2 * Copyright (C)2006 USAGI/WIDE Project
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see <http://www.gnu.org/licenses>.
19 * Masahide NAKAMURA @USAGI
26 #include <sys/types.h>
27 #include <sys/socket.h>
28 #include <arpa/inet.h>
29 #include <sys/ioctl.h>
32 #include <linux/if_arp.h>
33 #include <linux/if_tunnel.h>
34 #include <linux/ip6_tunnel.h>
38 #include "ip_common.h"
40 #define IP6_FLOWINFO_TCLASS htonl(0x0FF00000)
41 #define IP6_FLOWINFO_FLOWLABEL htonl(0x000FFFFF)
43 #define DEFAULT_TNL_HOP_LIMIT (64)
45 static void usage(void) __attribute__((noreturn
));
47 static void usage(void)
50 "Usage: ip -f inet6 tunnel { add | change | del | show } [ NAME ]\n"
51 " [ mode { ip6ip6 | ipip6 | ip6gre | vti6 | any } ]\n"
52 " [ remote ADDR local ADDR ] [ dev PHYS_DEV ]\n"
53 " [ encaplimit ELIM ]\n"
54 " [ hoplimit TTL ] [ tclass TCLASS ] [ flowlabel FLOWLABEL ]\n"
56 " [ [no]allow-localremote ]\n"
57 " [ [i|o]seq ] [ [i|o]key KEY ] [ [i|o]csum ]\n"
59 "Where: NAME := STRING\n"
60 " ADDR := IPV6_ADDRESS\n"
61 " ELIM := { none | 0..255 }(default=%d)\n"
62 " TTL := 0..255 (default=%d)\n"
63 " TCLASS := { 0x0..0xff | inherit }\n"
64 " FLOWLABEL := { 0x0..0xfffff | inherit }\n"
65 " KEY := { DOTTED_QUAD | NUMBER }\n",
66 IPV6_DEFAULT_TNL_ENCAP_LIMIT
,
67 DEFAULT_TNL_HOP_LIMIT
);
71 static void print_tunnel(const void *t
)
73 const struct ip6_tnl_parm2
*p
= t
;
76 /* Do not use format_host() for local addr,
77 * symbolic name will not be useful.
79 open_json_object(NULL
);
80 print_color_string(PRINT_ANY
, COLOR_IFNAME
, "ifname", "%s: ", p
->name
);
81 snprintf(b1
, sizeof(b1
), "%s/ipv6", tnl_strproto(p
->proto
));
82 print_string(PRINT_ANY
, "mode", "%s ", b1
);
83 print_string(PRINT_FP
, NULL
, "%s", "remote ");
84 print_color_string(PRINT_ANY
, COLOR_INET6
, "remote", "%s ",
85 format_host_r(AF_INET6
, 16, &p
->raddr
, b1
, sizeof(b1
)));
86 print_string(PRINT_FP
, NULL
, "%s", "local ");
87 print_color_string(PRINT_ANY
, COLOR_INET6
, "local", "%s",
88 rt_addr_n2a_r(AF_INET6
, 16, &p
->laddr
, b1
, sizeof(b1
)));
91 const char *n
= ll_index_to_name(p
->link
);
94 print_string(PRINT_ANY
, "link", " dev %s", n
);
97 if (p
->flags
& IP6_TNL_F_IGN_ENCAP_LIMIT
)
98 print_null(PRINT_ANY
, "ip6_tnl_f_ign_encap_limit",
99 " encaplimit none", NULL
);
101 print_uint(PRINT_ANY
, "encap_limit", " encaplimit %u",
105 print_uint(PRINT_ANY
, "hoplimit", " hoplimit %u", p
->hop_limit
);
107 print_string(PRINT_FP
, "hoplimit", " hoplimit %s", "inherit");
109 if (p
->flags
& IP6_TNL_F_USE_ORIG_TCLASS
) {
110 print_null(PRINT_ANY
, "ip6_tnl_f_use_orig_tclass",
111 " tclass inherit", NULL
);
113 __u32 val
= ntohl(p
->flowinfo
& IP6_FLOWINFO_TCLASS
);
115 snprintf(b1
, sizeof(b1
), "0x%02x", (__u8
)(val
>> 20));
116 print_string(PRINT_ANY
, "tclass", " tclass %s", b1
);
119 if (p
->flags
& IP6_TNL_F_USE_ORIG_FLOWLABEL
) {
120 print_null(PRINT_ANY
, "ip6_tnl_f_use_orig_flowlabel",
121 " flowlabel inherit", NULL
);
123 __u32 val
= ntohl(p
->flowinfo
& IP6_FLOWINFO_FLOWLABEL
);
125 snprintf(b1
, sizeof(b1
), "0x%05x", val
);
126 print_string(PRINT_ANY
, "flowlabel", " flowlabel %s", b1
);
129 snprintf(b1
, sizeof(b1
), "0x%08x", ntohl(p
->flowinfo
));
130 print_string(PRINT_ANY
, "flowinfo", " (flowinfo %s)", b1
);
132 if (p
->flags
& IP6_TNL_F_RCV_DSCP_COPY
)
133 print_null(PRINT_ANY
, "ip6_tnl_f_rcv_dscp_copy",
134 " dscp inherit", NULL
);
136 if (p
->flags
& IP6_TNL_F_ALLOW_LOCAL_REMOTE
)
137 print_null(PRINT_ANY
, "ip6_tnl_f_allow_local_remote",
138 " allow-localremote", NULL
);
140 tnl_print_gre_flags(p
->proto
, p
->i_flags
, p
->o_flags
,
146 static int parse_args(int argc
, char **argv
, int cmd
, struct ip6_tnl_parm2
*p
)
149 const char *medium
= NULL
;
152 if (strcmp(*argv
, "mode") == 0) {
154 if (strcmp(*argv
, "ipv6/ipv6") == 0 ||
155 strcmp(*argv
, "ip6ip6") == 0)
156 p
->proto
= IPPROTO_IPV6
;
157 else if (strcmp(*argv
, "vti6") == 0) {
158 p
->proto
= IPPROTO_IPV6
;
159 p
->i_flags
|= VTI_ISVTI
;
160 } else if (strcmp(*argv
, "ip/ipv6") == 0 ||
161 strcmp(*argv
, "ipv4/ipv6") == 0 ||
162 strcmp(*argv
, "ipip6") == 0 ||
163 strcmp(*argv
, "ip4ip6") == 0)
164 p
->proto
= IPPROTO_IPIP
;
165 else if (strcmp(*argv
, "ip6gre") == 0 ||
166 strcmp(*argv
, "gre/ipv6") == 0)
167 p
->proto
= IPPROTO_GRE
;
168 else if (strcmp(*argv
, "any/ipv6") == 0 ||
169 strcmp(*argv
, "any") == 0)
172 fprintf(stderr
, "Unknown tunnel mode \"%s\"\n", *argv
);
175 } else if (strcmp(*argv
, "remote") == 0) {
179 get_addr(&raddr
, *argv
, AF_INET6
);
180 memcpy(&p
->raddr
, &raddr
.data
, sizeof(p
->raddr
));
181 } else if (strcmp(*argv
, "local") == 0) {
185 get_addr(&laddr
, *argv
, AF_INET6
);
186 memcpy(&p
->laddr
, &laddr
.data
, sizeof(p
->laddr
));
187 } else if (strcmp(*argv
, "dev") == 0) {
190 } else if (strcmp(*argv
, "encaplimit") == 0) {
192 if (strcmp(*argv
, "none") == 0) {
193 p
->flags
|= IP6_TNL_F_IGN_ENCAP_LIMIT
;
197 if (get_u8(&uval
, *argv
, 0) < -1)
198 invarg("invalid ELIM", *argv
);
199 p
->encap_limit
= uval
;
200 p
->flags
&= ~IP6_TNL_F_IGN_ENCAP_LIMIT
;
202 } else if (strcmp(*argv
, "hoplimit") == 0 ||
203 strcmp(*argv
, "ttl") == 0 ||
204 strcmp(*argv
, "hlim") == 0) {
208 if (get_u8(&uval
, *argv
, 0))
209 invarg("invalid TTL", *argv
);
211 } else if (strcmp(*argv
, "tclass") == 0 ||
212 strcmp(*argv
, "tc") == 0 ||
213 strcmp(*argv
, "tos") == 0 ||
214 matches(*argv
, "dsfield") == 0) {
218 p
->flowinfo
&= ~IP6_FLOWINFO_TCLASS
;
219 if (strcmp(*argv
, "inherit") == 0)
220 p
->flags
|= IP6_TNL_F_USE_ORIG_TCLASS
;
222 if (get_u8(&uval
, *argv
, 16))
223 invarg("invalid TClass", *argv
);
224 p
->flowinfo
|= htonl((__u32
)uval
<< 20) & IP6_FLOWINFO_TCLASS
;
225 p
->flags
&= ~IP6_TNL_F_USE_ORIG_TCLASS
;
227 } else if (strcmp(*argv
, "flowlabel") == 0 ||
228 strcmp(*argv
, "fl") == 0) {
232 p
->flowinfo
&= ~IP6_FLOWINFO_FLOWLABEL
;
233 if (strcmp(*argv
, "inherit") == 0)
234 p
->flags
|= IP6_TNL_F_USE_ORIG_FLOWLABEL
;
236 if (get_u32(&uval
, *argv
, 16))
237 invarg("invalid Flowlabel", *argv
);
239 invarg("invalid Flowlabel", *argv
);
240 p
->flowinfo
|= htonl(uval
) & IP6_FLOWINFO_FLOWLABEL
;
241 p
->flags
&= ~IP6_TNL_F_USE_ORIG_FLOWLABEL
;
243 } else if (strcmp(*argv
, "dscp") == 0) {
245 if (strcmp(*argv
, "inherit") != 0)
246 invarg("not inherit", *argv
);
247 p
->flags
|= IP6_TNL_F_RCV_DSCP_COPY
;
248 } else if (strcmp(*argv
, "allow-localremote") == 0) {
249 p
->flags
|= IP6_TNL_F_ALLOW_LOCAL_REMOTE
;
250 } else if (strcmp(*argv
, "noallow-localremote") == 0) {
251 p
->flags
&= ~IP6_TNL_F_ALLOW_LOCAL_REMOTE
;
252 } else if (strcmp(*argv
, "key") == 0) {
254 p
->i_flags
|= GRE_KEY
;
255 p
->o_flags
|= GRE_KEY
;
256 p
->i_key
= p
->o_key
= tnl_parse_key("key", *argv
);
257 } else if (strcmp(*argv
, "ikey") == 0) {
259 p
->i_flags
|= GRE_KEY
;
260 p
->i_key
= tnl_parse_key("ikey", *argv
);
261 } else if (strcmp(*argv
, "okey") == 0) {
263 p
->o_flags
|= GRE_KEY
;
264 p
->o_key
= tnl_parse_key("okey", *argv
);
265 } else if (strcmp(*argv
, "seq") == 0) {
266 p
->i_flags
|= GRE_SEQ
;
267 p
->o_flags
|= GRE_SEQ
;
268 } else if (strcmp(*argv
, "iseq") == 0) {
269 p
->i_flags
|= GRE_SEQ
;
270 } else if (strcmp(*argv
, "oseq") == 0) {
271 p
->o_flags
|= GRE_SEQ
;
272 } else if (strcmp(*argv
, "csum") == 0) {
273 p
->i_flags
|= GRE_CSUM
;
274 p
->o_flags
|= GRE_CSUM
;
275 } else if (strcmp(*argv
, "icsum") == 0) {
276 p
->i_flags
|= GRE_CSUM
;
277 } else if (strcmp(*argv
, "ocsum") == 0) {
278 p
->o_flags
|= GRE_CSUM
;
280 if (strcmp(*argv
, "name") == 0) {
282 } else if (matches(*argv
, "help") == 0)
285 duparg2("name", *argv
);
286 if (get_ifname(p
->name
, *argv
))
287 invarg("\"name\" not a valid ifname", *argv
);
288 if (cmd
== SIOCCHGTUNNEL
&& count
== 0) {
289 struct ip6_tnl_parm2 old_p
= {};
291 if (tnl_get_ioctl(*argv
, &old_p
))
300 p
->link
= ll_name_to_index(medium
);
302 return nodev(medium
);
307 static void ip6_tnl_parm_init(struct ip6_tnl_parm2
*p
, int apply_default
)
309 memset(p
, 0, sizeof(*p
));
310 p
->proto
= IPPROTO_IPV6
;
312 p
->hop_limit
= DEFAULT_TNL_HOP_LIMIT
;
313 p
->encap_limit
= IPV6_DEFAULT_TNL_ENCAP_LIMIT
;
317 static void ip6_tnl_parm_initialize(const struct tnl_print_nlmsg_info
*info
)
319 const struct ifinfomsg
*ifi
= info
->ifi
;
320 const struct ip6_tnl_parm2
*p1
= info
->p1
;
321 struct ip6_tnl_parm2
*p2
= info
->p2
;
323 ip6_tnl_parm_init(p2
, 0);
324 if (ifi
->ifi_type
== ARPHRD_IP6GRE
)
325 p2
->proto
= IPPROTO_GRE
;
326 p2
->link
= ifi
->ifi_index
;
327 strcpy(p2
->name
, p1
->name
);
330 static bool ip6_tnl_parm_match(const struct tnl_print_nlmsg_info
*info
)
332 const struct ip6_tnl_parm2
*p1
= info
->p1
;
333 const struct ip6_tnl_parm2
*p2
= info
->p2
;
335 return ((!p1
->link
|| p1
->link
== p2
->link
) &&
336 (!p1
->name
[0] || strcmp(p1
->name
, p2
->name
) == 0) &&
337 (IN6_IS_ADDR_UNSPECIFIED(&p1
->laddr
) ||
338 IN6_ARE_ADDR_EQUAL(&p1
->laddr
, &p2
->laddr
)) &&
339 (IN6_IS_ADDR_UNSPECIFIED(&p1
->raddr
) ||
340 IN6_ARE_ADDR_EQUAL(&p1
->raddr
, &p2
->raddr
)) &&
341 (!p1
->proto
|| !p2
->proto
|| p1
->proto
== p2
->proto
) &&
342 (!p1
->encap_limit
|| p1
->encap_limit
== p2
->encap_limit
) &&
343 (!p1
->hop_limit
|| p1
->hop_limit
== p2
->hop_limit
) &&
344 (!(p1
->flowinfo
& IP6_FLOWINFO_TCLASS
) ||
345 !((p1
->flowinfo
^ p2
->flowinfo
) & IP6_FLOWINFO_TCLASS
)) &&
346 (!(p1
->flowinfo
& IP6_FLOWINFO_FLOWLABEL
) ||
347 !((p1
->flowinfo
^ p2
->flowinfo
) & IP6_FLOWINFO_FLOWLABEL
)) &&
348 (!p1
->flags
|| (p1
->flags
& p2
->flags
)));
351 static int do_show(int argc
, char **argv
)
353 struct ip6_tnl_parm2 p
, p1
;
355 ip6_tnl_parm_init(&p
, 0);
356 p
.proto
= 0; /* default to any */
358 if (parse_args(argc
, argv
, SIOCGETTUNNEL
, &p
) < 0)
361 if (!p
.name
[0] || show_stats
) {
362 struct tnl_print_nlmsg_info info
= {
365 .init
= ip6_tnl_parm_initialize
,
366 .match
= ip6_tnl_parm_match
,
367 .print
= print_tunnel
,
370 return do_tunnels_list(&info
);
373 if (tnl_get_ioctl(p
.name
, &p
))
380 static int do_add(int cmd
, int argc
, char **argv
)
382 struct ip6_tnl_parm2 p
;
383 const char *basedev
= "ip6tnl0";
385 ip6_tnl_parm_init(&p
, 1);
387 if (parse_args(argc
, argv
, cmd
, &p
) < 0)
391 fprintf(stderr
, "Tunnel interface name not specified\n");
393 if (p
.proto
== IPPROTO_GRE
)
395 else if (p
.i_flags
& VTI_ISVTI
)
396 basedev
= "ip6_vti0";
398 return tnl_add_ioctl(cmd
, basedev
, p
.name
, &p
);
401 static int do_del(int argc
, char **argv
)
403 struct ip6_tnl_parm2 p
;
404 const char *basedev
= "ip6tnl0";
406 ip6_tnl_parm_init(&p
, 1);
408 if (parse_args(argc
, argv
, SIOCDELTUNNEL
, &p
) < 0)
411 if (p
.proto
== IPPROTO_GRE
)
413 else if (p
.i_flags
& VTI_ISVTI
)
414 basedev
= "ip6_vti0";
416 return tnl_del_ioctl(basedev
, p
.name
, &p
);
419 int do_ip6tunnel(int argc
, char **argv
)
421 switch (preferred_family
) {
423 preferred_family
= AF_INET6
;
428 fprintf(stderr
, "Unsupported protocol family: %d\n", preferred_family
);
433 if (matches(*argv
, "add") == 0)
434 return do_add(SIOCADDTUNNEL
, argc
- 1, argv
+ 1);
435 if (matches(*argv
, "change") == 0)
436 return do_add(SIOCCHGTUNNEL
, argc
- 1, argv
+ 1);
437 if (matches(*argv
, "delete") == 0)
438 return do_del(argc
- 1, argv
+ 1);
439 if (matches(*argv
, "show") == 0 ||
440 matches(*argv
, "lst") == 0 ||
441 matches(*argv
, "list") == 0)
442 return do_show(argc
- 1, argv
+ 1);
443 if (matches(*argv
, "help") == 0)
446 return do_show(0, NULL
);
448 fprintf(stderr
, "Command \"%s\" is unknown, try \"ip -f inet6 tunnel help\".\n", *argv
);