[mirror_iproute2.git] / tc / tc_filter.c

/*
 * tc_filter.c		"tc filter".
 *
 *		This program is free software; you can redistribute it and/or
 *		modify it under the terms of the GNU General Public License
 *		as published by the Free Software Foundation; either version
 *		2 of the License, or (at your option) any later version.
 *
 * Authors:	Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
 *
 */

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <syslog.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <string.h>
#include <linux/if_ether.h>

#include "rt_names.h"
#include "utils.h"
#include "tc_util.h"
#include "tc_common.h"

static void usage(void)
{
	fprintf(stderr, "Usage: tc filter [ add | del | change | replace | show ] dev STRING\n");
	fprintf(stderr, "Usage: tc filter get dev STRING parent CLASSID protocol PROTO handle FILTERID pref PRIO FILTER_TYPE \n");
	fprintf(stderr, "       [ pref PRIO ] protocol PROTO\n");
	fprintf(stderr, "       [ estimator INTERVAL TIME_CONSTANT ]\n");
	fprintf(stderr, "       [ root | ingress | egress | parent CLASSID ]\n");
	fprintf(stderr, "       [ handle FILTERID ] [ [ FILTER_TYPE ] [ help | OPTIONS ] ]\n");
	fprintf(stderr, "\n");
	fprintf(stderr, "       tc filter show [ dev STRING ] [ root | ingress | egress | parent CLASSID ]\n");
	fprintf(stderr, "Where:\n");
	fprintf(stderr, "FILTER_TYPE := { rsvp | u32 | bpf | fw | route | etc. }\n");
	fprintf(stderr, "FILTERID := ... format depends on classifier, see there\n");
	fprintf(stderr, "OPTIONS := ... try tc filter add <desired FILTER_KIND> help\n");
}

static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv)
{
	struct {
		struct nlmsghdr	n;
		struct tcmsg		t;
		char			buf[MAX_MSG];
	} req = {
		.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
		.n.nlmsg_flags = NLM_F_REQUEST | flags,
		.n.nlmsg_type = cmd,
		.t.tcm_family = AF_UNSPEC,
	};
	struct filter_util *q = NULL;
	__u32 prio = 0;
	__u32 protocol = 0;
	int protocol_set = 0;
	char *fhandle = NULL;
	char  d[16] = {};
	char  k[16] = {};
	struct tc_estimator est = {};

	if (cmd == RTM_NEWTFILTER && flags & NLM_F_CREATE)
		protocol = htons(ETH_P_ALL);

	while (argc > 0) {
		if (strcmp(*argv, "dev") == 0) {
			NEXT_ARG();
			if (d[0])
				duparg("dev", *argv);
			strncpy(d, *argv, sizeof(d)-1);
		} else if (strcmp(*argv, "root") == 0) {
			if (req.t.tcm_parent) {
				fprintf(stderr, "Error: \"root\" is duplicate parent ID\n");
				return -1;
			}
			req.t.tcm_parent = TC_H_ROOT;
		} else if (strcmp(*argv, "ingress") == 0) {
			if (req.t.tcm_parent) {
				fprintf(stderr, "Error: \"ingress\" is duplicate parent ID\n");
				return -1;
			}
			req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
						     TC_H_MIN_INGRESS);
		} else if (strcmp(*argv, "egress") == 0) {
			if (req.t.tcm_parent) {
				fprintf(stderr, "Error: \"egress\" is duplicate parent ID\n");
				return -1;
			}
			req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
						     TC_H_MIN_EGRESS);
		} else if (strcmp(*argv, "parent") == 0) {
			__u32 handle;

			NEXT_ARG();
			if (req.t.tcm_parent)
				duparg("parent", *argv);
			if (get_tc_classid(&handle, *argv))
				invarg("Invalid parent ID", *argv);
			req.t.tcm_parent = handle;
		} else if (strcmp(*argv, "handle") == 0) {
			NEXT_ARG();
			if (fhandle)
				duparg("handle", *argv);
			fhandle = *argv;
		} else if (matches(*argv, "preference") == 0 ||
			   matches(*argv, "priority") == 0) {
			NEXT_ARG();
			if (prio)
				duparg("priority", *argv);
			if (get_u32(&prio, *argv, 0) || prio > 0xFFFF)
				invarg("invalid priority value", *argv);
		} else if (matches(*argv, "protocol") == 0) {
			__u16 id;

			NEXT_ARG();
			if (protocol_set)
				duparg("protocol", *argv);
			if (ll_proto_a2n(&id, *argv))
				invarg("invalid protocol", *argv);
			protocol = id;
			protocol_set = 1;
		} else if (matches(*argv, "estimator") == 0) {
			if (parse_estimator(&argc, &argv, &est) < 0)
				return -1;
		} else if (matches(*argv, "help") == 0) {
			usage();
			return 0;
		} else {
			strncpy(k, *argv, sizeof(k)-1);

			q = get_filter_kind(k);
			argc--; argv++;
			break;
		}

		argc--; argv++;
	}

	req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);

	if (k[0])
		addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1);

	if (q) {
		if (q->parse_fopt(q, fhandle, argc, argv, &req.n))
			return 1;
	} else {
		if (fhandle) {
			fprintf(stderr, "Must specify filter type when using \"handle\"\n");
			return -1;
		}
		if (argc) {
			if (matches(*argv, "help") == 0)
				usage();
			fprintf(stderr, "Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n", *argv);
			return -1;
		}
	}
	if (est.ewma_log)
		addattr_l(&req.n, sizeof(req), TCA_RATE, &est, sizeof(est));


	if (d[0])  {
		ll_init_map(&rth);

		if ((req.t.tcm_ifindex = ll_name_to_index(d)) == 0) {
			fprintf(stderr, "Cannot find device \"%s\"\n", d);
			return 1;
		}
	}

	if (rtnl_talk(&rth, &req.n, NULL, 0) < 0) {
		fprintf(stderr, "We have an error talking to the kernel\n");
		return 2;
	}

	return 0;
}

static __u32 filter_parent;
static int filter_ifindex;
static __u32 filter_prio;
static __u32 filter_protocol;
__u16 f_proto;

int print_filter(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
{
	FILE *fp = (FILE *)arg;
	struct tcmsg *t = NLMSG_DATA(n);
	int len = n->nlmsg_len;
	struct rtattr *tb[TCA_MAX+1];
	struct filter_util *q;
	char abuf[256];

	if (n->nlmsg_type != RTM_NEWTFILTER &&
	    n->nlmsg_type != RTM_GETTFILTER &&
	    n->nlmsg_type != RTM_DELTFILTER) {
		fprintf(stderr, "Not a filter(cmd %d)\n", n->nlmsg_type);
		return 0;
	}
	len -= NLMSG_LENGTH(sizeof(*t));
	if (len < 0) {
		fprintf(stderr, "Wrong len %d\n", len);
		return -1;
	}

	parse_rtattr(tb, TCA_MAX, TCA_RTA(t), len);

	if (tb[TCA_KIND] == NULL) {
		fprintf(stderr, "print_filter: NULL kind\n");
		return -1;
	}

	if (n->nlmsg_type == RTM_DELTFILTER)
		fprintf(fp, "deleted ");

	fprintf(fp, "filter ");
	if (!filter_ifindex || filter_ifindex != t->tcm_ifindex)
		fprintf(fp, "dev %s ", ll_index_to_name(t->tcm_ifindex));

	if (!filter_parent || filter_parent != t->tcm_parent) {
		if (t->tcm_parent == TC_H_ROOT)
			fprintf(fp, "root ");
		else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_INGRESS))
			fprintf(fp, "ingress ");
		else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_EGRESS))
			fprintf(fp, "egress ");
		else {
			print_tc_classid(abuf, sizeof(abuf), t->tcm_parent);
			fprintf(fp, "parent %s ", abuf);
		}
	}

	if (t->tcm_info) {
		f_proto = TC_H_MIN(t->tcm_info);
		__u32 prio = TC_H_MAJ(t->tcm_info)>>16;

		if (!filter_protocol || filter_protocol != f_proto) {
			if (f_proto) {
				SPRINT_BUF(b1);
				fprintf(fp, "protocol %s ",
					ll_proto_n2a(f_proto, b1, sizeof(b1)));
			}
		}
		if (!filter_prio || filter_prio != prio) {
			if (prio)
				fprintf(fp, "pref %u ", prio);
		}
	}
	fprintf(fp, "%s ", rta_getattr_str(tb[TCA_KIND]));
	q = get_filter_kind(RTA_DATA(tb[TCA_KIND]));
	if (tb[TCA_OPTIONS]) {
		if (q)
			q->print_fopt(q, fp, tb[TCA_OPTIONS], t->tcm_handle);
		else
			fprintf(fp, "[cannot parse parameters]");
	}
	fprintf(fp, "\n");

	if (show_stats && (tb[TCA_STATS] || tb[TCA_STATS2])) {
		print_tcstats_attr(fp, tb, " ", NULL);
		fprintf(fp, "\n");
	}

	fflush(fp);
	return 0;
}

static int tc_filter_get(int cmd, unsigned int flags, int argc, char **argv)
{
	struct {
		struct nlmsghdr	n;
		struct tcmsg		t;
		char			buf[MAX_MSG];
	} req = {
		.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
		/* NLM_F_ECHO is for backward compatibility. old kernels never
		 * respond without it and newer kernels will ignore it.
		 * In old kernels there is a side effect:
		 * In addition to a response to the GET you will receive an
		 * event (if you do tc mon).
		 */
		.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ECHO | flags,
		.n.nlmsg_type = cmd,
		.t.tcm_parent = TC_H_UNSPEC,
		.t.tcm_family = AF_UNSPEC,
	};
	struct filter_util *q = NULL;
	__u32 prio = 0;
	__u32 protocol = 0;
	int protocol_set = 0;
	__u32 parent_handle = 0;
	char *fhandle = NULL;
	char  d[16] = {};
	char  k[16] = {};

	while (argc > 0) {
		if (strcmp(*argv, "dev") == 0) {
			NEXT_ARG();
			if (d[0])
				duparg("dev", *argv);
			strncpy(d, *argv, sizeof(d)-1);
		} else if (strcmp(*argv, "root") == 0) {
			if (req.t.tcm_parent) {
				fprintf(stderr, "Error: \"root\" is duplicate parent ID\n");
				return -1;
			}
			req.t.tcm_parent = TC_H_ROOT;
		} else if (strcmp(*argv, "ingress") == 0) {
			if (req.t.tcm_parent) {
				fprintf(stderr, "Error: \"ingress\" is duplicate parent ID\n");
				return -1;
			}
			req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
						     TC_H_MIN_INGRESS);
		} else if (strcmp(*argv, "egress") == 0) {
			if (req.t.tcm_parent) {
				fprintf(stderr, "Error: \"egress\" is duplicate parent ID\n");
				return -1;
			}
			req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
						     TC_H_MIN_EGRESS);
		} else if (strcmp(*argv, "parent") == 0) {

			NEXT_ARG();
			if (req.t.tcm_parent)
				duparg("parent", *argv);
			if (get_tc_classid(&parent_handle, *argv))
				invarg("Invalid parent ID", *argv);
			req.t.tcm_parent = parent_handle;
		} else if (strcmp(*argv, "handle") == 0) {
			NEXT_ARG();
			if (fhandle)
				duparg("handle", *argv);
			fhandle = *argv;
		} else if (matches(*argv, "preference") == 0 ||
			   matches(*argv, "priority") == 0) {
			NEXT_ARG();
			if (prio)
				duparg("priority", *argv);
			if (get_u32(&prio, *argv, 0) || prio > 0xFFFF)
				invarg("invalid priority value", *argv);
		} else if (matches(*argv, "protocol") == 0) {
			__u16 id;

			NEXT_ARG();
			if (protocol_set)
				duparg("protocol", *argv);
			if (ll_proto_a2n(&id, *argv))
				invarg("invalid protocol", *argv);
			protocol = id;
			protocol_set = 1;
		} else if (matches(*argv, "help") == 0) {
			usage();
			return 0;
		} else {
			strncpy(k, *argv, sizeof(k)-1);

			q = get_filter_kind(k);
			argc--; argv++;
			break;
		}

		argc--; argv++;
	}

	if (!protocol_set) {
		fprintf(stderr, "Must specify filter protocol\n");
		return -1;
	}

	if (!prio) {
		fprintf(stderr, "Must specify filter priority\n");
		return -1;
	}

	req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);

	if (req.t.tcm_parent == TC_H_UNSPEC) {
		fprintf(stderr, "Must specify filter parent\n");
		return -1;
	}

	if (k[0])
		addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1);
	else {
		fprintf(stderr, "Must specify filter type\n");
		return -1;
	}

	if (q->parse_fopt(q, fhandle, argc, argv, &req.n))
		return 1;


	if (!fhandle) {
		fprintf(stderr, "Must specify filter \"handle\"\n");
		return -1;
	}

	if (argc) {
		if (matches(*argv, "help") == 0)
			usage();
		fprintf(stderr, "Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n",
			*argv);
		return -1;
	}

	if (d[0])  {
		ll_init_map(&rth);

		req.t.tcm_ifindex = ll_name_to_index(d);
		if (req.t.tcm_ifindex  == 0) {
			fprintf(stderr, "Cannot find device \"%s\"\n", d);
			return 1;
		}
		filter_ifindex = req.t.tcm_ifindex;
	} else {
		fprintf(stderr, "Must specify netdevice \"dev\"\n");
		return -1;
	}

	if (rtnl_talk(&rth, &req.n, &req.n, MAX_MSG) < 0) {
		fprintf(stderr, "We have an error talking to the kernel\n");
		return 2;
	}

	print_filter(NULL, &req.n, (void *)stdout);

	return 0;
}

static int tc_filter_list(int argc, char **argv)
{
	struct tcmsg t = { .tcm_family = AF_UNSPEC };
	char d[16] = {};
	__u32 prio = 0;
	__u32 protocol = 0;
	char *fhandle = NULL;

	while (argc > 0) {
		if (strcmp(*argv, "dev") == 0) {
			NEXT_ARG();
			if (d[0])
				duparg("dev", *argv);
			strncpy(d, *argv, sizeof(d)-1);
		} else if (strcmp(*argv, "root") == 0) {
			if (t.tcm_parent) {
				fprintf(stderr, "Error: \"root\" is duplicate parent ID\n");
				return -1;
			}
			filter_parent = t.tcm_parent = TC_H_ROOT;
		} else if (strcmp(*argv, "ingress") == 0) {
			if (t.tcm_parent) {
				fprintf(stderr, "Error: \"ingress\" is duplicate parent ID\n");
				return -1;
			}
			filter_parent = TC_H_MAKE(TC_H_CLSACT,
						  TC_H_MIN_INGRESS);
			t.tcm_parent = filter_parent;
		} else if (strcmp(*argv, "egress") == 0) {
			if (t.tcm_parent) {
				fprintf(stderr, "Error: \"egress\" is duplicate parent ID\n");
				return -1;
			}
			filter_parent = TC_H_MAKE(TC_H_CLSACT,
						  TC_H_MIN_EGRESS);
			t.tcm_parent = filter_parent;
		} else if (strcmp(*argv, "parent") == 0) {
			__u32 handle;

			NEXT_ARG();
			if (t.tcm_parent)
				duparg("parent", *argv);
			if (get_tc_classid(&handle, *argv))
				invarg("invalid parent ID", *argv);
			filter_parent = t.tcm_parent = handle;
		} else if (strcmp(*argv, "handle") == 0) {
			NEXT_ARG();
			if (fhandle)
				duparg("handle", *argv);
			fhandle = *argv;
		} else if (matches(*argv, "preference") == 0 ||
			   matches(*argv, "priority") == 0) {
			NEXT_ARG();
			if (prio)
				duparg("priority", *argv);
			if (get_u32(&prio, *argv, 0))
				invarg("invalid preference", *argv);
			filter_prio = prio;
		} else if (matches(*argv, "protocol") == 0) {
			__u16 res;

			NEXT_ARG();
			if (protocol)
				duparg("protocol", *argv);
			if (ll_proto_a2n(&res, *argv))
				invarg("invalid protocol", *argv);
			protocol = res;
			filter_protocol = protocol;
		} else if (matches(*argv, "help") == 0) {
			usage();
		} else {
			fprintf(stderr, " What is \"%s\"? Try \"tc filter help\"\n", *argv);
			return -1;
		}

		argc--; argv++;
	}

	t.tcm_info = TC_H_MAKE(prio<<16, protocol);

	ll_init_map(&rth);

	if (d[0]) {
		if ((t.tcm_ifindex = ll_name_to_index(d)) == 0) {
			fprintf(stderr, "Cannot find device \"%s\"\n", d);
			return 1;
		}
		filter_ifindex = t.tcm_ifindex;
	}

	if (rtnl_dump_request(&rth, RTM_GETTFILTER, &t, sizeof(t)) < 0) {
		perror("Cannot send dump request");
		return 1;
	}

	if (rtnl_dump_filter(&rth, print_filter, stdout) < 0) {
		fprintf(stderr, "Dump terminated\n");
		return 1;
	}

	return 0;
}

int do_filter(int argc, char **argv)
{
	if (argc < 1)
		return tc_filter_list(0, NULL);
	if (matches(*argv, "add") == 0)
		return tc_filter_modify(RTM_NEWTFILTER, NLM_F_EXCL|NLM_F_CREATE,
					argc-1, argv+1);
	if (matches(*argv, "change") == 0)
		return tc_filter_modify(RTM_NEWTFILTER, 0, argc-1, argv+1);
	if (matches(*argv, "replace") == 0)
		return tc_filter_modify(RTM_NEWTFILTER, NLM_F_CREATE, argc-1,
					argv+1);
	if (matches(*argv, "delete") == 0)
		return tc_filter_modify(RTM_DELTFILTER, 0,  argc-1, argv+1);
	if (matches(*argv, "get") == 0)
		return tc_filter_get(RTM_GETTFILTER, 0,  argc-1, argv+1);
	if (matches(*argv, "list") == 0 || matches(*argv, "show") == 0
	    || matches(*argv, "lst") == 0)
		return tc_filter_list(argc-1, argv+1);
	if (matches(*argv, "help") == 0) {
		usage();
		return 0;
	}
	fprintf(stderr, "Command \"%s\" is unknown, try \"tc filter help\".\n",
		*argv);
	return -1;
}
Commit	Line	Data
aba5acdf SH	1	/*
	2	* tc_filter.c "tc filter".
	3	*
	4	* This program is free software; you can redistribute it and/or
	5	* modify it under the terms of the GNU General Public License
	6	* as published by the Free Software Foundation; either version
	7	* 2 of the License, or (at your option) any later version.
	8	*
	9	* Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
	10	*
	11	*/
	12
	13	#include <stdio.h>
	14	#include <stdlib.h>
	15	#include <unistd.h>
	16	#include <syslog.h>
	17	#include <fcntl.h>
aba5acdf SH	18	#include <sys/socket.h>
	19	#include <netinet/in.h>
	20	#include <arpa/inet.h>
	21	#include <string.h>
	22	#include <linux/if_ether.h>
	23
	24	#include "rt_names.h"
	25	#include "utils.h"
	26	#include "tc_util.h"
	27	#include "tc_common.h"
	28
aba5acdf SH	29	static void usage(void)
aba5acdf SH	30	{
e5d179d8	31	fprintf(stderr, "Usage: tc filter [ add \| del \| change \| replace \| show ] dev STRING\n");
120f556d	32	fprintf(stderr, "Usage: tc filter get dev STRING parent CLASSID protocol PROTO handle FILTERID pref PRIO FILTER_TYPE \n");
de33a430	33	fprintf(stderr, " [ pref PRIO ] protocol PROTO\n");
aba5acdf	34	fprintf(stderr, " [ estimator INTERVAL TIME_CONSTANT ]\n");
8f9afdd5 DB	35	fprintf(stderr, " [ root \| ingress \| egress \| parent CLASSID ]\n");
8f9afdd5 DB	36	fprintf(stderr, " [ handle FILTERID ] [ [ FILTER_TYPE ] [ help \| OPTIONS ] ]\n");
aba5acdf	37	fprintf(stderr, "\n");
8f9afdd5	38	fprintf(stderr, " tc filter show [ dev STRING ] [ root \| ingress \| egress \| parent CLASSID ]\n");
aba5acdf	39	fprintf(stderr, "Where:\n");
4bd62446	40	fprintf(stderr, "FILTER_TYPE := { rsvp \| u32 \| bpf \| fw \| route \| etc. }\n");
aba5acdf SH	41	fprintf(stderr, "FILTERID := ... format depends on classifier, see there\n");
aba5acdf SH	42	fprintf(stderr, "OPTIONS := ... try tc filter add <desired FILTER_KIND> help\n");
aba5acdf SH	43	}
aba5acdf SH	44
32a121cb	45	static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv)
aba5acdf	46	{
aba5acdf	47	struct {
32a121cb SH	48	struct nlmsghdr n;
	49	struct tcmsg t;
	50	char buf[MAX_MSG];
d17b136f PS	51	} req = {
	52	.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
	53	.n.nlmsg_flags = NLM_F_REQUEST \| flags,
	54	.n.nlmsg_type = cmd,
	55	.t.tcm_family = AF_UNSPEC,
	56	};
aba5acdf SH	57	struct filter_util *q = NULL;
aba5acdf SH	58	__u32 prio = 0;
ae761068	59	__u32 protocol = 0;
083a5f00	60	int protocol_set = 0;
aba5acdf	61	char *fhandle = NULL;
d17b136f PS	62	char d[16] = {};
	63	char k[16] = {};
	64	struct tc_estimator est = {};
aba5acdf	65
ae761068	66	if (cmd == RTM_NEWTFILTER && flags & NLM_F_CREATE)
05fb9184	67	protocol = htons(ETH_P_ALL);
ae761068	68
aba5acdf SH	69	while (argc > 0) {
	70	if (strcmp(*argv, "dev") == 0) {
	71	NEXT_ARG();
	72	if (d[0])
	73	duparg("dev", *argv);
	74	strncpy(d, *argv, sizeof(d)-1);
	75	} else if (strcmp(*argv, "root") == 0) {
	76	if (req.t.tcm_parent) {
	77	fprintf(stderr, "Error: \"root\" is duplicate parent ID\n");
024481bb	78	return -1;
aba5acdf SH	79	}
aba5acdf SH	80	req.t.tcm_parent = TC_H_ROOT;
8f9afdd5 DB	81	} else if (strcmp(*argv, "ingress") == 0) {
	82	if (req.t.tcm_parent) {
	83	fprintf(stderr, "Error: \"ingress\" is duplicate parent ID\n");
	84	return -1;
	85	}
	86	req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
	87	TC_H_MIN_INGRESS);
	88	} else if (strcmp(*argv, "egress") == 0) {
	89	if (req.t.tcm_parent) {
	90	fprintf(stderr, "Error: \"egress\" is duplicate parent ID\n");
	91	return -1;
	92	}
	93	req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
	94	TC_H_MIN_EGRESS);
aba5acdf SH	95	} else if (strcmp(*argv, "parent") == 0) {
aba5acdf SH	96	__u32 handle;
32a121cb	97
aba5acdf SH	98	NEXT_ARG();
	99	if (req.t.tcm_parent)
	100	duparg("parent", *argv);
	101	if (get_tc_classid(&handle, *argv))
f1675d61	102	invarg("Invalid parent ID", *argv);
aba5acdf SH	103	req.t.tcm_parent = handle;
	104	} else if (strcmp(*argv, "handle") == 0) {
	105	NEXT_ARG();
	106	if (fhandle)
	107	duparg("handle", *argv);
	108	fhandle = *argv;
	109	} else if (matches(*argv, "preference") == 0 \|\|
	110	matches(*argv, "priority") == 0) {
	111	NEXT_ARG();
	112	if (prio)
	113	duparg("priority", *argv);
424adc19	114	if (get_u32(&prio, *argv, 0) \|\| prio > 0xFFFF)
f1675d61	115	invarg("invalid priority value", *argv);
aba5acdf SH	116	} else if (matches(*argv, "protocol") == 0) {
aba5acdf SH	117	__u16 id;
32a121cb	118
aba5acdf	119	NEXT_ARG();
083a5f00	120	if (protocol_set)
aba5acdf SH	121	duparg("protocol", *argv);
aba5acdf SH	122	if (ll_proto_a2n(&id, *argv))
f1675d61	123	invarg("invalid protocol", *argv);
aba5acdf	124	protocol = id;
083a5f00	125	protocol_set = 1;
aba5acdf SH	126	} else if (matches(*argv, "estimator") == 0) {
	127	if (parse_estimator(&argc, &argv, &est) < 0)
	128	return -1;
	129	} else if (matches(*argv, "help") == 0) {
	130	usage();
3a99df70	131	return 0;
aba5acdf SH	132	} else {
	133	strncpy(k, *argv, sizeof(k)-1);
	134
	135	q = get_filter_kind(k);
	136	argc--; argv++;
	137	break;
	138	}
	139
	140	argc--; argv++;
	141	}
	142
	143	req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);
	144
	145	if (k[0])
	146	addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1);
	147
	148	if (q) {
	149	if (q->parse_fopt(q, fhandle, argc, argv, &req.n))
024481bb	150	return 1;
aba5acdf SH	151	} else {
aba5acdf SH	152	if (fhandle) {
32a121cb	153	fprintf(stderr, "Must specify filter type when using \"handle\"\n");
024481bb	154	return -1;
aba5acdf SH	155	}
	156	if (argc) {
	157	if (matches(*argv, "help") == 0)
	158	usage();
	159	fprintf(stderr, "Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n", *argv);
024481bb	160	return -1;
aba5acdf SH	161	}
	162	}
	163	if (est.ewma_log)
	164	addattr_l(&req.n, sizeof(req), TCA_RATE, &est, sizeof(est));
	165
aba5acdf SH	166
aba5acdf SH	167	if (d[0]) {
3d0b7439	168	ll_init_map(&rth);
aba5acdf SH	169
	170	if ((req.t.tcm_ifindex = ll_name_to_index(d)) == 0) {
	171	fprintf(stderr, "Cannot find device \"%s\"\n", d);
024481bb	172	return 1;
aba5acdf SH	173	}
	174	}
	175
c079e121	176	if (rtnl_talk(&rth, &req.n, NULL, 0) < 0) {
2373fde9	177	fprintf(stderr, "We have an error talking to the kernel\n");
024481bb	178	return 2;
2373fde9	179	}
aba5acdf	180
aba5acdf SH	181	return 0;
	182	}
	183
	184	static __u32 filter_parent;
	185	static int filter_ifindex;
	186	static __u32 filter_prio;
	187	static __u32 filter_protocol;
32a121cb	188	__u16 f_proto;
aba5acdf	189
120f556d	190	int print_filter(const struct sockaddr_nl who, struct nlmsghdr n, void *arg)
aba5acdf	191	{
32a121cb	192	FILE fp = (FILE )arg;
aba5acdf SH	193	struct tcmsg *t = NLMSG_DATA(n);
aba5acdf SH	194	int len = n->nlmsg_len;
32a121cb	195	struct rtattr *tb[TCA_MAX+1];
aba5acdf SH	196	struct filter_util *q;
	197	char abuf[256];
	198
120f556d JHS	199	if (n->nlmsg_type != RTM_NEWTFILTER &&
	200	n->nlmsg_type != RTM_GETTFILTER &&
	201	n->nlmsg_type != RTM_DELTFILTER) {
	202	fprintf(stderr, "Not a filter(cmd %d)\n", n->nlmsg_type);
aba5acdf SH	203	return 0;
	204	}
	205	len -= NLMSG_LENGTH(sizeof(*t));
	206	if (len < 0) {
	207	fprintf(stderr, "Wrong len %d\n", len);
	208	return -1;
	209	}
	210
aba5acdf SH	211	parse_rtattr(tb, TCA_MAX, TCA_RTA(t), len);
	212
	213	if (tb[TCA_KIND] == NULL) {
2373fde9	214	fprintf(stderr, "print_filter: NULL kind\n");
aba5acdf SH	215	return -1;
	216	}
	217
	218	if (n->nlmsg_type == RTM_DELTFILTER)
	219	fprintf(fp, "deleted ");
	220
	221	fprintf(fp, "filter ");
	222	if (!filter_ifindex \|\| filter_ifindex != t->tcm_ifindex)
	223	fprintf(fp, "dev %s ", ll_index_to_name(t->tcm_ifindex));
	224
	225	if (!filter_parent \|\| filter_parent != t->tcm_parent) {
	226	if (t->tcm_parent == TC_H_ROOT)
	227	fprintf(fp, "root ");
8f9afdd5 DB	228	else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_INGRESS))
	229	fprintf(fp, "ingress ");
	230	else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_EGRESS))
	231	fprintf(fp, "egress ");
aba5acdf SH	232	else {
	233	print_tc_classid(abuf, sizeof(abuf), t->tcm_parent);
	234	fprintf(fp, "parent %s ", abuf);
	235	}
	236	}
8f9afdd5	237
aba5acdf	238	if (t->tcm_info) {
eefcbc72	239	f_proto = TC_H_MIN(t->tcm_info);
aba5acdf	240	__u32 prio = TC_H_MAJ(t->tcm_info)>>16;
32a121cb	241
eefcbc72	242	if (!filter_protocol \|\| filter_protocol != f_proto) {
eefcbc72	243	if (f_proto) {
aba5acdf SH	244	SPRINT_BUF(b1);
aba5acdf SH	245	fprintf(fp, "protocol %s ",
eefcbc72	246	ll_proto_n2a(f_proto, b1, sizeof(b1)));
aba5acdf SH	247	}
	248	}
	249	if (!filter_prio \|\| filter_prio != prio) {
	250	if (prio)
	251	fprintf(fp, "pref %u ", prio);
	252	}
	253	}
ff24746c	254	fprintf(fp, "%s ", rta_getattr_str(tb[TCA_KIND]));
aba5acdf SH	255	q = get_filter_kind(RTA_DATA(tb[TCA_KIND]));
	256	if (tb[TCA_OPTIONS]) {
	257	if (q)
	258	q->print_fopt(q, fp, tb[TCA_OPTIONS], t->tcm_handle);
	259	else
	260	fprintf(fp, "[cannot parse parameters]");
	261	}
	262	fprintf(fp, "\n");
	263
e5879dc6	264	if (show_stats && (tb[TCA_STATS] \|\| tb[TCA_STATS2])) {
e5879dc6	265	print_tcstats_attr(fp, tb, " ", NULL);
de481780	266	fprintf(fp, "\n");
aba5acdf	267	}
de481780	268
aba5acdf SH	269	fflush(fp);
	270	return 0;
	271	}
	272
120f556d JHS	273	static int tc_filter_get(int cmd, unsigned int flags, int argc, char **argv)
	274	{
	275	struct {
	276	struct nlmsghdr n;
	277	struct tcmsg t;
	278	char buf[MAX_MSG];
	279	} req = {
	280	.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
	281	/* NLM_F_ECHO is for backward compatibility. old kernels never
	282	* respond without it and newer kernels will ignore it.
	283	* In old kernels there is a side effect:
	284	* In addition to a response to the GET you will receive an
	285	* event (if you do tc mon).
	286	*/
	287	.n.nlmsg_flags = NLM_F_REQUEST \| NLM_F_ECHO \| flags,
	288	.n.nlmsg_type = cmd,
	289	.t.tcm_parent = TC_H_UNSPEC,
	290	.t.tcm_family = AF_UNSPEC,
	291	};
	292	struct filter_util *q = NULL;
	293	__u32 prio = 0;
	294	__u32 protocol = 0;
	295	int protocol_set = 0;
	296	__u32 parent_handle = 0;
	297	char *fhandle = NULL;
	298	char d[16] = {};
	299	char k[16] = {};
	300
	301	while (argc > 0) {
	302	if (strcmp(*argv, "dev") == 0) {
	303	NEXT_ARG();
	304	if (d[0])
	305	duparg("dev", *argv);
	306	strncpy(d, *argv, sizeof(d)-1);
	307	} else if (strcmp(*argv, "root") == 0) {
	308	if (req.t.tcm_parent) {
	309	fprintf(stderr, "Error: \"root\" is duplicate parent ID\n");
	310	return -1;
	311	}
	312	req.t.tcm_parent = TC_H_ROOT;
	313	} else if (strcmp(*argv, "ingress") == 0) {
	314	if (req.t.tcm_parent) {
	315	fprintf(stderr, "Error: \"ingress\" is duplicate parent ID\n");
	316	return -1;
	317	}
	318	req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
	319	TC_H_MIN_INGRESS);
	320	} else if (strcmp(*argv, "egress") == 0) {
	321	if (req.t.tcm_parent) {
	322	fprintf(stderr, "Error: \"egress\" is duplicate parent ID\n");
	323	return -1;
	324	}
	325	req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
	326	TC_H_MIN_EGRESS);
	327	} else if (strcmp(*argv, "parent") == 0) {
	328
	329	NEXT_ARG();
	330	if (req.t.tcm_parent)
	331	duparg("parent", *argv);
	332	if (get_tc_classid(&parent_handle, *argv))
	333	invarg("Invalid parent ID", *argv);
	334	req.t.tcm_parent = parent_handle;
	335	} else if (strcmp(*argv, "handle") == 0) {
	336	NEXT_ARG();
337	if (fhandle)
338	duparg("handle", *argv);
339	fhandle = *argv;
340	} else if (matches(*argv, "preference") == 0 \|\|
341	matches(*argv, "priority") == 0) {
342	NEXT_ARG();
343	if (prio)
344	duparg("priority", *argv);
345	if (get_u32(&prio, *argv, 0) \|\| prio > 0xFFFF)
346	invarg("invalid priority value", *argv);
347	} else if (matches(*argv, "protocol") == 0) {
348	__u16 id;
349
350	NEXT_ARG();
351	if (protocol_set)
352	duparg("protocol", *argv);
353	if (ll_proto_a2n(&id, *argv))
354	invarg("invalid protocol", *argv);
355	protocol = id;
356	protocol_set = 1;
357	} else if (matches(*argv, "help") == 0) {
358	usage();
359	return 0;
360	} else {
361	strncpy(k, *argv, sizeof(k)-1);
362
363	q = get_filter_kind(k);
364	argc--; argv++;
365	break;
366	}
367
368	argc--; argv++;
369	}
370
371	if (!protocol_set) {
372	fprintf(stderr, "Must specify filter protocol\n");
373	return -1;
374	}
375
376	if (!prio) {
377	fprintf(stderr, "Must specify filter priority\n");
378	return -1;
379	}
380
381	req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);
382
383	if (req.t.tcm_parent == TC_H_UNSPEC) {
384	fprintf(stderr, "Must specify filter parent\n");
385	return -1;
386	}
387
388	if (k[0])
389	addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1);
390	else {
391	fprintf(stderr, "Must specify filter type\n");
392	return -1;
393	}
394
395	if (q->parse_fopt(q, fhandle, argc, argv, &req.n))
396	return 1;
397
398
399	if (!fhandle) {
400	fprintf(stderr, "Must specify filter \"handle\"\n");
401	return -1;
402	}
403
404	if (argc) {
405	if (matches(*argv, "help") == 0)
406	usage();
407	fprintf(stderr, "Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n",
408	*argv);
409	return -1;
410	}
411
412	if (d[0]) {
413	ll_init_map(&rth);
414
415	req.t.tcm_ifindex = ll_name_to_index(d);
416	if (req.t.tcm_ifindex == 0) {
417	fprintf(stderr, "Cannot find device \"%s\"\n", d);
418	return 1;
419	}
420	filter_ifindex = req.t.tcm_ifindex;
421	} else {
422	fprintf(stderr, "Must specify netdevice \"dev\"\n");
423	return -1;
424	}
425
426	if (rtnl_talk(&rth, &req.n, &req.n, MAX_MSG) < 0) {
427	fprintf(stderr, "We have an error talking to the kernel\n");
428	return 2;
429	}
430
431	print_filter(NULL, &req.n, (void *)stdout);
432
433	return 0;
434	}
435
d1f28cf1	436	static int tc_filter_list(int argc, char **argv)
aba5acdf	437	{
d17b136f PS	438	struct tcmsg t = { .tcm_family = AF_UNSPEC };
d17b136f PS	439	char d[16] = {};
aba5acdf SH	440	__u32 prio = 0;
	441	__u32 protocol = 0;
	442	char *fhandle = NULL;
	443
aba5acdf SH	444	while (argc > 0) {
	445	if (strcmp(*argv, "dev") == 0) {
	446	NEXT_ARG();
	447	if (d[0])
	448	duparg("dev", *argv);
	449	strncpy(d, *argv, sizeof(d)-1);
	450	} else if (strcmp(*argv, "root") == 0) {
	451	if (t.tcm_parent) {
	452	fprintf(stderr, "Error: \"root\" is duplicate parent ID\n");
024481bb	453	return -1;
aba5acdf SH	454	}
aba5acdf SH	455	filter_parent = t.tcm_parent = TC_H_ROOT;
8f9afdd5 DB	456	} else if (strcmp(*argv, "ingress") == 0) {
	457	if (t.tcm_parent) {
	458	fprintf(stderr, "Error: \"ingress\" is duplicate parent ID\n");
	459	return -1;
	460	}
	461	filter_parent = TC_H_MAKE(TC_H_CLSACT,
	462	TC_H_MIN_INGRESS);
	463	t.tcm_parent = filter_parent;
	464	} else if (strcmp(*argv, "egress") == 0) {
	465	if (t.tcm_parent) {
	466	fprintf(stderr, "Error: \"egress\" is duplicate parent ID\n");
	467	return -1;
	468	}
	469	filter_parent = TC_H_MAKE(TC_H_CLSACT,
	470	TC_H_MIN_EGRESS);
	471	t.tcm_parent = filter_parent;
aba5acdf SH	472	} else if (strcmp(*argv, "parent") == 0) {
aba5acdf SH	473	__u32 handle;
32a121cb	474
aba5acdf SH	475	NEXT_ARG();
	476	if (t.tcm_parent)
	477	duparg("parent", *argv);
	478	if (get_tc_classid(&handle, *argv))
f1675d61	479	invarg("invalid parent ID", *argv);
aba5acdf SH	480	filter_parent = t.tcm_parent = handle;
	481	} else if (strcmp(*argv, "handle") == 0) {
	482	NEXT_ARG();
	483	if (fhandle)
	484	duparg("handle", *argv);
	485	fhandle = *argv;
	486	} else if (matches(*argv, "preference") == 0 \|\|
	487	matches(*argv, "priority") == 0) {
	488	NEXT_ARG();
	489	if (prio)
	490	duparg("priority", *argv);
	491	if (get_u32(&prio, *argv, 0))
f1675d61	492	invarg("invalid preference", *argv);
aba5acdf SH	493	filter_prio = prio;
	494	} else if (matches(*argv, "protocol") == 0) {
	495	__u16 res;
32a121cb	496
aba5acdf SH	497	NEXT_ARG();
	498	if (protocol)
	499	duparg("protocol", *argv);
	500	if (ll_proto_a2n(&res, *argv))
f1675d61	501	invarg("invalid protocol", *argv);
aba5acdf SH	502	protocol = res;
	503	filter_protocol = protocol;
	504	} else if (matches(*argv, "help") == 0) {
	505	usage();
	506	} else {
	507	fprintf(stderr, " What is \"%s\"? Try \"tc filter help\"\n", *argv);
024481bb	508	return -1;
aba5acdf SH	509	}
	510
	511	argc--; argv++;
	512	}
	513
	514	t.tcm_info = TC_H_MAKE(prio<<16, protocol);
	515
3d0b7439	516	ll_init_map(&rth);
aba5acdf SH	517
	518	if (d[0]) {
	519	if ((t.tcm_ifindex = ll_name_to_index(d)) == 0) {
	520	fprintf(stderr, "Cannot find device \"%s\"\n", d);
024481bb	521	return 1;
aba5acdf SH	522	}
	523	filter_ifindex = t.tcm_ifindex;
	524	}
	525
3d0b7439	526	if (rtnl_dump_request(&rth, RTM_GETTFILTER, &t, sizeof(t)) < 0) {
aba5acdf	527	perror("Cannot send dump request");
024481bb	528	return 1;
aba5acdf SH	529	}
aba5acdf SH	530
3d0b7439	531	if (rtnl_dump_filter(&rth, print_filter, stdout) < 0) {
aba5acdf	532	fprintf(stderr, "Dump terminated\n");
024481bb	533	return 1;
aba5acdf SH	534	}
aba5acdf SH	535
aba5acdf SH	536	return 0;
	537	}
	538
	539	int do_filter(int argc, char **argv)
	540	{
	541	if (argc < 1)
	542	return tc_filter_list(0, NULL);
	543	if (matches(*argv, "add") == 0)
120f556d JHS	544	return tc_filter_modify(RTM_NEWTFILTER, NLM_F_EXCL\|NLM_F_CREATE,
120f556d JHS	545	argc-1, argv+1);
aba5acdf SH	546	if (matches(*argv, "change") == 0)
	547	return tc_filter_modify(RTM_NEWTFILTER, 0, argc-1, argv+1);
	548	if (matches(*argv, "replace") == 0)
120f556d JHS	549	return tc_filter_modify(RTM_NEWTFILTER, NLM_F_CREATE, argc-1,
120f556d JHS	550	argv+1);
aba5acdf SH	551	if (matches(*argv, "delete") == 0)
aba5acdf SH	552	return tc_filter_modify(RTM_DELTFILTER, 0, argc-1, argv+1);
aba5acdf SH	553	if (matches(*argv, "get") == 0)
aba5acdf SH	554	return tc_filter_get(RTM_GETTFILTER, 0, argc-1, argv+1);
aba5acdf SH	555	if (matches(argv, "list") == 0 \|\| matches(argv, "show") == 0
	556	\|\| matches(*argv, "lst") == 0)
	557	return tc_filter_list(argc-1, argv+1);
e5d179d8	558	if (matches(*argv, "help") == 0) {
aba5acdf	559	usage();
e5d179d8	560	return 0;
32a121cb	561	}
120f556d JHS	562	fprintf(stderr, "Command \"%s\" is unknown, try \"tc filter help\".\n",
120f556d JHS	563	*argv);
024481bb	564	return -1;
aba5acdf	565	}