]>
Commit | Line | Data |
---|---|---|
aba5acdf SH |
1 | /* |
2 | * tc_filter.c "tc filter". | |
3 | * | |
4 | * This program is free software; you can redistribute it and/or | |
5 | * modify it under the terms of the GNU General Public License | |
6 | * as published by the Free Software Foundation; either version | |
7 | * 2 of the License, or (at your option) any later version. | |
8 | * | |
9 | * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> | |
10 | * | |
11 | */ | |
12 | ||
13 | #include <stdio.h> | |
14 | #include <stdlib.h> | |
15 | #include <unistd.h> | |
aba5acdf | 16 | #include <fcntl.h> |
aba5acdf SH |
17 | #include <sys/socket.h> |
18 | #include <netinet/in.h> | |
19 | #include <arpa/inet.h> | |
20 | #include <string.h> | |
21 | #include <linux/if_ether.h> | |
22 | ||
23 | #include "rt_names.h" | |
24 | #include "utils.h" | |
25 | #include "tc_util.h" | |
26 | #include "tc_common.h" | |
27 | ||
aba5acdf SH |
28 | static void usage(void) |
29 | { | |
ec2e005f SH |
30 | fprintf(stderr, |
31 | "Usage: tc filter [ add | del | change | replace | show ] dev STRING\n" | |
32 | "Usage: tc filter get dev STRING parent CLASSID protocol PROTO handle FILTERID pref PRIO FILTER_TYPE\n" | |
732f0346 | 33 | " [ pref PRIO ] protocol PROTO [ chain CHAIN_INDEX ]\n" |
ec2e005f SH |
34 | " [ estimator INTERVAL TIME_CONSTANT ]\n" |
35 | " [ root | ingress | egress | parent CLASSID ]\n" | |
36 | " [ handle FILTERID ] [ [ FILTER_TYPE ] [ help | OPTIONS ] ]\n" | |
37 | "\n" | |
38 | " tc filter show [ dev STRING ] [ root | ingress | egress | parent CLASSID ]\n" | |
39 | "Where:\n" | |
40 | "FILTER_TYPE := { rsvp | u32 | bpf | fw | route | etc. }\n" | |
41 | "FILTERID := ... format depends on classifier, see there\n" | |
42 | "OPTIONS := ... try tc filter add <desired FILTER_KIND> help\n"); | |
aba5acdf SH |
43 | } |
44 | ||
485d0c60 CM |
45 | struct tc_filter_req { |
46 | struct nlmsghdr n; | |
47 | struct tcmsg t; | |
48 | char buf[MAX_MSG]; | |
49 | }; | |
50 | ||
51 | static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv, | |
52 | void *buf, size_t buflen) | |
aba5acdf | 53 | { |
485d0c60 | 54 | struct tc_filter_req *req, filter_req; |
aba5acdf | 55 | struct filter_util *q = NULL; |
485d0c60 CM |
56 | struct tc_estimator est = {}; |
57 | char k[FILTER_NAMESZ] = {}; | |
732f0346 | 58 | int chain_index_set = 0; |
485d0c60 CM |
59 | char d[IFNAMSIZ] = {}; |
60 | int protocol_set = 0; | |
aba5acdf | 61 | char *fhandle = NULL; |
485d0c60 CM |
62 | __u32 protocol = 0; |
63 | __u32 chain_index; | |
64 | struct iovec iov; | |
65 | __u32 prio = 0; | |
66 | int ret; | |
67 | ||
68 | if (buf) { | |
69 | req = buf; | |
70 | if (buflen < sizeof (struct tc_filter_req)) { | |
71 | fprintf(stderr, "buffer is too small: %zu\n", buflen); | |
72 | return -1; | |
73 | } | |
74 | } else { | |
75 | memset(&filter_req, 0, sizeof (struct tc_filter_req)); | |
76 | req = &filter_req; | |
77 | } | |
78 | ||
79 | req->n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)); | |
80 | req->n.nlmsg_flags = NLM_F_REQUEST | flags; | |
81 | req->n.nlmsg_type = cmd; | |
82 | req->t.tcm_family = AF_UNSPEC; | |
aba5acdf | 83 | |
ae761068 | 84 | if (cmd == RTM_NEWTFILTER && flags & NLM_F_CREATE) |
05fb9184 | 85 | protocol = htons(ETH_P_ALL); |
ae761068 | 86 | |
aba5acdf SH |
87 | while (argc > 0) { |
88 | if (strcmp(*argv, "dev") == 0) { | |
89 | NEXT_ARG(); | |
90 | if (d[0]) | |
91 | duparg("dev", *argv); | |
92 | strncpy(d, *argv, sizeof(d)-1); | |
93 | } else if (strcmp(*argv, "root") == 0) { | |
485d0c60 | 94 | if (req->t.tcm_parent) { |
ec2e005f SH |
95 | fprintf(stderr, |
96 | "Error: \"root\" is duplicate parent ID\n"); | |
024481bb | 97 | return -1; |
aba5acdf | 98 | } |
485d0c60 | 99 | req->t.tcm_parent = TC_H_ROOT; |
8f9afdd5 | 100 | } else if (strcmp(*argv, "ingress") == 0) { |
485d0c60 | 101 | if (req->t.tcm_parent) { |
ec2e005f SH |
102 | fprintf(stderr, |
103 | "Error: \"ingress\" is duplicate parent ID\n"); | |
8f9afdd5 DB |
104 | return -1; |
105 | } | |
485d0c60 | 106 | req->t.tcm_parent = TC_H_MAKE(TC_H_CLSACT, |
8f9afdd5 DB |
107 | TC_H_MIN_INGRESS); |
108 | } else if (strcmp(*argv, "egress") == 0) { | |
485d0c60 | 109 | if (req->t.tcm_parent) { |
ec2e005f SH |
110 | fprintf(stderr, |
111 | "Error: \"egress\" is duplicate parent ID\n"); | |
8f9afdd5 DB |
112 | return -1; |
113 | } | |
485d0c60 | 114 | req->t.tcm_parent = TC_H_MAKE(TC_H_CLSACT, |
8f9afdd5 | 115 | TC_H_MIN_EGRESS); |
aba5acdf SH |
116 | } else if (strcmp(*argv, "parent") == 0) { |
117 | __u32 handle; | |
32a121cb | 118 | |
aba5acdf | 119 | NEXT_ARG(); |
485d0c60 | 120 | if (req->t.tcm_parent) |
aba5acdf SH |
121 | duparg("parent", *argv); |
122 | if (get_tc_classid(&handle, *argv)) | |
f1675d61 | 123 | invarg("Invalid parent ID", *argv); |
485d0c60 | 124 | req->t.tcm_parent = handle; |
aba5acdf SH |
125 | } else if (strcmp(*argv, "handle") == 0) { |
126 | NEXT_ARG(); | |
127 | if (fhandle) | |
128 | duparg("handle", *argv); | |
129 | fhandle = *argv; | |
130 | } else if (matches(*argv, "preference") == 0 || | |
131 | matches(*argv, "priority") == 0) { | |
132 | NEXT_ARG(); | |
133 | if (prio) | |
134 | duparg("priority", *argv); | |
424adc19 | 135 | if (get_u32(&prio, *argv, 0) || prio > 0xFFFF) |
f1675d61 | 136 | invarg("invalid priority value", *argv); |
aba5acdf SH |
137 | } else if (matches(*argv, "protocol") == 0) { |
138 | __u16 id; | |
32a121cb | 139 | |
aba5acdf | 140 | NEXT_ARG(); |
083a5f00 | 141 | if (protocol_set) |
aba5acdf SH |
142 | duparg("protocol", *argv); |
143 | if (ll_proto_a2n(&id, *argv)) | |
f1675d61 | 144 | invarg("invalid protocol", *argv); |
aba5acdf | 145 | protocol = id; |
083a5f00 | 146 | protocol_set = 1; |
732f0346 JP |
147 | } else if (matches(*argv, "chain") == 0) { |
148 | NEXT_ARG(); | |
149 | if (chain_index_set) | |
150 | duparg("chain", *argv); | |
151 | if (get_u32(&chain_index, *argv, 0)) | |
152 | invarg("invalid chain index value", *argv); | |
153 | chain_index_set = 1; | |
aba5acdf SH |
154 | } else if (matches(*argv, "estimator") == 0) { |
155 | if (parse_estimator(&argc, &argv, &est) < 0) | |
156 | return -1; | |
157 | } else if (matches(*argv, "help") == 0) { | |
158 | usage(); | |
3a99df70 | 159 | return 0; |
aba5acdf SH |
160 | } else { |
161 | strncpy(k, *argv, sizeof(k)-1); | |
162 | ||
163 | q = get_filter_kind(k); | |
164 | argc--; argv++; | |
165 | break; | |
166 | } | |
167 | ||
168 | argc--; argv++; | |
169 | } | |
170 | ||
485d0c60 | 171 | req->t.tcm_info = TC_H_MAKE(prio<<16, protocol); |
aba5acdf | 172 | |
732f0346 | 173 | if (chain_index_set) |
485d0c60 | 174 | addattr32(&req->n, sizeof(*req), TCA_CHAIN, chain_index); |
732f0346 | 175 | |
aba5acdf | 176 | if (k[0]) |
485d0c60 | 177 | addattr_l(&req->n, sizeof(*req), TCA_KIND, k, strlen(k)+1); |
aba5acdf | 178 | |
01ea76b1 JK |
179 | if (d[0]) { |
180 | ll_init_map(&rth); | |
181 | ||
485d0c60 CM |
182 | req->t.tcm_ifindex = ll_name_to_index(d); |
183 | if (req->t.tcm_ifindex == 0) { | |
01ea76b1 JK |
184 | fprintf(stderr, "Cannot find device \"%s\"\n", d); |
185 | return 1; | |
186 | } | |
187 | } | |
188 | ||
aba5acdf | 189 | if (q) { |
485d0c60 | 190 | if (q->parse_fopt(q, fhandle, argc, argv, &req->n)) |
024481bb | 191 | return 1; |
aba5acdf SH |
192 | } else { |
193 | if (fhandle) { | |
ec2e005f SH |
194 | fprintf(stderr, |
195 | "Must specify filter type when using \"handle\"\n"); | |
024481bb | 196 | return -1; |
aba5acdf SH |
197 | } |
198 | if (argc) { | |
199 | if (matches(*argv, "help") == 0) | |
200 | usage(); | |
ec2e005f SH |
201 | fprintf(stderr, |
202 | "Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n", | |
203 | *argv); | |
024481bb | 204 | return -1; |
aba5acdf SH |
205 | } |
206 | } | |
732f0346 | 207 | |
aba5acdf | 208 | if (est.ewma_log) |
485d0c60 | 209 | addattr_l(&req->n, sizeof(*req), TCA_RATE, &est, sizeof(est)); |
aba5acdf | 210 | |
485d0c60 CM |
211 | if (buf) |
212 | return 0; | |
213 | ||
214 | iov.iov_base = &req->n; | |
215 | iov.iov_len = req->n.nlmsg_len; | |
216 | ret = rtnl_talk_iov(&rth, &iov, 1, NULL); | |
217 | if (ret < 0) { | |
218 | fprintf(stderr, "We have an error talking to the kernel, %d\n", ret); | |
024481bb | 219 | return 2; |
2373fde9 | 220 | } |
aba5acdf | 221 | |
aba5acdf SH |
222 | return 0; |
223 | } | |
224 | ||
225 | static __u32 filter_parent; | |
226 | static int filter_ifindex; | |
227 | static __u32 filter_prio; | |
228 | static __u32 filter_protocol; | |
732f0346 JP |
229 | static __u32 filter_chain_index; |
230 | static int filter_chain_index_set; | |
32a121cb | 231 | __u16 f_proto; |
aba5acdf | 232 | |
120f556d | 233 | int print_filter(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) |
aba5acdf | 234 | { |
32a121cb | 235 | FILE *fp = (FILE *)arg; |
aba5acdf SH |
236 | struct tcmsg *t = NLMSG_DATA(n); |
237 | int len = n->nlmsg_len; | |
32a121cb | 238 | struct rtattr *tb[TCA_MAX+1]; |
aba5acdf SH |
239 | struct filter_util *q; |
240 | char abuf[256]; | |
241 | ||
120f556d JHS |
242 | if (n->nlmsg_type != RTM_NEWTFILTER && |
243 | n->nlmsg_type != RTM_GETTFILTER && | |
244 | n->nlmsg_type != RTM_DELTFILTER) { | |
245 | fprintf(stderr, "Not a filter(cmd %d)\n", n->nlmsg_type); | |
aba5acdf SH |
246 | return 0; |
247 | } | |
248 | len -= NLMSG_LENGTH(sizeof(*t)); | |
249 | if (len < 0) { | |
250 | fprintf(stderr, "Wrong len %d\n", len); | |
251 | return -1; | |
252 | } | |
253 | ||
aba5acdf SH |
254 | parse_rtattr(tb, TCA_MAX, TCA_RTA(t), len); |
255 | ||
256 | if (tb[TCA_KIND] == NULL) { | |
2373fde9 | 257 | fprintf(stderr, "print_filter: NULL kind\n"); |
aba5acdf SH |
258 | return -1; |
259 | } | |
260 | ||
249284ff JP |
261 | open_json_object(NULL); |
262 | ||
aba5acdf | 263 | if (n->nlmsg_type == RTM_DELTFILTER) |
249284ff | 264 | print_bool(PRINT_ANY, "deleted", "deleted ", true); |
aba5acdf | 265 | |
98df0c81 RM |
266 | if (n->nlmsg_type == RTM_NEWTFILTER && |
267 | (n->nlmsg_flags & NLM_F_CREATE) && | |
268 | !(n->nlmsg_flags & NLM_F_EXCL)) | |
249284ff | 269 | print_bool(PRINT_ANY, "replaced", "replaced ", true); |
98df0c81 RM |
270 | |
271 | if (n->nlmsg_type == RTM_NEWTFILTER && | |
272 | (n->nlmsg_flags & NLM_F_CREATE) && | |
273 | (n->nlmsg_flags & NLM_F_EXCL)) | |
249284ff | 274 | print_bool(PRINT_ANY, "added", "added ", true); |
98df0c81 | 275 | |
249284ff | 276 | print_string(PRINT_FP, NULL, "filter ", NULL); |
aba5acdf | 277 | if (!filter_ifindex || filter_ifindex != t->tcm_ifindex) |
249284ff JP |
278 | print_string(PRINT_ANY, "dev", "dev %s ", |
279 | ll_index_to_name(t->tcm_ifindex)); | |
aba5acdf SH |
280 | |
281 | if (!filter_parent || filter_parent != t->tcm_parent) { | |
282 | if (t->tcm_parent == TC_H_ROOT) | |
249284ff | 283 | print_bool(PRINT_ANY, "root", "root ", true); |
8f9afdd5 | 284 | else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_INGRESS)) |
249284ff | 285 | print_bool(PRINT_ANY, "ingress", "ingress ", true); |
8f9afdd5 | 286 | else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_EGRESS)) |
249284ff | 287 | print_bool(PRINT_ANY, "egress", "egress ", true); |
aba5acdf SH |
288 | else { |
289 | print_tc_classid(abuf, sizeof(abuf), t->tcm_parent); | |
249284ff | 290 | print_string(PRINT_ANY, "parent", "parent %s ", abuf); |
aba5acdf SH |
291 | } |
292 | } | |
8f9afdd5 | 293 | |
aba5acdf | 294 | if (t->tcm_info) { |
eefcbc72 | 295 | f_proto = TC_H_MIN(t->tcm_info); |
aba5acdf | 296 | __u32 prio = TC_H_MAJ(t->tcm_info)>>16; |
32a121cb | 297 | |
eefcbc72 | 298 | if (!filter_protocol || filter_protocol != f_proto) { |
299 | if (f_proto) { | |
aba5acdf | 300 | SPRINT_BUF(b1); |
24a5a48e | 301 | print_string(PRINT_ANY, "protocol", |
249284ff JP |
302 | "protocol %s ", |
303 | ll_proto_n2a(f_proto, b1, sizeof(b1))); | |
aba5acdf SH |
304 | } |
305 | } | |
306 | if (!filter_prio || filter_prio != prio) { | |
307 | if (prio) | |
249284ff | 308 | print_uint(PRINT_ANY, "pref", "pref %u ", prio); |
aba5acdf SH |
309 | } |
310 | } | |
249284ff | 311 | print_string(PRINT_ANY, "kind", "%s ", rta_getattr_str(tb[TCA_KIND])); |
732f0346 JP |
312 | |
313 | if (tb[TCA_CHAIN]) { | |
314 | __u32 chain_index = rta_getattr_u32(tb[TCA_CHAIN]); | |
315 | ||
316 | if (!filter_chain_index_set || | |
317 | filter_chain_index != chain_index) | |
249284ff JP |
318 | print_uint(PRINT_ANY, "chain", "chain %u ", |
319 | chain_index); | |
732f0346 JP |
320 | } |
321 | ||
aba5acdf SH |
322 | q = get_filter_kind(RTA_DATA(tb[TCA_KIND])); |
323 | if (tb[TCA_OPTIONS]) { | |
249284ff | 324 | open_json_object("options"); |
aba5acdf SH |
325 | if (q) |
326 | q->print_fopt(q, fp, tb[TCA_OPTIONS], t->tcm_handle); | |
327 | else | |
249284ff JP |
328 | print_string(PRINT_FP, NULL, |
329 | "[cannot parse parameters]", NULL); | |
330 | close_json_object(); | |
aba5acdf | 331 | } |
249284ff | 332 | print_string(PRINT_FP, NULL, "\n", NULL); |
aba5acdf | 333 | |
e5879dc6 | 334 | if (show_stats && (tb[TCA_STATS] || tb[TCA_STATS2])) { |
335 | print_tcstats_attr(fp, tb, " ", NULL); | |
249284ff | 336 | print_string(PRINT_FP, NULL, "\n", NULL); |
aba5acdf | 337 | } |
de481780 | 338 | |
249284ff | 339 | close_json_object(); |
aba5acdf SH |
340 | fflush(fp); |
341 | return 0; | |
342 | } | |
343 | ||
120f556d JHS |
344 | static int tc_filter_get(int cmd, unsigned int flags, int argc, char **argv) |
345 | { | |
346 | struct { | |
347 | struct nlmsghdr n; | |
348 | struct tcmsg t; | |
349 | char buf[MAX_MSG]; | |
350 | } req = { | |
351 | .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)), | |
352 | /* NLM_F_ECHO is for backward compatibility. old kernels never | |
353 | * respond without it and newer kernels will ignore it. | |
354 | * In old kernels there is a side effect: | |
355 | * In addition to a response to the GET you will receive an | |
356 | * event (if you do tc mon). | |
357 | */ | |
358 | .n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ECHO | flags, | |
359 | .n.nlmsg_type = cmd, | |
360 | .t.tcm_parent = TC_H_UNSPEC, | |
361 | .t.tcm_family = AF_UNSPEC, | |
362 | }; | |
86bf43c7 | 363 | struct nlmsghdr *answer; |
120f556d JHS |
364 | struct filter_util *q = NULL; |
365 | __u32 prio = 0; | |
366 | __u32 protocol = 0; | |
367 | int protocol_set = 0; | |
732f0346 JP |
368 | __u32 chain_index; |
369 | int chain_index_set = 0; | |
120f556d JHS |
370 | __u32 parent_handle = 0; |
371 | char *fhandle = NULL; | |
b317557f SH |
372 | char d[IFNAMSIZ] = {}; |
373 | char k[FILTER_NAMESZ] = {}; | |
120f556d JHS |
374 | |
375 | while (argc > 0) { | |
376 | if (strcmp(*argv, "dev") == 0) { | |
377 | NEXT_ARG(); | |
378 | if (d[0]) | |
379 | duparg("dev", *argv); | |
380 | strncpy(d, *argv, sizeof(d)-1); | |
381 | } else if (strcmp(*argv, "root") == 0) { | |
382 | if (req.t.tcm_parent) { | |
ec2e005f SH |
383 | fprintf(stderr, |
384 | "Error: \"root\" is duplicate parent ID\n"); | |
120f556d JHS |
385 | return -1; |
386 | } | |
387 | req.t.tcm_parent = TC_H_ROOT; | |
388 | } else if (strcmp(*argv, "ingress") == 0) { | |
389 | if (req.t.tcm_parent) { | |
ec2e005f SH |
390 | fprintf(stderr, |
391 | "Error: \"ingress\" is duplicate parent ID\n"); | |
120f556d JHS |
392 | return -1; |
393 | } | |
394 | req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT, | |
395 | TC_H_MIN_INGRESS); | |
396 | } else if (strcmp(*argv, "egress") == 0) { | |
397 | if (req.t.tcm_parent) { | |
ec2e005f SH |
398 | fprintf(stderr, |
399 | "Error: \"egress\" is duplicate parent ID\n"); | |
120f556d JHS |
400 | return -1; |
401 | } | |
402 | req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT, | |
403 | TC_H_MIN_EGRESS); | |
404 | } else if (strcmp(*argv, "parent") == 0) { | |
405 | ||
406 | NEXT_ARG(); | |
407 | if (req.t.tcm_parent) | |
408 | duparg("parent", *argv); | |
409 | if (get_tc_classid(&parent_handle, *argv)) | |
410 | invarg("Invalid parent ID", *argv); | |
411 | req.t.tcm_parent = parent_handle; | |
412 | } else if (strcmp(*argv, "handle") == 0) { | |
413 | NEXT_ARG(); | |
414 | if (fhandle) | |
415 | duparg("handle", *argv); | |
416 | fhandle = *argv; | |
417 | } else if (matches(*argv, "preference") == 0 || | |
418 | matches(*argv, "priority") == 0) { | |
419 | NEXT_ARG(); | |
420 | if (prio) | |
421 | duparg("priority", *argv); | |
422 | if (get_u32(&prio, *argv, 0) || prio > 0xFFFF) | |
423 | invarg("invalid priority value", *argv); | |
424 | } else if (matches(*argv, "protocol") == 0) { | |
425 | __u16 id; | |
426 | ||
427 | NEXT_ARG(); | |
428 | if (protocol_set) | |
429 | duparg("protocol", *argv); | |
430 | if (ll_proto_a2n(&id, *argv)) | |
431 | invarg("invalid protocol", *argv); | |
432 | protocol = id; | |
433 | protocol_set = 1; | |
732f0346 JP |
434 | } else if (matches(*argv, "chain") == 0) { |
435 | NEXT_ARG(); | |
436 | if (chain_index_set) | |
437 | duparg("chain", *argv); | |
438 | if (get_u32(&chain_index, *argv, 0)) | |
439 | invarg("invalid chain index value", *argv); | |
440 | chain_index_set = 1; | |
120f556d JHS |
441 | } else if (matches(*argv, "help") == 0) { |
442 | usage(); | |
443 | return 0; | |
444 | } else { | |
75716932 PS |
445 | if (!**argv) |
446 | invarg("invalid filter name", *argv); | |
447 | ||
120f556d JHS |
448 | strncpy(k, *argv, sizeof(k)-1); |
449 | ||
450 | q = get_filter_kind(k); | |
451 | argc--; argv++; | |
452 | break; | |
453 | } | |
454 | ||
455 | argc--; argv++; | |
456 | } | |
457 | ||
458 | if (!protocol_set) { | |
459 | fprintf(stderr, "Must specify filter protocol\n"); | |
460 | return -1; | |
461 | } | |
462 | ||
463 | if (!prio) { | |
464 | fprintf(stderr, "Must specify filter priority\n"); | |
465 | return -1; | |
466 | } | |
467 | ||
468 | req.t.tcm_info = TC_H_MAKE(prio<<16, protocol); | |
469 | ||
732f0346 JP |
470 | if (chain_index_set) |
471 | addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index); | |
472 | ||
120f556d JHS |
473 | if (req.t.tcm_parent == TC_H_UNSPEC) { |
474 | fprintf(stderr, "Must specify filter parent\n"); | |
475 | return -1; | |
476 | } | |
477 | ||
478 | if (k[0]) | |
479 | addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1); | |
480 | else { | |
481 | fprintf(stderr, "Must specify filter type\n"); | |
482 | return -1; | |
483 | } | |
484 | ||
01ea76b1 JK |
485 | if (d[0]) { |
486 | ll_init_map(&rth); | |
487 | ||
488 | req.t.tcm_ifindex = ll_name_to_index(d); | |
489 | if (req.t.tcm_ifindex == 0) { | |
490 | fprintf(stderr, "Cannot find device \"%s\"\n", d); | |
491 | return 1; | |
492 | } | |
493 | filter_ifindex = req.t.tcm_ifindex; | |
494 | } else { | |
495 | fprintf(stderr, "Must specify netdevice \"dev\"\n"); | |
496 | return -1; | |
497 | } | |
498 | ||
120f556d JHS |
499 | if (q->parse_fopt(q, fhandle, argc, argv, &req.n)) |
500 | return 1; | |
501 | ||
120f556d JHS |
502 | if (!fhandle) { |
503 | fprintf(stderr, "Must specify filter \"handle\"\n"); | |
504 | return -1; | |
505 | } | |
506 | ||
507 | if (argc) { | |
508 | if (matches(*argv, "help") == 0) | |
509 | usage(); | |
ec2e005f SH |
510 | fprintf(stderr, |
511 | "Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n", | |
120f556d JHS |
512 | *argv); |
513 | return -1; | |
514 | } | |
515 | ||
86bf43c7 | 516 | if (rtnl_talk(&rth, &req.n, &answer) < 0) { |
120f556d JHS |
517 | fprintf(stderr, "We have an error talking to the kernel\n"); |
518 | return 2; | |
519 | } | |
520 | ||
249284ff | 521 | new_json_obj(json); |
86bf43c7 | 522 | print_filter(NULL, answer, (void *)stdout); |
249284ff | 523 | delete_json_obj(); |
120f556d | 524 | |
86bf43c7 | 525 | free(answer); |
120f556d JHS |
526 | return 0; |
527 | } | |
528 | ||
d1f28cf1 | 529 | static int tc_filter_list(int argc, char **argv) |
aba5acdf | 530 | { |
732f0346 JP |
531 | struct { |
532 | struct nlmsghdr n; | |
533 | struct tcmsg t; | |
534 | char buf[MAX_MSG]; | |
535 | } req = { | |
536 | .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)), | |
537 | .n.nlmsg_type = RTM_GETTFILTER, | |
538 | .t.tcm_parent = TC_H_UNSPEC, | |
539 | .t.tcm_family = AF_UNSPEC, | |
540 | }; | |
b317557f | 541 | char d[IFNAMSIZ] = {}; |
aba5acdf SH |
542 | __u32 prio = 0; |
543 | __u32 protocol = 0; | |
732f0346 | 544 | __u32 chain_index; |
aba5acdf SH |
545 | char *fhandle = NULL; |
546 | ||
aba5acdf SH |
547 | while (argc > 0) { |
548 | if (strcmp(*argv, "dev") == 0) { | |
549 | NEXT_ARG(); | |
550 | if (d[0]) | |
551 | duparg("dev", *argv); | |
552 | strncpy(d, *argv, sizeof(d)-1); | |
553 | } else if (strcmp(*argv, "root") == 0) { | |
732f0346 | 554 | if (req.t.tcm_parent) { |
ec2e005f SH |
555 | fprintf(stderr, |
556 | "Error: \"root\" is duplicate parent ID\n"); | |
024481bb | 557 | return -1; |
aba5acdf | 558 | } |
732f0346 | 559 | filter_parent = req.t.tcm_parent = TC_H_ROOT; |
8f9afdd5 | 560 | } else if (strcmp(*argv, "ingress") == 0) { |
732f0346 | 561 | if (req.t.tcm_parent) { |
ec2e005f SH |
562 | fprintf(stderr, |
563 | "Error: \"ingress\" is duplicate parent ID\n"); | |
8f9afdd5 DB |
564 | return -1; |
565 | } | |
566 | filter_parent = TC_H_MAKE(TC_H_CLSACT, | |
567 | TC_H_MIN_INGRESS); | |
732f0346 | 568 | req.t.tcm_parent = filter_parent; |
8f9afdd5 | 569 | } else if (strcmp(*argv, "egress") == 0) { |
732f0346 | 570 | if (req.t.tcm_parent) { |
ec2e005f SH |
571 | fprintf(stderr, |
572 | "Error: \"egress\" is duplicate parent ID\n"); | |
8f9afdd5 DB |
573 | return -1; |
574 | } | |
575 | filter_parent = TC_H_MAKE(TC_H_CLSACT, | |
576 | TC_H_MIN_EGRESS); | |
732f0346 | 577 | req.t.tcm_parent = filter_parent; |
aba5acdf SH |
578 | } else if (strcmp(*argv, "parent") == 0) { |
579 | __u32 handle; | |
32a121cb | 580 | |
aba5acdf | 581 | NEXT_ARG(); |
732f0346 | 582 | if (req.t.tcm_parent) |
aba5acdf SH |
583 | duparg("parent", *argv); |
584 | if (get_tc_classid(&handle, *argv)) | |
f1675d61 | 585 | invarg("invalid parent ID", *argv); |
732f0346 | 586 | filter_parent = req.t.tcm_parent = handle; |
aba5acdf SH |
587 | } else if (strcmp(*argv, "handle") == 0) { |
588 | NEXT_ARG(); | |
589 | if (fhandle) | |
590 | duparg("handle", *argv); | |
591 | fhandle = *argv; | |
592 | } else if (matches(*argv, "preference") == 0 || | |
593 | matches(*argv, "priority") == 0) { | |
594 | NEXT_ARG(); | |
595 | if (prio) | |
596 | duparg("priority", *argv); | |
597 | if (get_u32(&prio, *argv, 0)) | |
f1675d61 | 598 | invarg("invalid preference", *argv); |
aba5acdf SH |
599 | filter_prio = prio; |
600 | } else if (matches(*argv, "protocol") == 0) { | |
601 | __u16 res; | |
32a121cb | 602 | |
aba5acdf SH |
603 | NEXT_ARG(); |
604 | if (protocol) | |
605 | duparg("protocol", *argv); | |
606 | if (ll_proto_a2n(&res, *argv)) | |
f1675d61 | 607 | invarg("invalid protocol", *argv); |
aba5acdf SH |
608 | protocol = res; |
609 | filter_protocol = protocol; | |
732f0346 JP |
610 | } else if (matches(*argv, "chain") == 0) { |
611 | NEXT_ARG(); | |
612 | if (filter_chain_index_set) | |
613 | duparg("chain", *argv); | |
614 | if (get_u32(&chain_index, *argv, 0)) | |
615 | invarg("invalid chain index value", *argv); | |
616 | filter_chain_index_set = 1; | |
617 | filter_chain_index = chain_index; | |
aba5acdf SH |
618 | } else if (matches(*argv, "help") == 0) { |
619 | usage(); | |
620 | } else { | |
ec2e005f SH |
621 | fprintf(stderr, |
622 | " What is \"%s\"? Try \"tc filter help\"\n", | |
623 | *argv); | |
024481bb | 624 | return -1; |
aba5acdf SH |
625 | } |
626 | ||
627 | argc--; argv++; | |
628 | } | |
629 | ||
732f0346 | 630 | req.t.tcm_info = TC_H_MAKE(prio<<16, protocol); |
aba5acdf | 631 | |
3d0b7439 | 632 | ll_init_map(&rth); |
aba5acdf SH |
633 | |
634 | if (d[0]) { | |
732f0346 JP |
635 | req.t.tcm_ifindex = ll_name_to_index(d); |
636 | if (req.t.tcm_ifindex == 0) { | |
aba5acdf | 637 | fprintf(stderr, "Cannot find device \"%s\"\n", d); |
024481bb | 638 | return 1; |
aba5acdf | 639 | } |
732f0346 | 640 | filter_ifindex = req.t.tcm_ifindex; |
aba5acdf SH |
641 | } |
642 | ||
732f0346 JP |
643 | if (filter_chain_index_set) |
644 | addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index); | |
645 | ||
646 | if (rtnl_dump_request_n(&rth, &req.n) < 0) { | |
aba5acdf | 647 | perror("Cannot send dump request"); |
024481bb | 648 | return 1; |
aba5acdf SH |
649 | } |
650 | ||
249284ff | 651 | new_json_obj(json); |
3d0b7439 | 652 | if (rtnl_dump_filter(&rth, print_filter, stdout) < 0) { |
aba5acdf | 653 | fprintf(stderr, "Dump terminated\n"); |
024481bb | 654 | return 1; |
aba5acdf | 655 | } |
249284ff | 656 | delete_json_obj(); |
aba5acdf | 657 | |
aba5acdf SH |
658 | return 0; |
659 | } | |
660 | ||
485d0c60 | 661 | int do_filter(int argc, char **argv, void *buf, size_t buflen) |
aba5acdf SH |
662 | { |
663 | if (argc < 1) | |
664 | return tc_filter_list(0, NULL); | |
665 | if (matches(*argv, "add") == 0) | |
120f556d | 666 | return tc_filter_modify(RTM_NEWTFILTER, NLM_F_EXCL|NLM_F_CREATE, |
485d0c60 | 667 | argc-1, argv+1, buf, buflen); |
aba5acdf | 668 | if (matches(*argv, "change") == 0) |
485d0c60 CM |
669 | return tc_filter_modify(RTM_NEWTFILTER, 0, argc-1, argv+1, |
670 | buf, buflen); | |
aba5acdf | 671 | if (matches(*argv, "replace") == 0) |
120f556d | 672 | return tc_filter_modify(RTM_NEWTFILTER, NLM_F_CREATE, argc-1, |
485d0c60 | 673 | argv+1, buf, buflen); |
aba5acdf | 674 | if (matches(*argv, "delete") == 0) |
485d0c60 CM |
675 | return tc_filter_modify(RTM_DELTFILTER, 0, argc-1, argv+1, |
676 | buf, buflen); | |
aba5acdf SH |
677 | if (matches(*argv, "get") == 0) |
678 | return tc_filter_get(RTM_GETTFILTER, 0, argc-1, argv+1); | |
aba5acdf SH |
679 | if (matches(*argv, "list") == 0 || matches(*argv, "show") == 0 |
680 | || matches(*argv, "lst") == 0) | |
681 | return tc_filter_list(argc-1, argv+1); | |
e5d179d8 | 682 | if (matches(*argv, "help") == 0) { |
aba5acdf | 683 | usage(); |
e5d179d8 | 684 | return 0; |
32a121cb | 685 | } |
120f556d JHS |
686 | fprintf(stderr, "Command \"%s\" is unknown, try \"tc filter help\".\n", |
687 | *argv); | |
024481bb | 688 | return -1; |
aba5acdf | 689 | } |