projects / mirror_frr.git / blame
| Commit | Line | Data |
|---|---|---|
| 942bf97b | 1 | /* |
| 2 | * Zebra Policy Based Routing (PBR) Data structures and definitions | |
| 3 | * These are public definitions referenced by multiple files. | |
| 4 | * Copyright (C) 2018 Cumulus Networks, Inc. | |
| 5 | * | |
| 6 | * This file is part of FRR. | |
| 7 | * | |
| 8 | * FRR is free software; you can redistribute it and/or modify it | |
| 9 | * under the terms of the GNU General Public License as published by the | |
| 10 | * Free Software Foundation; either version 2, or (at your option) any | |
| 11 | * later version. | |
| 12 | * | |
| 13 | * FRR is distributed in the hope that it will be useful, but | |
| 14 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
| 16 | * General Public License for more details. | |
| 17 | * | |
| 18 | * You should have received a copy of the GNU General Public License | |
| 19 | * along with FRR; see the file COPYING. If not, write to the Free | |
| 20 | * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA | |
| 21 | * 02111-1307, USA. | |
| 22 | */ | |
| 23 | ||
| 24 | #ifndef _ZEBRA_PBR_H | |
| 25 | #define _ZEBRA_PBR_H | |
| 26 | ||
| 27 | #include <zebra.h> | |
| 28 | ||
| 29 | #include "prefix.h" | |
| 30 | #include "if.h" | |
| 31 | #include "rt.h" | |
| 32 | ||
| 33 | /* | |
| 34 | * A PBR filter | |
| 35 | * | |
| 36 | * The filter or match criteria in a PBR rule. | |
| 37 | * For simplicity, all supported filters are grouped into a structure rather | |
| 38 | * than delineating further. A bitmask denotes which filters are actually | |
| 39 | * specified. | |
| 40 | */ | |
| 41 | struct zebra_pbr_filter { | |
| fd71d73e | 42 | uint32_t filter_bm; |
| 942bf97b | 43 | #define PBR_FILTER_SRC_IP (1 << 0) |
| 44 | #define PBR_FILTER_DST_IP (1 << 1) | |
| 45 | #define PBR_FILTER_SRC_PORT (1 << 2) | |
| 46 | #define PBR_FILTER_DST_PORT (1 << 3) | |
| 47 | ||
| 48 | /* Source and Destination IP address with masks. */ | |
| 49 | struct prefix src_ip; | |
| 50 | struct prefix dst_ip; | |
| 51 | ||
| 52 | /* Source and Destination higher-layer (TCP/UDP) port numbers. */ | |
| fd71d73e DS |
53 | uint16_t src_port; |
| 54 | uint16_t dst_port; | |
| 942bf97b | 55 | }; |
| 56 | ||
| 57 | #define IS_RULE_FILTERING_ON_SRC_IP(r) \ | |
| 58 | (r->filter.filter_bm & PBR_FILTER_SRC_IP) | |
| 59 | #define IS_RULE_FILTERING_ON_DST_IP(r) \ | |
| 60 | (r->filter.filter_bm & PBR_FILTER_DST_IP) | |
| 61 | #define IS_RULE_FILTERING_ON_SRC_PORT(r) \ | |
| 62 | (r->filter.filter_bm & PBR_FILTER_SRC_PORT) | |
| 63 | #define IS_RULE_FILTERING_ON_DST_PORT(r) \ | |
| 64 | (r->filter.filter_bm & PBR_FILTER_DST_PORT) | |
| 65 | ||
| 66 | /* | |
| 67 | * A PBR action | |
| 68 | * | |
| 69 | * The action corresponding to a PBR rule. | |
| 70 | * While the user specifies the action in a particular way, the forwarding | |
| 71 | * plane implementation (Linux only) requires that to be encoded into a | |
| 72 | * route table and the rule then point to that route table; in some cases, | |
| 73 | * the user criteria may directly point to a table too. | |
| 74 | */ | |
| 75 | struct zebra_pbr_action { | |
| fd71d73e | 76 | uint32_t table; |
| 942bf97b | 77 | }; |
| 78 | ||
| 79 | /* | |
| 80 | * A PBR rule | |
| 81 | * | |
| 82 | * This is a combination of the filter criteria and corresponding action. | |
| 83 | * Rules also have a user-defined sequence number which defines the relative | |
| 84 | * order amongst rules. | |
| 85 | */ | |
| 86 | struct zebra_pbr_rule { | |
| fd71d73e DS |
87 | uint32_t seq; |
| 88 | uint32_t priority; | |
| 942bf97b | 89 | struct zebra_pbr_filter filter; |
| 90 | struct zebra_pbr_action action; | |
| 91 | }; | |
| 92 | ||
| 1fbfe5a5 DS |
93 | void zebra_pbr_add_rule(struct zebra_pbr_rule *rule, struct interface *ifp); |
| 94 | void zebra_pbr_del_rule(struct zebra_pbr_rule *rule, struct interface *ifp); | |
| 942bf97b | 95 | |
| 96 | /* | |
| 97 | * Install specified rule for a specific interface. | |
| 98 | * It is possible that the user-defined sequence number and the one in the | |
| 99 | * forwarding plane may not coincide, hence the API requires a separate | |
| 100 | * rule priority - maps to preference/FRA_PRIORITY on Linux. | |
| 101 | */ | |
| 102 | extern void kernel_add_pbr_rule(struct zebra_pbr_rule *rule, | |
| fd71d73e | 103 | struct interface *ifp); |
| 942bf97b | 104 | |
| 105 | /* | |
| 106 | * Uninstall specified rule for a specific interface. | |
| 107 | */ | |
| 108 | extern void kernel_del_pbr_rule(struct zebra_pbr_rule *rule, | |
| fd71d73e | 109 | struct interface *ifp); |
| 942bf97b | 110 | |
| 111 | /* | |
| 112 | * Get to know existing PBR rules in the kernel - typically called at startup. | |
| 113 | */ | |
| 114 | extern void kernel_read_pbr_rules(struct zebra_ns *zns); | |
| 115 | ||
| 116 | /* | |
| 117 | * Handle success or failure of rule (un)install in the kernel. | |
| 118 | */ | |
| 119 | extern void kernel_pbr_rule_add_del_status(struct zebra_pbr_rule *rule, | |
| 120 | struct interface *ifp, | |
| 942bf97b | 121 | enum southbound_results res); |
| 122 | ||
| 123 | /* | |
| 124 | * Handle rule delete notification from kernel. | |
| 125 | */ | |
| 126 | extern int kernel_pbr_rule_del(struct zebra_pbr_rule *rule, | |
| fd71d73e | 127 | struct interface *ifp); |
| 942bf97b | 128 | |
| 129 | #endif /* _ZEBRA_PBR_H */ |