]> git.proxmox.com Git - mirror_iproute2.git/blob - tc/f_flower.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
vdpa: add .gitignore
[mirror_iproute2.git] / tc / f_flower.c
1 /*
2 * f_flower.c Flower Classifier
3 *
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Jiri Pirko <jiri@resnulli.us>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <string.h>
16 #include <net/if.h>
17 #include <linux/limits.h>
18 #include <linux/if_arp.h>
19 #include <linux/if_ether.h>
20 #include <linux/ip.h>
21 #include <linux/tc_act/tc_vlan.h>
22 #include <linux/mpls.h>
23
24 #include "utils.h"
25 #include "tc_util.h"
26 #include "rt_names.h"
27
28 enum flower_matching_flags {
29 FLOWER_IP_FLAGS,
30 };
31
32 enum flower_endpoint {
33 FLOWER_ENDPOINT_SRC,
34 FLOWER_ENDPOINT_DST
35 };
36
37 enum flower_icmp_field {
38 FLOWER_ICMP_FIELD_TYPE,
39 FLOWER_ICMP_FIELD_CODE
40 };
41
42 static void explain(void)
43 {
44 fprintf(stderr,
45 "Usage: ... flower [ MATCH-LIST ] [ verbose ]\n"
46 " [ skip_sw | skip_hw ]\n"
47 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
48 "\n"
49 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
50 " MATCH := { indev DEV-NAME |\n"
51 " vlan_id VID |\n"
52 " vlan_prio PRIORITY |\n"
53 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
54 " cvlan_id VID |\n"
55 " cvlan_prio PRIORITY |\n"
56 " cvlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
57 " dst_mac MASKED-LLADDR |\n"
58 " src_mac MASKED-LLADDR |\n"
59 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
60 " ip_tos MASKED-IP_TOS |\n"
61 " ip_ttl MASKED-IP_TTL |\n"
62 " mpls LSE-LIST |\n"
63 " mpls_label LABEL |\n"
64 " mpls_tc TC |\n"
65 " mpls_bos BOS |\n"
66 " mpls_ttl TTL |\n"
67 " dst_ip PREFIX |\n"
68 " src_ip PREFIX |\n"
69 " dst_port PORT-NUMBER |\n"
70 " src_port PORT-NUMBER |\n"
71 " tcp_flags MASKED-TCP_FLAGS |\n"
72 " type MASKED-ICMP-TYPE |\n"
73 " code MASKED-ICMP-CODE |\n"
74 " arp_tip IPV4-PREFIX |\n"
75 " arp_sip IPV4-PREFIX |\n"
76 " arp_op [ request | reply | OP ] |\n"
77 " arp_tha MASKED-LLADDR |\n"
78 " arp_sha MASKED-LLADDR |\n"
79 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
80 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
81 " enc_key_id [ KEY-ID ] |\n"
82 " enc_tos MASKED-IP_TOS |\n"
83 " enc_ttl MASKED-IP_TTL |\n"
84 " geneve_opts MASKED-OPTIONS |\n"
85 " vxlan_opts MASKED-OPTIONS |\n"
86 " erspan_opts MASKED-OPTIONS |\n"
87 " ip_flags IP-FLAGS | \n"
88 " enc_dst_port [ port_number ] |\n"
89 " ct_state MASKED_CT_STATE |\n"
90 " ct_label MASKED_CT_LABEL |\n"
91 " ct_mark MASKED_CT_MARK |\n"
92 " ct_zone MASKED_CT_ZONE }\n"
93 " LSE-LIST := [ LSE-LIST ] LSE\n"
94 " LSE := lse depth DEPTH { label LABEL | tc TC | bos BOS | ttl TTL }\n"
95 " FILTERID := X:Y:Z\n"
96 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
97 " MASKED_CT_STATE := combination of {+|-} and flags trk,est,new\n"
98 " ACTION-SPEC := ... look at individual actions\n"
99 "\n"
100 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
101 "NOTE: There can be only used one mask per one prio. If user needs\n"
102 " to specify different mask, he has to use different prio.\n");
103 }
104
105 static int flower_parse_eth_addr(char *str, int addr_type, int mask_type,
106 struct nlmsghdr *n)
107 {
108 int ret, err = -1;
109 char addr[ETH_ALEN], *slash;
110
111 slash = strchr(str, '/');
112 if (slash)
113 *slash = '\0';
114
115 ret = ll_addr_a2n(addr, sizeof(addr), str);
116 if (ret < 0)
117 goto err;
118 addattr_l(n, MAX_MSG, addr_type, addr, sizeof(addr));
119
120 if (slash) {
121 unsigned bits;
122
123 if (!get_unsigned(&bits, slash + 1, 10)) {
124 uint64_t mask;
125
126 /* Extra 16 bit shift to push mac address into
127 * high bits of uint64_t
128 */
129 mask = htonll(0xffffffffffffULL << (16 + 48 - bits));
130 memcpy(addr, &mask, ETH_ALEN);
131 } else {
132 ret = ll_addr_a2n(addr, sizeof(addr), slash + 1);
133 if (ret < 0)
134 goto err;
135 }
136 } else {
137 memset(addr, 0xff, ETH_ALEN);
138 }
139 addattr_l(n, MAX_MSG, mask_type, addr, sizeof(addr));
140
141 err = 0;
142 err:
143 if (slash)
144 *slash = '/';
145 return err;
146 }
147
148 static bool eth_type_vlan(__be16 ethertype)
149 {
150 return ethertype == htons(ETH_P_8021Q) ||
151 ethertype == htons(ETH_P_8021AD);
152 }
153
154 static int flower_parse_vlan_eth_type(char *str, __be16 eth_type, int type,
155 __be16 *p_vlan_eth_type,
156 struct nlmsghdr *n)
157 {
158 __be16 vlan_eth_type;
159
160 if (!eth_type_vlan(eth_type)) {
161 fprintf(stderr, "Can't set \"%s\" if ethertype isn't 802.1Q or 802.1AD\n",
162 type == TCA_FLOWER_KEY_VLAN_ETH_TYPE ? "vlan_ethtype" : "cvlan_ethtype");
163 return -1;
164 }
165
166 if (ll_proto_a2n(&vlan_eth_type, str))
167 invarg("invalid vlan_ethtype", str);
168 addattr16(n, MAX_MSG, type, vlan_eth_type);
169 *p_vlan_eth_type = vlan_eth_type;
170 return 0;
171 }
172
173 struct flag_to_string {
174 int flag;
175 enum flower_matching_flags type;
176 char *string;
177 };
178
179 static struct flag_to_string flags_str[] = {
180 { TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT, FLOWER_IP_FLAGS, "frag" },
181 { TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST, FLOWER_IP_FLAGS, "firstfrag" },
182 };
183
184 static int flower_parse_matching_flags(char *str,
185 enum flower_matching_flags type,
186 __u32 *mtf, __u32 *mtf_mask)
187 {
188 char *token;
189 bool no;
190 bool found;
191 int i;
192
193 token = strtok(str, "/");
194
195 while (token) {
196 if (!strncmp(token, "no", 2)) {
197 no = true;
198 token += 2;
199 } else
200 no = false;
201
202 found = false;
203 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
204 if (type != flags_str[i].type)
205 continue;
206
207 if (!strcmp(token, flags_str[i].string)) {
208 if (no)
209 *mtf &= ~flags_str[i].flag;
210 else
211 *mtf |= flags_str[i].flag;
212
213 *mtf_mask |= flags_str[i].flag;
214 found = true;
215 break;
216 }
217 }
218 if (!found)
219 return -1;
220
221 token = strtok(NULL, "/");
222 }
223
224 return 0;
225 }
226
227 static int flower_parse_u16(char *str, int value_type, int mask_type,
228 struct nlmsghdr *n, bool be)
229 {
230 __u16 value, mask;
231 char *slash;
232
233 slash = strchr(str, '/');
234 if (slash)
235 *slash = '\0';
236
237 if (get_u16(&value, str, 0))
238 return -1;
239
240 if (slash) {
241 if (get_u16(&mask, slash + 1, 0))
242 return -1;
243 } else {
244 mask = UINT16_MAX;
245 }
246
247 if (be) {
248 value = htons(value);
249 mask = htons(mask);
250 }
251 addattr16(n, MAX_MSG, value_type, value);
252 addattr16(n, MAX_MSG, mask_type, mask);
253
254 return 0;
255 }
256
257 static int flower_parse_u32(char *str, int value_type, int mask_type,
258 struct nlmsghdr *n)
259 {
260 __u32 value, mask;
261 char *slash;
262
263 slash = strchr(str, '/');
264 if (slash)
265 *slash = '\0';
266
267 if (get_u32(&value, str, 0))
268 return -1;
269
270 if (slash) {
271 if (get_u32(&mask, slash + 1, 0))
272 return -1;
273 } else {
274 mask = UINT32_MAX;
275 }
276
277 addattr32(n, MAX_MSG, value_type, value);
278 addattr32(n, MAX_MSG, mask_type, mask);
279
280 return 0;
281 }
282
283 static int flower_parse_ct_mark(char *str, struct nlmsghdr *n)
284 {
285 return flower_parse_u32(str,
286 TCA_FLOWER_KEY_CT_MARK,
287 TCA_FLOWER_KEY_CT_MARK_MASK,
288 n);
289 }
290
291 static int flower_parse_ct_zone(char *str, struct nlmsghdr *n)
292 {
293 return flower_parse_u16(str,
294 TCA_FLOWER_KEY_CT_ZONE,
295 TCA_FLOWER_KEY_CT_ZONE_MASK,
296 n,
297 false);
298 }
299
300 static int flower_parse_ct_labels(char *str, struct nlmsghdr *n)
301 {
302 #define LABELS_SIZE 16
303 uint8_t labels[LABELS_SIZE], lmask[LABELS_SIZE];
304 char *slash, *mask = NULL;
305 size_t slen, slen_mask = 0;
306
307 slash = index(str, '/');
308 if (slash) {
309 *slash = 0;
310 mask = slash + 1;
311 slen_mask = strlen(mask);
312 }
313
314 slen = strlen(str);
315 if (slen > LABELS_SIZE * 2 || slen_mask > LABELS_SIZE * 2) {
316 char errmsg[128];
317
318 snprintf(errmsg, sizeof(errmsg),
319 "%zd Max allowed size %d",
320 slen, LABELS_SIZE*2);
321 invarg(errmsg, str);
322 }
323
324 if (hex2mem(str, labels, slen / 2) < 0)
325 invarg("labels must be a hex string\n", str);
326 addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS, labels, slen / 2);
327
328 if (mask) {
329 if (hex2mem(mask, lmask, slen_mask / 2) < 0)
330 invarg("labels mask must be a hex string\n", mask);
331 } else {
332 memset(lmask, 0xff, sizeof(lmask));
333 slen_mask = sizeof(lmask) * 2;
334 }
335 addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS_MASK, lmask,
336 slen_mask / 2);
337
338 return 0;
339 }
340
341 static struct flower_ct_states {
342 char *str;
343 int flag;
344 } flower_ct_states[] = {
345 { "trk", TCA_FLOWER_KEY_CT_FLAGS_TRACKED },
346 { "new", TCA_FLOWER_KEY_CT_FLAGS_NEW },
347 { "est", TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED },
348 { "inv", TCA_FLOWER_KEY_CT_FLAGS_INVALID },
349 { "rpl", TCA_FLOWER_KEY_CT_FLAGS_REPLY },
350 };
351
352 static int flower_parse_ct_state(char *str, struct nlmsghdr *n)
353 {
354 int flags = 0, mask = 0, len, i;
355 bool p;
356
357 while (*str != '\0') {
358 if (*str == '+')
359 p = true;
360 else if (*str == '-')
361 p = false;
362 else
363 return -1;
364
365 for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
366 len = strlen(flower_ct_states[i].str);
367 if (strncmp(str + 1, flower_ct_states[i].str, len))
368 continue;
369
370 if (p)
371 flags |= flower_ct_states[i].flag;
372 mask |= flower_ct_states[i].flag;
373 break;
374 }
375
376 if (i == ARRAY_SIZE(flower_ct_states))
377 return -1;
378
379 str += len + 1;
380 }
381
382 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE, flags);
383 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE_MASK, mask);
384 return 0;
385 }
386
387 static int flower_parse_ip_proto(char *str, __be16 eth_type, int type,
388 __u8 *p_ip_proto, struct nlmsghdr *n)
389 {
390 int ret;
391 __u8 ip_proto;
392
393 if (eth_type != htons(ETH_P_IP) && eth_type != htons(ETH_P_IPV6))
394 goto err;
395
396 if (matches(str, "tcp") == 0) {
397 ip_proto = IPPROTO_TCP;
398 } else if (matches(str, "udp") == 0) {
399 ip_proto = IPPROTO_UDP;
400 } else if (matches(str, "sctp") == 0) {
401 ip_proto = IPPROTO_SCTP;
402 } else if (matches(str, "icmp") == 0) {
403 if (eth_type != htons(ETH_P_IP))
404 goto err;
405 ip_proto = IPPROTO_ICMP;
406 } else if (matches(str, "icmpv6") == 0) {
407 if (eth_type != htons(ETH_P_IPV6))
408 goto err;
409 ip_proto = IPPROTO_ICMPV6;
410 } else {
411 ret = get_u8(&ip_proto, str, 16);
412 if (ret)
413 return -1;
414 }
415 addattr8(n, MAX_MSG, type, ip_proto);
416 *p_ip_proto = ip_proto;
417 return 0;
418
419 err:
420 fprintf(stderr, "Illegal \"eth_type\" for ip proto\n");
421 return -1;
422 }
423
424 static int __flower_parse_ip_addr(char *str, int family,
425 int addr4_type, int mask4_type,
426 int addr6_type, int mask6_type,
427 struct nlmsghdr *n)
428 {
429 int ret;
430 inet_prefix addr;
431 int bits;
432 int i;
433
434 ret = get_prefix(&addr, str, family);
435 if (ret)
436 return -1;
437
438 if (family && (addr.family != family)) {
439 fprintf(stderr, "Illegal \"eth_type\" for ip address\n");
440 return -1;
441 }
442
443 addattr_l(n, MAX_MSG, addr.family == AF_INET ? addr4_type : addr6_type,
444 addr.data, addr.bytelen);
445
446 memset(addr.data, 0xff, addr.bytelen);
447 bits = addr.bitlen;
448 for (i = 0; i < addr.bytelen / 4; i++) {
449 if (!bits) {
450 addr.data[i] = 0;
451 } else if (bits / 32 >= 1) {
452 bits -= 32;
453 } else {
454 addr.data[i] <<= 32 - bits;
455 addr.data[i] = htonl(addr.data[i]);
456 bits = 0;
457 }
458 }
459
460 addattr_l(n, MAX_MSG, addr.family == AF_INET ? mask4_type : mask6_type,
461 addr.data, addr.bytelen);
462
463 return 0;
464 }
465
466 static int flower_parse_ip_addr(char *str, __be16 eth_type,
467 int addr4_type, int mask4_type,
468 int addr6_type, int mask6_type,
469 struct nlmsghdr *n)
470 {
471 int family;
472
473 if (eth_type == htons(ETH_P_IP)) {
474 family = AF_INET;
475 } else if (eth_type == htons(ETH_P_IPV6)) {
476 family = AF_INET6;
477 } else if (!eth_type) {
478 family = AF_UNSPEC;
479 } else {
480 return -1;
481 }
482
483 return __flower_parse_ip_addr(str, family, addr4_type, mask4_type,
484 addr6_type, mask6_type, n);
485 }
486
487 static bool flower_eth_type_arp(__be16 eth_type)
488 {
489 return eth_type == htons(ETH_P_ARP) || eth_type == htons(ETH_P_RARP);
490 }
491
492 static int flower_parse_arp_ip_addr(char *str, __be16 eth_type,
493 int addr_type, int mask_type,
494 struct nlmsghdr *n)
495 {
496 if (!flower_eth_type_arp(eth_type))
497 return -1;
498
499 return __flower_parse_ip_addr(str, AF_INET, addr_type, mask_type,
500 TCA_FLOWER_UNSPEC, TCA_FLOWER_UNSPEC, n);
501 }
502
503 static int flower_parse_u8(char *str, int value_type, int mask_type,
504 int (*value_from_name)(const char *str,
505 __u8 *value),
506 bool (*value_validate)(__u8 value),
507 struct nlmsghdr *n)
508 {
509 char *slash;
510 int ret, err = -1;
511 __u8 value, mask;
512
513 slash = strchr(str, '/');
514 if (slash)
515 *slash = '\0';
516
517 ret = value_from_name ? value_from_name(str, &value) : -1;
518 if (ret < 0) {
519 ret = get_u8(&value, str, 10);
520 if (ret)
521 goto err;
522 }
523
524 if (value_validate && !value_validate(value))
525 goto err;
526
527 if (slash) {
528 ret = get_u8(&mask, slash + 1, 10);
529 if (ret)
530 goto err;
531 }
532 else {
533 mask = UINT8_MAX;
534 }
535
536 addattr8(n, MAX_MSG, value_type, value);
537 addattr8(n, MAX_MSG, mask_type, mask);
538
539 err = 0;
540 err:
541 if (slash)
542 *slash = '/';
543 return err;
544 }
545
546 static const char *flower_print_arp_op_to_name(__u8 op)
547 {
548 switch (op) {
549 case ARPOP_REQUEST:
550 return "request";
551 case ARPOP_REPLY:
552 return "reply";
553 default:
554 return NULL;
555 }
556 }
557
558 static int flower_arp_op_from_name(const char *name, __u8 *op)
559 {
560 if (!strcmp(name, "request"))
561 *op = ARPOP_REQUEST;
562 else if (!strcmp(name, "reply"))
563 *op = ARPOP_REPLY;
564 else
565 return -1;
566
567 return 0;
568 }
569
570 static bool flow_arp_op_validate(__u8 op)
571 {
572 return !op || op == ARPOP_REQUEST || op == ARPOP_REPLY;
573 }
574
575 static int flower_parse_arp_op(char *str, __be16 eth_type,
576 int op_type, int mask_type,
577 struct nlmsghdr *n)
578 {
579 if (!flower_eth_type_arp(eth_type))
580 return -1;
581
582 return flower_parse_u8(str, op_type, mask_type, flower_arp_op_from_name,
583 flow_arp_op_validate, n);
584 }
585
586 static int flower_icmp_attr_type(__be16 eth_type, __u8 ip_proto,
587 enum flower_icmp_field field)
588 {
589 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
590 return field == FLOWER_ICMP_FIELD_CODE ?
591 TCA_FLOWER_KEY_ICMPV4_CODE :
592 TCA_FLOWER_KEY_ICMPV4_TYPE;
593 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
594 return field == FLOWER_ICMP_FIELD_CODE ?
595 TCA_FLOWER_KEY_ICMPV6_CODE :
596 TCA_FLOWER_KEY_ICMPV6_TYPE;
597
598 return -1;
599 }
600
601 static int flower_icmp_attr_mask_type(__be16 eth_type, __u8 ip_proto,
602 enum flower_icmp_field field)
603 {
604 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
605 return field == FLOWER_ICMP_FIELD_CODE ?
606 TCA_FLOWER_KEY_ICMPV4_CODE_MASK :
607 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK;
608 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
609 return field == FLOWER_ICMP_FIELD_CODE ?
610 TCA_FLOWER_KEY_ICMPV6_CODE_MASK :
611 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK;
612
613 return -1;
614 }
615
616 static int flower_parse_icmp(char *str, __u16 eth_type, __u8 ip_proto,
617 enum flower_icmp_field field, struct nlmsghdr *n)
618 {
619 int value_type, mask_type;
620
621 value_type = flower_icmp_attr_type(eth_type, ip_proto, field);
622 mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto, field);
623 if (value_type < 0 || mask_type < 0)
624 return -1;
625
626 return flower_parse_u8(str, value_type, mask_type, NULL, NULL, n);
627 }
628
629 static int flower_port_attr_type(__u8 ip_proto, enum flower_endpoint endpoint)
630 {
631 if (ip_proto == IPPROTO_TCP)
632 return endpoint == FLOWER_ENDPOINT_SRC ?
633 TCA_FLOWER_KEY_TCP_SRC :
634 TCA_FLOWER_KEY_TCP_DST;
635 else if (ip_proto == IPPROTO_UDP)
636 return endpoint == FLOWER_ENDPOINT_SRC ?
637 TCA_FLOWER_KEY_UDP_SRC :
638 TCA_FLOWER_KEY_UDP_DST;
639 else if (ip_proto == IPPROTO_SCTP)
640 return endpoint == FLOWER_ENDPOINT_SRC ?
641 TCA_FLOWER_KEY_SCTP_SRC :
642 TCA_FLOWER_KEY_SCTP_DST;
643 else
644 return -1;
645 }
646
647 static int flower_port_attr_mask_type(__u8 ip_proto,
648 enum flower_endpoint endpoint)
649 {
650 switch (ip_proto) {
651 case IPPROTO_TCP:
652 return endpoint == FLOWER_ENDPOINT_SRC ?
653 TCA_FLOWER_KEY_TCP_SRC_MASK :
654 TCA_FLOWER_KEY_TCP_DST_MASK;
655 case IPPROTO_UDP:
656 return endpoint == FLOWER_ENDPOINT_SRC ?
657 TCA_FLOWER_KEY_UDP_SRC_MASK :
658 TCA_FLOWER_KEY_UDP_DST_MASK;
659 case IPPROTO_SCTP:
660 return endpoint == FLOWER_ENDPOINT_SRC ?
661 TCA_FLOWER_KEY_SCTP_SRC_MASK :
662 TCA_FLOWER_KEY_SCTP_DST_MASK;
663 default:
664 return -1;
665 }
666 }
667
668 static int flower_port_range_attr_type(__u8 ip_proto, enum flower_endpoint type,
669 __be16 *min_port_type,
670 __be16 *max_port_type)
671 {
672 if (ip_proto == IPPROTO_TCP || ip_proto == IPPROTO_UDP ||
673 ip_proto == IPPROTO_SCTP) {
674 if (type == FLOWER_ENDPOINT_SRC) {
675 *min_port_type = TCA_FLOWER_KEY_PORT_SRC_MIN;
676 *max_port_type = TCA_FLOWER_KEY_PORT_SRC_MAX;
677 } else {
678 *min_port_type = TCA_FLOWER_KEY_PORT_DST_MIN;
679 *max_port_type = TCA_FLOWER_KEY_PORT_DST_MAX;
680 }
681 } else {
682 return -1;
683 }
684 return 0;
685 }
686
687 /* parse range args in format 10-20 */
688 static int parse_range(char *str, __be16 *min, __be16 *max)
689 {
690 char *sep;
691
692 sep = strchr(str, '-');
693 if (sep) {
694 *sep = '\0';
695
696 if (get_be16(min, str, 10))
697 return -1;
698
699 if (get_be16(max, sep + 1, 10))
700 return -1;
701 } else {
702 if (get_be16(min, str, 10))
703 return -1;
704 }
705 return 0;
706 }
707
708 static int flower_parse_port(char *str, __u8 ip_proto,
709 enum flower_endpoint endpoint,
710 struct nlmsghdr *n)
711 {
712 char *slash = NULL;
713 __be16 min = 0;
714 __be16 max = 0;
715 int ret;
716
717 ret = parse_range(str, &min, &max);
718 if (ret) {
719 slash = strchr(str, '/');
720 if (!slash)
721 return -1;
722 }
723
724 if (min && max) {
725 __be16 min_port_type, max_port_type;
726
727 if (max <= min) {
728 fprintf(stderr, "max value should be greater than min value\n");
729 return -1;
730 }
731 if (flower_port_range_attr_type(ip_proto, endpoint,
732 &min_port_type, &max_port_type))
733 return -1;
734
735 addattr16(n, MAX_MSG, min_port_type, min);
736 addattr16(n, MAX_MSG, max_port_type, max);
737 } else if (slash || (min && !max)) {
738 int type;
739
740 type = flower_port_attr_type(ip_proto, endpoint);
741 if (type < 0)
742 return -1;
743
744 if (!slash) {
745 addattr16(n, MAX_MSG, type, min);
746 } else {
747 int mask_type;
748
749 mask_type = flower_port_attr_mask_type(ip_proto,
750 endpoint);
751 if (mask_type < 0)
752 return -1;
753 return flower_parse_u16(str, type, mask_type, n, true);
754 }
755 } else {
756 return -1;
757 }
758 return 0;
759 }
760
761 #define TCP_FLAGS_MAX_MASK 0xfff
762
763 static int flower_parse_tcp_flags(char *str, int flags_type, int mask_type,
764 struct nlmsghdr *n)
765 {
766 char *slash;
767 int ret, err = -1;
768 __u16 flags;
769
770 slash = strchr(str, '/');
771 if (slash)
772 *slash = '\0';
773
774 ret = get_u16(&flags, str, 16);
775 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
776 goto err;
777
778 addattr16(n, MAX_MSG, flags_type, htons(flags));
779
780 if (slash) {
781 ret = get_u16(&flags, slash + 1, 16);
782 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
783 goto err;
784 } else {
785 flags = TCP_FLAGS_MAX_MASK;
786 }
787 addattr16(n, MAX_MSG, mask_type, htons(flags));
788
789 err = 0;
790 err:
791 if (slash)
792 *slash = '/';
793 return err;
794 }
795
796 static int flower_parse_ip_tos_ttl(char *str, int key_type, int mask_type,
797 struct nlmsghdr *n)
798 {
799 char *slash;
800 int ret, err = -1;
801 __u8 tos_ttl;
802
803 slash = strchr(str, '/');
804 if (slash)
805 *slash = '\0';
806
807 ret = get_u8(&tos_ttl, str, 10);
808 if (ret < 0)
809 ret = get_u8(&tos_ttl, str, 16);
810 if (ret < 0)
811 goto err;
812
813 addattr8(n, MAX_MSG, key_type, tos_ttl);
814
815 if (slash) {
816 ret = get_u8(&tos_ttl, slash + 1, 16);
817 if (ret < 0)
818 goto err;
819 } else {
820 tos_ttl = 0xff;
821 }
822 addattr8(n, MAX_MSG, mask_type, tos_ttl);
823
824 err = 0;
825 err:
826 if (slash)
827 *slash = '/';
828 return err;
829 }
830
831 static int flower_parse_key_id(const char *str, int type, struct nlmsghdr *n)
832 {
833 int ret;
834 __be32 key_id;
835
836 ret = get_be32(&key_id, str, 10);
837 if (!ret)
838 addattr32(n, MAX_MSG, type, key_id);
839
840 return ret;
841 }
842
843 static int flower_parse_enc_port(char *str, int type, struct nlmsghdr *n)
844 {
845 int ret;
846 __be16 port;
847
848 ret = get_be16(&port, str, 10);
849 if (ret)
850 return -1;
851
852 addattr16(n, MAX_MSG, type, port);
853
854 return 0;
855 }
856
857 static int flower_parse_geneve_opt(char *str, struct nlmsghdr *n)
858 {
859 struct rtattr *nest;
860 char *token;
861 int i, err;
862
863 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_GENEVE);
864
865 i = 1;
866 token = strsep(&str, ":");
867 while (token) {
868 switch (i) {
869 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS:
870 {
871 __be16 opt_class;
872
873 if (!strlen(token))
874 break;
875 err = get_be16(&opt_class, token, 16);
876 if (err)
877 return err;
878
879 addattr16(n, MAX_MSG, i, opt_class);
880 break;
881 }
882 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE:
883 {
884 __u8 opt_type;
885
886 if (!strlen(token))
887 break;
888 err = get_u8(&opt_type, token, 16);
889 if (err)
890 return err;
891
892 addattr8(n, MAX_MSG, i, opt_type);
893 break;
894 }
895 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA:
896 {
897 size_t token_len = strlen(token);
898 __u8 *opts;
899
900 if (!token_len)
901 break;
902 opts = malloc(token_len / 2);
903 if (!opts)
904 return -1;
905 if (hex2mem(token, opts, token_len / 2) < 0) {
906 free(opts);
907 return -1;
908 }
909 addattr_l(n, MAX_MSG, i, opts, token_len / 2);
910 free(opts);
911
912 break;
913 }
914 default:
915 fprintf(stderr, "Unknown \"geneve_opts\" type\n");
916 return -1;
917 }
918
919 token = strsep(&str, ":");
920 i++;
921 }
922 addattr_nest_end(n, nest);
923
924 return 0;
925 }
926
927 static int flower_parse_vxlan_opt(char *str, struct nlmsghdr *n)
928 {
929 struct rtattr *nest;
930 __u32 gbp;
931 int err;
932
933 nest = addattr_nest(n, MAX_MSG,
934 TCA_FLOWER_KEY_ENC_OPTS_VXLAN | NLA_F_NESTED);
935
936 err = get_u32(&gbp, str, 0);
937 if (err)
938 return err;
939 addattr32(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP, gbp);
940
941 addattr_nest_end(n, nest);
942
943 return 0;
944 }
945
946 static int flower_parse_erspan_opt(char *str, struct nlmsghdr *n)
947 {
948 struct rtattr *nest;
949 char *token;
950 int i, err;
951
952 nest = addattr_nest(n, MAX_MSG,
953 TCA_FLOWER_KEY_ENC_OPTS_ERSPAN | NLA_F_NESTED);
954
955 i = 1;
956 token = strsep(&str, ":");
957 while (token) {
958 switch (i) {
959 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER:
960 {
961 __u8 opt_type;
962
963 if (!strlen(token))
964 break;
965 err = get_u8(&opt_type, token, 0);
966 if (err)
967 return err;
968
969 addattr8(n, MAX_MSG, i, opt_type);
970 break;
971 }
972 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX:
973 {
974 __be32 opt_index;
975
976 if (!strlen(token))
977 break;
978 err = get_be32(&opt_index, token, 0);
979 if (err)
980 return err;
981
982 addattr32(n, MAX_MSG, i, opt_index);
983 break;
984 }
985 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR:
986 {
987 __u8 opt_type;
988
989 if (!strlen(token))
990 break;
991 err = get_u8(&opt_type, token, 0);
992 if (err)
993 return err;
994
995 addattr8(n, MAX_MSG, i, opt_type);
996 break;
997 }
998 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID:
999 {
1000 __u8 opt_type;
1001
1002 if (!strlen(token))
1003 break;
1004 err = get_u8(&opt_type, token, 0);
1005 if (err)
1006 return err;
1007
1008 addattr8(n, MAX_MSG, i, opt_type);
1009 break;
1010 }
1011 default:
1012 fprintf(stderr, "Unknown \"geneve_opts\" type\n");
1013 return -1;
1014 }
1015
1016 token = strsep(&str, ":");
1017 i++;
1018 }
1019 addattr_nest_end(n, nest);
1020
1021 return 0;
1022 }
1023
1024 static int flower_parse_geneve_opts(char *str, struct nlmsghdr *n)
1025 {
1026 char *token;
1027 int err;
1028
1029 token = strsep(&str, ",");
1030 while (token) {
1031 err = flower_parse_geneve_opt(token, n);
1032 if (err)
1033 return err;
1034
1035 token = strsep(&str, ",");
1036 }
1037
1038 return 0;
1039 }
1040
1041 static int flower_check_enc_opt_key(char *key)
1042 {
1043 int key_len, col_cnt = 0;
1044
1045 key_len = strlen(key);
1046 while ((key = strchr(key, ':'))) {
1047 if (strlen(key) == key_len)
1048 return -1;
1049
1050 key_len = strlen(key) - 1;
1051 col_cnt++;
1052 key++;
1053 }
1054
1055 if (col_cnt != 2 || !key_len)
1056 return -1;
1057
1058 return 0;
1059 }
1060
1061 static int flower_parse_enc_opts_geneve(char *str, struct nlmsghdr *n)
1062 {
1063 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
1064 int data_len, key_len, mask_len, err;
1065 char *token, *slash;
1066 struct rtattr *nest;
1067
1068 key_len = 0;
1069 mask_len = 0;
1070 token = strsep(&str, ",");
1071 while (token) {
1072 slash = strchr(token, '/');
1073 if (slash)
1074 *slash = '\0';
1075
1076 if ((key_len + strlen(token) > XATTR_SIZE_MAX) ||
1077 flower_check_enc_opt_key(token))
1078 return -1;
1079
1080 strcpy(&key[key_len], token);
1081 key_len += strlen(token) + 1;
1082 key[key_len - 1] = ',';
1083
1084 if (!slash) {
1085 /* Pad out mask when not provided */
1086 if (mask_len + strlen(token) > XATTR_SIZE_MAX)
1087 return -1;
1088
1089 data_len = strlen(rindex(token, ':'));
1090 sprintf(&mask[mask_len], "ffff:ff:");
1091 mask_len += 8;
1092 memset(&mask[mask_len], 'f', data_len - 1);
1093 mask_len += data_len;
1094 mask[mask_len - 1] = ',';
1095 token = strsep(&str, ",");
1096 continue;
1097 }
1098
1099 if (mask_len + strlen(slash + 1) > XATTR_SIZE_MAX)
1100 return -1;
1101
1102 strcpy(&mask[mask_len], slash + 1);
1103 mask_len += strlen(slash + 1) + 1;
1104 mask[mask_len - 1] = ',';
1105
1106 *slash = '/';
1107 token = strsep(&str, ",");
1108 }
1109 key[key_len - 1] = '\0';
1110 mask[mask_len - 1] = '\0';
1111
1112 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS);
1113 err = flower_parse_geneve_opts(key, n);
1114 if (err)
1115 return err;
1116 addattr_nest_end(n, nest);
1117
1118 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_MASK);
1119 err = flower_parse_geneve_opts(mask, n);
1120 if (err)
1121 return err;
1122 addattr_nest_end(n, nest);
1123
1124 return 0;
1125 }
1126
1127 static int flower_parse_enc_opts_vxlan(char *str, struct nlmsghdr *n)
1128 {
1129 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
1130 struct rtattr *nest;
1131 char *slash;
1132 int err;
1133
1134 slash = strchr(str, '/');
1135 if (slash) {
1136 *slash++ = '\0';
1137 if (strlen(slash) > XATTR_SIZE_MAX)
1138 return -1;
1139 strcpy(mask, slash);
1140 } else {
1141 strcpy(mask, "0xffffffff");
1142 }
1143
1144 if (strlen(str) > XATTR_SIZE_MAX)
1145 return -1;
1146 strcpy(key, str);
1147
1148 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS | NLA_F_NESTED);
1149 err = flower_parse_vxlan_opt(str, n);
1150 if (err)
1151 return err;
1152 addattr_nest_end(n, nest);
1153
1154 nest = addattr_nest(n, MAX_MSG,
1155 TCA_FLOWER_KEY_ENC_OPTS_MASK | NLA_F_NESTED);
1156 err = flower_parse_vxlan_opt(mask, n);
1157 if (err)
1158 return err;
1159 addattr_nest_end(n, nest);
1160
1161 return 0;
1162 }
1163
1164 static int flower_parse_enc_opts_erspan(char *str, struct nlmsghdr *n)
1165 {
1166 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
1167 struct rtattr *nest;
1168 char *slash;
1169 int err;
1170
1171
1172 slash = strchr(str, '/');
1173 if (slash) {
1174 *slash++ = '\0';
1175 if (strlen(slash) > XATTR_SIZE_MAX)
1176 return -1;
1177 strcpy(mask, slash);
1178 } else {
1179 int index;
1180
1181 slash = strchr(str, ':');
1182 index = (int)(slash - str);
1183 memcpy(mask, str, index);
1184 strcpy(mask + index, ":0xffffffff:0xff:0xff");
1185 }
1186
1187 if (strlen(str) > XATTR_SIZE_MAX)
1188 return -1;
1189 strcpy(key, str);
1190
1191 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS | NLA_F_NESTED);
1192 err = flower_parse_erspan_opt(key, n);
1193 if (err)
1194 return err;
1195 addattr_nest_end(n, nest);
1196
1197 nest = addattr_nest(n, MAX_MSG,
1198 TCA_FLOWER_KEY_ENC_OPTS_MASK | NLA_F_NESTED);
1199 err = flower_parse_erspan_opt(mask, n);
1200 if (err)
1201 return err;
1202 addattr_nest_end(n, nest);
1203
1204 return 0;
1205 }
1206
1207 static int flower_parse_mpls_lse(int *argc_p, char ***argv_p,
1208 struct nlmsghdr *nlh)
1209 {
1210 struct rtattr *lse_attr;
1211 char **argv = *argv_p;
1212 int argc = *argc_p;
1213 __u8 depth = 0;
1214 int ret;
1215
1216 lse_attr = addattr_nest(nlh, MAX_MSG,
1217 TCA_FLOWER_KEY_MPLS_OPTS_LSE | NLA_F_NESTED);
1218
1219 while (argc > 0) {
1220 if (matches(*argv, "depth") == 0) {
1221 NEXT_ARG();
1222 ret = get_u8(&depth, *argv, 10);
1223 if (ret < 0 || depth < 1) {
1224 fprintf(stderr, "Illegal \"depth\"\n");
1225 return -1;
1226 }
1227 addattr8(nlh, MAX_MSG,
1228 TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH, depth);
1229 } else if (matches(*argv, "label") == 0) {
1230 __u32 label;
1231
1232 NEXT_ARG();
1233 ret = get_u32(&label, *argv, 10);
1234 if (ret < 0 ||
1235 label & ~(MPLS_LS_LABEL_MASK >> MPLS_LS_LABEL_SHIFT)) {
1236 fprintf(stderr, "Illegal \"label\"\n");
1237 return -1;
1238 }
1239 addattr32(nlh, MAX_MSG,
1240 TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL, label);
1241 } else if (matches(*argv, "tc") == 0) {
1242 __u8 tc;
1243
1244 NEXT_ARG();
1245 ret = get_u8(&tc, *argv, 10);
1246 if (ret < 0 ||
1247 tc & ~(MPLS_LS_TC_MASK >> MPLS_LS_TC_SHIFT)) {
1248 fprintf(stderr, "Illegal \"tc\"\n");
1249 return -1;
1250 }
1251 addattr8(nlh, MAX_MSG, TCA_FLOWER_KEY_MPLS_OPT_LSE_TC,
1252 tc);
1253 } else if (matches(*argv, "bos") == 0) {
1254 __u8 bos;
1255
1256 NEXT_ARG();
1257 ret = get_u8(&bos, *argv, 10);
1258 if (ret < 0 || bos & ~(MPLS_LS_S_MASK >> MPLS_LS_S_SHIFT)) {
1259 fprintf(stderr, "Illegal \"bos\"\n");
1260 return -1;
1261 }
1262 addattr8(nlh, MAX_MSG, TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS,
1263 bos);
1264 } else if (matches(*argv, "ttl") == 0) {
1265 __u8 ttl;
1266
1267 NEXT_ARG();
1268 ret = get_u8(&ttl, *argv, 10);
1269 if (ret < 0 || ttl & ~(MPLS_LS_TTL_MASK >> MPLS_LS_TTL_SHIFT)) {
1270 fprintf(stderr, "Illegal \"ttl\"\n");
1271 return -1;
1272 }
1273 addattr8(nlh, MAX_MSG, TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL,
1274 ttl);
1275 } else {
1276 break;
1277 }
1278 argc--; argv++;
1279 }
1280
1281 if (!depth) {
1282 missarg("depth");
1283 return -1;
1284 }
1285
1286 addattr_nest_end(nlh, lse_attr);
1287
1288 *argc_p = argc;
1289 *argv_p = argv;
1290
1291 return 0;
1292 }
1293
1294 static int flower_parse_mpls(int *argc_p, char ***argv_p, struct nlmsghdr *nlh)
1295 {
1296 struct rtattr *mpls_attr;
1297 char **argv = *argv_p;
1298 int argc = *argc_p;
1299
1300 mpls_attr = addattr_nest(nlh, MAX_MSG,
1301 TCA_FLOWER_KEY_MPLS_OPTS | NLA_F_NESTED);
1302
1303 while (argc > 0) {
1304 if (matches(*argv, "lse") == 0) {
1305 NEXT_ARG();
1306 if (flower_parse_mpls_lse(&argc, &argv, nlh) < 0)
1307 return -1;
1308 } else {
1309 break;
1310 }
1311 }
1312
1313 addattr_nest_end(nlh, mpls_attr);
1314
1315 *argc_p = argc;
1316 *argv_p = argv;
1317
1318 return 0;
1319 }
1320
1321 static int flower_parse_opt(struct filter_util *qu, char *handle,
1322 int argc, char **argv, struct nlmsghdr *n)
1323 {
1324 int ret;
1325 struct tcmsg *t = NLMSG_DATA(n);
1326 bool mpls_format_old = false;
1327 bool mpls_format_new = false;
1328 struct rtattr *tail;
1329 __be16 tc_proto = TC_H_MIN(t->tcm_info);
1330 __be16 eth_type = tc_proto;
1331 __be16 vlan_ethtype = 0;
1332 __u8 ip_proto = 0xff;
1333 __u32 flags = 0;
1334 __u32 mtf = 0;
1335 __u32 mtf_mask = 0;
1336
1337 if (handle) {
1338 ret = get_u32(&t->tcm_handle, handle, 0);
1339 if (ret) {
1340 fprintf(stderr, "Illegal \"handle\"\n");
1341 return -1;
1342 }
1343 }
1344
1345 tail = (struct rtattr *) (((void *) n) + NLMSG_ALIGN(n->nlmsg_len));
1346 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0);
1347
1348 if (argc == 0) {
1349 /*at minimal we will match all ethertype packets */
1350 goto parse_done;
1351 }
1352
1353 while (argc > 0) {
1354 if (matches(*argv, "classid") == 0 ||
1355 matches(*argv, "flowid") == 0) {
1356 unsigned int handle;
1357
1358 NEXT_ARG();
1359 ret = get_tc_classid(&handle, *argv);
1360 if (ret) {
1361 fprintf(stderr, "Illegal \"classid\"\n");
1362 return -1;
1363 }
1364 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle, 4);
1365 } else if (matches(*argv, "hw_tc") == 0) {
1366 unsigned int handle;
1367 __u32 tc;
1368 char *end;
1369
1370 NEXT_ARG();
1371 tc = strtoul(*argv, &end, 0);
1372 if (*end) {
1373 fprintf(stderr, "Illegal TC index\n");
1374 return -1;
1375 }
1376 if (tc >= TC_QOPT_MAX_QUEUE) {
1377 fprintf(stderr, "TC index exceeds max range\n");
1378 return -1;
1379 }
1380 handle = TC_H_MAKE(TC_H_MAJ(t->tcm_parent),
1381 TC_H_MIN(tc + TC_H_MIN_PRIORITY));
1382 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle,
1383 sizeof(handle));
1384 } else if (matches(*argv, "ip_flags") == 0) {
1385 NEXT_ARG();
1386 ret = flower_parse_matching_flags(*argv,
1387 FLOWER_IP_FLAGS,
1388 &mtf,
1389 &mtf_mask);
1390 if (ret < 0) {
1391 fprintf(stderr, "Illegal \"ip_flags\"\n");
1392 return -1;
1393 }
1394 } else if (matches(*argv, "verbose") == 0) {
1395 flags |= TCA_CLS_FLAGS_VERBOSE;
1396 } else if (matches(*argv, "skip_hw") == 0) {
1397 flags |= TCA_CLS_FLAGS_SKIP_HW;
1398 } else if (matches(*argv, "skip_sw") == 0) {
1399 flags |= TCA_CLS_FLAGS_SKIP_SW;
1400 } else if (matches(*argv, "ct_state") == 0) {
1401 NEXT_ARG();
1402 ret = flower_parse_ct_state(*argv, n);
1403 if (ret < 0) {
1404 fprintf(stderr, "Illegal \"ct_state\"\n");
1405 return -1;
1406 }
1407 } else if (matches(*argv, "ct_zone") == 0) {
1408 NEXT_ARG();
1409 ret = flower_parse_ct_zone(*argv, n);
1410 if (ret < 0) {
1411 fprintf(stderr, "Illegal \"ct_zone\"\n");
1412 return -1;
1413 }
1414 } else if (matches(*argv, "ct_mark") == 0) {
1415 NEXT_ARG();
1416 ret = flower_parse_ct_mark(*argv, n);
1417 if (ret < 0) {
1418 fprintf(stderr, "Illegal \"ct_mark\"\n");
1419 return -1;
1420 }
1421 } else if (matches(*argv, "ct_label") == 0) {
1422 NEXT_ARG();
1423 ret = flower_parse_ct_labels(*argv, n);
1424 if (ret < 0) {
1425 fprintf(stderr, "Illegal \"ct_label\"\n");
1426 return -1;
1427 }
1428 } else if (matches(*argv, "indev") == 0) {
1429 NEXT_ARG();
1430 if (check_ifname(*argv))
1431 invarg("\"indev\" not a valid ifname", *argv);
1432 addattrstrz(n, MAX_MSG, TCA_FLOWER_INDEV, *argv);
1433 } else if (matches(*argv, "vlan_id") == 0) {
1434 __u16 vid;
1435
1436 NEXT_ARG();
1437 if (!eth_type_vlan(tc_proto)) {
1438 fprintf(stderr, "Can't set \"vlan_id\" if ethertype isn't 802.1Q or 802.1AD\n");
1439 return -1;
1440 }
1441 ret = get_u16(&vid, *argv, 10);
1442 if (ret < 0 || vid & ~0xfff) {
1443 fprintf(stderr, "Illegal \"vlan_id\"\n");
1444 return -1;
1445 }
1446 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_VLAN_ID, vid);
1447 } else if (matches(*argv, "vlan_prio") == 0) {
1448 __u8 vlan_prio;
1449
1450 NEXT_ARG();
1451 if (!eth_type_vlan(tc_proto)) {
1452 fprintf(stderr, "Can't set \"vlan_prio\" if ethertype isn't 802.1Q or 802.1AD\n");
1453 return -1;
1454 }
1455 ret = get_u8(&vlan_prio, *argv, 10);
1456 if (ret < 0 || vlan_prio & ~0x7) {
1457 fprintf(stderr, "Illegal \"vlan_prio\"\n");
1458 return -1;
1459 }
1460 addattr8(n, MAX_MSG,
1461 TCA_FLOWER_KEY_VLAN_PRIO, vlan_prio);
1462 } else if (matches(*argv, "vlan_ethtype") == 0) {
1463 NEXT_ARG();
1464 ret = flower_parse_vlan_eth_type(*argv, eth_type,
1465 TCA_FLOWER_KEY_VLAN_ETH_TYPE,
1466 &vlan_ethtype, n);
1467 if (ret < 0)
1468 return -1;
1469 /* get new ethtype for later parsing */
1470 eth_type = vlan_ethtype;
1471 } else if (matches(*argv, "cvlan_id") == 0) {
1472 __u16 vid;
1473
1474 NEXT_ARG();
1475 if (!eth_type_vlan(vlan_ethtype)) {
1476 fprintf(stderr, "Can't set \"cvlan_id\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1477 return -1;
1478 }
1479 ret = get_u16(&vid, *argv, 10);
1480 if (ret < 0 || vid & ~0xfff) {
1481 fprintf(stderr, "Illegal \"cvlan_id\"\n");
1482 return -1;
1483 }
1484 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CVLAN_ID, vid);
1485 } else if (matches(*argv, "cvlan_prio") == 0) {
1486 __u8 cvlan_prio;
1487
1488 NEXT_ARG();
1489 if (!eth_type_vlan(vlan_ethtype)) {
1490 fprintf(stderr, "Can't set \"cvlan_prio\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1491 return -1;
1492 }
1493 ret = get_u8(&cvlan_prio, *argv, 10);
1494 if (ret < 0 || cvlan_prio & ~0x7) {
1495 fprintf(stderr, "Illegal \"cvlan_prio\"\n");
1496 return -1;
1497 }
1498 addattr8(n, MAX_MSG,
1499 TCA_FLOWER_KEY_CVLAN_PRIO, cvlan_prio);
1500 } else if (matches(*argv, "cvlan_ethtype") == 0) {
1501 NEXT_ARG();
1502 /* get new ethtype for later parsing */
1503 ret = flower_parse_vlan_eth_type(*argv, vlan_ethtype,
1504 TCA_FLOWER_KEY_CVLAN_ETH_TYPE,
1505 &eth_type, n);
1506 if (ret < 0)
1507 return -1;
1508 } else if (matches(*argv, "mpls") == 0) {
1509 NEXT_ARG();
1510 if (eth_type != htons(ETH_P_MPLS_UC) &&
1511 eth_type != htons(ETH_P_MPLS_MC)) {
1512 fprintf(stderr,
1513 "Can't set \"mpls\" if ethertype isn't MPLS\n");
1514 return -1;
1515 }
1516 if (mpls_format_old) {
1517 fprintf(stderr,
1518 "Can't set \"mpls\" if \"mpls_label\", \"mpls_tc\", \"mpls_bos\" or \"mpls_ttl\" is set\n");
1519 return -1;
1520 }
1521 mpls_format_new = true;
1522 if (flower_parse_mpls(&argc, &argv, n) < 0)
1523 return -1;
1524 continue;
1525 } else if (matches(*argv, "mpls_label") == 0) {
1526 __u32 label;
1527
1528 NEXT_ARG();
1529 if (eth_type != htons(ETH_P_MPLS_UC) &&
1530 eth_type != htons(ETH_P_MPLS_MC)) {
1531 fprintf(stderr,
1532 "Can't set \"mpls_label\" if ethertype isn't MPLS\n");
1533 return -1;
1534 }
1535 if (mpls_format_new) {
1536 fprintf(stderr,
1537 "Can't set \"mpls_label\" if \"mpls\" is set\n");
1538 return -1;
1539 }
1540 mpls_format_old = true;
1541 ret = get_u32(&label, *argv, 10);
1542 if (ret < 0 || label & ~(MPLS_LS_LABEL_MASK >> MPLS_LS_LABEL_SHIFT)) {
1543 fprintf(stderr, "Illegal \"mpls_label\"\n");
1544 return -1;
1545 }
1546 addattr32(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_LABEL, label);
1547 } else if (matches(*argv, "mpls_tc") == 0) {
1548 __u8 tc;
1549
1550 NEXT_ARG();
1551 if (eth_type != htons(ETH_P_MPLS_UC) &&
1552 eth_type != htons(ETH_P_MPLS_MC)) {
1553 fprintf(stderr,
1554 "Can't set \"mpls_tc\" if ethertype isn't MPLS\n");
1555 return -1;
1556 }
1557 if (mpls_format_new) {
1558 fprintf(stderr,
1559 "Can't set \"mpls_tc\" if \"mpls\" is set\n");
1560 return -1;
1561 }
1562 mpls_format_old = true;
1563 ret = get_u8(&tc, *argv, 10);
1564 if (ret < 0 || tc & ~(MPLS_LS_TC_MASK >> MPLS_LS_TC_SHIFT)) {
1565 fprintf(stderr, "Illegal \"mpls_tc\"\n");
1566 return -1;
1567 }
1568 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TC, tc);
1569 } else if (matches(*argv, "mpls_bos") == 0) {
1570 __u8 bos;
1571
1572 NEXT_ARG();
1573 if (eth_type != htons(ETH_P_MPLS_UC) &&
1574 eth_type != htons(ETH_P_MPLS_MC)) {
1575 fprintf(stderr,
1576 "Can't set \"mpls_bos\" if ethertype isn't MPLS\n");
1577 return -1;
1578 }
1579 if (mpls_format_new) {
1580 fprintf(stderr,
1581 "Can't set \"mpls_bos\" if \"mpls\" is set\n");
1582 return -1;
1583 }
1584 mpls_format_old = true;
1585 ret = get_u8(&bos, *argv, 10);
1586 if (ret < 0 || bos & ~(MPLS_LS_S_MASK >> MPLS_LS_S_SHIFT)) {
1587 fprintf(stderr, "Illegal \"mpls_bos\"\n");
1588 return -1;
1589 }
1590 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_BOS, bos);
1591 } else if (matches(*argv, "mpls_ttl") == 0) {
1592 __u8 ttl;
1593
1594 NEXT_ARG();
1595 if (eth_type != htons(ETH_P_MPLS_UC) &&
1596 eth_type != htons(ETH_P_MPLS_MC)) {
1597 fprintf(stderr,
1598 "Can't set \"mpls_ttl\" if ethertype isn't MPLS\n");
1599 return -1;
1600 }
1601 if (mpls_format_new) {
1602 fprintf(stderr,
1603 "Can't set \"mpls_ttl\" if \"mpls\" is set\n");
1604 return -1;
1605 }
1606 mpls_format_old = true;
1607 ret = get_u8(&ttl, *argv, 10);
1608 if (ret < 0 || ttl & ~(MPLS_LS_TTL_MASK >> MPLS_LS_TTL_SHIFT)) {
1609 fprintf(stderr, "Illegal \"mpls_ttl\"\n");
1610 return -1;
1611 }
1612 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TTL, ttl);
1613 } else if (matches(*argv, "dst_mac") == 0) {
1614 NEXT_ARG();
1615 ret = flower_parse_eth_addr(*argv,
1616 TCA_FLOWER_KEY_ETH_DST,
1617 TCA_FLOWER_KEY_ETH_DST_MASK,
1618 n);
1619 if (ret < 0) {
1620 fprintf(stderr, "Illegal \"dst_mac\"\n");
1621 return -1;
1622 }
1623 } else if (matches(*argv, "src_mac") == 0) {
1624 NEXT_ARG();
1625 ret = flower_parse_eth_addr(*argv,
1626 TCA_FLOWER_KEY_ETH_SRC,
1627 TCA_FLOWER_KEY_ETH_SRC_MASK,
1628 n);
1629 if (ret < 0) {
1630 fprintf(stderr, "Illegal \"src_mac\"\n");
1631 return -1;
1632 }
1633 } else if (matches(*argv, "ip_proto") == 0) {
1634 NEXT_ARG();
1635 ret = flower_parse_ip_proto(*argv, eth_type,
1636 TCA_FLOWER_KEY_IP_PROTO,
1637 &ip_proto, n);
1638 if (ret < 0) {
1639 fprintf(stderr, "Illegal \"ip_proto\"\n");
1640 return -1;
1641 }
1642 } else if (matches(*argv, "ip_tos") == 0) {
1643 NEXT_ARG();
1644 ret = flower_parse_ip_tos_ttl(*argv,
1645 TCA_FLOWER_KEY_IP_TOS,
1646 TCA_FLOWER_KEY_IP_TOS_MASK,
1647 n);
1648 if (ret < 0) {
1649 fprintf(stderr, "Illegal \"ip_tos\"\n");
1650 return -1;
1651 }
1652 } else if (matches(*argv, "ip_ttl") == 0) {
1653 NEXT_ARG();
1654 ret = flower_parse_ip_tos_ttl(*argv,
1655 TCA_FLOWER_KEY_IP_TTL,
1656 TCA_FLOWER_KEY_IP_TTL_MASK,
1657 n);
1658 if (ret < 0) {
1659 fprintf(stderr, "Illegal \"ip_ttl\"\n");
1660 return -1;
1661 }
1662 } else if (matches(*argv, "dst_ip") == 0) {
1663 NEXT_ARG();
1664 ret = flower_parse_ip_addr(*argv, eth_type,
1665 TCA_FLOWER_KEY_IPV4_DST,
1666 TCA_FLOWER_KEY_IPV4_DST_MASK,
1667 TCA_FLOWER_KEY_IPV6_DST,
1668 TCA_FLOWER_KEY_IPV6_DST_MASK,
1669 n);
1670 if (ret < 0) {
1671 fprintf(stderr, "Illegal \"dst_ip\"\n");
1672 return -1;
1673 }
1674 } else if (matches(*argv, "src_ip") == 0) {
1675 NEXT_ARG();
1676 ret = flower_parse_ip_addr(*argv, eth_type,
1677 TCA_FLOWER_KEY_IPV4_SRC,
1678 TCA_FLOWER_KEY_IPV4_SRC_MASK,
1679 TCA_FLOWER_KEY_IPV6_SRC,
1680 TCA_FLOWER_KEY_IPV6_SRC_MASK,
1681 n);
1682 if (ret < 0) {
1683 fprintf(stderr, "Illegal \"src_ip\"\n");
1684 return -1;
1685 }
1686 } else if (matches(*argv, "dst_port") == 0) {
1687 NEXT_ARG();
1688 ret = flower_parse_port(*argv, ip_proto,
1689 FLOWER_ENDPOINT_DST, n);
1690 if (ret < 0) {
1691 fprintf(stderr, "Illegal \"dst_port\"\n");
1692 return -1;
1693 }
1694 } else if (matches(*argv, "src_port") == 0) {
1695 NEXT_ARG();
1696 ret = flower_parse_port(*argv, ip_proto,
1697 FLOWER_ENDPOINT_SRC, n);
1698 if (ret < 0) {
1699 fprintf(stderr, "Illegal \"src_port\"\n");
1700 return -1;
1701 }
1702 } else if (matches(*argv, "tcp_flags") == 0) {
1703 NEXT_ARG();
1704 ret = flower_parse_tcp_flags(*argv,
1705 TCA_FLOWER_KEY_TCP_FLAGS,
1706 TCA_FLOWER_KEY_TCP_FLAGS_MASK,
1707 n);
1708 if (ret < 0) {
1709 fprintf(stderr, "Illegal \"tcp_flags\"\n");
1710 return -1;
1711 }
1712 } else if (matches(*argv, "type") == 0) {
1713 NEXT_ARG();
1714 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1715 FLOWER_ICMP_FIELD_TYPE, n);
1716 if (ret < 0) {
1717 fprintf(stderr, "Illegal \"icmp type\"\n");
1718 return -1;
1719 }
1720 } else if (matches(*argv, "code") == 0) {
1721 NEXT_ARG();
1722 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1723 FLOWER_ICMP_FIELD_CODE, n);
1724 if (ret < 0) {
1725 fprintf(stderr, "Illegal \"icmp code\"\n");
1726 return -1;
1727 }
1728 } else if (matches(*argv, "arp_tip") == 0) {
1729 NEXT_ARG();
1730 ret = flower_parse_arp_ip_addr(*argv, eth_type,
1731 TCA_FLOWER_KEY_ARP_TIP,
1732 TCA_FLOWER_KEY_ARP_TIP_MASK,
1733 n);
1734 if (ret < 0) {
1735 fprintf(stderr, "Illegal \"arp_tip\"\n");
1736 return -1;
1737 }
1738 } else if (matches(*argv, "arp_sip") == 0) {
1739 NEXT_ARG();
1740 ret = flower_parse_arp_ip_addr(*argv, eth_type,
1741 TCA_FLOWER_KEY_ARP_SIP,
1742 TCA_FLOWER_KEY_ARP_SIP_MASK,
1743 n);
1744 if (ret < 0) {
1745 fprintf(stderr, "Illegal \"arp_sip\"\n");
1746 return -1;
1747 }
1748 } else if (matches(*argv, "arp_op") == 0) {
1749 NEXT_ARG();
1750 ret = flower_parse_arp_op(*argv, eth_type,
1751 TCA_FLOWER_KEY_ARP_OP,
1752 TCA_FLOWER_KEY_ARP_OP_MASK,
1753 n);
1754 if (ret < 0) {
1755 fprintf(stderr, "Illegal \"arp_op\"\n");
1756 return -1;
1757 }
1758 } else if (matches(*argv, "arp_tha") == 0) {
1759 NEXT_ARG();
1760 ret = flower_parse_eth_addr(*argv,
1761 TCA_FLOWER_KEY_ARP_THA,
1762 TCA_FLOWER_KEY_ARP_THA_MASK,
1763 n);
1764 if (ret < 0) {
1765 fprintf(stderr, "Illegal \"arp_tha\"\n");
1766 return -1;
1767 }
1768 } else if (matches(*argv, "arp_sha") == 0) {
1769 NEXT_ARG();
1770 ret = flower_parse_eth_addr(*argv,
1771 TCA_FLOWER_KEY_ARP_SHA,
1772 TCA_FLOWER_KEY_ARP_SHA_MASK,
1773 n);
1774 if (ret < 0) {
1775 fprintf(stderr, "Illegal \"arp_sha\"\n");
1776 return -1;
1777 }
1778 } else if (matches(*argv, "enc_dst_ip") == 0) {
1779 NEXT_ARG();
1780 ret = flower_parse_ip_addr(*argv, 0,
1781 TCA_FLOWER_KEY_ENC_IPV4_DST,
1782 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
1783 TCA_FLOWER_KEY_ENC_IPV6_DST,
1784 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
1785 n);
1786 if (ret < 0) {
1787 fprintf(stderr, "Illegal \"enc_dst_ip\"\n");
1788 return -1;
1789 }
1790 } else if (matches(*argv, "enc_src_ip") == 0) {
1791 NEXT_ARG();
1792 ret = flower_parse_ip_addr(*argv, 0,
1793 TCA_FLOWER_KEY_ENC_IPV4_SRC,
1794 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
1795 TCA_FLOWER_KEY_ENC_IPV6_SRC,
1796 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
1797 n);
1798 if (ret < 0) {
1799 fprintf(stderr, "Illegal \"enc_src_ip\"\n");
1800 return -1;
1801 }
1802 } else if (matches(*argv, "enc_key_id") == 0) {
1803 NEXT_ARG();
1804 ret = flower_parse_key_id(*argv,
1805 TCA_FLOWER_KEY_ENC_KEY_ID, n);
1806 if (ret < 0) {
1807 fprintf(stderr, "Illegal \"enc_key_id\"\n");
1808 return -1;
1809 }
1810 } else if (matches(*argv, "enc_dst_port") == 0) {
1811 NEXT_ARG();
1812 ret = flower_parse_enc_port(*argv,
1813 TCA_FLOWER_KEY_ENC_UDP_DST_PORT, n);
1814 if (ret < 0) {
1815 fprintf(stderr, "Illegal \"enc_dst_port\"\n");
1816 return -1;
1817 }
1818 } else if (matches(*argv, "enc_tos") == 0) {
1819 NEXT_ARG();
1820 ret = flower_parse_ip_tos_ttl(*argv,
1821 TCA_FLOWER_KEY_ENC_IP_TOS,
1822 TCA_FLOWER_KEY_ENC_IP_TOS_MASK,
1823 n);
1824 if (ret < 0) {
1825 fprintf(stderr, "Illegal \"enc_tos\"\n");
1826 return -1;
1827 }
1828 } else if (matches(*argv, "enc_ttl") == 0) {
1829 NEXT_ARG();
1830 ret = flower_parse_ip_tos_ttl(*argv,
1831 TCA_FLOWER_KEY_ENC_IP_TTL,
1832 TCA_FLOWER_KEY_ENC_IP_TTL_MASK,
1833 n);
1834 if (ret < 0) {
1835 fprintf(stderr, "Illegal \"enc_ttl\"\n");
1836 return -1;
1837 }
1838 } else if (matches(*argv, "geneve_opts") == 0) {
1839 NEXT_ARG();
1840 ret = flower_parse_enc_opts_geneve(*argv, n);
1841 if (ret < 0) {
1842 fprintf(stderr, "Illegal \"geneve_opts\"\n");
1843 return -1;
1844 }
1845 } else if (matches(*argv, "vxlan_opts") == 0) {
1846 NEXT_ARG();
1847 ret = flower_parse_enc_opts_vxlan(*argv, n);
1848 if (ret < 0) {
1849 fprintf(stderr, "Illegal \"vxlan_opts\"\n");
1850 return -1;
1851 }
1852 } else if (matches(*argv, "erspan_opts") == 0) {
1853 NEXT_ARG();
1854 ret = flower_parse_enc_opts_erspan(*argv, n);
1855 if (ret < 0) {
1856 fprintf(stderr, "Illegal \"erspan_opts\"\n");
1857 return -1;
1858 }
1859 } else if (matches(*argv, "action") == 0) {
1860 NEXT_ARG();
1861 ret = parse_action(&argc, &argv, TCA_FLOWER_ACT, n);
1862 if (ret) {
1863 fprintf(stderr, "Illegal \"action\"\n");
1864 return -1;
1865 }
1866 continue;
1867 } else if (strcmp(*argv, "help") == 0) {
1868 explain();
1869 return -1;
1870 } else {
1871 fprintf(stderr, "What is \"%s\"?\n", *argv);
1872 explain();
1873 return -1;
1874 }
1875 argc--; argv++;
1876 }
1877
1878 parse_done:
1879 ret = addattr32(n, MAX_MSG, TCA_FLOWER_FLAGS, flags);
1880 if (ret)
1881 return ret;
1882
1883 if (mtf_mask) {
1884 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS, htonl(mtf));
1885 if (ret)
1886 return ret;
1887
1888 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS_MASK, htonl(mtf_mask));
1889 if (ret)
1890 return ret;
1891 }
1892
1893 if (tc_proto != htons(ETH_P_ALL)) {
1894 ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, tc_proto);
1895 if (ret)
1896 return ret;
1897 }
1898
1899 tail->rta_len = (((void *)n)+n->nlmsg_len) - (void *)tail;
1900
1901 return 0;
1902 }
1903
1904 static int __mask_bits(char *addr, size_t len)
1905 {
1906 int bits = 0;
1907 bool hole = false;
1908 int i;
1909 int j;
1910
1911 for (i = 0; i < len; i++, addr++) {
1912 for (j = 7; j >= 0; j--) {
1913 if (((*addr) >> j) & 0x1) {
1914 if (hole)
1915 return -1;
1916 bits++;
1917 } else if (bits) {
1918 hole = true;
1919 } else{
1920 return -1;
1921 }
1922 }
1923 }
1924 return bits;
1925 }
1926
1927 static void flower_print_eth_addr(char *name, struct rtattr *addr_attr,
1928 struct rtattr *mask_attr)
1929 {
1930 SPRINT_BUF(namefrm);
1931 SPRINT_BUF(out);
1932 SPRINT_BUF(b1);
1933 size_t done;
1934 int bits;
1935
1936 if (!addr_attr || RTA_PAYLOAD(addr_attr) != ETH_ALEN)
1937 return;
1938 done = sprintf(out, "%s",
1939 ll_addr_n2a(RTA_DATA(addr_attr), ETH_ALEN,
1940 0, b1, sizeof(b1)));
1941 if (mask_attr && RTA_PAYLOAD(mask_attr) == ETH_ALEN) {
1942 bits = __mask_bits(RTA_DATA(mask_attr), ETH_ALEN);
1943 if (bits < 0)
1944 sprintf(out + done, "/%s",
1945 ll_addr_n2a(RTA_DATA(mask_attr), ETH_ALEN,
1946 0, b1, sizeof(b1)));
1947 else if (bits < ETH_ALEN * 8)
1948 sprintf(out + done, "/%d", bits);
1949 }
1950
1951 print_nl();
1952 sprintf(namefrm, " %s %%s", name);
1953 print_string(PRINT_ANY, name, namefrm, out);
1954 }
1955
1956 static void flower_print_eth_type(__be16 *p_eth_type,
1957 struct rtattr *eth_type_attr)
1958 {
1959 SPRINT_BUF(out);
1960 __be16 eth_type;
1961
1962 if (!eth_type_attr)
1963 return;
1964
1965 eth_type = rta_getattr_u16(eth_type_attr);
1966 if (eth_type == htons(ETH_P_IP))
1967 sprintf(out, "ipv4");
1968 else if (eth_type == htons(ETH_P_IPV6))
1969 sprintf(out, "ipv6");
1970 else if (eth_type == htons(ETH_P_ARP))
1971 sprintf(out, "arp");
1972 else if (eth_type == htons(ETH_P_RARP))
1973 sprintf(out, "rarp");
1974 else
1975 sprintf(out, "%04x", ntohs(eth_type));
1976
1977 print_nl();
1978 print_string(PRINT_ANY, "eth_type", " eth_type %s", out);
1979 *p_eth_type = eth_type;
1980 }
1981
1982 static void flower_print_ip_proto(__u8 *p_ip_proto,
1983 struct rtattr *ip_proto_attr)
1984 {
1985 SPRINT_BUF(out);
1986 __u8 ip_proto;
1987
1988 if (!ip_proto_attr)
1989 return;
1990
1991 ip_proto = rta_getattr_u8(ip_proto_attr);
1992 if (ip_proto == IPPROTO_TCP)
1993 sprintf(out, "tcp");
1994 else if (ip_proto == IPPROTO_UDP)
1995 sprintf(out, "udp");
1996 else if (ip_proto == IPPROTO_SCTP)
1997 sprintf(out, "sctp");
1998 else if (ip_proto == IPPROTO_ICMP)
1999 sprintf(out, "icmp");
2000 else if (ip_proto == IPPROTO_ICMPV6)
2001 sprintf(out, "icmpv6");
2002 else
2003 sprintf(out, "%02x", ip_proto);
2004
2005 print_nl();
2006 print_string(PRINT_ANY, "ip_proto", " ip_proto %s", out);
2007 *p_ip_proto = ip_proto;
2008 }
2009
2010 static void flower_print_ip_attr(const char *name, struct rtattr *key_attr,
2011 struct rtattr *mask_attr)
2012 {
2013 print_masked_u8(name, key_attr, mask_attr, true);
2014 }
2015
2016 static void flower_print_matching_flags(char *name,
2017 enum flower_matching_flags type,
2018 struct rtattr *attr,
2019 struct rtattr *mask_attr)
2020 {
2021 int i;
2022 int count = 0;
2023 __u32 mtf;
2024 __u32 mtf_mask;
2025
2026 if (!mask_attr || RTA_PAYLOAD(mask_attr) != 4)
2027 return;
2028
2029 mtf = ntohl(rta_getattr_u32(attr));
2030 mtf_mask = ntohl(rta_getattr_u32(mask_attr));
2031
2032 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
2033 if (type != flags_str[i].type)
2034 continue;
2035 if (mtf_mask & flags_str[i].flag) {
2036 if (++count == 1) {
2037 print_nl();
2038 print_string(PRINT_FP, NULL, " %s ", name);
2039 open_json_object(name);
2040 } else {
2041 print_string(PRINT_FP, NULL, "/", NULL);
2042 }
2043
2044 print_bool(PRINT_JSON, flags_str[i].string, NULL,
2045 mtf & flags_str[i].flag);
2046 if (mtf & flags_str[i].flag)
2047 print_string(PRINT_FP, NULL, "%s",
2048 flags_str[i].string);
2049 else
2050 print_string(PRINT_FP, NULL, "no%s",
2051 flags_str[i].string);
2052 }
2053 }
2054 if (count)
2055 close_json_object();
2056 }
2057
2058 static void flower_print_ip_addr(char *name, __be16 eth_type,
2059 struct rtattr *addr4_attr,
2060 struct rtattr *mask4_attr,
2061 struct rtattr *addr6_attr,
2062 struct rtattr *mask6_attr)
2063 {
2064 struct rtattr *addr_attr;
2065 struct rtattr *mask_attr;
2066 SPRINT_BUF(namefrm);
2067 SPRINT_BUF(out);
2068 size_t done;
2069 int family;
2070 size_t len;
2071 int bits;
2072
2073 if (eth_type == htons(ETH_P_IP)) {
2074 family = AF_INET;
2075 addr_attr = addr4_attr;
2076 mask_attr = mask4_attr;
2077 len = 4;
2078 } else if (eth_type == htons(ETH_P_IPV6)) {
2079 family = AF_INET6;
2080 addr_attr = addr6_attr;
2081 mask_attr = mask6_attr;
2082 len = 16;
2083 } else {
2084 return;
2085 }
2086 if (!addr_attr || RTA_PAYLOAD(addr_attr) != len)
2087 return;
2088 if (!mask_attr || RTA_PAYLOAD(mask_attr) != len)
2089 return;
2090 done = sprintf(out, "%s", rt_addr_n2a_rta(family, addr_attr));
2091 bits = __mask_bits(RTA_DATA(mask_attr), len);
2092 if (bits < 0)
2093 sprintf(out + done, "/%s", rt_addr_n2a_rta(family, mask_attr));
2094 else if (bits < len * 8)
2095 sprintf(out + done, "/%d", bits);
2096
2097 print_nl();
2098 sprintf(namefrm, " %s %%s", name);
2099 print_string(PRINT_ANY, name, namefrm, out);
2100 }
2101 static void flower_print_ip4_addr(char *name, struct rtattr *addr_attr,
2102 struct rtattr *mask_attr)
2103 {
2104 return flower_print_ip_addr(name, htons(ETH_P_IP),
2105 addr_attr, mask_attr, 0, 0);
2106 }
2107
2108 static void flower_print_port(char *name, struct rtattr *attr,
2109 struct rtattr *mask_attr)
2110 {
2111 print_masked_be16(name, attr, mask_attr, true);
2112 }
2113
2114 static void flower_print_port_range(char *name, struct rtattr *min_attr,
2115 struct rtattr *max_attr)
2116 {
2117 if (!min_attr || !max_attr)
2118 return;
2119
2120 if (is_json_context()) {
2121 open_json_object(name);
2122 print_hu(PRINT_JSON, "start", NULL, rta_getattr_be16(min_attr));
2123 print_hu(PRINT_JSON, "end", NULL, rta_getattr_be16(max_attr));
2124 close_json_object();
2125 } else {
2126 SPRINT_BUF(namefrm);
2127 SPRINT_BUF(out);
2128 size_t done;
2129
2130 done = sprintf(out, "%u", rta_getattr_be16(min_attr));
2131 sprintf(out + done, "-%u", rta_getattr_be16(max_attr));
2132 print_nl();
2133 sprintf(namefrm, " %s %%s", name);
2134 print_string(PRINT_ANY, name, namefrm, out);
2135 }
2136 }
2137
2138 static void flower_print_tcp_flags(const char *name, struct rtattr *flags_attr,
2139 struct rtattr *mask_attr)
2140 {
2141 SPRINT_BUF(namefrm);
2142 SPRINT_BUF(out);
2143 size_t done;
2144
2145 if (!flags_attr)
2146 return;
2147
2148 done = sprintf(out, "0x%x", rta_getattr_be16(flags_attr));
2149 if (mask_attr)
2150 sprintf(out + done, "/%x", rta_getattr_be16(mask_attr));
2151
2152 print_nl();
2153 sprintf(namefrm, " %s %%s", name);
2154 print_string(PRINT_ANY, name, namefrm, out);
2155 }
2156
2157 static void flower_print_ct_state(struct rtattr *flags_attr,
2158 struct rtattr *mask_attr)
2159 {
2160 SPRINT_BUF(out);
2161 uint16_t state;
2162 uint16_t state_mask;
2163 size_t done = 0;
2164 int i;
2165
2166 if (!flags_attr)
2167 return;
2168
2169 state = rta_getattr_u16(flags_attr);
2170 if (mask_attr)
2171 state_mask = rta_getattr_u16(mask_attr);
2172 else
2173 state_mask = UINT16_MAX;
2174
2175 for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
2176 if (!(state_mask & flower_ct_states[i].flag))
2177 continue;
2178
2179 if (state & flower_ct_states[i].flag)
2180 done += sprintf(out + done, "+%s",
2181 flower_ct_states[i].str);
2182 else
2183 done += sprintf(out + done, "-%s",
2184 flower_ct_states[i].str);
2185 }
2186
2187 print_nl();
2188 print_string(PRINT_ANY, "ct_state", " ct_state %s", out);
2189 }
2190
2191 static void flower_print_ct_label(struct rtattr *attr,
2192 struct rtattr *mask_attr)
2193 {
2194 const unsigned char *str;
2195 bool print_mask = false;
2196 int data_len, i;
2197 SPRINT_BUF(out);
2198 char *p;
2199
2200 if (!attr)
2201 return;
2202
2203 data_len = RTA_PAYLOAD(attr);
2204 hexstring_n2a(RTA_DATA(attr), data_len, out, sizeof(out));
2205 p = out + data_len*2;
2206
2207 data_len = RTA_PAYLOAD(attr);
2208 str = RTA_DATA(mask_attr);
2209 if (data_len != 16)
2210 print_mask = true;
2211 for (i = 0; !print_mask && i < data_len; i++) {
2212 if (str[i] != 0xff)
2213 print_mask = true;
2214 }
2215 if (print_mask) {
2216 *p++ = '/';
2217 hexstring_n2a(RTA_DATA(mask_attr), data_len, p,
2218 sizeof(out)-(p-out));
2219 p += data_len*2;
2220 }
2221 *p = '\0';
2222
2223 print_nl();
2224 print_string(PRINT_ANY, "ct_label", " ct_label %s", out);
2225 }
2226
2227 static void flower_print_ct_zone(struct rtattr *attr,
2228 struct rtattr *mask_attr)
2229 {
2230 print_masked_u16("ct_zone", attr, mask_attr, true);
2231 }
2232
2233 static void flower_print_ct_mark(struct rtattr *attr,
2234 struct rtattr *mask_attr)
2235 {
2236 print_masked_u32("ct_mark", attr, mask_attr, true);
2237 }
2238
2239 static void flower_print_key_id(const char *name, struct rtattr *attr)
2240 {
2241 SPRINT_BUF(namefrm);
2242
2243 if (!attr)
2244 return;
2245
2246 print_nl();
2247 sprintf(namefrm, " %s %%u", name);
2248 print_uint(PRINT_ANY, name, namefrm, rta_getattr_be32(attr));
2249 }
2250
2251 static void flower_print_geneve_opts(const char *name, struct rtattr *attr,
2252 char *strbuf)
2253 {
2254 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX + 1];
2255 int ii, data_len, offset = 0, slen = 0;
2256 struct rtattr *i = RTA_DATA(attr);
2257 int rem = RTA_PAYLOAD(attr);
2258 __u8 type, data_r[rem];
2259 char data[rem * 2 + 1];
2260 __u16 class;
2261
2262 open_json_array(PRINT_JSON, name);
2263 while (rem) {
2264 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX, i, rem);
2265 class = rta_getattr_be16(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS]);
2266 type = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE]);
2267 data_len = RTA_PAYLOAD(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]);
2268 hexstring_n2a(RTA_DATA(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]),
2269 data_len, data, sizeof(data));
2270 hex2mem(data, data_r, data_len);
2271 offset += data_len + 20;
2272 rem -= data_len + 20;
2273 i = RTA_DATA(attr) + offset;
2274
2275 open_json_object(NULL);
2276 print_uint(PRINT_JSON, "class", NULL, class);
2277 print_uint(PRINT_JSON, "type", NULL, type);
2278 open_json_array(PRINT_JSON, "data");
2279 for (ii = 0; ii < data_len; ii++)
2280 print_uint(PRINT_JSON, NULL, NULL, data_r[ii]);
2281 close_json_array(PRINT_JSON, "data");
2282 close_json_object();
2283
2284 slen += sprintf(strbuf + slen, "%04x:%02x:%s",
2285 class, type, data);
2286 if (rem)
2287 slen += sprintf(strbuf + slen, ",");
2288 }
2289 close_json_array(PRINT_JSON, name);
2290 }
2291
2292 static void flower_print_vxlan_opts(const char *name, struct rtattr *attr,
2293 char *strbuf)
2294 {
2295 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_VXLAN_MAX + 1];
2296 struct rtattr *i = RTA_DATA(attr);
2297 int rem = RTA_PAYLOAD(attr);
2298 __u32 gbp;
2299
2300 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_VXLAN_MAX, i, rem);
2301 gbp = rta_getattr_u32(tb[TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP]);
2302
2303 open_json_array(PRINT_JSON, name);
2304 open_json_object(NULL);
2305 print_uint(PRINT_JSON, "gbp", NULL, gbp);
2306 close_json_object();
2307 close_json_array(PRINT_JSON, name);
2308
2309 sprintf(strbuf, "%u", gbp);
2310 }
2311
2312 static void flower_print_erspan_opts(const char *name, struct rtattr *attr,
2313 char *strbuf)
2314 {
2315 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_MAX + 1];
2316 __u8 ver, hwid, dir;
2317 __u32 idx;
2318
2319 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_ERSPAN_MAX, RTA_DATA(attr),
2320 RTA_PAYLOAD(attr));
2321 ver = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER]);
2322 if (ver == 1) {
2323 idx = rta_getattr_be32(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX]);
2324 hwid = 0;
2325 dir = 0;
2326 } else {
2327 idx = 0;
2328 hwid = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID]);
2329 dir = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR]);
2330 }
2331
2332 open_json_array(PRINT_JSON, name);
2333 open_json_object(NULL);
2334 print_uint(PRINT_JSON, "ver", NULL, ver);
2335 print_uint(PRINT_JSON, "index", NULL, idx);
2336 print_uint(PRINT_JSON, "dir", NULL, dir);
2337 print_uint(PRINT_JSON, "hwid", NULL, hwid);
2338 close_json_object();
2339 close_json_array(PRINT_JSON, name);
2340
2341 sprintf(strbuf, "%u:%u:%u:%u", ver, idx, dir, hwid);
2342 }
2343
2344 static void flower_print_enc_parts(const char *name, const char *namefrm,
2345 struct rtattr *attr, char *key, char *mask)
2346 {
2347 char *key_token, *mask_token, *out;
2348 int len;
2349
2350 out = malloc(RTA_PAYLOAD(attr) * 4 + 3);
2351 if (!out)
2352 return;
2353
2354 len = 0;
2355 key_token = strsep(&key, ",");
2356 mask_token = strsep(&mask, ",");
2357 while (key_token) {
2358 len += sprintf(&out[len], "%s/%s,", key_token, mask_token);
2359 mask_token = strsep(&mask, ",");
2360 key_token = strsep(&key, ",");
2361 }
2362
2363 out[len - 1] = '\0';
2364 print_nl();
2365 print_string(PRINT_FP, name, namefrm, out);
2366 free(out);
2367 }
2368
2369 static void flower_print_enc_opts(const char *name, struct rtattr *attr,
2370 struct rtattr *mask_attr)
2371 {
2372 struct rtattr *key_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
2373 struct rtattr *msk_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
2374 char *key, *msk;
2375
2376 if (!attr)
2377 return;
2378
2379 key = malloc(RTA_PAYLOAD(attr) * 2 + 1);
2380 if (!key)
2381 return;
2382
2383 msk = malloc(RTA_PAYLOAD(attr) * 2 + 1);
2384 if (!msk)
2385 goto err_key_free;
2386
2387 parse_rtattr_nested(key_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, attr);
2388 parse_rtattr_nested(msk_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, mask_attr);
2389
2390 if (key_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE]) {
2391 flower_print_geneve_opts("geneve_opt_key",
2392 key_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], key);
2393
2394 if (msk_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE])
2395 flower_print_geneve_opts("geneve_opt_mask",
2396 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], msk);
2397
2398 flower_print_enc_parts(name, " geneve_opts %s", attr, key,
2399 msk);
2400 } else if (key_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN]) {
2401 flower_print_vxlan_opts("vxlan_opt_key",
2402 key_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN], key);
2403
2404 if (msk_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN])
2405 flower_print_vxlan_opts("vxlan_opt_mask",
2406 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN], msk);
2407
2408 flower_print_enc_parts(name, " vxlan_opts %s", attr, key,
2409 msk);
2410 } else if (key_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN]) {
2411 flower_print_erspan_opts("erspan_opt_key",
2412 key_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN], key);
2413
2414 if (msk_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN])
2415 flower_print_erspan_opts("erspan_opt_mask",
2416 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN], msk);
2417
2418 flower_print_enc_parts(name, " erspan_opts %s", attr, key,
2419 msk);
2420 }
2421
2422 free(msk);
2423 err_key_free:
2424 free(key);
2425 }
2426
2427 static void flower_print_masked_u8(const char *name, struct rtattr *attr,
2428 struct rtattr *mask_attr,
2429 const char *(*value_to_str)(__u8 value))
2430 {
2431 const char *value_str = NULL;
2432 __u8 value, mask;
2433 SPRINT_BUF(namefrm);
2434 SPRINT_BUF(out);
2435 size_t done;
2436
2437 if (!attr)
2438 return;
2439
2440 value = rta_getattr_u8(attr);
2441 mask = mask_attr ? rta_getattr_u8(mask_attr) : UINT8_MAX;
2442 if (mask == UINT8_MAX && value_to_str)
2443 value_str = value_to_str(value);
2444
2445 if (value_str)
2446 done = sprintf(out, "%s", value_str);
2447 else
2448 done = sprintf(out, "%d", value);
2449
2450 if (mask != UINT8_MAX)
2451 sprintf(out + done, "/%d", mask);
2452
2453 print_nl();
2454 sprintf(namefrm, " %s %%s", name);
2455 print_string(PRINT_ANY, name, namefrm, out);
2456 }
2457
2458 static void flower_print_u8(const char *name, struct rtattr *attr)
2459 {
2460 flower_print_masked_u8(name, attr, NULL, NULL);
2461 }
2462
2463 static void flower_print_u32(const char *name, struct rtattr *attr)
2464 {
2465 SPRINT_BUF(namefrm);
2466
2467 if (!attr)
2468 return;
2469
2470 print_nl();
2471 sprintf(namefrm, " %s %%u", name);
2472 print_uint(PRINT_ANY, name, namefrm, rta_getattr_u32(attr));
2473 }
2474
2475 static void flower_print_mpls_opt_lse(struct rtattr *lse)
2476 {
2477 struct rtattr *tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_MAX + 1];
2478 struct rtattr *attr;
2479
2480 if (lse->rta_type != (TCA_FLOWER_KEY_MPLS_OPTS_LSE | NLA_F_NESTED)) {
2481 fprintf(stderr, "rta_type 0x%x, expecting 0x%x (0x%x & 0x%x)\n",
2482 lse->rta_type,
2483 TCA_FLOWER_KEY_MPLS_OPTS_LSE & NLA_F_NESTED,
2484 TCA_FLOWER_KEY_MPLS_OPTS_LSE, NLA_F_NESTED);
2485 return;
2486 }
2487
2488 parse_rtattr(tb, TCA_FLOWER_KEY_MPLS_OPT_LSE_MAX, RTA_DATA(lse),
2489 RTA_PAYLOAD(lse));
2490
2491 print_nl();
2492 print_string(PRINT_FP, NULL, " lse", NULL);
2493 open_json_object(NULL);
2494 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH];
2495 if (attr)
2496 print_hhu(PRINT_ANY, "depth", " depth %u",
2497 rta_getattr_u8(attr));
2498 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL];
2499 if (attr)
2500 print_uint(PRINT_ANY, "label", " label %u",
2501 rta_getattr_u32(attr));
2502 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_TC];
2503 if (attr)
2504 print_hhu(PRINT_ANY, "tc", " tc %u", rta_getattr_u8(attr));
2505 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS];
2506 if (attr)
2507 print_hhu(PRINT_ANY, "bos", " bos %u", rta_getattr_u8(attr));
2508 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL];
2509 if (attr)
2510 print_hhu(PRINT_ANY, "ttl", " ttl %u", rta_getattr_u8(attr));
2511 close_json_object();
2512 }
2513
2514 static void flower_print_mpls_opts(struct rtattr *attr)
2515 {
2516 struct rtattr *lse;
2517 int rem;
2518
2519 if (!attr || !(attr->rta_type & NLA_F_NESTED))
2520 return;
2521
2522 print_nl();
2523 print_string(PRINT_FP, NULL, " mpls", NULL);
2524 open_json_array(PRINT_JSON, "mpls");
2525 rem = RTA_PAYLOAD(attr);
2526 lse = RTA_DATA(attr);
2527 while (RTA_OK(lse, rem)) {
2528 flower_print_mpls_opt_lse(lse);
2529 lse = RTA_NEXT(lse, rem);
2530 };
2531 if (rem)
2532 fprintf(stderr, "!!!Deficit %d, rta_len=%d\n",
2533 rem, lse->rta_len);
2534 close_json_array(PRINT_JSON, NULL);
2535 }
2536
2537 static void flower_print_arp_op(const char *name,
2538 struct rtattr *op_attr,
2539 struct rtattr *mask_attr)
2540 {
2541 flower_print_masked_u8(name, op_attr, mask_attr,
2542 flower_print_arp_op_to_name);
2543 }
2544
2545 static int flower_print_opt(struct filter_util *qu, FILE *f,
2546 struct rtattr *opt, __u32 handle)
2547 {
2548 struct rtattr *tb[TCA_FLOWER_MAX + 1];
2549 __be16 min_port_type, max_port_type;
2550 int nl_type, nl_mask_type;
2551 __be16 eth_type = 0;
2552 __u8 ip_proto = 0xff;
2553
2554 if (!opt)
2555 return 0;
2556
2557 parse_rtattr_nested(tb, TCA_FLOWER_MAX, opt);
2558
2559 if (handle)
2560 print_uint(PRINT_ANY, "handle", "handle 0x%x ", handle);
2561
2562 if (tb[TCA_FLOWER_CLASSID]) {
2563 __u32 h = rta_getattr_u32(tb[TCA_FLOWER_CLASSID]);
2564
2565 if (TC_H_MIN(h) < TC_H_MIN_PRIORITY ||
2566 TC_H_MIN(h) > (TC_H_MIN_PRIORITY + TC_QOPT_MAX_QUEUE - 1)) {
2567 SPRINT_BUF(b1);
2568 print_string(PRINT_ANY, "classid", "classid %s ",
2569 sprint_tc_classid(h, b1));
2570 } else {
2571 print_uint(PRINT_ANY, "hw_tc", "hw_tc %u ",
2572 TC_H_MIN(h) - TC_H_MIN_PRIORITY);
2573 }
2574 }
2575
2576 if (tb[TCA_FLOWER_INDEV]) {
2577 struct rtattr *attr = tb[TCA_FLOWER_INDEV];
2578
2579 print_nl();
2580 print_string(PRINT_ANY, "indev", " indev %s",
2581 rta_getattr_str(attr));
2582 }
2583
2584 open_json_object("keys");
2585
2586 if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
2587 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ID];
2588
2589 print_nl();
2590 print_uint(PRINT_ANY, "vlan_id", " vlan_id %u",
2591 rta_getattr_u16(attr));
2592 }
2593
2594 if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
2595 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_PRIO];
2596
2597 print_nl();
2598 print_uint(PRINT_ANY, "vlan_prio", " vlan_prio %d",
2599 rta_getattr_u8(attr));
2600 }
2601
2602 if (tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE]) {
2603 SPRINT_BUF(buf);
2604 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE];
2605
2606 print_nl();
2607 print_string(PRINT_ANY, "vlan_ethtype", " vlan_ethtype %s",
2608 ll_proto_n2a(rta_getattr_u16(attr),
2609 buf, sizeof(buf)));
2610 }
2611
2612 if (tb[TCA_FLOWER_KEY_CVLAN_ID]) {
2613 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ID];
2614
2615 print_nl();
2616 print_uint(PRINT_ANY, "cvlan_id", " cvlan_id %u",
2617 rta_getattr_u16(attr));
2618 }
2619
2620 if (tb[TCA_FLOWER_KEY_CVLAN_PRIO]) {
2621 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_PRIO];
2622
2623 print_nl();
2624 print_uint(PRINT_ANY, "cvlan_prio", " cvlan_prio %d",
2625 rta_getattr_u8(attr));
2626 }
2627
2628 if (tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE]) {
2629 SPRINT_BUF(buf);
2630 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE];
2631
2632 print_nl();
2633 print_string(PRINT_ANY, "cvlan_ethtype", " cvlan_ethtype %s",
2634 ll_proto_n2a(rta_getattr_u16(attr),
2635 buf, sizeof(buf)));
2636 }
2637
2638 flower_print_eth_addr("dst_mac", tb[TCA_FLOWER_KEY_ETH_DST],
2639 tb[TCA_FLOWER_KEY_ETH_DST_MASK]);
2640 flower_print_eth_addr("src_mac", tb[TCA_FLOWER_KEY_ETH_SRC],
2641 tb[TCA_FLOWER_KEY_ETH_SRC_MASK]);
2642
2643 flower_print_eth_type(&eth_type, tb[TCA_FLOWER_KEY_ETH_TYPE]);
2644 flower_print_ip_proto(&ip_proto, tb[TCA_FLOWER_KEY_IP_PROTO]);
2645
2646 flower_print_ip_attr("ip_tos", tb[TCA_FLOWER_KEY_IP_TOS],
2647 tb[TCA_FLOWER_KEY_IP_TOS_MASK]);
2648 flower_print_ip_attr("ip_ttl", tb[TCA_FLOWER_KEY_IP_TTL],
2649 tb[TCA_FLOWER_KEY_IP_TTL_MASK]);
2650
2651 flower_print_mpls_opts(tb[TCA_FLOWER_KEY_MPLS_OPTS]);
2652 flower_print_u32("mpls_label", tb[TCA_FLOWER_KEY_MPLS_LABEL]);
2653 flower_print_u8("mpls_tc", tb[TCA_FLOWER_KEY_MPLS_TC]);
2654 flower_print_u8("mpls_bos", tb[TCA_FLOWER_KEY_MPLS_BOS]);
2655 flower_print_u8("mpls_ttl", tb[TCA_FLOWER_KEY_MPLS_TTL]);
2656
2657 flower_print_ip_addr("dst_ip", eth_type,
2658 tb[TCA_FLOWER_KEY_IPV4_DST],
2659 tb[TCA_FLOWER_KEY_IPV4_DST_MASK],
2660 tb[TCA_FLOWER_KEY_IPV6_DST],
2661 tb[TCA_FLOWER_KEY_IPV6_DST_MASK]);
2662
2663 flower_print_ip_addr("src_ip", eth_type,
2664 tb[TCA_FLOWER_KEY_IPV4_SRC],
2665 tb[TCA_FLOWER_KEY_IPV4_SRC_MASK],
2666 tb[TCA_FLOWER_KEY_IPV6_SRC],
2667 tb[TCA_FLOWER_KEY_IPV6_SRC_MASK]);
2668
2669 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_DST);
2670 nl_mask_type = flower_port_attr_mask_type(ip_proto, FLOWER_ENDPOINT_DST);
2671 if (nl_type >= 0)
2672 flower_print_port("dst_port", tb[nl_type], tb[nl_mask_type]);
2673 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_SRC);
2674 nl_mask_type = flower_port_attr_mask_type(ip_proto, FLOWER_ENDPOINT_SRC);
2675 if (nl_type >= 0)
2676 flower_print_port("src_port", tb[nl_type], tb[nl_mask_type]);
2677
2678 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_DST,
2679 &min_port_type, &max_port_type))
2680 flower_print_port_range("dst_port",
2681 tb[min_port_type], tb[max_port_type]);
2682
2683 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_SRC,
2684 &min_port_type, &max_port_type))
2685 flower_print_port_range("src_port",
2686 tb[min_port_type], tb[max_port_type]);
2687
2688 flower_print_tcp_flags("tcp_flags", tb[TCA_FLOWER_KEY_TCP_FLAGS],
2689 tb[TCA_FLOWER_KEY_TCP_FLAGS_MASK]);
2690
2691 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
2692 FLOWER_ICMP_FIELD_TYPE);
2693 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
2694 FLOWER_ICMP_FIELD_TYPE);
2695 if (nl_type >= 0 && nl_mask_type >= 0)
2696 flower_print_masked_u8("icmp_type", tb[nl_type],
2697 tb[nl_mask_type], NULL);
2698
2699 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
2700 FLOWER_ICMP_FIELD_CODE);
2701 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
2702 FLOWER_ICMP_FIELD_CODE);
2703 if (nl_type >= 0 && nl_mask_type >= 0)
2704 flower_print_masked_u8("icmp_code", tb[nl_type],
2705 tb[nl_mask_type], NULL);
2706
2707 flower_print_ip4_addr("arp_sip", tb[TCA_FLOWER_KEY_ARP_SIP],
2708 tb[TCA_FLOWER_KEY_ARP_SIP_MASK]);
2709 flower_print_ip4_addr("arp_tip", tb[TCA_FLOWER_KEY_ARP_TIP],
2710 tb[TCA_FLOWER_KEY_ARP_TIP_MASK]);
2711 flower_print_arp_op("arp_op", tb[TCA_FLOWER_KEY_ARP_OP],
2712 tb[TCA_FLOWER_KEY_ARP_OP_MASK]);
2713 flower_print_eth_addr("arp_sha", tb[TCA_FLOWER_KEY_ARP_SHA],
2714 tb[TCA_FLOWER_KEY_ARP_SHA_MASK]);
2715 flower_print_eth_addr("arp_tha", tb[TCA_FLOWER_KEY_ARP_THA],
2716 tb[TCA_FLOWER_KEY_ARP_THA_MASK]);
2717
2718 flower_print_ip_addr("enc_dst_ip",
2719 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] ?
2720 htons(ETH_P_IP) : htons(ETH_P_IPV6),
2721 tb[TCA_FLOWER_KEY_ENC_IPV4_DST],
2722 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK],
2723 tb[TCA_FLOWER_KEY_ENC_IPV6_DST],
2724 tb[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK]);
2725
2726 flower_print_ip_addr("enc_src_ip",
2727 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] ?
2728 htons(ETH_P_IP) : htons(ETH_P_IPV6),
2729 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC],
2730 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK],
2731 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC],
2732 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK]);
2733
2734 flower_print_key_id("enc_key_id", tb[TCA_FLOWER_KEY_ENC_KEY_ID]);
2735
2736 flower_print_port("enc_dst_port", tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT],
2737 tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK]);
2738
2739 flower_print_ip_attr("enc_tos", tb[TCA_FLOWER_KEY_ENC_IP_TOS],
2740 tb[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]);
2741 flower_print_ip_attr("enc_ttl", tb[TCA_FLOWER_KEY_ENC_IP_TTL],
2742 tb[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]);
2743 flower_print_enc_opts("enc_opt", tb[TCA_FLOWER_KEY_ENC_OPTS],
2744 tb[TCA_FLOWER_KEY_ENC_OPTS_MASK]);
2745
2746 flower_print_matching_flags("ip_flags", FLOWER_IP_FLAGS,
2747 tb[TCA_FLOWER_KEY_FLAGS],
2748 tb[TCA_FLOWER_KEY_FLAGS_MASK]);
2749
2750 flower_print_ct_state(tb[TCA_FLOWER_KEY_CT_STATE],
2751 tb[TCA_FLOWER_KEY_CT_STATE_MASK]);
2752 flower_print_ct_zone(tb[TCA_FLOWER_KEY_CT_ZONE],
2753 tb[TCA_FLOWER_KEY_CT_ZONE_MASK]);
2754 flower_print_ct_mark(tb[TCA_FLOWER_KEY_CT_MARK],
2755 tb[TCA_FLOWER_KEY_CT_MARK_MASK]);
2756 flower_print_ct_label(tb[TCA_FLOWER_KEY_CT_LABELS],
2757 tb[TCA_FLOWER_KEY_CT_LABELS_MASK]);
2758
2759 close_json_object();
2760
2761 if (tb[TCA_FLOWER_FLAGS]) {
2762 __u32 flags = rta_getattr_u32(tb[TCA_FLOWER_FLAGS]);
2763
2764 if (flags & TCA_CLS_FLAGS_SKIP_HW) {
2765 print_nl();
2766 print_bool(PRINT_ANY, "skip_hw", " skip_hw", true);
2767 }
2768 if (flags & TCA_CLS_FLAGS_SKIP_SW) {
2769 print_nl();
2770 print_bool(PRINT_ANY, "skip_sw", " skip_sw", true);
2771 }
2772 if (flags & TCA_CLS_FLAGS_IN_HW) {
2773 print_nl();
2774 print_bool(PRINT_ANY, "in_hw", " in_hw", true);
2775
2776 if (tb[TCA_FLOWER_IN_HW_COUNT]) {
2777 __u32 count = rta_getattr_u32(tb[TCA_FLOWER_IN_HW_COUNT]);
2778
2779 print_uint(PRINT_ANY, "in_hw_count",
2780 " in_hw_count %u", count);
2781 }
2782 }
2783 else if (flags & TCA_CLS_FLAGS_NOT_IN_HW) {
2784 print_nl();
2785 print_bool(PRINT_ANY, "not_in_hw", " not_in_hw", true);
2786 }
2787 }
2788
2789 if (tb[TCA_FLOWER_ACT])
2790 tc_print_action(f, tb[TCA_FLOWER_ACT], 0);
2791
2792 return 0;
2793 }
2794
2795 struct filter_util flower_filter_util = {
2796 .id = "flower",
2797 .parse_fopt = flower_parse_opt,
2798 .print_fopt = flower_print_opt,
2799 };
Upstream mirror of iproute2