2 * f_flower.c Flower Classifier
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: Jiri Pirko <jiri@resnulli.us>
17 #include <linux/limits.h>
18 #include <linux/if_arp.h>
19 #include <linux/if_ether.h>
21 #include <linux/tc_act/tc_vlan.h>
22 #include <linux/mpls.h>
28 enum flower_matching_flags
{
32 enum flower_endpoint
{
37 enum flower_icmp_field
{
38 FLOWER_ICMP_FIELD_TYPE
,
39 FLOWER_ICMP_FIELD_CODE
42 static void explain(void)
45 "Usage: ... flower [ MATCH-LIST ] [ verbose ]\n"
46 " [ skip_sw | skip_hw ]\n"
47 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
49 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
50 " MATCH := { indev DEV-NAME |\n"
52 " vlan_prio PRIORITY |\n"
53 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
55 " cvlan_prio PRIORITY |\n"
56 " cvlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
57 " dst_mac MASKED-LLADDR |\n"
58 " src_mac MASKED-LLADDR |\n"
59 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
60 " ip_tos MASKED-IP_TOS |\n"
61 " ip_ttl MASKED-IP_TTL |\n"
62 " mpls_label LABEL |\n"
68 " dst_port PORT-NUMBER |\n"
69 " src_port PORT-NUMBER |\n"
70 " tcp_flags MASKED-TCP_FLAGS |\n"
71 " type MASKED-ICMP-TYPE |\n"
72 " code MASKED-ICMP-CODE |\n"
73 " arp_tip IPV4-PREFIX |\n"
74 " arp_sip IPV4-PREFIX |\n"
75 " arp_op [ request | reply | OP ] |\n"
76 " arp_tha MASKED-LLADDR |\n"
77 " arp_sha MASKED-LLADDR |\n"
78 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
79 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
80 " enc_key_id [ KEY-ID ] |\n"
81 " enc_tos MASKED-IP_TOS |\n"
82 " enc_ttl MASKED-IP_TTL |\n"
83 " geneve_opts MASKED-OPTIONS |\n"
84 " vxlan_opts MASKED-OPTIONS |\n"
85 " ip_flags IP-FLAGS | \n"
86 " enc_dst_port [ port_number ] |\n"
87 " ct_state MASKED_CT_STATE |\n"
88 " ct_label MASKED_CT_LABEL |\n"
89 " ct_mark MASKED_CT_MARK |\n"
90 " ct_zone MASKED_CT_ZONE }\n"
91 " FILTERID := X:Y:Z\n"
92 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
93 " MASKED_CT_STATE := combination of {+|-} and flags trk,est,new\n"
94 " ACTION-SPEC := ... look at individual actions\n"
96 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
97 "NOTE: There can be only used one mask per one prio. If user needs\n"
98 " to specify different mask, he has to use different prio.\n");
101 static int flower_parse_eth_addr(char *str
, int addr_type
, int mask_type
,
105 char addr
[ETH_ALEN
], *slash
;
107 slash
= strchr(str
, '/');
111 ret
= ll_addr_a2n(addr
, sizeof(addr
), str
);
114 addattr_l(n
, MAX_MSG
, addr_type
, addr
, sizeof(addr
));
119 if (!get_unsigned(&bits
, slash
+ 1, 10)) {
122 /* Extra 16 bit shift to push mac address into
123 * high bits of uint64_t
125 mask
= htonll(0xffffffffffffULL
<< (16 + 48 - bits
));
126 memcpy(addr
, &mask
, ETH_ALEN
);
128 ret
= ll_addr_a2n(addr
, sizeof(addr
), slash
+ 1);
133 memset(addr
, 0xff, ETH_ALEN
);
135 addattr_l(n
, MAX_MSG
, mask_type
, addr
, sizeof(addr
));
144 static bool eth_type_vlan(__be16 ethertype
)
146 return ethertype
== htons(ETH_P_8021Q
) ||
147 ethertype
== htons(ETH_P_8021AD
);
150 static int flower_parse_vlan_eth_type(char *str
, __be16 eth_type
, int type
,
151 __be16
*p_vlan_eth_type
,
154 __be16 vlan_eth_type
;
156 if (!eth_type_vlan(eth_type
)) {
157 fprintf(stderr
, "Can't set \"%s\" if ethertype isn't 802.1Q or 802.1AD\n",
158 type
== TCA_FLOWER_KEY_VLAN_ETH_TYPE
? "vlan_ethtype" : "cvlan_ethtype");
162 if (ll_proto_a2n(&vlan_eth_type
, str
))
163 invarg("invalid vlan_ethtype", str
);
164 addattr16(n
, MAX_MSG
, type
, vlan_eth_type
);
165 *p_vlan_eth_type
= vlan_eth_type
;
169 struct flag_to_string
{
171 enum flower_matching_flags type
;
175 static struct flag_to_string flags_str
[] = {
176 { TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT
, FLOWER_IP_FLAGS
, "frag" },
177 { TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST
, FLOWER_IP_FLAGS
, "firstfrag" },
180 static int flower_parse_matching_flags(char *str
,
181 enum flower_matching_flags type
,
182 __u32
*mtf
, __u32
*mtf_mask
)
189 token
= strtok(str
, "/");
192 if (!strncmp(token
, "no", 2)) {
199 for (i
= 0; i
< ARRAY_SIZE(flags_str
); i
++) {
200 if (type
!= flags_str
[i
].type
)
203 if (!strcmp(token
, flags_str
[i
].string
)) {
205 *mtf
&= ~flags_str
[i
].flag
;
207 *mtf
|= flags_str
[i
].flag
;
209 *mtf_mask
|= flags_str
[i
].flag
;
217 token
= strtok(NULL
, "/");
223 static int flower_parse_u16(char *str
, int value_type
, int mask_type
,
224 struct nlmsghdr
*n
, bool be
)
229 slash
= strchr(str
, '/');
233 if (get_u16(&value
, str
, 0))
237 if (get_u16(&mask
, slash
+ 1, 0))
244 value
= htons(value
);
247 addattr16(n
, MAX_MSG
, value_type
, value
);
248 addattr16(n
, MAX_MSG
, mask_type
, mask
);
253 static int flower_parse_u32(char *str
, int value_type
, int mask_type
,
259 slash
= strchr(str
, '/');
263 if (get_u32(&value
, str
, 0))
267 if (get_u32(&mask
, slash
+ 1, 0))
273 addattr32(n
, MAX_MSG
, value_type
, value
);
274 addattr32(n
, MAX_MSG
, mask_type
, mask
);
279 static int flower_parse_ct_mark(char *str
, struct nlmsghdr
*n
)
281 return flower_parse_u32(str
,
282 TCA_FLOWER_KEY_CT_MARK
,
283 TCA_FLOWER_KEY_CT_MARK_MASK
,
287 static int flower_parse_ct_zone(char *str
, struct nlmsghdr
*n
)
289 return flower_parse_u16(str
,
290 TCA_FLOWER_KEY_CT_ZONE
,
291 TCA_FLOWER_KEY_CT_ZONE_MASK
,
296 static int flower_parse_ct_labels(char *str
, struct nlmsghdr
*n
)
298 #define LABELS_SIZE 16
299 uint8_t labels
[LABELS_SIZE
], lmask
[LABELS_SIZE
];
300 char *slash
, *mask
= NULL
;
301 size_t slen
, slen_mask
= 0;
303 slash
= index(str
, '/');
307 slen_mask
= strlen(mask
);
311 if (slen
> LABELS_SIZE
* 2 || slen_mask
> LABELS_SIZE
* 2) {
314 snprintf(errmsg
, sizeof(errmsg
),
315 "%zd Max allowed size %d",
316 slen
, LABELS_SIZE
*2);
320 if (hex2mem(str
, labels
, slen
/ 2) < 0)
321 invarg("labels must be a hex string\n", str
);
322 addattr_l(n
, MAX_MSG
, TCA_FLOWER_KEY_CT_LABELS
, labels
, slen
/ 2);
325 if (hex2mem(mask
, lmask
, slen_mask
/ 2) < 0)
326 invarg("labels mask must be a hex string\n", mask
);
328 memset(lmask
, 0xff, sizeof(lmask
));
329 slen_mask
= sizeof(lmask
) * 2;
331 addattr_l(n
, MAX_MSG
, TCA_FLOWER_KEY_CT_LABELS_MASK
, lmask
,
337 static struct flower_ct_states
{
340 } flower_ct_states
[] = {
341 { "trk", TCA_FLOWER_KEY_CT_FLAGS_TRACKED
},
342 { "new", TCA_FLOWER_KEY_CT_FLAGS_NEW
},
343 { "est", TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED
},
346 static int flower_parse_ct_state(char *str
, struct nlmsghdr
*n
)
348 int flags
= 0, mask
= 0, len
, i
;
351 while (*str
!= '\0') {
354 else if (*str
== '-')
359 for (i
= 0; i
< ARRAY_SIZE(flower_ct_states
); i
++) {
360 len
= strlen(flower_ct_states
[i
].str
);
361 if (strncmp(str
+ 1, flower_ct_states
[i
].str
, len
))
365 flags
|= flower_ct_states
[i
].flag
;
366 mask
|= flower_ct_states
[i
].flag
;
370 if (i
== ARRAY_SIZE(flower_ct_states
))
376 addattr16(n
, MAX_MSG
, TCA_FLOWER_KEY_CT_STATE
, flags
);
377 addattr16(n
, MAX_MSG
, TCA_FLOWER_KEY_CT_STATE_MASK
, mask
);
381 static int flower_parse_ip_proto(char *str
, __be16 eth_type
, int type
,
382 __u8
*p_ip_proto
, struct nlmsghdr
*n
)
387 if (eth_type
!= htons(ETH_P_IP
) && eth_type
!= htons(ETH_P_IPV6
))
390 if (matches(str
, "tcp") == 0) {
391 ip_proto
= IPPROTO_TCP
;
392 } else if (matches(str
, "udp") == 0) {
393 ip_proto
= IPPROTO_UDP
;
394 } else if (matches(str
, "sctp") == 0) {
395 ip_proto
= IPPROTO_SCTP
;
396 } else if (matches(str
, "icmp") == 0) {
397 if (eth_type
!= htons(ETH_P_IP
))
399 ip_proto
= IPPROTO_ICMP
;
400 } else if (matches(str
, "icmpv6") == 0) {
401 if (eth_type
!= htons(ETH_P_IPV6
))
403 ip_proto
= IPPROTO_ICMPV6
;
405 ret
= get_u8(&ip_proto
, str
, 16);
409 addattr8(n
, MAX_MSG
, type
, ip_proto
);
410 *p_ip_proto
= ip_proto
;
414 fprintf(stderr
, "Illegal \"eth_type\" for ip proto\n");
418 static int __flower_parse_ip_addr(char *str
, int family
,
419 int addr4_type
, int mask4_type
,
420 int addr6_type
, int mask6_type
,
428 ret
= get_prefix(&addr
, str
, family
);
432 if (family
&& (addr
.family
!= family
)) {
433 fprintf(stderr
, "Illegal \"eth_type\" for ip address\n");
437 addattr_l(n
, MAX_MSG
, addr
.family
== AF_INET
? addr4_type
: addr6_type
,
438 addr
.data
, addr
.bytelen
);
440 memset(addr
.data
, 0xff, addr
.bytelen
);
442 for (i
= 0; i
< addr
.bytelen
/ 4; i
++) {
445 } else if (bits
/ 32 >= 1) {
448 addr
.data
[i
] <<= 32 - bits
;
449 addr
.data
[i
] = htonl(addr
.data
[i
]);
454 addattr_l(n
, MAX_MSG
, addr
.family
== AF_INET
? mask4_type
: mask6_type
,
455 addr
.data
, addr
.bytelen
);
460 static int flower_parse_ip_addr(char *str
, __be16 eth_type
,
461 int addr4_type
, int mask4_type
,
462 int addr6_type
, int mask6_type
,
467 if (eth_type
== htons(ETH_P_IP
)) {
469 } else if (eth_type
== htons(ETH_P_IPV6
)) {
471 } else if (!eth_type
) {
477 return __flower_parse_ip_addr(str
, family
, addr4_type
, mask4_type
,
478 addr6_type
, mask6_type
, n
);
481 static bool flower_eth_type_arp(__be16 eth_type
)
483 return eth_type
== htons(ETH_P_ARP
) || eth_type
== htons(ETH_P_RARP
);
486 static int flower_parse_arp_ip_addr(char *str
, __be16 eth_type
,
487 int addr_type
, int mask_type
,
490 if (!flower_eth_type_arp(eth_type
))
493 return __flower_parse_ip_addr(str
, AF_INET
, addr_type
, mask_type
,
494 TCA_FLOWER_UNSPEC
, TCA_FLOWER_UNSPEC
, n
);
497 static int flower_parse_u8(char *str
, int value_type
, int mask_type
,
498 int (*value_from_name
)(const char *str
,
500 bool (*value_validate
)(__u8 value
),
507 slash
= strchr(str
, '/');
511 ret
= value_from_name
? value_from_name(str
, &value
) : -1;
513 ret
= get_u8(&value
, str
, 10);
518 if (value_validate
&& !value_validate(value
))
522 ret
= get_u8(&mask
, slash
+ 1, 10);
530 addattr8(n
, MAX_MSG
, value_type
, value
);
531 addattr8(n
, MAX_MSG
, mask_type
, mask
);
540 static const char *flower_print_arp_op_to_name(__u8 op
)
552 static int flower_arp_op_from_name(const char *name
, __u8
*op
)
554 if (!strcmp(name
, "request"))
556 else if (!strcmp(name
, "reply"))
564 static bool flow_arp_op_validate(__u8 op
)
566 return !op
|| op
== ARPOP_REQUEST
|| op
== ARPOP_REPLY
;
569 static int flower_parse_arp_op(char *str
, __be16 eth_type
,
570 int op_type
, int mask_type
,
573 if (!flower_eth_type_arp(eth_type
))
576 return flower_parse_u8(str
, op_type
, mask_type
, flower_arp_op_from_name
,
577 flow_arp_op_validate
, n
);
580 static int flower_icmp_attr_type(__be16 eth_type
, __u8 ip_proto
,
581 enum flower_icmp_field field
)
583 if (eth_type
== htons(ETH_P_IP
) && ip_proto
== IPPROTO_ICMP
)
584 return field
== FLOWER_ICMP_FIELD_CODE
?
585 TCA_FLOWER_KEY_ICMPV4_CODE
:
586 TCA_FLOWER_KEY_ICMPV4_TYPE
;
587 else if (eth_type
== htons(ETH_P_IPV6
) && ip_proto
== IPPROTO_ICMPV6
)
588 return field
== FLOWER_ICMP_FIELD_CODE
?
589 TCA_FLOWER_KEY_ICMPV6_CODE
:
590 TCA_FLOWER_KEY_ICMPV6_TYPE
;
595 static int flower_icmp_attr_mask_type(__be16 eth_type
, __u8 ip_proto
,
596 enum flower_icmp_field field
)
598 if (eth_type
== htons(ETH_P_IP
) && ip_proto
== IPPROTO_ICMP
)
599 return field
== FLOWER_ICMP_FIELD_CODE
?
600 TCA_FLOWER_KEY_ICMPV4_CODE_MASK
:
601 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK
;
602 else if (eth_type
== htons(ETH_P_IPV6
) && ip_proto
== IPPROTO_ICMPV6
)
603 return field
== FLOWER_ICMP_FIELD_CODE
?
604 TCA_FLOWER_KEY_ICMPV6_CODE_MASK
:
605 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK
;
610 static int flower_parse_icmp(char *str
, __u16 eth_type
, __u8 ip_proto
,
611 enum flower_icmp_field field
, struct nlmsghdr
*n
)
613 int value_type
, mask_type
;
615 value_type
= flower_icmp_attr_type(eth_type
, ip_proto
, field
);
616 mask_type
= flower_icmp_attr_mask_type(eth_type
, ip_proto
, field
);
617 if (value_type
< 0 || mask_type
< 0)
620 return flower_parse_u8(str
, value_type
, mask_type
, NULL
, NULL
, n
);
623 static int flower_port_attr_type(__u8 ip_proto
, enum flower_endpoint endpoint
)
625 if (ip_proto
== IPPROTO_TCP
)
626 return endpoint
== FLOWER_ENDPOINT_SRC
?
627 TCA_FLOWER_KEY_TCP_SRC
:
628 TCA_FLOWER_KEY_TCP_DST
;
629 else if (ip_proto
== IPPROTO_UDP
)
630 return endpoint
== FLOWER_ENDPOINT_SRC
?
631 TCA_FLOWER_KEY_UDP_SRC
:
632 TCA_FLOWER_KEY_UDP_DST
;
633 else if (ip_proto
== IPPROTO_SCTP
)
634 return endpoint
== FLOWER_ENDPOINT_SRC
?
635 TCA_FLOWER_KEY_SCTP_SRC
:
636 TCA_FLOWER_KEY_SCTP_DST
;
641 static int flower_port_attr_mask_type(__u8 ip_proto
,
642 enum flower_endpoint endpoint
)
646 return endpoint
== FLOWER_ENDPOINT_SRC
?
647 TCA_FLOWER_KEY_TCP_SRC_MASK
:
648 TCA_FLOWER_KEY_TCP_DST_MASK
;
650 return endpoint
== FLOWER_ENDPOINT_SRC
?
651 TCA_FLOWER_KEY_UDP_SRC_MASK
:
652 TCA_FLOWER_KEY_UDP_DST_MASK
;
654 return endpoint
== FLOWER_ENDPOINT_SRC
?
655 TCA_FLOWER_KEY_SCTP_SRC_MASK
:
656 TCA_FLOWER_KEY_SCTP_DST_MASK
;
662 static int flower_port_range_attr_type(__u8 ip_proto
, enum flower_endpoint type
,
663 __be16
*min_port_type
,
664 __be16
*max_port_type
)
666 if (ip_proto
== IPPROTO_TCP
|| ip_proto
== IPPROTO_UDP
||
667 ip_proto
== IPPROTO_SCTP
) {
668 if (type
== FLOWER_ENDPOINT_SRC
) {
669 *min_port_type
= TCA_FLOWER_KEY_PORT_SRC_MIN
;
670 *max_port_type
= TCA_FLOWER_KEY_PORT_SRC_MAX
;
672 *min_port_type
= TCA_FLOWER_KEY_PORT_DST_MIN
;
673 *max_port_type
= TCA_FLOWER_KEY_PORT_DST_MAX
;
681 /* parse range args in format 10-20 */
682 static int parse_range(char *str
, __be16
*min
, __be16
*max
)
686 sep
= strchr(str
, '-');
690 if (get_be16(min
, str
, 10))
693 if (get_be16(max
, sep
+ 1, 10))
696 if (get_be16(min
, str
, 10))
702 static int flower_parse_port(char *str
, __u8 ip_proto
,
703 enum flower_endpoint endpoint
,
711 ret
= parse_range(str
, &min
, &max
);
713 slash
= strchr(str
, '/');
719 __be16 min_port_type
, max_port_type
;
722 fprintf(stderr
, "max value should be greater than min value\n");
725 if (flower_port_range_attr_type(ip_proto
, endpoint
,
726 &min_port_type
, &max_port_type
))
729 addattr16(n
, MAX_MSG
, min_port_type
, min
);
730 addattr16(n
, MAX_MSG
, max_port_type
, max
);
731 } else if (slash
|| (min
&& !max
)) {
734 type
= flower_port_attr_type(ip_proto
, endpoint
);
739 addattr16(n
, MAX_MSG
, type
, min
);
743 mask_type
= flower_port_attr_mask_type(ip_proto
,
747 return flower_parse_u16(str
, type
, mask_type
, n
, true);
755 #define TCP_FLAGS_MAX_MASK 0xfff
757 static int flower_parse_tcp_flags(char *str
, int flags_type
, int mask_type
,
764 slash
= strchr(str
, '/');
768 ret
= get_u16(&flags
, str
, 16);
769 if (ret
< 0 || flags
& ~TCP_FLAGS_MAX_MASK
)
772 addattr16(n
, MAX_MSG
, flags_type
, htons(flags
));
775 ret
= get_u16(&flags
, slash
+ 1, 16);
776 if (ret
< 0 || flags
& ~TCP_FLAGS_MAX_MASK
)
779 flags
= TCP_FLAGS_MAX_MASK
;
781 addattr16(n
, MAX_MSG
, mask_type
, htons(flags
));
790 static int flower_parse_ip_tos_ttl(char *str
, int key_type
, int mask_type
,
797 slash
= strchr(str
, '/');
801 ret
= get_u8(&tos_ttl
, str
, 10);
803 ret
= get_u8(&tos_ttl
, str
, 16);
807 addattr8(n
, MAX_MSG
, key_type
, tos_ttl
);
810 ret
= get_u8(&tos_ttl
, slash
+ 1, 16);
816 addattr8(n
, MAX_MSG
, mask_type
, tos_ttl
);
825 static int flower_parse_key_id(const char *str
, int type
, struct nlmsghdr
*n
)
830 ret
= get_be32(&key_id
, str
, 10);
832 addattr32(n
, MAX_MSG
, type
, key_id
);
837 static int flower_parse_enc_port(char *str
, int type
, struct nlmsghdr
*n
)
842 ret
= get_be16(&port
, str
, 10);
846 addattr16(n
, MAX_MSG
, type
, port
);
851 static int flower_parse_geneve_opt(char *str
, struct nlmsghdr
*n
)
857 nest
= addattr_nest(n
, MAX_MSG
, TCA_FLOWER_KEY_ENC_OPTS_GENEVE
);
860 token
= strsep(&str
, ":");
863 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS
:
869 err
= get_be16(&opt_class
, token
, 16);
873 addattr16(n
, MAX_MSG
, i
, opt_class
);
876 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE
:
882 err
= get_u8(&opt_type
, token
, 16);
886 addattr8(n
, MAX_MSG
, i
, opt_type
);
889 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA
:
891 size_t token_len
= strlen(token
);
896 opts
= malloc(token_len
/ 2);
899 if (hex2mem(token
, opts
, token_len
/ 2) < 0) {
903 addattr_l(n
, MAX_MSG
, i
, opts
, token_len
/ 2);
909 fprintf(stderr
, "Unknown \"geneve_opts\" type\n");
913 token
= strsep(&str
, ":");
916 addattr_nest_end(n
, nest
);
921 static int flower_parse_vxlan_opt(char *str
, struct nlmsghdr
*n
)
927 nest
= addattr_nest(n
, MAX_MSG
,
928 TCA_FLOWER_KEY_ENC_OPTS_VXLAN
| NLA_F_NESTED
);
930 err
= get_u32(&gbp
, str
, 0);
933 addattr32(n
, MAX_MSG
, TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP
, gbp
);
935 addattr_nest_end(n
, nest
);
940 static int flower_parse_geneve_opts(char *str
, struct nlmsghdr
*n
)
945 token
= strsep(&str
, ",");
947 err
= flower_parse_geneve_opt(token
, n
);
951 token
= strsep(&str
, ",");
957 static int flower_check_enc_opt_key(char *key
)
959 int key_len
, col_cnt
= 0;
961 key_len
= strlen(key
);
962 while ((key
= strchr(key
, ':'))) {
963 if (strlen(key
) == key_len
)
966 key_len
= strlen(key
) - 1;
971 if (col_cnt
!= 2 || !key_len
)
977 static int flower_parse_enc_opts_geneve(char *str
, struct nlmsghdr
*n
)
979 char key
[XATTR_SIZE_MAX
], mask
[XATTR_SIZE_MAX
];
980 int data_len
, key_len
, mask_len
, err
;
986 token
= strsep(&str
, ",");
988 slash
= strchr(token
, '/');
992 if ((key_len
+ strlen(token
) > XATTR_SIZE_MAX
) ||
993 flower_check_enc_opt_key(token
))
996 strcpy(&key
[key_len
], token
);
997 key_len
+= strlen(token
) + 1;
998 key
[key_len
- 1] = ',';
1001 /* Pad out mask when not provided */
1002 if (mask_len
+ strlen(token
) > XATTR_SIZE_MAX
)
1005 data_len
= strlen(rindex(token
, ':'));
1006 sprintf(&mask
[mask_len
], "ffff:ff:");
1008 memset(&mask
[mask_len
], 'f', data_len
- 1);
1009 mask_len
+= data_len
;
1010 mask
[mask_len
- 1] = ',';
1011 token
= strsep(&str
, ",");
1015 if (mask_len
+ strlen(slash
+ 1) > XATTR_SIZE_MAX
)
1018 strcpy(&mask
[mask_len
], slash
+ 1);
1019 mask_len
+= strlen(slash
+ 1) + 1;
1020 mask
[mask_len
- 1] = ',';
1023 token
= strsep(&str
, ",");
1025 key
[key_len
- 1] = '\0';
1026 mask
[mask_len
- 1] = '\0';
1028 nest
= addattr_nest(n
, MAX_MSG
, TCA_FLOWER_KEY_ENC_OPTS
);
1029 err
= flower_parse_geneve_opts(key
, n
);
1032 addattr_nest_end(n
, nest
);
1034 nest
= addattr_nest(n
, MAX_MSG
, TCA_FLOWER_KEY_ENC_OPTS_MASK
);
1035 err
= flower_parse_geneve_opts(mask
, n
);
1038 addattr_nest_end(n
, nest
);
1043 static int flower_parse_enc_opts_vxlan(char *str
, struct nlmsghdr
*n
)
1045 char key
[XATTR_SIZE_MAX
], mask
[XATTR_SIZE_MAX
];
1046 struct rtattr
*nest
;
1050 slash
= strchr(str
, '/');
1053 if (strlen(slash
) > XATTR_SIZE_MAX
)
1055 strcpy(mask
, slash
);
1057 strcpy(mask
, "0xffffffff");
1060 if (strlen(str
) > XATTR_SIZE_MAX
)
1064 nest
= addattr_nest(n
, MAX_MSG
, TCA_FLOWER_KEY_ENC_OPTS
| NLA_F_NESTED
);
1065 err
= flower_parse_vxlan_opt(str
, n
);
1068 addattr_nest_end(n
, nest
);
1070 nest
= addattr_nest(n
, MAX_MSG
,
1071 TCA_FLOWER_KEY_ENC_OPTS_MASK
| NLA_F_NESTED
);
1072 err
= flower_parse_vxlan_opt(mask
, n
);
1075 addattr_nest_end(n
, nest
);
1080 static int flower_parse_opt(struct filter_util
*qu
, char *handle
,
1081 int argc
, char **argv
, struct nlmsghdr
*n
)
1084 struct tcmsg
*t
= NLMSG_DATA(n
);
1085 struct rtattr
*tail
;
1086 __be16 eth_type
= TC_H_MIN(t
->tcm_info
);
1087 __be16 vlan_ethtype
= 0;
1088 __be16 cvlan_ethtype
= 0;
1089 __u8 ip_proto
= 0xff;
1095 ret
= get_u32(&t
->tcm_handle
, handle
, 0);
1097 fprintf(stderr
, "Illegal \"handle\"\n");
1102 tail
= (struct rtattr
*) (((void *) n
) + NLMSG_ALIGN(n
->nlmsg_len
));
1103 addattr_l(n
, MAX_MSG
, TCA_OPTIONS
, NULL
, 0);
1106 /*at minimal we will match all ethertype packets */
1111 if (matches(*argv
, "classid") == 0 ||
1112 matches(*argv
, "flowid") == 0) {
1113 unsigned int handle
;
1116 ret
= get_tc_classid(&handle
, *argv
);
1118 fprintf(stderr
, "Illegal \"classid\"\n");
1121 addattr_l(n
, MAX_MSG
, TCA_FLOWER_CLASSID
, &handle
, 4);
1122 } else if (matches(*argv
, "hw_tc") == 0) {
1123 unsigned int handle
;
1128 tc
= strtoul(*argv
, &end
, 0);
1130 fprintf(stderr
, "Illegal TC index\n");
1133 if (tc
>= TC_QOPT_MAX_QUEUE
) {
1134 fprintf(stderr
, "TC index exceeds max range\n");
1137 handle
= TC_H_MAKE(TC_H_MAJ(t
->tcm_parent
),
1138 TC_H_MIN(tc
+ TC_H_MIN_PRIORITY
));
1139 addattr_l(n
, MAX_MSG
, TCA_FLOWER_CLASSID
, &handle
,
1141 } else if (matches(*argv
, "ip_flags") == 0) {
1143 ret
= flower_parse_matching_flags(*argv
,
1148 fprintf(stderr
, "Illegal \"ip_flags\"\n");
1151 } else if (matches(*argv
, "verbose") == 0) {
1152 flags
|= TCA_CLS_FLAGS_VERBOSE
;
1153 } else if (matches(*argv
, "skip_hw") == 0) {
1154 flags
|= TCA_CLS_FLAGS_SKIP_HW
;
1155 } else if (matches(*argv
, "skip_sw") == 0) {
1156 flags
|= TCA_CLS_FLAGS_SKIP_SW
;
1157 } else if (matches(*argv
, "ct_state") == 0) {
1159 ret
= flower_parse_ct_state(*argv
, n
);
1161 fprintf(stderr
, "Illegal \"ct_state\"\n");
1164 } else if (matches(*argv
, "ct_zone") == 0) {
1166 ret
= flower_parse_ct_zone(*argv
, n
);
1168 fprintf(stderr
, "Illegal \"ct_zone\"\n");
1171 } else if (matches(*argv
, "ct_mark") == 0) {
1173 ret
= flower_parse_ct_mark(*argv
, n
);
1175 fprintf(stderr
, "Illegal \"ct_mark\"\n");
1178 } else if (matches(*argv
, "ct_label") == 0) {
1180 ret
= flower_parse_ct_labels(*argv
, n
);
1182 fprintf(stderr
, "Illegal \"ct_label\"\n");
1185 } else if (matches(*argv
, "indev") == 0) {
1187 if (check_ifname(*argv
))
1188 invarg("\"indev\" not a valid ifname", *argv
);
1189 addattrstrz(n
, MAX_MSG
, TCA_FLOWER_INDEV
, *argv
);
1190 } else if (matches(*argv
, "vlan_id") == 0) {
1194 if (!eth_type_vlan(eth_type
)) {
1195 fprintf(stderr
, "Can't set \"vlan_id\" if ethertype isn't 802.1Q or 802.1AD\n");
1198 ret
= get_u16(&vid
, *argv
, 10);
1199 if (ret
< 0 || vid
& ~0xfff) {
1200 fprintf(stderr
, "Illegal \"vlan_id\"\n");
1203 addattr16(n
, MAX_MSG
, TCA_FLOWER_KEY_VLAN_ID
, vid
);
1204 } else if (matches(*argv
, "vlan_prio") == 0) {
1208 if (!eth_type_vlan(eth_type
)) {
1209 fprintf(stderr
, "Can't set \"vlan_prio\" if ethertype isn't 802.1Q or 802.1AD\n");
1212 ret
= get_u8(&vlan_prio
, *argv
, 10);
1213 if (ret
< 0 || vlan_prio
& ~0x7) {
1214 fprintf(stderr
, "Illegal \"vlan_prio\"\n");
1217 addattr8(n
, MAX_MSG
,
1218 TCA_FLOWER_KEY_VLAN_PRIO
, vlan_prio
);
1219 } else if (matches(*argv
, "vlan_ethtype") == 0) {
1221 ret
= flower_parse_vlan_eth_type(*argv
, eth_type
,
1222 TCA_FLOWER_KEY_VLAN_ETH_TYPE
,
1226 } else if (matches(*argv
, "cvlan_id") == 0) {
1230 if (!eth_type_vlan(vlan_ethtype
)) {
1231 fprintf(stderr
, "Can't set \"cvlan_id\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1234 ret
= get_u16(&vid
, *argv
, 10);
1235 if (ret
< 0 || vid
& ~0xfff) {
1236 fprintf(stderr
, "Illegal \"cvlan_id\"\n");
1239 addattr16(n
, MAX_MSG
, TCA_FLOWER_KEY_CVLAN_ID
, vid
);
1240 } else if (matches(*argv
, "cvlan_prio") == 0) {
1244 if (!eth_type_vlan(vlan_ethtype
)) {
1245 fprintf(stderr
, "Can't set \"cvlan_prio\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1248 ret
= get_u8(&cvlan_prio
, *argv
, 10);
1249 if (ret
< 0 || cvlan_prio
& ~0x7) {
1250 fprintf(stderr
, "Illegal \"cvlan_prio\"\n");
1253 addattr8(n
, MAX_MSG
,
1254 TCA_FLOWER_KEY_CVLAN_PRIO
, cvlan_prio
);
1255 } else if (matches(*argv
, "cvlan_ethtype") == 0) {
1257 ret
= flower_parse_vlan_eth_type(*argv
, vlan_ethtype
,
1258 TCA_FLOWER_KEY_CVLAN_ETH_TYPE
,
1262 } else if (matches(*argv
, "mpls_label") == 0) {
1266 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
1267 eth_type
!= htons(ETH_P_MPLS_MC
)) {
1269 "Can't set \"mpls_label\" if ethertype isn't MPLS\n");
1272 ret
= get_u32(&label
, *argv
, 10);
1273 if (ret
< 0 || label
& ~(MPLS_LS_LABEL_MASK
>> MPLS_LS_LABEL_SHIFT
)) {
1274 fprintf(stderr
, "Illegal \"mpls_label\"\n");
1277 addattr32(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_LABEL
, label
);
1278 } else if (matches(*argv
, "mpls_tc") == 0) {
1282 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
1283 eth_type
!= htons(ETH_P_MPLS_MC
)) {
1285 "Can't set \"mpls_tc\" if ethertype isn't MPLS\n");
1288 ret
= get_u8(&tc
, *argv
, 10);
1289 if (ret
< 0 || tc
& ~(MPLS_LS_TC_MASK
>> MPLS_LS_TC_SHIFT
)) {
1290 fprintf(stderr
, "Illegal \"mpls_tc\"\n");
1293 addattr8(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_TC
, tc
);
1294 } else if (matches(*argv
, "mpls_bos") == 0) {
1298 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
1299 eth_type
!= htons(ETH_P_MPLS_MC
)) {
1301 "Can't set \"mpls_bos\" if ethertype isn't MPLS\n");
1304 ret
= get_u8(&bos
, *argv
, 10);
1305 if (ret
< 0 || bos
& ~(MPLS_LS_S_MASK
>> MPLS_LS_S_SHIFT
)) {
1306 fprintf(stderr
, "Illegal \"mpls_bos\"\n");
1309 addattr8(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_BOS
, bos
);
1310 } else if (matches(*argv
, "mpls_ttl") == 0) {
1314 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
1315 eth_type
!= htons(ETH_P_MPLS_MC
)) {
1317 "Can't set \"mpls_ttl\" if ethertype isn't MPLS\n");
1320 ret
= get_u8(&ttl
, *argv
, 10);
1321 if (ret
< 0 || ttl
& ~(MPLS_LS_TTL_MASK
>> MPLS_LS_TTL_SHIFT
)) {
1322 fprintf(stderr
, "Illegal \"mpls_ttl\"\n");
1325 addattr8(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_TTL
, ttl
);
1326 } else if (matches(*argv
, "dst_mac") == 0) {
1328 ret
= flower_parse_eth_addr(*argv
,
1329 TCA_FLOWER_KEY_ETH_DST
,
1330 TCA_FLOWER_KEY_ETH_DST_MASK
,
1333 fprintf(stderr
, "Illegal \"dst_mac\"\n");
1336 } else if (matches(*argv
, "src_mac") == 0) {
1338 ret
= flower_parse_eth_addr(*argv
,
1339 TCA_FLOWER_KEY_ETH_SRC
,
1340 TCA_FLOWER_KEY_ETH_SRC_MASK
,
1343 fprintf(stderr
, "Illegal \"src_mac\"\n");
1346 } else if (matches(*argv
, "ip_proto") == 0) {
1348 ret
= flower_parse_ip_proto(*argv
, cvlan_ethtype
?
1349 cvlan_ethtype
: vlan_ethtype
?
1350 vlan_ethtype
: eth_type
,
1351 TCA_FLOWER_KEY_IP_PROTO
,
1354 fprintf(stderr
, "Illegal \"ip_proto\"\n");
1357 } else if (matches(*argv
, "ip_tos") == 0) {
1359 ret
= flower_parse_ip_tos_ttl(*argv
,
1360 TCA_FLOWER_KEY_IP_TOS
,
1361 TCA_FLOWER_KEY_IP_TOS_MASK
,
1364 fprintf(stderr
, "Illegal \"ip_tos\"\n");
1367 } else if (matches(*argv
, "ip_ttl") == 0) {
1369 ret
= flower_parse_ip_tos_ttl(*argv
,
1370 TCA_FLOWER_KEY_IP_TTL
,
1371 TCA_FLOWER_KEY_IP_TTL_MASK
,
1374 fprintf(stderr
, "Illegal \"ip_ttl\"\n");
1377 } else if (matches(*argv
, "dst_ip") == 0) {
1379 ret
= flower_parse_ip_addr(*argv
, cvlan_ethtype
?
1380 cvlan_ethtype
: vlan_ethtype
?
1381 vlan_ethtype
: eth_type
,
1382 TCA_FLOWER_KEY_IPV4_DST
,
1383 TCA_FLOWER_KEY_IPV4_DST_MASK
,
1384 TCA_FLOWER_KEY_IPV6_DST
,
1385 TCA_FLOWER_KEY_IPV6_DST_MASK
,
1388 fprintf(stderr
, "Illegal \"dst_ip\"\n");
1391 } else if (matches(*argv
, "src_ip") == 0) {
1393 ret
= flower_parse_ip_addr(*argv
, cvlan_ethtype
?
1394 cvlan_ethtype
: vlan_ethtype
?
1395 vlan_ethtype
: eth_type
,
1396 TCA_FLOWER_KEY_IPV4_SRC
,
1397 TCA_FLOWER_KEY_IPV4_SRC_MASK
,
1398 TCA_FLOWER_KEY_IPV6_SRC
,
1399 TCA_FLOWER_KEY_IPV6_SRC_MASK
,
1402 fprintf(stderr
, "Illegal \"src_ip\"\n");
1405 } else if (matches(*argv
, "dst_port") == 0) {
1407 ret
= flower_parse_port(*argv
, ip_proto
,
1408 FLOWER_ENDPOINT_DST
, n
);
1410 fprintf(stderr
, "Illegal \"dst_port\"\n");
1413 } else if (matches(*argv
, "src_port") == 0) {
1415 ret
= flower_parse_port(*argv
, ip_proto
,
1416 FLOWER_ENDPOINT_SRC
, n
);
1418 fprintf(stderr
, "Illegal \"src_port\"\n");
1421 } else if (matches(*argv
, "tcp_flags") == 0) {
1423 ret
= flower_parse_tcp_flags(*argv
,
1424 TCA_FLOWER_KEY_TCP_FLAGS
,
1425 TCA_FLOWER_KEY_TCP_FLAGS_MASK
,
1428 fprintf(stderr
, "Illegal \"tcp_flags\"\n");
1431 } else if (matches(*argv
, "type") == 0) {
1433 ret
= flower_parse_icmp(*argv
, eth_type
, ip_proto
,
1434 FLOWER_ICMP_FIELD_TYPE
, n
);
1436 fprintf(stderr
, "Illegal \"icmp type\"\n");
1439 } else if (matches(*argv
, "code") == 0) {
1441 ret
= flower_parse_icmp(*argv
, eth_type
, ip_proto
,
1442 FLOWER_ICMP_FIELD_CODE
, n
);
1444 fprintf(stderr
, "Illegal \"icmp code\"\n");
1447 } else if (matches(*argv
, "arp_tip") == 0) {
1449 ret
= flower_parse_arp_ip_addr(*argv
, vlan_ethtype
?
1450 vlan_ethtype
: eth_type
,
1451 TCA_FLOWER_KEY_ARP_TIP
,
1452 TCA_FLOWER_KEY_ARP_TIP_MASK
,
1455 fprintf(stderr
, "Illegal \"arp_tip\"\n");
1458 } else if (matches(*argv
, "arp_sip") == 0) {
1460 ret
= flower_parse_arp_ip_addr(*argv
, vlan_ethtype
?
1461 vlan_ethtype
: eth_type
,
1462 TCA_FLOWER_KEY_ARP_SIP
,
1463 TCA_FLOWER_KEY_ARP_SIP_MASK
,
1466 fprintf(stderr
, "Illegal \"arp_sip\"\n");
1469 } else if (matches(*argv
, "arp_op") == 0) {
1471 ret
= flower_parse_arp_op(*argv
, vlan_ethtype
?
1472 vlan_ethtype
: eth_type
,
1473 TCA_FLOWER_KEY_ARP_OP
,
1474 TCA_FLOWER_KEY_ARP_OP_MASK
,
1477 fprintf(stderr
, "Illegal \"arp_op\"\n");
1480 } else if (matches(*argv
, "arp_tha") == 0) {
1482 ret
= flower_parse_eth_addr(*argv
,
1483 TCA_FLOWER_KEY_ARP_THA
,
1484 TCA_FLOWER_KEY_ARP_THA_MASK
,
1487 fprintf(stderr
, "Illegal \"arp_tha\"\n");
1490 } else if (matches(*argv
, "arp_sha") == 0) {
1492 ret
= flower_parse_eth_addr(*argv
,
1493 TCA_FLOWER_KEY_ARP_SHA
,
1494 TCA_FLOWER_KEY_ARP_SHA_MASK
,
1497 fprintf(stderr
, "Illegal \"arp_sha\"\n");
1500 } else if (matches(*argv
, "enc_dst_ip") == 0) {
1502 ret
= flower_parse_ip_addr(*argv
, 0,
1503 TCA_FLOWER_KEY_ENC_IPV4_DST
,
1504 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK
,
1505 TCA_FLOWER_KEY_ENC_IPV6_DST
,
1506 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK
,
1509 fprintf(stderr
, "Illegal \"enc_dst_ip\"\n");
1512 } else if (matches(*argv
, "enc_src_ip") == 0) {
1514 ret
= flower_parse_ip_addr(*argv
, 0,
1515 TCA_FLOWER_KEY_ENC_IPV4_SRC
,
1516 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK
,
1517 TCA_FLOWER_KEY_ENC_IPV6_SRC
,
1518 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK
,
1521 fprintf(stderr
, "Illegal \"enc_src_ip\"\n");
1524 } else if (matches(*argv
, "enc_key_id") == 0) {
1526 ret
= flower_parse_key_id(*argv
,
1527 TCA_FLOWER_KEY_ENC_KEY_ID
, n
);
1529 fprintf(stderr
, "Illegal \"enc_key_id\"\n");
1532 } else if (matches(*argv
, "enc_dst_port") == 0) {
1534 ret
= flower_parse_enc_port(*argv
,
1535 TCA_FLOWER_KEY_ENC_UDP_DST_PORT
, n
);
1537 fprintf(stderr
, "Illegal \"enc_dst_port\"\n");
1540 } else if (matches(*argv
, "enc_tos") == 0) {
1542 ret
= flower_parse_ip_tos_ttl(*argv
,
1543 TCA_FLOWER_KEY_ENC_IP_TOS
,
1544 TCA_FLOWER_KEY_ENC_IP_TOS_MASK
,
1547 fprintf(stderr
, "Illegal \"enc_tos\"\n");
1550 } else if (matches(*argv
, "enc_ttl") == 0) {
1552 ret
= flower_parse_ip_tos_ttl(*argv
,
1553 TCA_FLOWER_KEY_ENC_IP_TTL
,
1554 TCA_FLOWER_KEY_ENC_IP_TTL_MASK
,
1557 fprintf(stderr
, "Illegal \"enc_ttl\"\n");
1560 } else if (matches(*argv
, "geneve_opts") == 0) {
1562 ret
= flower_parse_enc_opts_geneve(*argv
, n
);
1564 fprintf(stderr
, "Illegal \"geneve_opts\"\n");
1567 } else if (matches(*argv
, "vxlan_opts") == 0) {
1569 ret
= flower_parse_enc_opts_vxlan(*argv
, n
);
1571 fprintf(stderr
, "Illegal \"vxlan_opts\"\n");
1574 } else if (matches(*argv
, "action") == 0) {
1576 ret
= parse_action(&argc
, &argv
, TCA_FLOWER_ACT
, n
);
1578 fprintf(stderr
, "Illegal \"action\"\n");
1582 } else if (strcmp(*argv
, "help") == 0) {
1586 fprintf(stderr
, "What is \"%s\"?\n", *argv
);
1594 ret
= addattr32(n
, MAX_MSG
, TCA_FLOWER_FLAGS
, flags
);
1599 ret
= addattr32(n
, MAX_MSG
, TCA_FLOWER_KEY_FLAGS
, htonl(mtf
));
1603 ret
= addattr32(n
, MAX_MSG
, TCA_FLOWER_KEY_FLAGS_MASK
, htonl(mtf_mask
));
1608 if (eth_type
!= htons(ETH_P_ALL
)) {
1609 ret
= addattr16(n
, MAX_MSG
, TCA_FLOWER_KEY_ETH_TYPE
, eth_type
);
1614 tail
->rta_len
= (((void *)n
)+n
->nlmsg_len
) - (void *)tail
;
1619 static int __mask_bits(char *addr
, size_t len
)
1626 for (i
= 0; i
< len
; i
++, addr
++) {
1627 for (j
= 7; j
>= 0; j
--) {
1628 if (((*addr
) >> j
) & 0x1) {
1642 static void flower_print_eth_addr(char *name
, struct rtattr
*addr_attr
,
1643 struct rtattr
*mask_attr
)
1645 SPRINT_BUF(namefrm
);
1651 if (!addr_attr
|| RTA_PAYLOAD(addr_attr
) != ETH_ALEN
)
1653 done
= sprintf(out
, "%s",
1654 ll_addr_n2a(RTA_DATA(addr_attr
), ETH_ALEN
,
1655 0, b1
, sizeof(b1
)));
1656 if (mask_attr
&& RTA_PAYLOAD(mask_attr
) == ETH_ALEN
) {
1657 bits
= __mask_bits(RTA_DATA(mask_attr
), ETH_ALEN
);
1659 sprintf(out
+ done
, "/%s",
1660 ll_addr_n2a(RTA_DATA(mask_attr
), ETH_ALEN
,
1661 0, b1
, sizeof(b1
)));
1662 else if (bits
< ETH_ALEN
* 8)
1663 sprintf(out
+ done
, "/%d", bits
);
1667 sprintf(namefrm
, " %s %%s", name
);
1668 print_string(PRINT_ANY
, name
, namefrm
, out
);
1671 static void flower_print_eth_type(__be16
*p_eth_type
,
1672 struct rtattr
*eth_type_attr
)
1680 eth_type
= rta_getattr_u16(eth_type_attr
);
1681 if (eth_type
== htons(ETH_P_IP
))
1682 sprintf(out
, "ipv4");
1683 else if (eth_type
== htons(ETH_P_IPV6
))
1684 sprintf(out
, "ipv6");
1685 else if (eth_type
== htons(ETH_P_ARP
))
1686 sprintf(out
, "arp");
1687 else if (eth_type
== htons(ETH_P_RARP
))
1688 sprintf(out
, "rarp");
1690 sprintf(out
, "%04x", ntohs(eth_type
));
1693 print_string(PRINT_ANY
, "eth_type", " eth_type %s", out
);
1694 *p_eth_type
= eth_type
;
1697 static void flower_print_ip_proto(__u8
*p_ip_proto
,
1698 struct rtattr
*ip_proto_attr
)
1706 ip_proto
= rta_getattr_u8(ip_proto_attr
);
1707 if (ip_proto
== IPPROTO_TCP
)
1708 sprintf(out
, "tcp");
1709 else if (ip_proto
== IPPROTO_UDP
)
1710 sprintf(out
, "udp");
1711 else if (ip_proto
== IPPROTO_SCTP
)
1712 sprintf(out
, "sctp");
1713 else if (ip_proto
== IPPROTO_ICMP
)
1714 sprintf(out
, "icmp");
1715 else if (ip_proto
== IPPROTO_ICMPV6
)
1716 sprintf(out
, "icmpv6");
1718 sprintf(out
, "%02x", ip_proto
);
1721 print_string(PRINT_ANY
, "ip_proto", " ip_proto %s", out
);
1722 *p_ip_proto
= ip_proto
;
1725 static void flower_print_ip_attr(const char *name
, struct rtattr
*key_attr
,
1726 struct rtattr
*mask_attr
)
1728 print_masked_u8(name
, key_attr
, mask_attr
, true);
1731 static void flower_print_matching_flags(char *name
,
1732 enum flower_matching_flags type
,
1733 struct rtattr
*attr
,
1734 struct rtattr
*mask_attr
)
1741 if (!mask_attr
|| RTA_PAYLOAD(mask_attr
) != 4)
1744 mtf
= ntohl(rta_getattr_u32(attr
));
1745 mtf_mask
= ntohl(rta_getattr_u32(mask_attr
));
1747 for (i
= 0; i
< ARRAY_SIZE(flags_str
); i
++) {
1748 if (type
!= flags_str
[i
].type
)
1750 if (mtf_mask
& flags_str
[i
].flag
) {
1753 print_string(PRINT_FP
, NULL
, " %s ", name
);
1754 open_json_object(name
);
1756 print_string(PRINT_FP
, NULL
, "/", NULL
);
1759 print_bool(PRINT_JSON
, flags_str
[i
].string
, NULL
,
1760 mtf
& flags_str
[i
].flag
);
1761 if (mtf
& flags_str
[i
].flag
)
1762 print_string(PRINT_FP
, NULL
, "%s",
1763 flags_str
[i
].string
);
1765 print_string(PRINT_FP
, NULL
, "no%s",
1766 flags_str
[i
].string
);
1770 close_json_object();
1773 static void flower_print_ip_addr(char *name
, __be16 eth_type
,
1774 struct rtattr
*addr4_attr
,
1775 struct rtattr
*mask4_attr
,
1776 struct rtattr
*addr6_attr
,
1777 struct rtattr
*mask6_attr
)
1779 struct rtattr
*addr_attr
;
1780 struct rtattr
*mask_attr
;
1781 SPRINT_BUF(namefrm
);
1788 if (eth_type
== htons(ETH_P_IP
)) {
1790 addr_attr
= addr4_attr
;
1791 mask_attr
= mask4_attr
;
1793 } else if (eth_type
== htons(ETH_P_IPV6
)) {
1795 addr_attr
= addr6_attr
;
1796 mask_attr
= mask6_attr
;
1801 if (!addr_attr
|| RTA_PAYLOAD(addr_attr
) != len
)
1803 if (!mask_attr
|| RTA_PAYLOAD(mask_attr
) != len
)
1805 done
= sprintf(out
, "%s", rt_addr_n2a_rta(family
, addr_attr
));
1806 bits
= __mask_bits(RTA_DATA(mask_attr
), len
);
1808 sprintf(out
+ done
, "/%s", rt_addr_n2a_rta(family
, mask_attr
));
1809 else if (bits
< len
* 8)
1810 sprintf(out
+ done
, "/%d", bits
);
1813 sprintf(namefrm
, " %s %%s", name
);
1814 print_string(PRINT_ANY
, name
, namefrm
, out
);
1816 static void flower_print_ip4_addr(char *name
, struct rtattr
*addr_attr
,
1817 struct rtattr
*mask_attr
)
1819 return flower_print_ip_addr(name
, htons(ETH_P_IP
),
1820 addr_attr
, mask_attr
, 0, 0);
1823 static void flower_print_port(char *name
, struct rtattr
*attr
,
1824 struct rtattr
*mask_attr
)
1826 print_masked_be16(name
, attr
, mask_attr
, true);
1829 static void flower_print_port_range(char *name
, struct rtattr
*min_attr
,
1830 struct rtattr
*max_attr
)
1832 if (!min_attr
|| !max_attr
)
1835 if (is_json_context()) {
1836 open_json_object(name
);
1837 print_hu(PRINT_JSON
, "start", NULL
, rta_getattr_be16(min_attr
));
1838 print_hu(PRINT_JSON
, "end", NULL
, rta_getattr_be16(max_attr
));
1839 close_json_object();
1841 SPRINT_BUF(namefrm
);
1845 done
= sprintf(out
, "%u", rta_getattr_be16(min_attr
));
1846 sprintf(out
+ done
, "-%u", rta_getattr_be16(max_attr
));
1848 sprintf(namefrm
, " %s %%s", name
);
1849 print_string(PRINT_ANY
, name
, namefrm
, out
);
1853 static void flower_print_tcp_flags(const char *name
, struct rtattr
*flags_attr
,
1854 struct rtattr
*mask_attr
)
1856 SPRINT_BUF(namefrm
);
1863 done
= sprintf(out
, "0x%x", rta_getattr_be16(flags_attr
));
1865 sprintf(out
+ done
, "/%x", rta_getattr_be16(mask_attr
));
1868 sprintf(namefrm
, " %s %%s", name
);
1869 print_string(PRINT_ANY
, name
, namefrm
, out
);
1872 static void flower_print_ct_state(struct rtattr
*flags_attr
,
1873 struct rtattr
*mask_attr
)
1877 uint16_t state_mask
;
1884 state
= rta_getattr_u16(flags_attr
);
1886 state_mask
= rta_getattr_u16(mask_attr
);
1888 state_mask
= UINT16_MAX
;
1890 for (i
= 0; i
< ARRAY_SIZE(flower_ct_states
); i
++) {
1891 if (!(state_mask
& flower_ct_states
[i
].flag
))
1894 if (state
& flower_ct_states
[i
].flag
)
1895 done
+= sprintf(out
+ done
, "+%s",
1896 flower_ct_states
[i
].str
);
1898 done
+= sprintf(out
+ done
, "-%s",
1899 flower_ct_states
[i
].str
);
1903 print_string(PRINT_ANY
, "ct_state", " ct_state %s", out
);
1906 static void flower_print_ct_label(struct rtattr
*attr
,
1907 struct rtattr
*mask_attr
)
1909 const unsigned char *str
;
1910 bool print_mask
= false;
1918 data_len
= RTA_PAYLOAD(attr
);
1919 hexstring_n2a(RTA_DATA(attr
), data_len
, out
, sizeof(out
));
1920 p
= out
+ data_len
*2;
1922 data_len
= RTA_PAYLOAD(attr
);
1923 str
= RTA_DATA(mask_attr
);
1926 for (i
= 0; !print_mask
&& i
< data_len
; i
++) {
1932 hexstring_n2a(RTA_DATA(mask_attr
), data_len
, p
,
1933 sizeof(out
)-(p
-out
));
1939 print_string(PRINT_ANY
, "ct_label", " ct_label %s", out
);
1942 static void flower_print_ct_zone(struct rtattr
*attr
,
1943 struct rtattr
*mask_attr
)
1945 print_masked_u16("ct_zone", attr
, mask_attr
, true);
1948 static void flower_print_ct_mark(struct rtattr
*attr
,
1949 struct rtattr
*mask_attr
)
1951 print_masked_u32("ct_mark", attr
, mask_attr
, true);
1954 static void flower_print_key_id(const char *name
, struct rtattr
*attr
)
1956 SPRINT_BUF(namefrm
);
1962 sprintf(namefrm
, " %s %%u", name
);
1963 print_uint(PRINT_ANY
, name
, namefrm
, rta_getattr_be32(attr
));
1966 static void flower_print_geneve_opts(const char *name
, struct rtattr
*attr
,
1969 struct rtattr
*tb
[TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX
+ 1];
1970 int ii
, data_len
, offset
= 0, slen
= 0;
1971 struct rtattr
*i
= RTA_DATA(attr
);
1972 int rem
= RTA_PAYLOAD(attr
);
1973 __u8 type
, data_r
[rem
];
1974 char data
[rem
* 2 + 1];
1977 open_json_array(PRINT_JSON
, name
);
1979 parse_rtattr(tb
, TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX
, i
, rem
);
1980 class = rta_getattr_be16(tb
[TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS
]);
1981 type
= rta_getattr_u8(tb
[TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE
]);
1982 data_len
= RTA_PAYLOAD(tb
[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA
]);
1983 hexstring_n2a(RTA_DATA(tb
[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA
]),
1984 data_len
, data
, sizeof(data
));
1985 hex2mem(data
, data_r
, data_len
);
1986 offset
+= data_len
+ 20;
1987 rem
-= data_len
+ 20;
1988 i
= RTA_DATA(attr
) + offset
;
1990 open_json_object(NULL
);
1991 print_uint(PRINT_JSON
, "class", NULL
, class);
1992 print_uint(PRINT_JSON
, "type", NULL
, type
);
1993 open_json_array(PRINT_JSON
, "data");
1994 for (ii
= 0; ii
< data_len
; ii
++)
1995 print_uint(PRINT_JSON
, NULL
, NULL
, data_r
[ii
]);
1996 close_json_array(PRINT_JSON
, "data");
1997 close_json_object();
1999 slen
+= sprintf(strbuf
+ slen
, "%04x:%02x:%s",
2002 slen
+= sprintf(strbuf
+ slen
, ",");
2004 close_json_array(PRINT_JSON
, name
);
2007 static void flower_print_vxlan_opts(const char *name
, struct rtattr
*attr
,
2010 struct rtattr
*tb
[TCA_FLOWER_KEY_ENC_OPT_VXLAN_MAX
+ 1];
2011 struct rtattr
*i
= RTA_DATA(attr
);
2012 int rem
= RTA_PAYLOAD(attr
);
2015 parse_rtattr(tb
, TCA_FLOWER_KEY_ENC_OPT_VXLAN_MAX
, i
, rem
);
2016 gbp
= rta_getattr_u32(tb
[TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP
]);
2018 open_json_array(PRINT_JSON
, name
);
2019 open_json_object(NULL
);
2020 print_uint(PRINT_JSON
, "gbp", NULL
, gbp
);
2021 close_json_object();
2022 close_json_array(PRINT_JSON
, name
);
2024 sprintf(strbuf
, "%u", gbp
);
2027 static void flower_print_enc_parts(const char *name
, const char *namefrm
,
2028 struct rtattr
*attr
, char *key
, char *mask
)
2030 char *key_token
, *mask_token
, *out
;
2033 out
= malloc(RTA_PAYLOAD(attr
) * 4 + 3);
2038 key_token
= strsep(&key
, ",");
2039 mask_token
= strsep(&mask
, ",");
2041 len
+= sprintf(&out
[len
], "%s/%s,", key_token
, mask_token
);
2042 mask_token
= strsep(&mask
, ",");
2043 key_token
= strsep(&key
, ",");
2046 out
[len
- 1] = '\0';
2048 print_string(PRINT_FP
, name
, namefrm
, out
);
2052 static void flower_print_enc_opts(const char *name
, struct rtattr
*attr
,
2053 struct rtattr
*mask_attr
)
2055 struct rtattr
*key_tb
[TCA_FLOWER_KEY_ENC_OPTS_MAX
+ 1];
2056 struct rtattr
*msk_tb
[TCA_FLOWER_KEY_ENC_OPTS_MAX
+ 1];
2062 key
= malloc(RTA_PAYLOAD(attr
) * 2 + 1);
2066 msk
= malloc(RTA_PAYLOAD(attr
) * 2 + 1);
2070 parse_rtattr_nested(key_tb
, TCA_FLOWER_KEY_ENC_OPTS_MAX
, attr
);
2071 parse_rtattr_nested(msk_tb
, TCA_FLOWER_KEY_ENC_OPTS_MAX
, mask_attr
);
2073 if (key_tb
[TCA_FLOWER_KEY_ENC_OPTS_GENEVE
]) {
2074 flower_print_geneve_opts("geneve_opt_key",
2075 key_tb
[TCA_FLOWER_KEY_ENC_OPTS_GENEVE
], key
);
2077 if (msk_tb
[TCA_FLOWER_KEY_ENC_OPTS_GENEVE
])
2078 flower_print_geneve_opts("geneve_opt_mask",
2079 msk_tb
[TCA_FLOWER_KEY_ENC_OPTS_GENEVE
], msk
);
2081 flower_print_enc_parts(name
, " geneve_opts %s", attr
, key
,
2083 } else if (key_tb
[TCA_FLOWER_KEY_ENC_OPTS_VXLAN
]) {
2084 flower_print_vxlan_opts("vxlan_opt_key",
2085 key_tb
[TCA_FLOWER_KEY_ENC_OPTS_VXLAN
], key
);
2087 if (msk_tb
[TCA_FLOWER_KEY_ENC_OPTS_VXLAN
])
2088 flower_print_vxlan_opts("vxlan_opt_mask",
2089 msk_tb
[TCA_FLOWER_KEY_ENC_OPTS_VXLAN
], msk
);
2091 flower_print_enc_parts(name
, " vxlan_opts %s", attr
, key
,
2100 static void flower_print_masked_u8(const char *name
, struct rtattr
*attr
,
2101 struct rtattr
*mask_attr
,
2102 const char *(*value_to_str
)(__u8 value
))
2104 const char *value_str
= NULL
;
2106 SPRINT_BUF(namefrm
);
2113 value
= rta_getattr_u8(attr
);
2114 mask
= mask_attr
? rta_getattr_u8(mask_attr
) : UINT8_MAX
;
2115 if (mask
== UINT8_MAX
&& value_to_str
)
2116 value_str
= value_to_str(value
);
2119 done
= sprintf(out
, "%s", value_str
);
2121 done
= sprintf(out
, "%d", value
);
2123 if (mask
!= UINT8_MAX
)
2124 sprintf(out
+ done
, "/%d", mask
);
2127 sprintf(namefrm
, " %s %%s", name
);
2128 print_string(PRINT_ANY
, name
, namefrm
, out
);
2131 static void flower_print_u8(const char *name
, struct rtattr
*attr
)
2133 flower_print_masked_u8(name
, attr
, NULL
, NULL
);
2136 static void flower_print_u32(const char *name
, struct rtattr
*attr
)
2138 SPRINT_BUF(namefrm
);
2144 sprintf(namefrm
, " %s %%u", name
);
2145 print_uint(PRINT_ANY
, name
, namefrm
, rta_getattr_u32(attr
));
2148 static void flower_print_arp_op(const char *name
,
2149 struct rtattr
*op_attr
,
2150 struct rtattr
*mask_attr
)
2152 flower_print_masked_u8(name
, op_attr
, mask_attr
,
2153 flower_print_arp_op_to_name
);
2156 static int flower_print_opt(struct filter_util
*qu
, FILE *f
,
2157 struct rtattr
*opt
, __u32 handle
)
2159 struct rtattr
*tb
[TCA_FLOWER_MAX
+ 1];
2160 __be16 min_port_type
, max_port_type
;
2161 int nl_type
, nl_mask_type
;
2162 __be16 eth_type
= 0;
2163 __u8 ip_proto
= 0xff;
2168 parse_rtattr_nested(tb
, TCA_FLOWER_MAX
, opt
);
2171 print_uint(PRINT_ANY
, "handle", "handle 0x%x ", handle
);
2173 if (tb
[TCA_FLOWER_CLASSID
]) {
2174 __u32 h
= rta_getattr_u32(tb
[TCA_FLOWER_CLASSID
]);
2176 if (TC_H_MIN(h
) < TC_H_MIN_PRIORITY
||
2177 TC_H_MIN(h
) > (TC_H_MIN_PRIORITY
+ TC_QOPT_MAX_QUEUE
- 1)) {
2179 print_string(PRINT_ANY
, "classid", "classid %s ",
2180 sprint_tc_classid(h
, b1
));
2182 print_uint(PRINT_ANY
, "hw_tc", "hw_tc %u ",
2183 TC_H_MIN(h
) - TC_H_MIN_PRIORITY
);
2187 if (tb
[TCA_FLOWER_INDEV
]) {
2188 struct rtattr
*attr
= tb
[TCA_FLOWER_INDEV
];
2191 print_string(PRINT_ANY
, "indev", " indev %s",
2192 rta_getattr_str(attr
));
2195 open_json_object("keys");
2197 if (tb
[TCA_FLOWER_KEY_VLAN_ID
]) {
2198 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_VLAN_ID
];
2201 print_uint(PRINT_ANY
, "vlan_id", " vlan_id %u",
2202 rta_getattr_u16(attr
));
2205 if (tb
[TCA_FLOWER_KEY_VLAN_PRIO
]) {
2206 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_VLAN_PRIO
];
2209 print_uint(PRINT_ANY
, "vlan_prio", " vlan_prio %d",
2210 rta_getattr_u8(attr
));
2213 if (tb
[TCA_FLOWER_KEY_VLAN_ETH_TYPE
]) {
2215 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_VLAN_ETH_TYPE
];
2218 print_string(PRINT_ANY
, "vlan_ethtype", " vlan_ethtype %s",
2219 ll_proto_n2a(rta_getattr_u16(attr
),
2223 if (tb
[TCA_FLOWER_KEY_CVLAN_ID
]) {
2224 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_CVLAN_ID
];
2227 print_uint(PRINT_ANY
, "cvlan_id", " cvlan_id %u",
2228 rta_getattr_u16(attr
));
2231 if (tb
[TCA_FLOWER_KEY_CVLAN_PRIO
]) {
2232 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_CVLAN_PRIO
];
2235 print_uint(PRINT_ANY
, "cvlan_prio", " cvlan_prio %d",
2236 rta_getattr_u8(attr
));
2239 if (tb
[TCA_FLOWER_KEY_CVLAN_ETH_TYPE
]) {
2241 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_CVLAN_ETH_TYPE
];
2244 print_string(PRINT_ANY
, "cvlan_ethtype", " cvlan_ethtype %s",
2245 ll_proto_n2a(rta_getattr_u16(attr
),
2249 flower_print_eth_addr("dst_mac", tb
[TCA_FLOWER_KEY_ETH_DST
],
2250 tb
[TCA_FLOWER_KEY_ETH_DST_MASK
]);
2251 flower_print_eth_addr("src_mac", tb
[TCA_FLOWER_KEY_ETH_SRC
],
2252 tb
[TCA_FLOWER_KEY_ETH_SRC_MASK
]);
2254 flower_print_eth_type(ð_type
, tb
[TCA_FLOWER_KEY_ETH_TYPE
]);
2255 flower_print_ip_proto(&ip_proto
, tb
[TCA_FLOWER_KEY_IP_PROTO
]);
2257 flower_print_ip_attr("ip_tos", tb
[TCA_FLOWER_KEY_IP_TOS
],
2258 tb
[TCA_FLOWER_KEY_IP_TOS_MASK
]);
2259 flower_print_ip_attr("ip_ttl", tb
[TCA_FLOWER_KEY_IP_TTL
],
2260 tb
[TCA_FLOWER_KEY_IP_TTL_MASK
]);
2262 flower_print_u32("mpls_label", tb
[TCA_FLOWER_KEY_MPLS_LABEL
]);
2263 flower_print_u8("mpls_tc", tb
[TCA_FLOWER_KEY_MPLS_TC
]);
2264 flower_print_u8("mpls_bos", tb
[TCA_FLOWER_KEY_MPLS_BOS
]);
2265 flower_print_u8("mpls_ttl", tb
[TCA_FLOWER_KEY_MPLS_TTL
]);
2267 flower_print_ip_addr("dst_ip", eth_type
,
2268 tb
[TCA_FLOWER_KEY_IPV4_DST
],
2269 tb
[TCA_FLOWER_KEY_IPV4_DST_MASK
],
2270 tb
[TCA_FLOWER_KEY_IPV6_DST
],
2271 tb
[TCA_FLOWER_KEY_IPV6_DST_MASK
]);
2273 flower_print_ip_addr("src_ip", eth_type
,
2274 tb
[TCA_FLOWER_KEY_IPV4_SRC
],
2275 tb
[TCA_FLOWER_KEY_IPV4_SRC_MASK
],
2276 tb
[TCA_FLOWER_KEY_IPV6_SRC
],
2277 tb
[TCA_FLOWER_KEY_IPV6_SRC_MASK
]);
2279 nl_type
= flower_port_attr_type(ip_proto
, FLOWER_ENDPOINT_DST
);
2280 nl_mask_type
= flower_port_attr_mask_type(ip_proto
, FLOWER_ENDPOINT_DST
);
2282 flower_print_port("dst_port", tb
[nl_type
], tb
[nl_mask_type
]);
2283 nl_type
= flower_port_attr_type(ip_proto
, FLOWER_ENDPOINT_SRC
);
2284 nl_mask_type
= flower_port_attr_mask_type(ip_proto
, FLOWER_ENDPOINT_SRC
);
2286 flower_print_port("src_port", tb
[nl_type
], tb
[nl_mask_type
]);
2288 if (!flower_port_range_attr_type(ip_proto
, FLOWER_ENDPOINT_DST
,
2289 &min_port_type
, &max_port_type
))
2290 flower_print_port_range("dst_port",
2291 tb
[min_port_type
], tb
[max_port_type
]);
2293 if (!flower_port_range_attr_type(ip_proto
, FLOWER_ENDPOINT_SRC
,
2294 &min_port_type
, &max_port_type
))
2295 flower_print_port_range("src_port",
2296 tb
[min_port_type
], tb
[max_port_type
]);
2298 flower_print_tcp_flags("tcp_flags", tb
[TCA_FLOWER_KEY_TCP_FLAGS
],
2299 tb
[TCA_FLOWER_KEY_TCP_FLAGS_MASK
]);
2301 nl_type
= flower_icmp_attr_type(eth_type
, ip_proto
,
2302 FLOWER_ICMP_FIELD_TYPE
);
2303 nl_mask_type
= flower_icmp_attr_mask_type(eth_type
, ip_proto
,
2304 FLOWER_ICMP_FIELD_TYPE
);
2305 if (nl_type
>= 0 && nl_mask_type
>= 0)
2306 flower_print_masked_u8("icmp_type", tb
[nl_type
],
2307 tb
[nl_mask_type
], NULL
);
2309 nl_type
= flower_icmp_attr_type(eth_type
, ip_proto
,
2310 FLOWER_ICMP_FIELD_CODE
);
2311 nl_mask_type
= flower_icmp_attr_mask_type(eth_type
, ip_proto
,
2312 FLOWER_ICMP_FIELD_CODE
);
2313 if (nl_type
>= 0 && nl_mask_type
>= 0)
2314 flower_print_masked_u8("icmp_code", tb
[nl_type
],
2315 tb
[nl_mask_type
], NULL
);
2317 flower_print_ip4_addr("arp_sip", tb
[TCA_FLOWER_KEY_ARP_SIP
],
2318 tb
[TCA_FLOWER_KEY_ARP_SIP_MASK
]);
2319 flower_print_ip4_addr("arp_tip", tb
[TCA_FLOWER_KEY_ARP_TIP
],
2320 tb
[TCA_FLOWER_KEY_ARP_TIP_MASK
]);
2321 flower_print_arp_op("arp_op", tb
[TCA_FLOWER_KEY_ARP_OP
],
2322 tb
[TCA_FLOWER_KEY_ARP_OP_MASK
]);
2323 flower_print_eth_addr("arp_sha", tb
[TCA_FLOWER_KEY_ARP_SHA
],
2324 tb
[TCA_FLOWER_KEY_ARP_SHA_MASK
]);
2325 flower_print_eth_addr("arp_tha", tb
[TCA_FLOWER_KEY_ARP_THA
],
2326 tb
[TCA_FLOWER_KEY_ARP_THA_MASK
]);
2328 flower_print_ip_addr("enc_dst_ip",
2329 tb
[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK
] ?
2330 htons(ETH_P_IP
) : htons(ETH_P_IPV6
),
2331 tb
[TCA_FLOWER_KEY_ENC_IPV4_DST
],
2332 tb
[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK
],
2333 tb
[TCA_FLOWER_KEY_ENC_IPV6_DST
],
2334 tb
[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK
]);
2336 flower_print_ip_addr("enc_src_ip",
2337 tb
[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK
] ?
2338 htons(ETH_P_IP
) : htons(ETH_P_IPV6
),
2339 tb
[TCA_FLOWER_KEY_ENC_IPV4_SRC
],
2340 tb
[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK
],
2341 tb
[TCA_FLOWER_KEY_ENC_IPV6_SRC
],
2342 tb
[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK
]);
2344 flower_print_key_id("enc_key_id", tb
[TCA_FLOWER_KEY_ENC_KEY_ID
]);
2346 flower_print_port("enc_dst_port", tb
[TCA_FLOWER_KEY_ENC_UDP_DST_PORT
],
2347 tb
[TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK
]);
2349 flower_print_ip_attr("enc_tos", tb
[TCA_FLOWER_KEY_ENC_IP_TOS
],
2350 tb
[TCA_FLOWER_KEY_ENC_IP_TOS_MASK
]);
2351 flower_print_ip_attr("enc_ttl", tb
[TCA_FLOWER_KEY_ENC_IP_TTL
],
2352 tb
[TCA_FLOWER_KEY_ENC_IP_TTL_MASK
]);
2353 flower_print_enc_opts("enc_opt", tb
[TCA_FLOWER_KEY_ENC_OPTS
],
2354 tb
[TCA_FLOWER_KEY_ENC_OPTS_MASK
]);
2356 flower_print_matching_flags("ip_flags", FLOWER_IP_FLAGS
,
2357 tb
[TCA_FLOWER_KEY_FLAGS
],
2358 tb
[TCA_FLOWER_KEY_FLAGS_MASK
]);
2360 flower_print_ct_state(tb
[TCA_FLOWER_KEY_CT_STATE
],
2361 tb
[TCA_FLOWER_KEY_CT_STATE_MASK
]);
2362 flower_print_ct_zone(tb
[TCA_FLOWER_KEY_CT_ZONE
],
2363 tb
[TCA_FLOWER_KEY_CT_ZONE_MASK
]);
2364 flower_print_ct_mark(tb
[TCA_FLOWER_KEY_CT_MARK
],
2365 tb
[TCA_FLOWER_KEY_CT_MARK_MASK
]);
2366 flower_print_ct_label(tb
[TCA_FLOWER_KEY_CT_LABELS
],
2367 tb
[TCA_FLOWER_KEY_CT_LABELS_MASK
]);
2369 close_json_object();
2371 if (tb
[TCA_FLOWER_FLAGS
]) {
2372 __u32 flags
= rta_getattr_u32(tb
[TCA_FLOWER_FLAGS
]);
2374 if (flags
& TCA_CLS_FLAGS_SKIP_HW
) {
2376 print_bool(PRINT_ANY
, "skip_hw", " skip_hw", true);
2378 if (flags
& TCA_CLS_FLAGS_SKIP_SW
) {
2380 print_bool(PRINT_ANY
, "skip_sw", " skip_sw", true);
2382 if (flags
& TCA_CLS_FLAGS_IN_HW
) {
2384 print_bool(PRINT_ANY
, "in_hw", " in_hw", true);
2386 if (tb
[TCA_FLOWER_IN_HW_COUNT
]) {
2387 __u32 count
= rta_getattr_u32(tb
[TCA_FLOWER_IN_HW_COUNT
]);
2389 print_uint(PRINT_ANY
, "in_hw_count",
2390 " in_hw_count %u", count
);
2393 else if (flags
& TCA_CLS_FLAGS_NOT_IN_HW
) {
2395 print_bool(PRINT_ANY
, "not_in_hw", " not_in_hw", true);
2399 if (tb
[TCA_FLOWER_ACT
])
2400 tc_print_action(f
, tb
[TCA_FLOWER_ACT
], 0);
2405 struct filter_util flower_filter_util
= {
2407 .parse_fopt
= flower_parse_opt
,
2408 .print_fopt
= flower_print_opt
,