[mirror_iproute2.git] / tc / m_nat.c

/*
 * m_nat.c		NAT module
 *
 *		This program is free software; you can distribute it and/or
 *		modify it under the terms of the GNU General Public License
 *		as published by the Free Software Foundation; either version
 *		2 of the License, or (at your option) any later version.
 *
 * Authors:	Herbert Xu <herbert@gondor.apana.org.au>
 *
 */

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <syslog.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <string.h>
#include "utils.h"
#include "tc_util.h"
#include <linux/tc_act/tc_nat.h>

static void
explain(void)
{
	fprintf(stderr, "Usage: ... nat NAT\n"
			"NAT := DIRECTION OLD NEW\n"
			"DIRECTION := { ingress | egress }\n"
			"OLD := PREFIX\n"
			"NEW := ADDRESS\n");
}

static void
usage(void)
{
	explain();
	exit(-1);
}

static int
parse_nat_args(int *argc_p, char ***argv_p, struct tc_nat *sel)
{
	int argc = *argc_p;
	char **argv = *argv_p;
	inet_prefix addr;

	if (argc <= 0)
		return -1;

	if (matches(*argv, "egress") == 0)
		sel->flags |= TCA_NAT_FLAG_EGRESS;
	else if (matches(*argv, "ingress") != 0)
		goto bad_val;

	NEXT_ARG();

	if (get_prefix_1(&addr, *argv, AF_INET))
		goto bad_val;

	sel->old_addr = addr.data[0];
	sel->mask = htonl(~0u << (32 - addr.bitlen));

	NEXT_ARG();

	if (get_prefix_1(&addr, *argv, AF_INET))
		goto bad_val;

	sel->new_addr = addr.data[0];

	argc--;
	argv++;

	*argc_p = argc;
	*argv_p = argv;
	return 0;

bad_val:
	return -1;
}

static int
parse_nat(struct action_util *a, int *argc_p, char ***argv_p, int tca_id, struct nlmsghdr *n)
{
	struct tc_nat sel;

	int argc = *argc_p;
	char **argv = *argv_p;
	int ok = 0;
	struct rtattr *tail;

	memset(&sel, 0, sizeof(sel));

	while (argc > 0) {
		if (matches(*argv, "nat") == 0) {
			NEXT_ARG();
			if (parse_nat_args(&argc, &argv, &sel)) {
				fprintf(stderr, "Illegal nat construct (%s)\n",
					*argv);
				explain();
				return -1;
			}
			ok++;
			continue;
		} else if (matches(*argv, "help") == 0) {
			usage();
		} else {
			break;
		}

	}

	if (!ok) {
		explain();
		return -1;
	}

	if (argc) {
		if (matches(*argv, "reclassify") == 0) {
			sel.action = TC_ACT_RECLASSIFY;
			argc--;
			argv++;
		} else if (matches(*argv, "pipe") == 0) {
			sel.action = TC_ACT_PIPE;
			argc--;
			argv++;
		} else if (matches(*argv, "drop") == 0 ||
			matches(*argv, "shot") == 0) {
			sel.action = TC_ACT_SHOT;
			argc--;
			argv++;
		} else if (matches(*argv, "continue") == 0) {
			sel.action = TC_ACT_UNSPEC;
			argc--;
			argv++;
		} else if (matches(*argv, "pass") == 0 ||
			   matches(*argv, "ok") == 0) {
			sel.action = TC_ACT_OK;
			argc--;
			argv++;
		}
	}

	if (argc) {
		if (matches(*argv, "index") == 0) {
			NEXT_ARG();
			if (get_u32(&sel.index, *argv, 10)) {
				fprintf(stderr, "Nat: Illegal \"index\"\n");
				return -1;
			}
			argc--;
			argv++;
		}
	}

	tail = NLMSG_TAIL(n);
	addattr_l(n, MAX_MSG, tca_id, NULL, 0);
	addattr_l(n, MAX_MSG, TCA_NAT_PARMS, &sel, sizeof(sel));
	tail->rta_len = (char *)NLMSG_TAIL(n) - (char *)tail;

	*argc_p = argc;
	*argv_p = argv;
	return 0;
}

static int
print_nat(struct action_util *au, FILE * f, struct rtattr *arg)
{
	struct tc_nat *sel;
	struct rtattr *tb[TCA_NAT_MAX + 1];
	char buf1[256];
	char buf2[256];

	SPRINT_BUF(buf3);
	int len;

	if (arg == NULL)
		return -1;

	parse_rtattr_nested(tb, TCA_NAT_MAX, arg);

	if (tb[TCA_NAT_PARMS] == NULL) {
		fprintf(f, "[NULL nat parameters]");
		return -1;
	}
	sel = RTA_DATA(tb[TCA_NAT_PARMS]);

	len = ffs(sel->mask);
	len = len ? 33 - len : 0;

	fprintf(f, " nat %s %s/%d %s %s", sel->flags & TCA_NAT_FLAG_EGRESS ?
					  "egress" : "ingress",
		format_host_r(AF_INET, 4, &sel->old_addr, buf1, sizeof(buf1)),
		len,
		format_host_r(AF_INET, 4, &sel->new_addr, buf2, sizeof(buf2)),
		action_n2a(sel->action, buf3, sizeof(buf3)));

	if (show_stats) {
		if (tb[TCA_NAT_TM]) {
			struct tcf_t *tm = RTA_DATA(tb[TCA_NAT_TM]);

			print_tm(f, tm);
		}
	}

	return 0;
}

struct action_util nat_action_util = {
	.id = "nat",
	.parse_aopt = parse_nat,
	.print_aopt = print_nat,
};
Commit	Line	Data
fc2d0206 HX	1	/*
	2	* m_nat.c NAT module
	3	*
	4	* This program is free software; you can distribute it and/or
	5	* modify it under the terms of the GNU General Public License
	6	* as published by the Free Software Foundation; either version
	7	* 2 of the License, or (at your option) any later version.
	8	*
	9	* Authors: Herbert Xu <herbert@gondor.apana.org.au>
	10	*
	11	*/
	12
	13	#include <stdio.h>
	14	#include <stdlib.h>
	15	#include <unistd.h>
	16	#include <syslog.h>
	17	#include <fcntl.h>
	18	#include <sys/socket.h>
	19	#include <netinet/in.h>
	20	#include <arpa/inet.h>
	21	#include <string.h>
fc2d0206 HX	22	#include "utils.h"
	23	#include "tc_util.h"
	24	#include <linux/tc_act/tc_nat.h>
	25
	26	static void
	27	explain(void)
	28	{
	29	fprintf(stderr, "Usage: ... nat NAT\n"
	30	"NAT := DIRECTION OLD NEW\n"
	31	"DIRECTION := { ingress \| egress }\n"
	32	"OLD := PREFIX\n"
	33	"NEW := ADDRESS\n");
	34	}
	35
	36	static void
	37	usage(void)
	38	{
	39	explain();
	40	exit(-1);
	41	}
	42
	43	static int
32a121cb	44	parse_nat_args(int argc_p, char *argv_p, struct tc_nat sel)
fc2d0206 HX	45	{
	46	int argc = *argc_p;
	47	char *argv = argv_p;
	48	inet_prefix addr;
	49
	50	if (argc <= 0)
	51	return -1;
	52
	53	if (matches(*argv, "egress") == 0)
	54	sel->flags \|= TCA_NAT_FLAG_EGRESS;
	55	else if (matches(*argv, "ingress") != 0)
	56	goto bad_val;
	57
	58	NEXT_ARG();
	59
	60	if (get_prefix_1(&addr, *argv, AF_INET))
	61	goto bad_val;
	62
	63	sel->old_addr = addr.data[0];
	64	sel->mask = htonl(~0u << (32 - addr.bitlen));
	65
	66	NEXT_ARG();
	67
	68	if (get_prefix_1(&addr, *argv, AF_INET))
	69	goto bad_val;
	70
	71	sel->new_addr = addr.data[0];
	72
	73	argc--;
	74	argv++;
	75
	76	*argc_p = argc;
	77	*argv_p = argv;
	78	return 0;
	79
	80	bad_val:
	81	return -1;
	82	}
	83
	84	static int
	85	parse_nat(struct action_util a, int argc_p, char **argv_p, int tca_id, struct nlmsghdr n)
	86	{
	87	struct tc_nat sel;
	88
	89	int argc = *argc_p;
	90	char *argv = argv_p;
	91	int ok = 0;
	92	struct rtattr *tail;
	93
	94	memset(&sel, 0, sizeof(sel));
	95
	96	while (argc > 0) {
	97	if (matches(*argv, "nat") == 0) {
	98	NEXT_ARG();
	99	if (parse_nat_args(&argc, &argv, &sel)) {
32a121cb	100	fprintf(stderr, "Illegal nat construct (%s)\n",
fc2d0206 HX	101	*argv);
	102	explain();
	103	return -1;
	104	}
	105	ok++;
	106	continue;
	107	} else if (matches(*argv, "help") == 0) {
	108	usage();
	109	} else {
	110	break;
	111	}
	112
	113	}
	114
	115	if (!ok) {
	116	explain();
	117	return -1;
	118	}
	119
	120	if (argc) {
	121	if (matches(*argv, "reclassify") == 0) {
	122	sel.action = TC_ACT_RECLASSIFY;
	123	argc--;
	124	argv++;
	125	} else if (matches(*argv, "pipe") == 0) {
	126	sel.action = TC_ACT_PIPE;
	127	argc--;
	128	argv++;
	129	} else if (matches(*argv, "drop") == 0 \|\|
	130	matches(*argv, "shot") == 0) {
	131	sel.action = TC_ACT_SHOT;
	132	argc--;
	133	argv++;
	134	} else if (matches(*argv, "continue") == 0) {
	135	sel.action = TC_ACT_UNSPEC;
	136	argc--;
	137	argv++;
43726b75 JHS	138	} else if (matches(*argv, "pass") == 0 \|\|
43726b75 JHS	139	matches(*argv, "ok") == 0) {
fc2d0206 HX	140	sel.action = TC_ACT_OK;
	141	argc--;
	142	argv++;
	143	}
	144	}
	145
	146	if (argc) {
	147	if (matches(*argv, "index") == 0) {
	148	NEXT_ARG();
	149	if (get_u32(&sel.index, *argv, 10)) {
e26520e5	150	fprintf(stderr, "Nat: Illegal \"index\"\n");
fc2d0206 HX	151	return -1;
	152	}
	153	argc--;
	154	argv++;
	155	}
	156	}
	157
	158	tail = NLMSG_TAIL(n);
	159	addattr_l(n, MAX_MSG, tca_id, NULL, 0);
	160	addattr_l(n, MAX_MSG, TCA_NAT_PARMS, &sel, sizeof(sel));
	161	tail->rta_len = (char )NLMSG_TAIL(n) - (char )tail;
	162
	163	*argc_p = argc;
	164	*argv_p = argv;
	165	return 0;
	166	}
	167
	168	static int
32a121cb	169	print_nat(struct action_util au, FILE f, struct rtattr *arg)
fc2d0206 HX	170	{
	171	struct tc_nat *sel;
	172	struct rtattr *tb[TCA_NAT_MAX + 1];
	173	char buf1[256];
	174	char buf2[256];
32a121cb	175
fc2d0206 HX	176	SPRINT_BUF(buf3);
	177	int len;
	178
	179	if (arg == NULL)
	180	return -1;
	181
	182	parse_rtattr_nested(tb, TCA_NAT_MAX, arg);
	183
	184	if (tb[TCA_NAT_PARMS] == NULL) {
	185	fprintf(f, "[NULL nat parameters]");
	186	return -1;
	187	}
	188	sel = RTA_DATA(tb[TCA_NAT_PARMS]);
	189
	190	len = ffs(sel->mask);
	191	len = len ? 33 - len : 0;
	192
	193	fprintf(f, " nat %s %s/%d %s %s", sel->flags & TCA_NAT_FLAG_EGRESS ?
	194	"egress" : "ingress",
a418e451	195	format_host_r(AF_INET, 4, &sel->old_addr, buf1, sizeof(buf1)),
fc2d0206	196	len,
a418e451	197	format_host_r(AF_INET, 4, &sel->new_addr, buf2, sizeof(buf2)),
32a121cb	198	action_n2a(sel->action, buf3, sizeof(buf3)));
fc2d0206 HX	199
	200	if (show_stats) {
	201	if (tb[TCA_NAT_TM]) {
	202	struct tcf_t *tm = RTA_DATA(tb[TCA_NAT_TM]);
32a121cb SH	203
32a121cb SH	204	print_tm(f, tm);
fc2d0206 HX	205	}
	206	}
	207
	208	return 0;
	209	}
	210
	211	struct action_util nat_action_util = {
	212	.id = "nat",
	213	.parse_aopt = parse_nat,
	214	.print_aopt = print_nat,
	215	};