tb[TCA_FLOWER_KEY_ENC_KEY_ID]);
bb9b63b1 2203
e28b88a4 2204 flower_print_port("enc_dst_port", tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]);
41aa17ff 2205
761ec9e2
OG		 2206 flower_print_ip_attr("enc_tos", tb[TCA_FLOWER_KEY_ENC_IP_TOS],
2207 tb[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]);
2208 flower_print_ip_attr("enc_ttl", tb[TCA_FLOWER_KEY_ENC_IP_TTL],
2209 tb[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]);
56155d4d
PJV		 2210 flower_print_enc_opts("enc_opt", tb[TCA_FLOWER_KEY_ENC_OPTS],
2211 tb[TCA_FLOWER_KEY_ENC_OPTS_MASK]);
761ec9e2 2212
e28b88a4 2213 flower_print_matching_flags("ip_flags", FLOWER_IP_FLAGS,
22a8f019
PB		 2214 tb[TCA_FLOWER_KEY_FLAGS],
2215 tb[TCA_FLOWER_KEY_FLAGS_MASK]);
2216
2fffb1c0
PB		 2217 flower_print_ct_state(tb[TCA_FLOWER_KEY_CT_STATE],
2218 tb[TCA_FLOWER_KEY_CT_STATE_MASK]);
2219 flower_print_ct_zone(tb[TCA_FLOWER_KEY_CT_ZONE],
2220 tb[TCA_FLOWER_KEY_CT_ZONE_MASK]);
2221 flower_print_ct_mark(tb[TCA_FLOWER_KEY_CT_MARK],
2222 tb[TCA_FLOWER_KEY_CT_MARK_MASK]);
2223 flower_print_ct_label(tb[TCA_FLOWER_KEY_CT_LABELS],
2224 tb[TCA_FLOWER_KEY_CT_LABELS_MASK]);
2225
e28b88a4
JP		 2226 close_json_object();
2227
512caeb2 2228 if (tb[TCA_FLOWER_FLAGS]) {
cfcabf18
AV		 2229 __u32 flags = rta_getattr_u32(tb[TCA_FLOWER_FLAGS]);
2230
2231 if (flags & TCA_CLS_FLAGS_SKIP_HW)
e28b88a4 2232 print_bool(PRINT_ANY, "skip_hw", "\n skip_hw", true);
cfcabf18 2233 if (flags & TCA_CLS_FLAGS_SKIP_SW)
e28b88a4 2234 print_bool(PRINT_ANY, "skip_sw", "\n skip_sw", true);
e57285b8 2235
f6b498f9 2236 if (flags & TCA_CLS_FLAGS_IN_HW) {
e28b88a4 2237 print_bool(PRINT_ANY, "in_hw", "\n in_hw", true);
f6b498f9
VB		 2238
2239 if (tb[TCA_FLOWER_IN_HW_COUNT]) {
2240 __u32 count = rta_getattr_u32(tb[TCA_FLOWER_IN_HW_COUNT]);
2241
2242 print_uint(PRINT_ANY, "in_hw_count",
2243 " in_hw_count %u", count);
2244 }
2245 }
e57285b8 2246 else if (flags & TCA_CLS_FLAGS_NOT_IN_HW)
e28b88a4 2247 print_bool(PRINT_ANY, "not_in_hw", "\n not_in_hw", true);
cfcabf18
AV		 2248 }
2249
512caeb2 2250 if (tb[TCA_FLOWER_ACT])
9e713525 2251 tc_print_action(f, tb[TCA_FLOWER_ACT], 0);
30eb304e
JP		 2252
2253 return 0;
2254}
2255
2256struct filter_util flower_filter_util = {
2257 .id = "flower",
2258 .parse_fopt = flower_parse_opt,
2259 .print_fopt = flower_print_opt,
2260};
Upstream mirror of iproute2