2 * IS-IS Rout(e)ing protocol - isis_pfpacket.c
4 * Copyright (C) 2001,2002 Sampo Saaristo
5 * Tampere University of Technology
6 * Institute of Communications Engineering
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public Licenseas published by the Free
10 * Software Foundation; either version 2 of the License, or (at your option)
13 * This program is distributed in the hope that it will be useful,but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
24 #if ISIS_METHOD == ISIS_METHOD_PFPACKET
25 #include <net/ethernet.h> /* the L2 protocols */
26 #include <netpacket/packet.h>
28 #include <linux/filter.h>
35 #include "isisd/dict.h"
36 #include "isisd/isis_constants.h"
37 #include "isisd/isis_common.h"
38 #include "isisd/isis_circuit.h"
39 #include "isisd/isis_flags.h"
40 #include "isisd/isisd.h"
41 #include "isisd/isis_constants.h"
42 #include "isisd/isis_circuit.h"
43 #include "isisd/isis_network.h"
47 extern struct zebra_privs_t isisd_privs
;
49 /* tcpdump -i eth0 'isis' -dd */
50 static struct sock_filter isisfilter
[] =
52 /* NB: we're in SOCK_DGRAM, so src/dst mac + length are stripped
54 * (OTOH it's a bit more lower-layer agnostic and might work
56 /* { 0x28, 0, 0, 0x0000000c - 14 }, */
57 /* { 0x25, 5, 0, 0x000005dc }, */
58 {0x28, 0, 0, 0x0000000e - 14}, {0x15, 0, 3, 0x0000fefe},
59 {0x30, 0, 0, 0x00000011 - 14}, {0x15, 0, 1, 0x00000083},
60 {0x6, 0, 0, 0x00040000}, {0x6, 0, 0, 0x00000000},
63 static struct sock_fprog bpf
= {
64 .len
= array_size(isisfilter
),
69 * Table 9 - Architectural constants for use with ISO 8802 subnetworks
73 u_char ALL_L1_ISS
[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x14};
74 u_char ALL_L2_ISS
[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x15};
75 u_char ALL_ISS
[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x05};
76 u_char ALL_ESS
[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x04};
78 static uint8_t discard_buff
[8192];
79 static uint8_t sock_buff
[8192];
82 * if level is 0 we are joining p2p multicast
83 * FIXME: and the p2p multicast being ???
85 static int isis_multicast_join(int fd
, int registerto
, int if_num
)
87 struct packet_mreq mreq
;
89 memset(&mreq
, 0, sizeof(mreq
));
90 mreq
.mr_ifindex
= if_num
;
92 mreq
.mr_type
= PACKET_MR_MULTICAST
;
93 mreq
.mr_alen
= ETH_ALEN
;
95 memcpy(&mreq
.mr_address
, ALL_L1_ISS
, ETH_ALEN
);
96 else if (registerto
== 2)
97 memcpy(&mreq
.mr_address
, ALL_L2_ISS
, ETH_ALEN
);
98 else if (registerto
== 3)
99 memcpy(&mreq
.mr_address
, ALL_ISS
, ETH_ALEN
);
101 memcpy(&mreq
.mr_address
, ALL_ESS
, ETH_ALEN
);
104 mreq
.mr_type
= PACKET_MR_ALLMULTI
;
108 "isis_multicast_join(): fd=%d, reg_to=%d, if_num=%d, "
109 "address = %02x:%02x:%02x:%02x:%02x:%02x",
110 fd
, registerto
, if_num
, mreq
.mr_address
[0], mreq
.mr_address
[1],
111 mreq
.mr_address
[2], mreq
.mr_address
[3], mreq
.mr_address
[4],
113 #endif /* EXTREME_DEBUG */
114 if (setsockopt(fd
, SOL_PACKET
, PACKET_ADD_MEMBERSHIP
, &mreq
,
115 sizeof(struct packet_mreq
))) {
116 zlog_warn("isis_multicast_join(): setsockopt(): %s",
117 safe_strerror(errno
));
124 static int open_packet_socket(struct isis_circuit
*circuit
)
126 struct sockaddr_ll s_addr
;
127 int fd
, retval
= ISIS_OK
;
129 fd
= socket(PF_PACKET
, SOCK_DGRAM
, htons(ETH_P_ALL
));
131 zlog_warn("open_packet_socket(): socket() failed %s",
132 safe_strerror(errno
));
136 if (setsockopt(fd
, SOL_SOCKET
, SO_ATTACH_FILTER
, &bpf
, sizeof(bpf
))) {
137 zlog_warn("open_packet_socket(): SO_ATTACH_FILTER failed: %s",
138 safe_strerror(errno
));
142 * Bind to the physical interface
144 memset(&s_addr
, 0, sizeof(struct sockaddr_ll
));
145 s_addr
.sll_family
= AF_PACKET
;
146 s_addr
.sll_protocol
= htons(ETH_P_ALL
);
147 s_addr
.sll_ifindex
= circuit
->interface
->ifindex
;
149 if (bind(fd
, (struct sockaddr
*)(&s_addr
), sizeof(struct sockaddr_ll
))
151 zlog_warn("open_packet_socket(): bind() failed: %s",
152 safe_strerror(errno
));
159 if (if_is_broadcast(circuit
->interface
)) {
161 * Join to multicast groups
163 * 8.4.2 - Broadcast subnetwork IIH PDUs
164 * FIXME: is there a case only one will fail??
166 /* joining ALL_L1_ISS */
167 retval
|= isis_multicast_join(circuit
->fd
, 1,
168 circuit
->interface
->ifindex
);
169 /* joining ALL_L2_ISS */
170 retval
|= isis_multicast_join(circuit
->fd
, 2,
171 circuit
->interface
->ifindex
);
172 /* joining ALL_ISS (used in RFC 5309 p2p-over-lan as well) */
173 retval
|= isis_multicast_join(circuit
->fd
, 3,
174 circuit
->interface
->ifindex
);
176 retval
= isis_multicast_join(circuit
->fd
, 0,
177 circuit
->interface
->ifindex
);
184 * Create the socket and set the tx/rx funcs
186 int isis_sock_init(struct isis_circuit
*circuit
)
188 int retval
= ISIS_OK
;
190 if (isisd_privs
.change(ZPRIVS_RAISE
))
191 zlog_err("%s: could not raise privs, %s", __func__
,
192 safe_strerror(errno
));
194 retval
= open_packet_socket(circuit
);
196 if (retval
!= ISIS_OK
) {
197 zlog_warn("%s: could not initialize the socket", __func__
);
201 /* Assign Rx and Tx callbacks are based on real if type */
202 if (if_is_broadcast(circuit
->interface
)) {
203 circuit
->tx
= isis_send_pdu_bcast
;
204 circuit
->rx
= isis_recv_pdu_bcast
;
205 } else if (if_is_pointopoint(circuit
->interface
)) {
206 circuit
->tx
= isis_send_pdu_p2p
;
207 circuit
->rx
= isis_recv_pdu_p2p
;
209 zlog_warn("isis_sock_init(): unknown circuit type");
210 retval
= ISIS_WARNING
;
215 if (isisd_privs
.change(ZPRIVS_LOWER
))
216 zlog_err("%s: could not lower privs, %s", __func__
,
217 safe_strerror(errno
));
222 static inline int llc_check(u_char
*llc
)
224 if (*llc
!= ISO_SAP
|| *(llc
+ 1) != ISO_SAP
|| *(llc
+ 2) != 3)
230 int isis_recv_pdu_bcast(struct isis_circuit
*circuit
, u_char
*ssnpa
)
232 int bytesread
, addr_len
;
233 struct sockaddr_ll s_addr
;
236 addr_len
= sizeof(s_addr
);
238 memset(&s_addr
, 0, sizeof(struct sockaddr_ll
));
241 recvfrom(circuit
->fd
, (void *)&llc
, LLC_LEN
, MSG_PEEK
,
242 (struct sockaddr
*)&s_addr
, (socklen_t
*)&addr_len
);
245 || (s_addr
.sll_ifindex
!= (int)circuit
->interface
->ifindex
)) {
248 "isis_recv_packet_bcast(): ifname %s, fd %d, "
249 "bytesread %d, recvfrom(): %s",
250 circuit
->interface
->name
, circuit
->fd
,
251 bytesread
, safe_strerror(errno
));
253 if (s_addr
.sll_ifindex
!= (int)circuit
->interface
->ifindex
) {
255 "packet is received on multiple interfaces: "
256 "socket interface %d, circuit interface %d, "
258 s_addr
.sll_ifindex
, circuit
->interface
->ifindex
,
262 /* get rid of the packet */
263 bytesread
= recvfrom(circuit
->fd
, discard_buff
,
264 sizeof(discard_buff
), MSG_DONTWAIT
,
265 (struct sockaddr
*)&s_addr
,
266 (socklen_t
*)&addr_len
);
269 zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed");
274 * Filtering by llc field, discard packets sent by this host (other
277 if (!llc_check(llc
) || s_addr
.sll_pkttype
== PACKET_OUTGOING
) {
278 /* Read the packet into discard buff */
279 bytesread
= recvfrom(circuit
->fd
, discard_buff
,
280 sizeof(discard_buff
), MSG_DONTWAIT
,
281 (struct sockaddr
*)&s_addr
,
282 (socklen_t
*)&addr_len
);
284 zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed");
288 /* on lan we have to read to the static buff first */
289 bytesread
= recvfrom(circuit
->fd
, sock_buff
, sizeof(sock_buff
),
290 MSG_DONTWAIT
, (struct sockaddr
*)&s_addr
,
291 (socklen_t
*)&addr_len
);
293 zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed");
297 /* then we lose the LLC */
298 stream_write(circuit
->rcv_stream
, sock_buff
+ LLC_LEN
,
299 bytesread
- LLC_LEN
);
301 memcpy(ssnpa
, &s_addr
.sll_addr
, s_addr
.sll_halen
);
306 int isis_recv_pdu_p2p(struct isis_circuit
*circuit
, u_char
*ssnpa
)
308 int bytesread
, addr_len
;
309 struct sockaddr_ll s_addr
;
311 memset(&s_addr
, 0, sizeof(struct sockaddr_ll
));
312 addr_len
= sizeof(s_addr
);
314 /* we can read directly to the stream */
315 stream_recvfrom(circuit
->rcv_stream
, circuit
->fd
,
316 circuit
->interface
->mtu
, 0, (struct sockaddr
*)&s_addr
,
317 (socklen_t
*)&addr_len
);
319 if (s_addr
.sll_pkttype
== PACKET_OUTGOING
) {
320 /* Read the packet into discard buff */
321 bytesread
= recvfrom(circuit
->fd
, discard_buff
,
322 sizeof(discard_buff
), MSG_DONTWAIT
,
323 (struct sockaddr
*)&s_addr
,
324 (socklen_t
*)&addr_len
);
326 zlog_warn("isis_recv_pdu_p2p(): recvfrom() failed");
330 /* If we don't have protocol type 0x00FE which is
331 * ISO over GRE we exit with pain :)
333 if (ntohs(s_addr
.sll_protocol
) != 0x00FE) {
334 zlog_warn("isis_recv_pdu_p2p(): protocol mismatch(): %X",
335 ntohs(s_addr
.sll_protocol
));
339 memcpy(ssnpa
, &s_addr
.sll_addr
, s_addr
.sll_halen
);
344 int isis_send_pdu_bcast(struct isis_circuit
*circuit
, int level
)
349 /* we need to do the LLC in here because of P2P circuits, which will
352 struct sockaddr_ll sa
;
354 stream_set_getp(circuit
->snd_stream
, 0);
355 memset(&sa
, 0, sizeof(struct sockaddr_ll
));
356 sa
.sll_family
= AF_PACKET
;
358 size_t frame_size
= stream_get_endp(circuit
->snd_stream
) + LLC_LEN
;
359 sa
.sll_protocol
= htons(isis_ethertype(frame_size
));
360 sa
.sll_ifindex
= circuit
->interface
->ifindex
;
361 sa
.sll_halen
= ETH_ALEN
;
362 /* RFC5309 section 4.1 recommends ALL_ISS */
363 if (circuit
->circ_type
== CIRCUIT_T_P2P
)
364 memcpy(&sa
.sll_addr
, ALL_ISS
, ETH_ALEN
);
366 memcpy(&sa
.sll_addr
, ALL_L1_ISS
, ETH_ALEN
);
368 memcpy(&sa
.sll_addr
, ALL_L2_ISS
, ETH_ALEN
);
370 /* on a broadcast circuit */
371 /* first we put the LLC in */
376 memset(&msg
, 0, sizeof(msg
));
378 msg
.msg_namelen
= sizeof(struct sockaddr_ll
);
381 iov
[0].iov_base
= sock_buff
;
382 iov
[0].iov_len
= LLC_LEN
;
383 iov
[1].iov_base
= circuit
->snd_stream
->data
;
384 iov
[1].iov_len
= stream_get_endp(circuit
->snd_stream
);
386 if (sendmsg(circuit
->fd
, &msg
, 0) < 0) {
387 zlog_warn("IS-IS pfpacket: could not transmit packet on %s: %s",
388 circuit
->interface
->name
, safe_strerror(errno
));
389 if (ERRNO_IO_RETRY(errno
))
396 int isis_send_pdu_p2p(struct isis_circuit
*circuit
, int level
)
398 struct sockaddr_ll sa
;
401 stream_set_getp(circuit
->snd_stream
, 0);
402 memset(&sa
, 0, sizeof(struct sockaddr_ll
));
403 sa
.sll_family
= AF_PACKET
;
404 sa
.sll_ifindex
= circuit
->interface
->ifindex
;
405 sa
.sll_halen
= ETH_ALEN
;
407 memcpy(&sa
.sll_addr
, ALL_L1_ISS
, ETH_ALEN
);
409 memcpy(&sa
.sll_addr
, ALL_L2_ISS
, ETH_ALEN
);
412 /* lets try correcting the protocol */
413 sa
.sll_protocol
= htons(0x00FE);
414 rv
= sendto(circuit
->fd
, circuit
->snd_stream
->data
,
415 stream_get_endp(circuit
->snd_stream
), 0,
416 (struct sockaddr
*)&sa
, sizeof(struct sockaddr_ll
));
418 zlog_warn("IS-IS pfpacket: could not transmit packet on %s: %s",
419 circuit
->interface
->name
, safe_strerror(errno
));
420 if (ERRNO_IO_RETRY(errno
))
427 #endif /* ISIS_METHOD == ISIS_METHOD_PFPACKET */