]>
git.proxmox.com Git - mirror_iproute2.git/blob - ip/iptunnel.c
2 * iptunnel.c "ip tunnel"
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
14 * Rani Assaf <rani@magic.metawire.com> 980929: resolve addresses
15 * Rani Assaf <rani@magic.metawire.com> 980930: do not allow key for ipip/sit
16 * Phil Karn <karn@ka9q.ampr.org> 990408: "pmtudisc" flag
25 #include <sys/socket.h>
26 #include <netinet/in.h>
27 #include <arpa/inet.h>
28 #include <sys/ioctl.h>
30 #include <linux/if_arp.h>
32 #include <linux/if_tunnel.h>
37 static void usage(void) __attribute__((noreturn
));
39 static void usage(void)
41 fprintf(stderr
, "Usage: ip tunnel { add | change | del | show } [ NAME ]\n");
42 fprintf(stderr
, " [ mode { ipip | gre | sit } ] [ remote ADDR ] [ local ADDR ]\n");
43 fprintf(stderr
, " [ [i|o]seq ] [ [i|o]key KEY ] [ [i|o]csum ]\n");
44 fprintf(stderr
, " [ ttl TTL ] [ tos TOS ] [ [no]pmtudisc ] [ dev PHYS_DEV ]\n");
45 fprintf(stderr
, "\n");
46 fprintf(stderr
, "Where: NAME := STRING\n");
47 fprintf(stderr
, " ADDR := { IP_ADDRESS | any }\n");
48 fprintf(stderr
, " TOS := { NUMBER | inherit }\n");
49 fprintf(stderr
, " TTL := { 1..255 | inherit }\n");
50 fprintf(stderr
, " KEY := { DOTTED_QUAD | NUMBER }\n");
54 static int do_ioctl_get_ifindex(const char *dev
)
60 strncpy(ifr
.ifr_name
, dev
, IFNAMSIZ
);
61 fd
= socket(AF_INET
, SOCK_DGRAM
, 0);
62 err
= ioctl(fd
, SIOCGIFINDEX
, &ifr
);
68 return ifr
.ifr_ifindex
;
71 static int do_ioctl_get_iftype(const char *dev
)
77 strncpy(ifr
.ifr_name
, dev
, IFNAMSIZ
);
78 fd
= socket(AF_INET
, SOCK_DGRAM
, 0);
79 err
= ioctl(fd
, SIOCGIFHWADDR
, &ifr
);
85 return ifr
.ifr_addr
.sa_family
;
89 static char * do_ioctl_get_ifname(int idx
)
91 static struct ifreq ifr
;
95 ifr
.ifr_ifindex
= idx
;
96 fd
= socket(AF_INET
, SOCK_DGRAM
, 0);
97 err
= ioctl(fd
, SIOCGIFNAME
, &ifr
);
107 static int do_get_ioctl(const char *basedev
, struct ip_tunnel_parm
*p
)
113 strncpy(ifr
.ifr_name
, basedev
, IFNAMSIZ
);
114 ifr
.ifr_ifru
.ifru_data
= (void*)p
;
115 fd
= socket(AF_INET
, SOCK_DGRAM
, 0);
116 err
= ioctl(fd
, SIOCGETTUNNEL
, &ifr
);
123 static int do_add_ioctl(int cmd
, const char *basedev
, struct ip_tunnel_parm
*p
)
129 if (cmd
== SIOCCHGTUNNEL
&& p
->name
[0])
130 strncpy(ifr
.ifr_name
, p
->name
, IFNAMSIZ
);
132 strncpy(ifr
.ifr_name
, basedev
, IFNAMSIZ
);
133 ifr
.ifr_ifru
.ifru_data
= (void*)p
;
134 fd
= socket(AF_INET
, SOCK_DGRAM
, 0);
135 err
= ioctl(fd
, cmd
, &ifr
);
142 static int do_del_ioctl(const char *basedev
, struct ip_tunnel_parm
*p
)
149 strncpy(ifr
.ifr_name
, p
->name
, IFNAMSIZ
);
151 strncpy(ifr
.ifr_name
, basedev
, IFNAMSIZ
);
152 ifr
.ifr_ifru
.ifru_data
= (void*)p
;
153 fd
= socket(AF_INET
, SOCK_DGRAM
, 0);
154 err
= ioctl(fd
, SIOCDELTUNNEL
, &ifr
);
161 static int parse_args(int argc
, char **argv
, int cmd
, struct ip_tunnel_parm
*p
)
164 char medium
[IFNAMSIZ
];
166 memset(p
, 0, sizeof(*p
));
167 memset(&medium
, 0, sizeof(medium
));
172 #define IP_DF 0x4000 /* Flag: "Don't Fragment" */
174 p
->iph
.frag_off
= htons(IP_DF
);
177 if (strcmp(*argv
, "mode") == 0) {
179 if (strcmp(*argv
, "ipip") == 0 ||
180 strcmp(*argv
, "ip/ip") == 0) {
181 if (p
->iph
.protocol
&& p
->iph
.protocol
!= IPPROTO_IPIP
) {
182 fprintf(stderr
,"You managed to ask for more than one tunnel mode.\n");
185 p
->iph
.protocol
= IPPROTO_IPIP
;
186 } else if (strcmp(*argv
, "gre") == 0 ||
187 strcmp(*argv
, "gre/ip") == 0) {
188 if (p
->iph
.protocol
&& p
->iph
.protocol
!= IPPROTO_GRE
) {
189 fprintf(stderr
,"You managed to ask for more than one tunnel mode.\n");
192 p
->iph
.protocol
= IPPROTO_GRE
;
193 } else if (strcmp(*argv
, "sit") == 0 ||
194 strcmp(*argv
, "ipv6/ip") == 0) {
195 if (p
->iph
.protocol
&& p
->iph
.protocol
!= IPPROTO_IPV6
) {
196 fprintf(stderr
,"You managed to ask for more than one tunnel mode.\n");
199 p
->iph
.protocol
= IPPROTO_IPV6
;
201 fprintf(stderr
,"Cannot guess tunnel mode.\n");
204 } else if (strcmp(*argv
, "key") == 0) {
207 p
->i_flags
|= GRE_KEY
;
208 p
->o_flags
|= GRE_KEY
;
209 if (strchr(*argv
, '.'))
210 p
->i_key
= p
->o_key
= get_addr32(*argv
);
212 if (get_unsigned(&uval
, *argv
, 0)<0) {
213 fprintf(stderr
, "invalid value of \"key\"\n");
216 p
->i_key
= p
->o_key
= htonl(uval
);
218 } else if (strcmp(*argv
, "ikey") == 0) {
221 p
->i_flags
|= GRE_KEY
;
222 if (strchr(*argv
, '.'))
223 p
->o_key
= get_addr32(*argv
);
225 if (get_unsigned(&uval
, *argv
, 0)<0) {
226 fprintf(stderr
, "invalid value of \"ikey\"\n");
229 p
->i_key
= htonl(uval
);
231 } else if (strcmp(*argv
, "okey") == 0) {
234 p
->o_flags
|= GRE_KEY
;
235 if (strchr(*argv
, '.'))
236 p
->o_key
= get_addr32(*argv
);
238 if (get_unsigned(&uval
, *argv
, 0)<0) {
239 fprintf(stderr
, "invalid value of \"okey\"\n");
242 p
->o_key
= htonl(uval
);
244 } else if (strcmp(*argv
, "seq") == 0) {
245 p
->i_flags
|= GRE_SEQ
;
246 p
->o_flags
|= GRE_SEQ
;
247 } else if (strcmp(*argv
, "iseq") == 0) {
248 p
->i_flags
|= GRE_SEQ
;
249 } else if (strcmp(*argv
, "oseq") == 0) {
250 p
->o_flags
|= GRE_SEQ
;
251 } else if (strcmp(*argv
, "csum") == 0) {
252 p
->i_flags
|= GRE_CSUM
;
253 p
->o_flags
|= GRE_CSUM
;
254 } else if (strcmp(*argv
, "icsum") == 0) {
255 p
->i_flags
|= GRE_CSUM
;
256 } else if (strcmp(*argv
, "ocsum") == 0) {
257 p
->o_flags
|= GRE_CSUM
;
258 } else if (strcmp(*argv
, "nopmtudisc") == 0) {
260 } else if (strcmp(*argv
, "pmtudisc") == 0) {
261 p
->iph
.frag_off
= htons(IP_DF
);
262 } else if (strcmp(*argv
, "remote") == 0) {
264 if (strcmp(*argv
, "any"))
265 p
->iph
.daddr
= get_addr32(*argv
);
266 } else if (strcmp(*argv
, "local") == 0) {
268 if (strcmp(*argv
, "any"))
269 p
->iph
.saddr
= get_addr32(*argv
);
270 } else if (strcmp(*argv
, "dev") == 0) {
272 strncpy(medium
, *argv
, IFNAMSIZ
-1);
273 } else if (strcmp(*argv
, "ttl") == 0) {
276 if (strcmp(*argv
, "inherit") != 0) {
277 if (get_unsigned(&uval
, *argv
, 0))
278 invarg("invalid TTL\n", *argv
);
280 invarg("TTL must be <=255\n", *argv
);
283 } else if (strcmp(*argv
, "tos") == 0 ||
284 matches(*argv
, "dsfield") == 0) {
287 if (strcmp(*argv
, "inherit") != 0) {
288 if (rtnl_dsfield_a2n(&uval
, *argv
))
289 invarg("bad TOS value", *argv
);
294 if (strcmp(*argv
, "name") == 0) {
297 if (matches(*argv
, "help") == 0)
300 duparg2("name", *argv
);
301 strncpy(p
->name
, *argv
, IFNAMSIZ
);
302 if (cmd
== SIOCCHGTUNNEL
&& count
== 0) {
303 struct ip_tunnel_parm old_p
;
304 memset(&old_p
, 0, sizeof(old_p
));
305 if (do_get_ioctl(*argv
, &old_p
))
315 if (p
->iph
.protocol
== 0) {
316 if (memcmp(p
->name
, "gre", 3) == 0)
317 p
->iph
.protocol
= IPPROTO_GRE
;
318 else if (memcmp(p
->name
, "ipip", 4) == 0)
319 p
->iph
.protocol
= IPPROTO_IPIP
;
320 else if (memcmp(p
->name
, "sit", 3) == 0)
321 p
->iph
.protocol
= IPPROTO_IPV6
;
324 if (p
->iph
.protocol
== IPPROTO_IPIP
|| p
->iph
.protocol
== IPPROTO_IPV6
) {
325 if ((p
->i_flags
& GRE_KEY
) || (p
->o_flags
& GRE_KEY
)) {
326 fprintf(stderr
, "Keys are not allowed with ipip and sit.\n");
332 p
->link
= do_ioctl_get_ifindex(medium
);
337 if (p
->i_key
== 0 && IN_MULTICAST(ntohl(p
->iph
.daddr
))) {
338 p
->i_key
= p
->iph
.daddr
;
339 p
->i_flags
|= GRE_KEY
;
341 if (p
->o_key
== 0 && IN_MULTICAST(ntohl(p
->iph
.daddr
))) {
342 p
->o_key
= p
->iph
.daddr
;
343 p
->o_flags
|= GRE_KEY
;
345 if (IN_MULTICAST(ntohl(p
->iph
.daddr
)) && !p
->iph
.saddr
) {
346 fprintf(stderr
, "Broadcast tunnel requires a source address.\n");
353 static int do_add(int cmd
, int argc
, char **argv
)
355 struct ip_tunnel_parm p
;
357 if (parse_args(argc
, argv
, cmd
, &p
) < 0)
360 if (p
.iph
.ttl
&& p
.iph
.frag_off
== 0) {
361 fprintf(stderr
, "ttl != 0 and noptmudisc are incompatible\n");
365 switch (p
.iph
.protocol
) {
367 return do_add_ioctl(cmd
, "tunl0", &p
);
369 return do_add_ioctl(cmd
, "gre0", &p
);
371 return do_add_ioctl(cmd
, "sit0", &p
);
373 fprintf(stderr
, "cannot determine tunnel mode (ipip, gre or sit)\n");
379 int do_del(int argc
, char **argv
)
381 struct ip_tunnel_parm p
;
383 if (parse_args(argc
, argv
, SIOCDELTUNNEL
, &p
) < 0)
386 switch (p
.iph
.protocol
) {
388 return do_del_ioctl("tunl0", &p
);
390 return do_del_ioctl("gre0", &p
);
392 return do_del_ioctl("sit0", &p
);
394 return do_del_ioctl(p
.name
, &p
);
399 void print_tunnel(struct ip_tunnel_parm
*p
)
406 inet_ntop(AF_INET
, &p
->i_key
, s3
, sizeof(s3
));
407 inet_ntop(AF_INET
, &p
->o_key
, s4
, sizeof(s4
));
409 /* Do not use format_host() for local addr,
410 * symbolic name will not be useful.
412 printf("%s: %s/ip remote %s local %s ",
414 p
->iph
.protocol
== IPPROTO_IPIP
? "ip" :
415 (p
->iph
.protocol
== IPPROTO_GRE
? "gre" :
416 (p
->iph
.protocol
== IPPROTO_IPV6
? "ipv6" : "unknown")),
417 p
->iph
.daddr
? format_host(AF_INET
, 4, &p
->iph
.daddr
, s1
, sizeof(s1
)) : "any",
418 p
->iph
.saddr
? rt_addr_n2a(AF_INET
, 4, &p
->iph
.saddr
, s2
, sizeof(s2
)) : "any");
421 char *n
= do_ioctl_get_ifname(p
->link
);
423 printf(" dev %s ", n
);
427 printf(" ttl %d ", p
->iph
.ttl
);
429 printf(" ttl inherit ");
437 printf("%c%s ", p
->iph
.tos
&1 ? '/' : ' ',
438 rtnl_dsfield_n2a(p
->iph
.tos
&~1, b1
, sizeof(b1
)));
441 if (!(p
->iph
.frag_off
&htons(IP_DF
)))
442 printf(" nopmtudisc");
444 if ((p
->i_flags
&GRE_KEY
) && (p
->o_flags
&GRE_KEY
) && p
->o_key
== p
->i_key
)
445 printf(" key %s", s3
);
446 else if ((p
->i_flags
|p
->o_flags
)&GRE_KEY
) {
447 if (p
->i_flags
&GRE_KEY
)
448 printf(" ikey %s ", s3
);
449 if (p
->o_flags
&GRE_KEY
)
450 printf(" okey %s ", s4
);
453 if (p
->i_flags
&GRE_SEQ
)
454 printf("%s Drop packets out of sequence.\n", _SL_
);
455 if (p
->i_flags
&GRE_CSUM
)
456 printf("%s Checksum in received packet is required.", _SL_
);
457 if (p
->o_flags
&GRE_SEQ
)
458 printf("%s Sequence packets on output.", _SL_
);
459 if (p
->o_flags
&GRE_CSUM
)
460 printf("%s Checksum output packets.", _SL_
);
463 static int do_tunnels_list(struct ip_tunnel_parm
*p
)
466 unsigned long rx_bytes
, rx_packets
, rx_errs
, rx_drops
,
468 tx_bytes
, tx_packets
, tx_errs
, tx_drops
,
469 tx_fifo
, tx_colls
, tx_carrier
, rx_multi
;
471 struct ip_tunnel_parm p1
;
474 FILE *fp
= fopen("/proc/net/dev", "r");
480 fgets(buf
, sizeof(buf
), fp
);
481 fgets(buf
, sizeof(buf
), fp
);
483 while (fgets(buf
, sizeof(buf
), fp
) != NULL
) {
485 buf
[sizeof(buf
) - 1] = 0;
486 if ((ptr
= strchr(buf
, ':')) == NULL
||
487 (*ptr
++ = 0, sscanf(buf
, "%s", name
) != 1)) {
488 fprintf(stderr
, "Wrong format of /proc/net/dev. Sorry.\n");
491 if (sscanf(ptr
, "%ld%ld%ld%ld%ld%ld%ld%*d%ld%ld%ld%ld%ld%ld%ld",
492 &rx_bytes
, &rx_packets
, &rx_errs
, &rx_drops
,
493 &rx_fifo
, &rx_frame
, &rx_multi
,
494 &tx_bytes
, &tx_packets
, &tx_errs
, &tx_drops
,
495 &tx_fifo
, &tx_colls
, &tx_carrier
) != 14)
497 if (p
->name
[0] && strcmp(p
->name
, name
))
499 type
= do_ioctl_get_iftype(name
);
501 fprintf(stderr
, "Failed to get type of [%s]\n", name
);
504 if (type
!= ARPHRD_TUNNEL
&& type
!= ARPHRD_IPGRE
&& type
!= ARPHRD_SIT
)
506 memset(&p1
, 0, sizeof(p1
));
507 if (do_get_ioctl(name
, &p1
))
509 if ((p
->link
&& p1
.link
!= p
->link
) ||
510 (p
->name
[0] && strcmp(p1
.name
, p
->name
)) ||
511 (p
->iph
.daddr
&& p1
.iph
.daddr
!= p
->iph
.daddr
) ||
512 (p
->iph
.saddr
&& p1
.iph
.saddr
!= p
->iph
.saddr
) ||
513 (p
->i_key
&& p1
.i_key
!= p
->i_key
))
518 printf("RX: Packets Bytes Errors CsumErrs OutOfSeq Mcasts%s", _SL_
);
519 printf(" %-10ld %-12ld %-6ld %-8ld %-8ld %-8ld%s",
520 rx_packets
, rx_bytes
, rx_errs
, rx_frame
, rx_fifo
, rx_multi
, _SL_
);
521 printf("TX: Packets Bytes Errors DeadLoop NoRoute NoBufs%s", _SL_
);
522 printf(" %-10ld %-12ld %-6ld %-8ld %-8ld %-6ld",
523 tx_packets
, tx_bytes
, tx_errs
, tx_colls
, tx_carrier
, tx_drops
);
530 static int do_show(int argc
, char **argv
)
533 struct ip_tunnel_parm p
;
535 if (parse_args(argc
, argv
, SIOCGETTUNNEL
, &p
) < 0)
538 switch (p
.iph
.protocol
) {
540 err
= do_get_ioctl(p
.name
[0] ? p
.name
: "tunl0", &p
);
543 err
= do_get_ioctl(p
.name
[0] ? p
.name
: "gre0", &p
);
546 err
= do_get_ioctl(p
.name
[0] ? p
.name
: "sit0", &p
);
560 int do_iptunnel(int argc
, char **argv
)
563 if (matches(*argv
, "add") == 0)
564 return do_add(SIOCADDTUNNEL
, argc
-1, argv
+1);
565 if (matches(*argv
, "change") == 0)
566 return do_add(SIOCCHGTUNNEL
, argc
-1, argv
+1);
567 if (matches(*argv
, "del") == 0)
568 return do_del(argc
-1, argv
+1);
569 if (matches(*argv
, "show") == 0 ||
570 matches(*argv
, "lst") == 0 ||
571 matches(*argv
, "list") == 0)
572 return do_show(argc
-1, argv
+1);
573 if (matches(*argv
, "help") == 0)
576 return do_show(0, NULL
);
578 fprintf(stderr
, "Command \"%s\" is unknown, try \"ip tunnel help\".\n", *argv
);