]>
Commit | Line | Data |
---|---|---|
942bf97b | 1 | /* |
2 | * Zebra Policy Based Routing (PBR) Data structures and definitions | |
3 | * These are public definitions referenced by multiple files. | |
4 | * Copyright (C) 2018 Cumulus Networks, Inc. | |
5 | * | |
6 | * This file is part of FRR. | |
7 | * | |
8 | * FRR is free software; you can redistribute it and/or modify it | |
9 | * under the terms of the GNU General Public License as published by the | |
10 | * Free Software Foundation; either version 2, or (at your option) any | |
11 | * later version. | |
12 | * | |
13 | * FRR is distributed in the hope that it will be useful, but | |
14 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | * General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with FRR; see the file COPYING. If not, write to the Free | |
20 | * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA | |
21 | * 02111-1307, USA. | |
22 | */ | |
23 | ||
24 | #ifndef _ZEBRA_PBR_H | |
25 | #define _ZEBRA_PBR_H | |
26 | ||
27 | #include <zebra.h> | |
28 | ||
29 | #include "prefix.h" | |
30 | #include "if.h" | |
b6c5d343 | 31 | |
942bf97b | 32 | #include "rt.h" |
33 | ||
34 | /* | |
35 | * A PBR filter | |
36 | * | |
37 | * The filter or match criteria in a PBR rule. | |
38 | * For simplicity, all supported filters are grouped into a structure rather | |
39 | * than delineating further. A bitmask denotes which filters are actually | |
40 | * specified. | |
41 | */ | |
42 | struct zebra_pbr_filter { | |
fd71d73e | 43 | uint32_t filter_bm; |
942bf97b | 44 | #define PBR_FILTER_SRC_IP (1 << 0) |
45 | #define PBR_FILTER_DST_IP (1 << 1) | |
46 | #define PBR_FILTER_SRC_PORT (1 << 2) | |
47 | #define PBR_FILTER_DST_PORT (1 << 3) | |
48 | ||
49 | /* Source and Destination IP address with masks. */ | |
50 | struct prefix src_ip; | |
51 | struct prefix dst_ip; | |
52 | ||
53 | /* Source and Destination higher-layer (TCP/UDP) port numbers. */ | |
fd71d73e DS |
54 | uint16_t src_port; |
55 | uint16_t dst_port; | |
942bf97b | 56 | }; |
57 | ||
58 | #define IS_RULE_FILTERING_ON_SRC_IP(r) \ | |
59 | (r->filter.filter_bm & PBR_FILTER_SRC_IP) | |
60 | #define IS_RULE_FILTERING_ON_DST_IP(r) \ | |
61 | (r->filter.filter_bm & PBR_FILTER_DST_IP) | |
62 | #define IS_RULE_FILTERING_ON_SRC_PORT(r) \ | |
63 | (r->filter.filter_bm & PBR_FILTER_SRC_PORT) | |
64 | #define IS_RULE_FILTERING_ON_DST_PORT(r) \ | |
65 | (r->filter.filter_bm & PBR_FILTER_DST_PORT) | |
66 | ||
67 | /* | |
68 | * A PBR action | |
69 | * | |
70 | * The action corresponding to a PBR rule. | |
71 | * While the user specifies the action in a particular way, the forwarding | |
72 | * plane implementation (Linux only) requires that to be encoded into a | |
73 | * route table and the rule then point to that route table; in some cases, | |
74 | * the user criteria may directly point to a table too. | |
75 | */ | |
76 | struct zebra_pbr_action { | |
fd71d73e | 77 | uint32_t table; |
942bf97b | 78 | }; |
79 | ||
80 | /* | |
81 | * A PBR rule | |
82 | * | |
83 | * This is a combination of the filter criteria and corresponding action. | |
84 | * Rules also have a user-defined sequence number which defines the relative | |
85 | * order amongst rules. | |
86 | */ | |
87 | struct zebra_pbr_rule { | |
b6c5d343 DS |
88 | /* |
89 | * Originating zclient sock fd, so we can know who to send | |
90 | * back to. | |
91 | */ | |
92 | int sock; | |
93 | ||
fd71d73e DS |
94 | uint32_t seq; |
95 | uint32_t priority; | |
a0321978 | 96 | struct interface *ifp; |
b6c5d343 | 97 | uint32_t unique; |
942bf97b | 98 | struct zebra_pbr_filter filter; |
99 | struct zebra_pbr_action action; | |
100 | }; | |
101 | ||
a0321978 DS |
102 | void zebra_pbr_add_rule(struct zebra_ns *zns, struct zebra_pbr_rule *rule); |
103 | void zebra_pbr_del_rule(struct zebra_ns *zns, struct zebra_pbr_rule *rule); | |
942bf97b | 104 | |
105 | /* | |
106 | * Install specified rule for a specific interface. | |
107 | * It is possible that the user-defined sequence number and the one in the | |
108 | * forwarding plane may not coincide, hence the API requires a separate | |
109 | * rule priority - maps to preference/FRA_PRIORITY on Linux. | |
110 | */ | |
a0321978 | 111 | extern void kernel_add_pbr_rule(struct zebra_pbr_rule *rule); |
942bf97b | 112 | |
113 | /* | |
114 | * Uninstall specified rule for a specific interface. | |
115 | */ | |
a0321978 | 116 | extern void kernel_del_pbr_rule(struct zebra_pbr_rule *rule); |
942bf97b | 117 | |
118 | /* | |
119 | * Get to know existing PBR rules in the kernel - typically called at startup. | |
120 | */ | |
121 | extern void kernel_read_pbr_rules(struct zebra_ns *zns); | |
122 | ||
b6c5d343 | 123 | enum southbound_results; |
942bf97b | 124 | /* |
125 | * Handle success or failure of rule (un)install in the kernel. | |
126 | */ | |
127 | extern void kernel_pbr_rule_add_del_status(struct zebra_pbr_rule *rule, | |
942bf97b | 128 | enum southbound_results res); |
129 | ||
130 | /* | |
131 | * Handle rule delete notification from kernel. | |
132 | */ | |
a0321978 | 133 | extern int kernel_pbr_rule_del(struct zebra_pbr_rule *rule); |
942bf97b | 134 | |
43fe6a2a DS |
135 | extern void zebra_pbr_rules_free(void *arg); |
136 | extern uint32_t zebra_pbr_rules_hash_key(void *arg); | |
137 | extern int zebra_pbr_rules_hash_equal(const void *arg1, const void *arg2); | |
942bf97b | 138 | #endif /* _ZEBRA_PBR_H */ |