[mirror_iproute2.git] / tc / m_mirred.c

/*
 * m_egress.c		ingress/egress packet mirror/redir actions module
 *
 *		This program is free software; you can distribute it and/or
 *		modify it under the terms of the GNU General Public License
 *		as published by the Free Software Foundation; either version
 *		2 of the License, or (at your option) any later version.
 *
 * Authors:  J Hadi Salim (hadi@cyberus.ca)
 *
 * TODO: Add Ingress support
 *
 */

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <string.h>
#include "utils.h"
#include "tc_util.h"
#include "tc_common.h"
#include <linux/tc_act/tc_mirred.h>

static void
explain(void)
{
	fprintf(stderr,
		"Usage: mirred <DIRECTION> <ACTION> [index INDEX] <dev DEVICENAME>\n"
		"where:\n"
		"\tDIRECTION := <ingress | egress>\n"
		"\tACTION := <mirror | redirect>\n"
		"\tINDEX  is the specific policy instance id\n"
		"\tDEVICENAME is the devicename\n");
}

static void
usage(void)
{
	explain();
	exit(-1);
}

static const char *mirred_n2a(int action)
{
	switch (action) {
	case TCA_EGRESS_REDIR:
		return "Egress Redirect";
	case TCA_INGRESS_REDIR:
		return "Ingress Redirect";
	case TCA_EGRESS_MIRROR:
		return "Egress Mirror";
	case TCA_INGRESS_MIRROR:
		return "Ingress Mirror";
	default:
		return "unknown";
	}
}

static const char *mirred_direction(int action)
{
	switch (action) {
	case TCA_EGRESS_REDIR:
	case TCA_EGRESS_MIRROR:
		return "egress";
	case TCA_INGRESS_REDIR:
	case TCA_INGRESS_MIRROR:
		return "ingress";
	default:
		return "unknown";
	}
}

static const char *mirred_action(int action)
{
	switch (action) {
	case TCA_EGRESS_REDIR:
	case TCA_INGRESS_REDIR:
		return "redirect";
	case TCA_EGRESS_MIRROR:
	case TCA_INGRESS_MIRROR:
		return "mirror";
	default:
		return "unknown";
	}
}

static int
parse_direction(struct action_util *a, int *argc_p, char ***argv_p,
		int tca_id, struct nlmsghdr *n)
{

	int argc = *argc_p;
	char **argv = *argv_p;
	int ok = 0, iok = 0, mirror = 0, redir = 0, ingress = 0, egress = 0;
	struct tc_mirred p = {};
	struct rtattr *tail;
	char d[IFNAMSIZ] = {};

	while (argc > 0) {

		if (matches(*argv, "action") == 0) {
			break;
		} else if (!egress && matches(*argv, "egress") == 0) {
			egress = 1;
			if (ingress) {
				fprintf(stderr,
					"Can't have both egress and ingress\n");
				return -1;
			}
			NEXT_ARG();
			ok++;
			continue;
		} else if (!ingress && matches(*argv, "ingress") == 0) {
			ingress = 1;
			if (egress) {
				fprintf(stderr,
					"Can't have both ingress and egress\n");
				return -1;
			}
			NEXT_ARG();
			ok++;
			continue;
		} else {

			if (matches(*argv, "index") == 0) {
				NEXT_ARG();
				if (get_u32(&p.index, *argv, 10)) {
					fprintf(stderr, "Illegal \"index\"\n");
					return -1;
				}
				iok++;
				if (!ok) {
					argc--;
					argv++;
					break;
				}
			} else if (!ok) {
				fprintf(stderr,
					"was expecting egress or ingress (%s)\n",
					*argv);
				break;

			} else if (!mirror && matches(*argv, "mirror") == 0) {
				mirror = 1;
				if (redir) {
					fprintf(stderr,
						"Can't have both mirror and redir\n");
					return -1;
				}
				p.eaction = egress ? TCA_EGRESS_MIRROR :
					TCA_INGRESS_MIRROR;
				p.action = TC_ACT_PIPE;
				ok++;
			} else if (!redir && matches(*argv, "redirect") == 0) {
				redir = 1;
				if (mirror) {
					fprintf(stderr,
						"Can't have both mirror and redir\n");
					return -1;
				}
				p.eaction = egress ? TCA_EGRESS_REDIR :
					TCA_INGRESS_REDIR;
				p.action = TC_ACT_STOLEN;
				ok++;
			} else if ((redir || mirror) &&
				   matches(*argv, "dev") == 0) {
				NEXT_ARG();
				if (strlen(d))
					duparg("dev", *argv);

				strncpy(d, *argv, sizeof(d)-1);
				argc--;
				argv++;

				break;

			}
		}

		NEXT_ARG();
	}

	if (!ok && !iok)
		return -1;

	if (d[0])  {
		int idx;

		ll_init_map(&rth);

		idx = ll_name_to_index(d);
		if (idx == 0) {
			fprintf(stderr, "Cannot find device \"%s\"\n", d);
			return -1;
		}

		p.ifindex = idx;
	}


	if (p.eaction == TCA_EGRESS_MIRROR || p.eaction == TCA_INGRESS_MIRROR) {
		parse_action_control(&argc, &argv, &p.action, false);
		NEXT_ARG_FWD();
	}

	if (argc) {
		if (iok && matches(*argv, "index") == 0) {
			fprintf(stderr, "mirred: Illegal double index\n");
			return -1;
		}

		if (matches(*argv, "index") == 0) {
			NEXT_ARG();
			if (get_u32(&p.index, *argv, 10)) {
				fprintf(stderr,
					"mirred: Illegal \"index\"\n");
				return -1;
			}
			argc--;
			argv++;
		}
	}

	tail = addattr_nest(n, MAX_MSG, tca_id);
	addattr_l(n, MAX_MSG, TCA_MIRRED_PARMS, &p, sizeof(p));
	addattr_nest_end(n, tail);

	*argc_p = argc;
	*argv_p = argv;
	return 0;
}


static int
parse_mirred(struct action_util *a, int *argc_p, char ***argv_p,
	     int tca_id, struct nlmsghdr *n)
{

	int argc = *argc_p;
	char **argv = *argv_p;

	if (argc < 0) {
		fprintf(stderr, "mirred bad argument count %d\n", argc);
		return -1;
	}

	if (matches(*argv, "mirred") == 0) {
		NEXT_ARG();
	} else {
		fprintf(stderr, "mirred bad argument %s\n", *argv);
		return -1;
	}


	if (matches(*argv, "egress") == 0 || matches(*argv, "ingress") == 0 ||
	    matches(*argv, "index") == 0) {
		int ret = parse_direction(a, &argc, &argv, tca_id, n);

		if (ret == 0) {
			*argc_p = argc;
			*argv_p = argv;
			return 0;
		}

	} else if (matches(*argv, "help") == 0) {
		usage();
	} else {
		fprintf(stderr, "mirred option not supported %s\n", *argv);
	}

	return -1;

}

static int
print_mirred(struct action_util *au, FILE *f, struct rtattr *arg)
{
	struct tc_mirred *p;
	struct rtattr *tb[TCA_MIRRED_MAX + 1];
	const char *dev;

	if (arg == NULL)
		return -1;

	parse_rtattr_nested(tb, TCA_MIRRED_MAX, arg);

	if (tb[TCA_MIRRED_PARMS] == NULL) {
		print_string(PRINT_FP, NULL, "%s", "[NULL mirred parameters]");
		return -1;
	}
	p = RTA_DATA(tb[TCA_MIRRED_PARMS]);

	dev = ll_index_to_name(p->ifindex);
	if (dev == 0) {
		fprintf(stderr, "Cannot find device %d\n", p->ifindex);
		return -1;
	}

	print_string(PRINT_ANY, "kind", "%s ", "mirred");
	print_string(PRINT_FP, NULL, "(%s", mirred_n2a(p->eaction));
	print_string(PRINT_JSON, "mirred_action", NULL,
		     mirred_action(p->eaction));
	print_string(PRINT_JSON, "direction", NULL,
		     mirred_direction(p->eaction));
	print_string(PRINT_ANY, "to_dev", " to device %s)", dev);
	print_action_control(f, " ", p->action, "");

	print_uint(PRINT_ANY, "index", "\n \tindex %u", p->index);
	print_int(PRINT_ANY, "ref", " ref %d", p->refcnt);
	print_int(PRINT_ANY, "bind", " bind %d", p->bindcnt);

	if (show_stats) {
		if (tb[TCA_MIRRED_TM]) {
			struct tcf_t *tm = RTA_DATA(tb[TCA_MIRRED_TM]);

			print_tm(f, tm);
		}
	}
	print_string(PRINT_FP, NULL, "%s", "\n ");
	return 0;
}

struct action_util mirred_action_util = {
	.id = "mirred",
	.parse_aopt = parse_mirred,
	.print_aopt = print_mirred,
};
Commit	Line	Data
00fa8480	1	/*
ae665a52	2	* m_egress.c ingress/egress packet mirror/redir actions module
00fa8480	3	*
	4	* This program is free software; you can distribute it and/or
	5	* modify it under the terms of the GNU General Public License
	6	* as published by the Free Software Foundation; either version
	7	* 2 of the License, or (at your option) any later version.
	8	*
ae665a52 SH	9	* Authors: J Hadi Salim (hadi@cyberus.ca)
ae665a52 SH	10	*
00fa8480	11	* TODO: Add Ingress support
	12	*
	13	*/
	14
	15	#include <stdio.h>
	16	#include <stdlib.h>
	17	#include <unistd.h>
00fa8480	18	#include <fcntl.h>
	19	#include <sys/socket.h>
	20	#include <netinet/in.h>
	21	#include <arpa/inet.h>
	22	#include <string.h>
	23	#include "utils.h"
	24	#include "tc_util.h"
c1027a75	25	#include "tc_common.h"
00fa8480	26	#include <linux/tc_act/tc_mirred.h>
00fa8480	27
00fa8480	28	static void
	29	explain(void)
	30	{
c6a656f4 SH	31	fprintf(stderr,
	32	"Usage: mirred <DIRECTION> <ACTION> [index INDEX] <dev DEVICENAME>\n"
	33	"where:\n"
	34	"\tDIRECTION := <ingress \| egress>\n"
	35	"\tACTION := <mirror \| redirect>\n"
	36	"\tINDEX is the specific policy instance id\n"
	37	"\tDEVICENAME is the devicename\n");
00fa8480	38	}
00fa8480	39
ebf32083 JHS	40	static void
	41	usage(void)
	42	{
	43	explain();
	44	exit(-1);
	45	}
00fa8480	46
d1f28cf1	47	static const char *mirred_n2a(int action)
00fa8480	48	{
	49	switch (action) {
	50	case TCA_EGRESS_REDIR:
	51	return "Egress Redirect";
	52	case TCA_INGRESS_REDIR:
	53	return "Ingress Redirect";
	54	case TCA_EGRESS_MIRROR:
	55	return "Egress Mirror";
	56	case TCA_INGRESS_MIRROR:
	57	return "Ingress Mirror";
	58	default:
	59	return "unknown";
	60	}
	61	}
	62
502c4adf JP	63	static const char *mirred_direction(int action)
	64	{
	65	switch (action) {
	66	case TCA_EGRESS_REDIR:
	67	case TCA_EGRESS_MIRROR:
	68	return "egress";
	69	case TCA_INGRESS_REDIR:
	70	case TCA_INGRESS_MIRROR:
	71	return "ingress";
	72	default:
	73	return "unknown";
	74	}
	75	}
	76
	77	static const char *mirred_action(int action)
	78	{
	79	switch (action) {
	80	case TCA_EGRESS_REDIR:
	81	case TCA_INGRESS_REDIR:
	82	return "redirect";
	83	case TCA_EGRESS_MIRROR:
	84	case TCA_INGRESS_MIRROR:
	85	return "mirror";
	86	default:
	87	return "unknown";
	88	}
	89	}
	90
d1f28cf1	91	static int
5eca0a37 SL	92	parse_direction(struct action_util a, int argc_p, char ***argv_p,
5eca0a37 SL	93	int tca_id, struct nlmsghdr *n)
00fa8480	94	{
	95
	96	int argc = *argc_p;
	97	char *argv = argv_p;
5eca0a37	98	int ok = 0, iok = 0, mirror = 0, redir = 0, ingress = 0, egress = 0;
d17b136f	99	struct tc_mirred p = {};
00fa8480	100	struct rtattr *tail;
b317557f	101	char d[IFNAMSIZ] = {};
00fa8480	102
	103	while (argc > 0) {
	104
	105	if (matches(*argv, "action") == 0) {
	106	break;
5eca0a37 SL	107	} else if (!egress && matches(*argv, "egress") == 0) {
	108	egress = 1;
	109	if (ingress) {
c6a656f4 SH	110	fprintf(stderr,
c6a656f4 SH	111	"Can't have both egress and ingress\n");
5eca0a37 SL	112	return -1;
	113	}
	114	NEXT_ARG();
	115	ok++;
	116	continue;
	117	} else if (!ingress && matches(*argv, "ingress") == 0) {
	118	ingress = 1;
	119	if (egress) {
c6a656f4 SH	120	fprintf(stderr,
c6a656f4 SH	121	"Can't have both ingress and egress\n");
5eca0a37 SL	122	return -1;
5eca0a37 SL	123	}
00fa8480	124	NEXT_ARG();
	125	ok++;
	126	continue;
	127	} else {
	128
	129	if (matches(*argv, "index") == 0) {
	130	NEXT_ARG();
	131	if (get_u32(&p.index, *argv, 10)) {
	132	fprintf(stderr, "Illegal \"index\"\n");
	133	return -1;
	134	}
	135	iok++;
	136	if (!ok) {
	137	argc--;
	138	argv++;
	139	break;
	140	}
32a121cb	141	} else if (!ok) {
c6a656f4 SH	142	fprintf(stderr,
	143	"was expecting egress or ingress (%s)\n",
	144	*argv);
00fa8480	145	break;
	146
	147	} else if (!mirror && matches(*argv, "mirror") == 0) {
32a121cb	148	mirror = 1;
00fa8480	149	if (redir) {
c6a656f4 SH	150	fprintf(stderr,
c6a656f4 SH	151	"Can't have both mirror and redir\n");
00fa8480	152	return -1;
00fa8480	153	}
5eca0a37	154	p.eaction = egress ? TCA_EGRESS_MIRROR :
c6a656f4	155	TCA_INGRESS_MIRROR;
00fa8480	156	p.action = TC_ACT_PIPE;
	157	ok++;
	158	} else if (!redir && matches(*argv, "redirect") == 0) {
32a121cb	159	redir = 1;
00fa8480	160	if (mirror) {
c6a656f4 SH	161	fprintf(stderr,
c6a656f4 SH	162	"Can't have both mirror and redir\n");
00fa8480	163	return -1;
00fa8480	164	}
5eca0a37	165	p.eaction = egress ? TCA_EGRESS_REDIR :
c6a656f4	166	TCA_INGRESS_REDIR;
00fa8480	167	p.action = TC_ACT_STOLEN;
00fa8480	168	ok++;
c6a656f4 SH	169	} else if ((redir \|\| mirror) &&
c6a656f4 SH	170	matches(*argv, "dev") == 0) {
00fa8480	171	NEXT_ARG();
	172	if (strlen(d))
	173	duparg("dev", *argv);
	174
	175	strncpy(d, *argv, sizeof(d)-1);
	176	argc--;
	177	argv++;
	178
	179	break;
	180
	181	}
	182	}
	183
	184	NEXT_ARG();
	185	}
	186
c6a656f4	187	if (!ok && !iok)
00fa8480	188	return -1;
00fa8480	189
	190	if (d[0]) {
	191	int idx;
32a121cb	192
00fa8480	193	ll_init_map(&rth);
00fa8480	194
c6a656f4 SH	195	idx = ll_name_to_index(d);
c6a656f4 SH	196	if (idx == 0) {
00fa8480	197	fprintf(stderr, "Cannot find device \"%s\"\n", d);
00fa8480	198	return -1;
	199	}
	200
	201	p.ifindex = idx;
00fa8480	202	}
	203
	204
3572e01a	205	if (p.eaction == TCA_EGRESS_MIRROR \|\| p.eaction == TCA_INGRESS_MIRROR) {
e67aba55	206	parse_action_control(&argc, &argv, &p.action, false);
3572e01a MP	207	NEXT_ARG_FWD();
3572e01a MP	208	}
00fa8480	209
	210	if (argc) {
	211	if (iok && matches(*argv, "index") == 0) {
	212	fprintf(stderr, "mirred: Illegal double index\n");
	213	return -1;
c6a656f4 SH	214	}
	215
	216	if (matches(*argv, "index") == 0) {
	217	NEXT_ARG();
	218	if (get_u32(&p.index, *argv, 10)) {
	219	fprintf(stderr,
	220	"mirred: Illegal \"index\"\n");
	221	return -1;
00fa8480	222	}
c6a656f4 SH	223	argc--;
c6a656f4 SH	224	argv++;
00fa8480	225	}
	226	}
	227
c14f9d92	228	tail = addattr_nest(n, MAX_MSG, tca_id);
32a121cb	229	addattr_l(n, MAX_MSG, TCA_MIRRED_PARMS, &p, sizeof(p));
c14f9d92	230	addattr_nest_end(n, tail);
00fa8480	231
	232	*argc_p = argc;
	233	*argv_p = argv;
	234	return 0;
	235	}
	236
	237
d1f28cf1 SH	238	static int
	239	parse_mirred(struct action_util a, int argc_p, char ***argv_p,
	240	int tca_id, struct nlmsghdr *n)
00fa8480	241	{
	242
	243	int argc = *argc_p;
	244	char *argv = argv_p;
	245
	246	if (argc < 0) {
32a121cb	247	fprintf(stderr, "mirred bad argument count %d\n", argc);
00fa8480	248	return -1;
	249	}
	250
	251	if (matches(*argv, "mirred") == 0) {
	252	NEXT_ARG();
	253	} else {
32a121cb	254	fprintf(stderr, "mirred bad argument %s\n", *argv);
00fa8480	255	return -1;
	256	}
	257
	258
5eca0a37 SL	259	if (matches(argv, "egress") == 0 \|\| matches(argv, "ingress") == 0 \|\|
	260	matches(*argv, "index") == 0) {
	261	int ret = parse_direction(a, &argc, &argv, tca_id, n);
32a121cb	262
00fa8480	263	if (ret == 0) {
	264	*argc_p = argc;
	265	*argv_p = argv;
	266	return 0;
	267	}
	268
ebf32083 JHS	269	} else if (matches(*argv, "help") == 0) {
ebf32083 JHS	270	usage();
00fa8480	271	} else {
32a121cb	272	fprintf(stderr, "mirred option not supported %s\n", *argv);
00fa8480	273	}
	274
	275	return -1;
ae665a52	276
00fa8480	277	}
00fa8480	278
d1f28cf1	279	static int
c6a656f4	280	print_mirred(struct action_util au, FILE f, struct rtattr *arg)
00fa8480	281	{
	282	struct tc_mirred *p;
	283	struct rtattr *tb[TCA_MIRRED_MAX + 1];
00fa8480	284	const char *dev;
32a121cb	285
00fa8480	286	if (arg == NULL)
	287	return -1;
	288
5cb5ee34	289	parse_rtattr_nested(tb, TCA_MIRRED_MAX, arg);
00fa8480	290
00fa8480	291	if (tb[TCA_MIRRED_PARMS] == NULL) {
502c4adf	292	print_string(PRINT_FP, NULL, "%s", "[NULL mirred parameters]");
00fa8480	293	return -1;
	294	}
	295	p = RTA_DATA(tb[TCA_MIRRED_PARMS]);
	296
c6a656f4 SH	297	dev = ll_index_to_name(p->ifindex);
c6a656f4 SH	298	if (dev == 0) {
00fa8480	299	fprintf(stderr, "Cannot find device %d\n", p->ifindex);
00fa8480	300	return -1;
	301	}
	302
502c4adf JP	303	print_string(PRINT_ANY, "kind", "%s ", "mirred");
	304	print_string(PRINT_FP, NULL, "(%s", mirred_n2a(p->eaction));
	305	print_string(PRINT_JSON, "mirred_action", NULL,
	306	mirred_action(p->eaction));
	307	print_string(PRINT_JSON, "direction", NULL,
	308	mirred_direction(p->eaction));
	309	print_string(PRINT_ANY, "to_dev", " to device %s)", dev);
e67aba55	310	print_action_control(f, " ", p->action, "");
00fa8480	311
502c4adf JP	312	print_uint(PRINT_ANY, "index", "\n \tindex %u", p->index);
	313	print_int(PRINT_ANY, "ref", " ref %d", p->refcnt);
	314	print_int(PRINT_ANY, "bind", " bind %d", p->bindcnt);
00fa8480	315
	316	if (show_stats) {
	317	if (tb[TCA_MIRRED_TM]) {
	318	struct tcf_t *tm = RTA_DATA(tb[TCA_MIRRED_TM]);
32a121cb SH	319
32a121cb SH	320	print_tm(f, tm);
00fa8480	321	}
00fa8480	322	}
502c4adf	323	print_string(PRINT_FP, NULL, "%s", "\n ");
00fa8480	324	return 0;
	325	}
	326
6ce88ca6	327	struct action_util mirred_action_util = {
00fa8480	328	.id = "mirred",
	329	.parse_aopt = parse_mirred,
	330	.print_aopt = print_mirred,
	331	};