]> git.proxmox.com Git - mirror_iproute2.git/blob - tc/f_flower.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
man: dcb-ets: Remove an unnecessary empty line
[mirror_iproute2.git] / tc / f_flower.c
1 /*
2 * f_flower.c Flower Classifier
3 *
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Jiri Pirko <jiri@resnulli.us>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <string.h>
16 #include <net/if.h>
17 #include <linux/limits.h>
18 #include <linux/if_arp.h>
19 #include <linux/if_ether.h>
20 #include <linux/ip.h>
21 #include <linux/tc_act/tc_vlan.h>
22 #include <linux/mpls.h>
23
24 #include "utils.h"
25 #include "tc_util.h"
26 #include "rt_names.h"
27
28 enum flower_matching_flags {
29 FLOWER_IP_FLAGS,
30 };
31
32 enum flower_endpoint {
33 FLOWER_ENDPOINT_SRC,
34 FLOWER_ENDPOINT_DST
35 };
36
37 enum flower_icmp_field {
38 FLOWER_ICMP_FIELD_TYPE,
39 FLOWER_ICMP_FIELD_CODE
40 };
41
42 static void explain(void)
43 {
44 fprintf(stderr,
45 "Usage: ... flower [ MATCH-LIST ] [ verbose ]\n"
46 " [ skip_sw | skip_hw ]\n"
47 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
48 "\n"
49 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
50 " MATCH := { indev DEV-NAME |\n"
51 " vlan_id VID |\n"
52 " vlan_prio PRIORITY |\n"
53 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
54 " cvlan_id VID |\n"
55 " cvlan_prio PRIORITY |\n"
56 " cvlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
57 " dst_mac MASKED-LLADDR |\n"
58 " src_mac MASKED-LLADDR |\n"
59 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
60 " ip_tos MASKED-IP_TOS |\n"
61 " ip_ttl MASKED-IP_TTL |\n"
62 " mpls LSE-LIST |\n"
63 " mpls_label LABEL |\n"
64 " mpls_tc TC |\n"
65 " mpls_bos BOS |\n"
66 " mpls_ttl TTL |\n"
67 " dst_ip PREFIX |\n"
68 " src_ip PREFIX |\n"
69 " dst_port PORT-NUMBER |\n"
70 " src_port PORT-NUMBER |\n"
71 " tcp_flags MASKED-TCP_FLAGS |\n"
72 " type MASKED-ICMP-TYPE |\n"
73 " code MASKED-ICMP-CODE |\n"
74 " arp_tip IPV4-PREFIX |\n"
75 " arp_sip IPV4-PREFIX |\n"
76 " arp_op [ request | reply | OP ] |\n"
77 " arp_tha MASKED-LLADDR |\n"
78 " arp_sha MASKED-LLADDR |\n"
79 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
80 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
81 " enc_key_id [ KEY-ID ] |\n"
82 " enc_tos MASKED-IP_TOS |\n"
83 " enc_ttl MASKED-IP_TTL |\n"
84 " geneve_opts MASKED-OPTIONS |\n"
85 " vxlan_opts MASKED-OPTIONS |\n"
86 " erspan_opts MASKED-OPTIONS |\n"
87 " ip_flags IP-FLAGS | \n"
88 " enc_dst_port [ port_number ] |\n"
89 " ct_state MASKED_CT_STATE |\n"
90 " ct_label MASKED_CT_LABEL |\n"
91 " ct_mark MASKED_CT_MARK |\n"
92 " ct_zone MASKED_CT_ZONE }\n"
93 " LSE-LIST := [ LSE-LIST ] LSE\n"
94 " LSE := lse depth DEPTH { label LABEL | tc TC | bos BOS | ttl TTL }\n"
95 " FILTERID := X:Y:Z\n"
96 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
97 " MASKED_CT_STATE := combination of {+|-} and flags trk,est,new\n"
98 " ACTION-SPEC := ... look at individual actions\n"
99 "\n"
100 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
101 "NOTE: There can be only used one mask per one prio. If user needs\n"
102 " to specify different mask, he has to use different prio.\n");
103 }
104
105 static int flower_parse_eth_addr(char *str, int addr_type, int mask_type,
106 struct nlmsghdr *n)
107 {
108 int ret, err = -1;
109 char addr[ETH_ALEN], *slash;
110
111 slash = strchr(str, '/');
112 if (slash)
113 *slash = '\0';
114
115 ret = ll_addr_a2n(addr, sizeof(addr), str);
116 if (ret < 0)
117 goto err;
118 addattr_l(n, MAX_MSG, addr_type, addr, sizeof(addr));
119
120 if (slash) {
121 unsigned bits;
122
123 if (!get_unsigned(&bits, slash + 1, 10)) {
124 uint64_t mask;
125
126 /* Extra 16 bit shift to push mac address into
127 * high bits of uint64_t
128 */
129 mask = htonll(0xffffffffffffULL << (16 + 48 - bits));
130 memcpy(addr, &mask, ETH_ALEN);
131 } else {
132 ret = ll_addr_a2n(addr, sizeof(addr), slash + 1);
133 if (ret < 0)
134 goto err;
135 }
136 } else {
137 memset(addr, 0xff, ETH_ALEN);
138 }
139 addattr_l(n, MAX_MSG, mask_type, addr, sizeof(addr));
140
141 err = 0;
142 err:
143 if (slash)
144 *slash = '/';
145 return err;
146 }
147
148 static bool eth_type_vlan(__be16 ethertype)
149 {
150 return ethertype == htons(ETH_P_8021Q) ||
151 ethertype == htons(ETH_P_8021AD);
152 }
153
154 static int flower_parse_vlan_eth_type(char *str, __be16 eth_type, int type,
155 __be16 *p_vlan_eth_type,
156 struct nlmsghdr *n)
157 {
158 __be16 vlan_eth_type;
159
160 if (!eth_type_vlan(eth_type)) {
161 fprintf(stderr, "Can't set \"%s\" if ethertype isn't 802.1Q or 802.1AD\n",
162 type == TCA_FLOWER_KEY_VLAN_ETH_TYPE ? "vlan_ethtype" : "cvlan_ethtype");
163 return -1;
164 }
165
166 if (ll_proto_a2n(&vlan_eth_type, str))
167 invarg("invalid vlan_ethtype", str);
168 addattr16(n, MAX_MSG, type, vlan_eth_type);
169 *p_vlan_eth_type = vlan_eth_type;
170 return 0;
171 }
172
173 struct flag_to_string {
174 int flag;
175 enum flower_matching_flags type;
176 char *string;
177 };
178
179 static struct flag_to_string flags_str[] = {
180 { TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT, FLOWER_IP_FLAGS, "frag" },
181 { TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST, FLOWER_IP_FLAGS, "firstfrag" },
182 };
183
184 static int flower_parse_matching_flags(char *str,
185 enum flower_matching_flags type,
186 __u32 *mtf, __u32 *mtf_mask)
187 {
188 char *token;
189 bool no;
190 bool found;
191 int i;
192
193 token = strtok(str, "/");
194
195 while (token) {
196 if (!strncmp(token, "no", 2)) {
197 no = true;
198 token += 2;
199 } else
200 no = false;
201
202 found = false;
203 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
204 if (type != flags_str[i].type)
205 continue;
206
207 if (!strcmp(token, flags_str[i].string)) {
208 if (no)
209 *mtf &= ~flags_str[i].flag;
210 else
211 *mtf |= flags_str[i].flag;
212
213 *mtf_mask |= flags_str[i].flag;
214 found = true;
215 break;
216 }
217 }
218 if (!found)
219 return -1;
220
221 token = strtok(NULL, "/");
222 }
223
224 return 0;
225 }
226
227 static int flower_parse_u16(char *str, int value_type, int mask_type,
228 struct nlmsghdr *n, bool be)
229 {
230 __u16 value, mask;
231 char *slash;
232
233 slash = strchr(str, '/');
234 if (slash)
235 *slash = '\0';
236
237 if (get_u16(&value, str, 0))
238 return -1;
239
240 if (slash) {
241 if (get_u16(&mask, slash + 1, 0))
242 return -1;
243 } else {
244 mask = UINT16_MAX;
245 }
246
247 if (be) {
248 value = htons(value);
249 mask = htons(mask);
250 }
251 addattr16(n, MAX_MSG, value_type, value);
252 addattr16(n, MAX_MSG, mask_type, mask);
253
254 return 0;
255 }
256
257 static int flower_parse_u32(char *str, int value_type, int mask_type,
258 struct nlmsghdr *n)
259 {
260 __u32 value, mask;
261 char *slash;
262
263 slash = strchr(str, '/');
264 if (slash)
265 *slash = '\0';
266
267 if (get_u32(&value, str, 0))
268 return -1;
269
270 if (slash) {
271 if (get_u32(&mask, slash + 1, 0))
272 return -1;
273 } else {
274 mask = UINT32_MAX;
275 }
276
277 addattr32(n, MAX_MSG, value_type, value);
278 addattr32(n, MAX_MSG, mask_type, mask);
279
280 return 0;
281 }
282
283 static int flower_parse_ct_mark(char *str, struct nlmsghdr *n)
284 {
285 return flower_parse_u32(str,
286 TCA_FLOWER_KEY_CT_MARK,
287 TCA_FLOWER_KEY_CT_MARK_MASK,
288 n);
289 }
290
291 static int flower_parse_ct_zone(char *str, struct nlmsghdr *n)
292 {
293 return flower_parse_u16(str,
294 TCA_FLOWER_KEY_CT_ZONE,
295 TCA_FLOWER_KEY_CT_ZONE_MASK,
296 n,
297 false);
298 }
299
300 static int flower_parse_ct_labels(char *str, struct nlmsghdr *n)
301 {
302 #define LABELS_SIZE 16
303 uint8_t labels[LABELS_SIZE], lmask[LABELS_SIZE];
304 char *slash, *mask = NULL;
305 size_t slen, slen_mask = 0;
306
307 slash = index(str, '/');
308 if (slash) {
309 *slash = 0;
310 mask = slash + 1;
311 slen_mask = strlen(mask);
312 }
313
314 slen = strlen(str);
315 if (slen > LABELS_SIZE * 2 || slen_mask > LABELS_SIZE * 2) {
316 char errmsg[128];
317
318 snprintf(errmsg, sizeof(errmsg),
319 "%zd Max allowed size %d",
320 slen, LABELS_SIZE*2);
321 invarg(errmsg, str);
322 }
323
324 if (hex2mem(str, labels, slen / 2) < 0)
325 invarg("labels must be a hex string\n", str);
326 addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS, labels, slen / 2);
327
328 if (mask) {
329 if (hex2mem(mask, lmask, slen_mask / 2) < 0)
330 invarg("labels mask must be a hex string\n", mask);
331 } else {
332 memset(lmask, 0xff, sizeof(lmask));
333 slen_mask = sizeof(lmask) * 2;
334 }
335 addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS_MASK, lmask,
336 slen_mask / 2);
337
338 return 0;
339 }
340
341 static struct flower_ct_states {
342 char *str;
343 int flag;
344 } flower_ct_states[] = {
345 { "trk", TCA_FLOWER_KEY_CT_FLAGS_TRACKED },
346 { "new", TCA_FLOWER_KEY_CT_FLAGS_NEW },
347 { "est", TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED },
348 };
349
350 static int flower_parse_ct_state(char *str, struct nlmsghdr *n)
351 {
352 int flags = 0, mask = 0, len, i;
353 bool p;
354
355 while (*str != '\0') {
356 if (*str == '+')
357 p = true;
358 else if (*str == '-')
359 p = false;
360 else
361 return -1;
362
363 for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
364 len = strlen(flower_ct_states[i].str);
365 if (strncmp(str + 1, flower_ct_states[i].str, len))
366 continue;
367
368 if (p)
369 flags |= flower_ct_states[i].flag;
370 mask |= flower_ct_states[i].flag;
371 break;
372 }
373
374 if (i == ARRAY_SIZE(flower_ct_states))
375 return -1;
376
377 str += len + 1;
378 }
379
380 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE, flags);
381 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE_MASK, mask);
382 return 0;
383 }
384
385 static int flower_parse_ip_proto(char *str, __be16 eth_type, int type,
386 __u8 *p_ip_proto, struct nlmsghdr *n)
387 {
388 int ret;
389 __u8 ip_proto;
390
391 if (eth_type != htons(ETH_P_IP) && eth_type != htons(ETH_P_IPV6))
392 goto err;
393
394 if (matches(str, "tcp") == 0) {
395 ip_proto = IPPROTO_TCP;
396 } else if (matches(str, "udp") == 0) {
397 ip_proto = IPPROTO_UDP;
398 } else if (matches(str, "sctp") == 0) {
399 ip_proto = IPPROTO_SCTP;
400 } else if (matches(str, "icmp") == 0) {
401 if (eth_type != htons(ETH_P_IP))
402 goto err;
403 ip_proto = IPPROTO_ICMP;
404 } else if (matches(str, "icmpv6") == 0) {
405 if (eth_type != htons(ETH_P_IPV6))
406 goto err;
407 ip_proto = IPPROTO_ICMPV6;
408 } else {
409 ret = get_u8(&ip_proto, str, 16);
410 if (ret)
411 return -1;
412 }
413 addattr8(n, MAX_MSG, type, ip_proto);
414 *p_ip_proto = ip_proto;
415 return 0;
416
417 err:
418 fprintf(stderr, "Illegal \"eth_type\" for ip proto\n");
419 return -1;
420 }
421
422 static int __flower_parse_ip_addr(char *str, int family,
423 int addr4_type, int mask4_type,
424 int addr6_type, int mask6_type,
425 struct nlmsghdr *n)
426 {
427 int ret;
428 inet_prefix addr;
429 int bits;
430 int i;
431
432 ret = get_prefix(&addr, str, family);
433 if (ret)
434 return -1;
435
436 if (family && (addr.family != family)) {
437 fprintf(stderr, "Illegal \"eth_type\" for ip address\n");
438 return -1;
439 }
440
441 addattr_l(n, MAX_MSG, addr.family == AF_INET ? addr4_type : addr6_type,
442 addr.data, addr.bytelen);
443
444 memset(addr.data, 0xff, addr.bytelen);
445 bits = addr.bitlen;
446 for (i = 0; i < addr.bytelen / 4; i++) {
447 if (!bits) {
448 addr.data[i] = 0;
449 } else if (bits / 32 >= 1) {
450 bits -= 32;
451 } else {
452 addr.data[i] <<= 32 - bits;
453 addr.data[i] = htonl(addr.data[i]);
454 bits = 0;
455 }
456 }
457
458 addattr_l(n, MAX_MSG, addr.family == AF_INET ? mask4_type : mask6_type,
459 addr.data, addr.bytelen);
460
461 return 0;
462 }
463
464 static int flower_parse_ip_addr(char *str, __be16 eth_type,
465 int addr4_type, int mask4_type,
466 int addr6_type, int mask6_type,
467 struct nlmsghdr *n)
468 {
469 int family;
470
471 if (eth_type == htons(ETH_P_IP)) {
472 family = AF_INET;
473 } else if (eth_type == htons(ETH_P_IPV6)) {
474 family = AF_INET6;
475 } else if (!eth_type) {
476 family = AF_UNSPEC;
477 } else {
478 return -1;
479 }
480
481 return __flower_parse_ip_addr(str, family, addr4_type, mask4_type,
482 addr6_type, mask6_type, n);
483 }
484
485 static bool flower_eth_type_arp(__be16 eth_type)
486 {
487 return eth_type == htons(ETH_P_ARP) || eth_type == htons(ETH_P_RARP);
488 }
489
490 static int flower_parse_arp_ip_addr(char *str, __be16 eth_type,
491 int addr_type, int mask_type,
492 struct nlmsghdr *n)
493 {
494 if (!flower_eth_type_arp(eth_type))
495 return -1;
496
497 return __flower_parse_ip_addr(str, AF_INET, addr_type, mask_type,
498 TCA_FLOWER_UNSPEC, TCA_FLOWER_UNSPEC, n);
499 }
500
501 static int flower_parse_u8(char *str, int value_type, int mask_type,
502 int (*value_from_name)(const char *str,
503 __u8 *value),
504 bool (*value_validate)(__u8 value),
505 struct nlmsghdr *n)
506 {
507 char *slash;
508 int ret, err = -1;
509 __u8 value, mask;
510
511 slash = strchr(str, '/');
512 if (slash)
513 *slash = '\0';
514
515 ret = value_from_name ? value_from_name(str, &value) : -1;
516 if (ret < 0) {
517 ret = get_u8(&value, str, 10);
518 if (ret)
519 goto err;
520 }
521
522 if (value_validate && !value_validate(value))
523 goto err;
524
525 if (slash) {
526 ret = get_u8(&mask, slash + 1, 10);
527 if (ret)
528 goto err;
529 }
530 else {
531 mask = UINT8_MAX;
532 }
533
534 addattr8(n, MAX_MSG, value_type, value);
535 addattr8(n, MAX_MSG, mask_type, mask);
536
537 err = 0;
538 err:
539 if (slash)
540 *slash = '/';
541 return err;
542 }
543
544 static const char *flower_print_arp_op_to_name(__u8 op)
545 {
546 switch (op) {
547 case ARPOP_REQUEST:
548 return "request";
549 case ARPOP_REPLY:
550 return "reply";
551 default:
552 return NULL;
553 }
554 }
555
556 static int flower_arp_op_from_name(const char *name, __u8 *op)
557 {
558 if (!strcmp(name, "request"))
559 *op = ARPOP_REQUEST;
560 else if (!strcmp(name, "reply"))
561 *op = ARPOP_REPLY;
562 else
563 return -1;
564
565 return 0;
566 }
567
568 static bool flow_arp_op_validate(__u8 op)
569 {
570 return !op || op == ARPOP_REQUEST || op == ARPOP_REPLY;
571 }
572
573 static int flower_parse_arp_op(char *str, __be16 eth_type,
574 int op_type, int mask_type,
575 struct nlmsghdr *n)
576 {
577 if (!flower_eth_type_arp(eth_type))
578 return -1;
579
580 return flower_parse_u8(str, op_type, mask_type, flower_arp_op_from_name,
581 flow_arp_op_validate, n);
582 }
583
584 static int flower_icmp_attr_type(__be16 eth_type, __u8 ip_proto,
585 enum flower_icmp_field field)
586 {
587 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
588 return field == FLOWER_ICMP_FIELD_CODE ?
589 TCA_FLOWER_KEY_ICMPV4_CODE :
590 TCA_FLOWER_KEY_ICMPV4_TYPE;
591 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
592 return field == FLOWER_ICMP_FIELD_CODE ?
593 TCA_FLOWER_KEY_ICMPV6_CODE :
594 TCA_FLOWER_KEY_ICMPV6_TYPE;
595
596 return -1;
597 }
598
599 static int flower_icmp_attr_mask_type(__be16 eth_type, __u8 ip_proto,
600 enum flower_icmp_field field)
601 {
602 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
603 return field == FLOWER_ICMP_FIELD_CODE ?
604 TCA_FLOWER_KEY_ICMPV4_CODE_MASK :
605 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK;
606 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
607 return field == FLOWER_ICMP_FIELD_CODE ?
608 TCA_FLOWER_KEY_ICMPV6_CODE_MASK :
609 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK;
610
611 return -1;
612 }
613
614 static int flower_parse_icmp(char *str, __u16 eth_type, __u8 ip_proto,
615 enum flower_icmp_field field, struct nlmsghdr *n)
616 {
617 int value_type, mask_type;
618
619 value_type = flower_icmp_attr_type(eth_type, ip_proto, field);
620 mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto, field);
621 if (value_type < 0 || mask_type < 0)
622 return -1;
623
624 return flower_parse_u8(str, value_type, mask_type, NULL, NULL, n);
625 }
626
627 static int flower_port_attr_type(__u8 ip_proto, enum flower_endpoint endpoint)
628 {
629 if (ip_proto == IPPROTO_TCP)
630 return endpoint == FLOWER_ENDPOINT_SRC ?
631 TCA_FLOWER_KEY_TCP_SRC :
632 TCA_FLOWER_KEY_TCP_DST;
633 else if (ip_proto == IPPROTO_UDP)
634 return endpoint == FLOWER_ENDPOINT_SRC ?
635 TCA_FLOWER_KEY_UDP_SRC :
636 TCA_FLOWER_KEY_UDP_DST;
637 else if (ip_proto == IPPROTO_SCTP)
638 return endpoint == FLOWER_ENDPOINT_SRC ?
639 TCA_FLOWER_KEY_SCTP_SRC :
640 TCA_FLOWER_KEY_SCTP_DST;
641 else
642 return -1;
643 }
644
645 static int flower_port_attr_mask_type(__u8 ip_proto,
646 enum flower_endpoint endpoint)
647 {
648 switch (ip_proto) {
649 case IPPROTO_TCP:
650 return endpoint == FLOWER_ENDPOINT_SRC ?
651 TCA_FLOWER_KEY_TCP_SRC_MASK :
652 TCA_FLOWER_KEY_TCP_DST_MASK;
653 case IPPROTO_UDP:
654 return endpoint == FLOWER_ENDPOINT_SRC ?
655 TCA_FLOWER_KEY_UDP_SRC_MASK :
656 TCA_FLOWER_KEY_UDP_DST_MASK;
657 case IPPROTO_SCTP:
658 return endpoint == FLOWER_ENDPOINT_SRC ?
659 TCA_FLOWER_KEY_SCTP_SRC_MASK :
660 TCA_FLOWER_KEY_SCTP_DST_MASK;
661 default:
662 return -1;
663 }
664 }
665
666 static int flower_port_range_attr_type(__u8 ip_proto, enum flower_endpoint type,
667 __be16 *min_port_type,
668 __be16 *max_port_type)
669 {
670 if (ip_proto == IPPROTO_TCP || ip_proto == IPPROTO_UDP ||
671 ip_proto == IPPROTO_SCTP) {
672 if (type == FLOWER_ENDPOINT_SRC) {
673 *min_port_type = TCA_FLOWER_KEY_PORT_SRC_MIN;
674 *max_port_type = TCA_FLOWER_KEY_PORT_SRC_MAX;
675 } else {
676 *min_port_type = TCA_FLOWER_KEY_PORT_DST_MIN;
677 *max_port_type = TCA_FLOWER_KEY_PORT_DST_MAX;
678 }
679 } else {
680 return -1;
681 }
682 return 0;
683 }
684
685 /* parse range args in format 10-20 */
686 static int parse_range(char *str, __be16 *min, __be16 *max)
687 {
688 char *sep;
689
690 sep = strchr(str, '-');
691 if (sep) {
692 *sep = '\0';
693
694 if (get_be16(min, str, 10))
695 return -1;
696
697 if (get_be16(max, sep + 1, 10))
698 return -1;
699 } else {
700 if (get_be16(min, str, 10))
701 return -1;
702 }
703 return 0;
704 }
705
706 static int flower_parse_port(char *str, __u8 ip_proto,
707 enum flower_endpoint endpoint,
708 struct nlmsghdr *n)
709 {
710 char *slash = NULL;
711 __be16 min = 0;
712 __be16 max = 0;
713 int ret;
714
715 ret = parse_range(str, &min, &max);
716 if (ret) {
717 slash = strchr(str, '/');
718 if (!slash)
719 return -1;
720 }
721
722 if (min && max) {
723 __be16 min_port_type, max_port_type;
724
725 if (max <= min) {
726 fprintf(stderr, "max value should be greater than min value\n");
727 return -1;
728 }
729 if (flower_port_range_attr_type(ip_proto, endpoint,
730 &min_port_type, &max_port_type))
731 return -1;
732
733 addattr16(n, MAX_MSG, min_port_type, min);
734 addattr16(n, MAX_MSG, max_port_type, max);
735 } else if (slash || (min && !max)) {
736 int type;
737
738 type = flower_port_attr_type(ip_proto, endpoint);
739 if (type < 0)
740 return -1;
741
742 if (!slash) {
743 addattr16(n, MAX_MSG, type, min);
744 } else {
745 int mask_type;
746
747 mask_type = flower_port_attr_mask_type(ip_proto,
748 endpoint);
749 if (mask_type < 0)
750 return -1;
751 return flower_parse_u16(str, type, mask_type, n, true);
752 }
753 } else {
754 return -1;
755 }
756 return 0;
757 }
758
759 #define TCP_FLAGS_MAX_MASK 0xfff
760
761 static int flower_parse_tcp_flags(char *str, int flags_type, int mask_type,
762 struct nlmsghdr *n)
763 {
764 char *slash;
765 int ret, err = -1;
766 __u16 flags;
767
768 slash = strchr(str, '/');
769 if (slash)
770 *slash = '\0';
771
772 ret = get_u16(&flags, str, 16);
773 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
774 goto err;
775
776 addattr16(n, MAX_MSG, flags_type, htons(flags));
777
778 if (slash) {
779 ret = get_u16(&flags, slash + 1, 16);
780 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
781 goto err;
782 } else {
783 flags = TCP_FLAGS_MAX_MASK;
784 }
785 addattr16(n, MAX_MSG, mask_type, htons(flags));
786
787 err = 0;
788 err:
789 if (slash)
790 *slash = '/';
791 return err;
792 }
793
794 static int flower_parse_ip_tos_ttl(char *str, int key_type, int mask_type,
795 struct nlmsghdr *n)
796 {
797 char *slash;
798 int ret, err = -1;
799 __u8 tos_ttl;
800
801 slash = strchr(str, '/');
802 if (slash)
803 *slash = '\0';
804
805 ret = get_u8(&tos_ttl, str, 10);
806 if (ret < 0)
807 ret = get_u8(&tos_ttl, str, 16);
808 if (ret < 0)
809 goto err;
810
811 addattr8(n, MAX_MSG, key_type, tos_ttl);
812
813 if (slash) {
814 ret = get_u8(&tos_ttl, slash + 1, 16);
815 if (ret < 0)
816 goto err;
817 } else {
818 tos_ttl = 0xff;
819 }
820 addattr8(n, MAX_MSG, mask_type, tos_ttl);
821
822 err = 0;
823 err:
824 if (slash)
825 *slash = '/';
826 return err;
827 }
828
829 static int flower_parse_key_id(const char *str, int type, struct nlmsghdr *n)
830 {
831 int ret;
832 __be32 key_id;
833
834 ret = get_be32(&key_id, str, 10);
835 if (!ret)
836 addattr32(n, MAX_MSG, type, key_id);
837
838 return ret;
839 }
840
841 static int flower_parse_enc_port(char *str, int type, struct nlmsghdr *n)
842 {
843 int ret;
844 __be16 port;
845
846 ret = get_be16(&port, str, 10);
847 if (ret)
848 return -1;
849
850 addattr16(n, MAX_MSG, type, port);
851
852 return 0;
853 }
854
855 static int flower_parse_geneve_opt(char *str, struct nlmsghdr *n)
856 {
857 struct rtattr *nest;
858 char *token;
859 int i, err;
860
861 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_GENEVE);
862
863 i = 1;
864 token = strsep(&str, ":");
865 while (token) {
866 switch (i) {
867 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS:
868 {
869 __be16 opt_class;
870
871 if (!strlen(token))
872 break;
873 err = get_be16(&opt_class, token, 16);
874 if (err)
875 return err;
876
877 addattr16(n, MAX_MSG, i, opt_class);
878 break;
879 }
880 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE:
881 {
882 __u8 opt_type;
883
884 if (!strlen(token))
885 break;
886 err = get_u8(&opt_type, token, 16);
887 if (err)
888 return err;
889
890 addattr8(n, MAX_MSG, i, opt_type);
891 break;
892 }
893 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA:
894 {
895 size_t token_len = strlen(token);
896 __u8 *opts;
897
898 if (!token_len)
899 break;
900 opts = malloc(token_len / 2);
901 if (!opts)
902 return -1;
903 if (hex2mem(token, opts, token_len / 2) < 0) {
904 free(opts);
905 return -1;
906 }
907 addattr_l(n, MAX_MSG, i, opts, token_len / 2);
908 free(opts);
909
910 break;
911 }
912 default:
913 fprintf(stderr, "Unknown \"geneve_opts\" type\n");
914 return -1;
915 }
916
917 token = strsep(&str, ":");
918 i++;
919 }
920 addattr_nest_end(n, nest);
921
922 return 0;
923 }
924
925 static int flower_parse_vxlan_opt(char *str, struct nlmsghdr *n)
926 {
927 struct rtattr *nest;
928 __u32 gbp;
929 int err;
930
931 nest = addattr_nest(n, MAX_MSG,
932 TCA_FLOWER_KEY_ENC_OPTS_VXLAN | NLA_F_NESTED);
933
934 err = get_u32(&gbp, str, 0);
935 if (err)
936 return err;
937 addattr32(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP, gbp);
938
939 addattr_nest_end(n, nest);
940
941 return 0;
942 }
943
944 static int flower_parse_erspan_opt(char *str, struct nlmsghdr *n)
945 {
946 struct rtattr *nest;
947 char *token;
948 int i, err;
949
950 nest = addattr_nest(n, MAX_MSG,
951 TCA_FLOWER_KEY_ENC_OPTS_ERSPAN | NLA_F_NESTED);
952
953 i = 1;
954 token = strsep(&str, ":");
955 while (token) {
956 switch (i) {
957 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER:
958 {
959 __u8 opt_type;
960
961 if (!strlen(token))
962 break;
963 err = get_u8(&opt_type, token, 0);
964 if (err)
965 return err;
966
967 addattr8(n, MAX_MSG, i, opt_type);
968 break;
969 }
970 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX:
971 {
972 __be32 opt_index;
973
974 if (!strlen(token))
975 break;
976 err = get_be32(&opt_index, token, 0);
977 if (err)
978 return err;
979
980 addattr32(n, MAX_MSG, i, opt_index);
981 break;
982 }
983 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR:
984 {
985 __u8 opt_type;
986
987 if (!strlen(token))
988 break;
989 err = get_u8(&opt_type, token, 0);
990 if (err)
991 return err;
992
993 addattr8(n, MAX_MSG, i, opt_type);
994 break;
995 }
996 case TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID:
997 {
998 __u8 opt_type;
999
1000 if (!strlen(token))
1001 break;
1002 err = get_u8(&opt_type, token, 0);
1003 if (err)
1004 return err;
1005
1006 addattr8(n, MAX_MSG, i, opt_type);
1007 break;
1008 }
1009 default:
1010 fprintf(stderr, "Unknown \"geneve_opts\" type\n");
1011 return -1;
1012 }
1013
1014 token = strsep(&str, ":");
1015 i++;
1016 }
1017 addattr_nest_end(n, nest);
1018
1019 return 0;
1020 }
1021
1022 static int flower_parse_geneve_opts(char *str, struct nlmsghdr *n)
1023 {
1024 char *token;
1025 int err;
1026
1027 token = strsep(&str, ",");
1028 while (token) {
1029 err = flower_parse_geneve_opt(token, n);
1030 if (err)
1031 return err;
1032
1033 token = strsep(&str, ",");
1034 }
1035
1036 return 0;
1037 }
1038
1039 static int flower_check_enc_opt_key(char *key)
1040 {
1041 int key_len, col_cnt = 0;
1042
1043 key_len = strlen(key);
1044 while ((key = strchr(key, ':'))) {
1045 if (strlen(key) == key_len)
1046 return -1;
1047
1048 key_len = strlen(key) - 1;
1049 col_cnt++;
1050 key++;
1051 }
1052
1053 if (col_cnt != 2 || !key_len)
1054 return -1;
1055
1056 return 0;
1057 }
1058
1059 static int flower_parse_enc_opts_geneve(char *str, struct nlmsghdr *n)
1060 {
1061 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
1062 int data_len, key_len, mask_len, err;
1063 char *token, *slash;
1064 struct rtattr *nest;
1065
1066 key_len = 0;
1067 mask_len = 0;
1068 token = strsep(&str, ",");
1069 while (token) {
1070 slash = strchr(token, '/');
1071 if (slash)
1072 *slash = '\0';
1073
1074 if ((key_len + strlen(token) > XATTR_SIZE_MAX) ||
1075 flower_check_enc_opt_key(token))
1076 return -1;
1077
1078 strcpy(&key[key_len], token);
1079 key_len += strlen(token) + 1;
1080 key[key_len - 1] = ',';
1081
1082 if (!slash) {
1083 /* Pad out mask when not provided */
1084 if (mask_len + strlen(token) > XATTR_SIZE_MAX)
1085 return -1;
1086
1087 data_len = strlen(rindex(token, ':'));
1088 sprintf(&mask[mask_len], "ffff:ff:");
1089 mask_len += 8;
1090 memset(&mask[mask_len], 'f', data_len - 1);
1091 mask_len += data_len;
1092 mask[mask_len - 1] = ',';
1093 token = strsep(&str, ",");
1094 continue;
1095 }
1096
1097 if (mask_len + strlen(slash + 1) > XATTR_SIZE_MAX)
1098 return -1;
1099
1100 strcpy(&mask[mask_len], slash + 1);
1101 mask_len += strlen(slash + 1) + 1;
1102 mask[mask_len - 1] = ',';
1103
1104 *slash = '/';
1105 token = strsep(&str, ",");
1106 }
1107 key[key_len - 1] = '\0';
1108 mask[mask_len - 1] = '\0';
1109
1110 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS);
1111 err = flower_parse_geneve_opts(key, n);
1112 if (err)
1113 return err;
1114 addattr_nest_end(n, nest);
1115
1116 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_MASK);
1117 err = flower_parse_geneve_opts(mask, n);
1118 if (err)
1119 return err;
1120 addattr_nest_end(n, nest);
1121
1122 return 0;
1123 }
1124
1125 static int flower_parse_enc_opts_vxlan(char *str, struct nlmsghdr *n)
1126 {
1127 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
1128 struct rtattr *nest;
1129 char *slash;
1130 int err;
1131
1132 slash = strchr(str, '/');
1133 if (slash) {
1134 *slash++ = '\0';
1135 if (strlen(slash) > XATTR_SIZE_MAX)
1136 return -1;
1137 strcpy(mask, slash);
1138 } else {
1139 strcpy(mask, "0xffffffff");
1140 }
1141
1142 if (strlen(str) > XATTR_SIZE_MAX)
1143 return -1;
1144 strcpy(key, str);
1145
1146 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS | NLA_F_NESTED);
1147 err = flower_parse_vxlan_opt(str, n);
1148 if (err)
1149 return err;
1150 addattr_nest_end(n, nest);
1151
1152 nest = addattr_nest(n, MAX_MSG,
1153 TCA_FLOWER_KEY_ENC_OPTS_MASK | NLA_F_NESTED);
1154 err = flower_parse_vxlan_opt(mask, n);
1155 if (err)
1156 return err;
1157 addattr_nest_end(n, nest);
1158
1159 return 0;
1160 }
1161
1162 static int flower_parse_enc_opts_erspan(char *str, struct nlmsghdr *n)
1163 {
1164 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
1165 struct rtattr *nest;
1166 char *slash;
1167 int err;
1168
1169
1170 slash = strchr(str, '/');
1171 if (slash) {
1172 *slash++ = '\0';
1173 if (strlen(slash) > XATTR_SIZE_MAX)
1174 return -1;
1175 strcpy(mask, slash);
1176 } else {
1177 int index;
1178
1179 slash = strchr(str, ':');
1180 index = (int)(slash - str);
1181 memcpy(mask, str, index);
1182 strcpy(mask + index, ":0xffffffff:0xff:0xff");
1183 }
1184
1185 if (strlen(str) > XATTR_SIZE_MAX)
1186 return -1;
1187 strcpy(key, str);
1188
1189 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS | NLA_F_NESTED);
1190 err = flower_parse_erspan_opt(key, n);
1191 if (err)
1192 return err;
1193 addattr_nest_end(n, nest);
1194
1195 nest = addattr_nest(n, MAX_MSG,
1196 TCA_FLOWER_KEY_ENC_OPTS_MASK | NLA_F_NESTED);
1197 err = flower_parse_erspan_opt(mask, n);
1198 if (err)
1199 return err;
1200 addattr_nest_end(n, nest);
1201
1202 return 0;
1203 }
1204
1205 static int flower_parse_mpls_lse(int *argc_p, char ***argv_p,
1206 struct nlmsghdr *nlh)
1207 {
1208 struct rtattr *lse_attr;
1209 char **argv = *argv_p;
1210 int argc = *argc_p;
1211 __u8 depth = 0;
1212 int ret;
1213
1214 lse_attr = addattr_nest(nlh, MAX_MSG,
1215 TCA_FLOWER_KEY_MPLS_OPTS_LSE | NLA_F_NESTED);
1216
1217 while (argc > 0) {
1218 if (matches(*argv, "depth") == 0) {
1219 NEXT_ARG();
1220 ret = get_u8(&depth, *argv, 10);
1221 if (ret < 0 || depth < 1) {
1222 fprintf(stderr, "Illegal \"depth\"\n");
1223 return -1;
1224 }
1225 addattr8(nlh, MAX_MSG,
1226 TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH, depth);
1227 } else if (matches(*argv, "label") == 0) {
1228 __u32 label;
1229
1230 NEXT_ARG();
1231 ret = get_u32(&label, *argv, 10);
1232 if (ret < 0 ||
1233 label & ~(MPLS_LS_LABEL_MASK >> MPLS_LS_LABEL_SHIFT)) {
1234 fprintf(stderr, "Illegal \"label\"\n");
1235 return -1;
1236 }
1237 addattr32(nlh, MAX_MSG,
1238 TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL, label);
1239 } else if (matches(*argv, "tc") == 0) {
1240 __u8 tc;
1241
1242 NEXT_ARG();
1243 ret = get_u8(&tc, *argv, 10);
1244 if (ret < 0 ||
1245 tc & ~(MPLS_LS_TC_MASK >> MPLS_LS_TC_SHIFT)) {
1246 fprintf(stderr, "Illegal \"tc\"\n");
1247 return -1;
1248 }
1249 addattr8(nlh, MAX_MSG, TCA_FLOWER_KEY_MPLS_OPT_LSE_TC,
1250 tc);
1251 } else if (matches(*argv, "bos") == 0) {
1252 __u8 bos;
1253
1254 NEXT_ARG();
1255 ret = get_u8(&bos, *argv, 10);
1256 if (ret < 0 || bos & ~(MPLS_LS_S_MASK >> MPLS_LS_S_SHIFT)) {
1257 fprintf(stderr, "Illegal \"bos\"\n");
1258 return -1;
1259 }
1260 addattr8(nlh, MAX_MSG, TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS,
1261 bos);
1262 } else if (matches(*argv, "ttl") == 0) {
1263 __u8 ttl;
1264
1265 NEXT_ARG();
1266 ret = get_u8(&ttl, *argv, 10);
1267 if (ret < 0 || ttl & ~(MPLS_LS_TTL_MASK >> MPLS_LS_TTL_SHIFT)) {
1268 fprintf(stderr, "Illegal \"ttl\"\n");
1269 return -1;
1270 }
1271 addattr8(nlh, MAX_MSG, TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL,
1272 ttl);
1273 } else {
1274 break;
1275 }
1276 argc--; argv++;
1277 }
1278
1279 if (!depth) {
1280 missarg("depth");
1281 return -1;
1282 }
1283
1284 addattr_nest_end(nlh, lse_attr);
1285
1286 *argc_p = argc;
1287 *argv_p = argv;
1288
1289 return 0;
1290 }
1291
1292 static int flower_parse_mpls(int *argc_p, char ***argv_p, struct nlmsghdr *nlh)
1293 {
1294 struct rtattr *mpls_attr;
1295 char **argv = *argv_p;
1296 int argc = *argc_p;
1297
1298 mpls_attr = addattr_nest(nlh, MAX_MSG,
1299 TCA_FLOWER_KEY_MPLS_OPTS | NLA_F_NESTED);
1300
1301 while (argc > 0) {
1302 if (matches(*argv, "lse") == 0) {
1303 NEXT_ARG();
1304 if (flower_parse_mpls_lse(&argc, &argv, nlh) < 0)
1305 return -1;
1306 } else {
1307 break;
1308 }
1309 }
1310
1311 addattr_nest_end(nlh, mpls_attr);
1312
1313 *argc_p = argc;
1314 *argv_p = argv;
1315
1316 return 0;
1317 }
1318
1319 static int flower_parse_opt(struct filter_util *qu, char *handle,
1320 int argc, char **argv, struct nlmsghdr *n)
1321 {
1322 int ret;
1323 struct tcmsg *t = NLMSG_DATA(n);
1324 bool mpls_format_old = false;
1325 bool mpls_format_new = false;
1326 struct rtattr *tail;
1327 __be16 tc_proto = TC_H_MIN(t->tcm_info);
1328 __be16 eth_type = tc_proto;
1329 __be16 vlan_ethtype = 0;
1330 __u8 ip_proto = 0xff;
1331 __u32 flags = 0;
1332 __u32 mtf = 0;
1333 __u32 mtf_mask = 0;
1334
1335 if (handle) {
1336 ret = get_u32(&t->tcm_handle, handle, 0);
1337 if (ret) {
1338 fprintf(stderr, "Illegal \"handle\"\n");
1339 return -1;
1340 }
1341 }
1342
1343 tail = (struct rtattr *) (((void *) n) + NLMSG_ALIGN(n->nlmsg_len));
1344 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0);
1345
1346 if (argc == 0) {
1347 /*at minimal we will match all ethertype packets */
1348 goto parse_done;
1349 }
1350
1351 while (argc > 0) {
1352 if (matches(*argv, "classid") == 0 ||
1353 matches(*argv, "flowid") == 0) {
1354 unsigned int handle;
1355
1356 NEXT_ARG();
1357 ret = get_tc_classid(&handle, *argv);
1358 if (ret) {
1359 fprintf(stderr, "Illegal \"classid\"\n");
1360 return -1;
1361 }
1362 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle, 4);
1363 } else if (matches(*argv, "hw_tc") == 0) {
1364 unsigned int handle;
1365 __u32 tc;
1366 char *end;
1367
1368 NEXT_ARG();
1369 tc = strtoul(*argv, &end, 0);
1370 if (*end) {
1371 fprintf(stderr, "Illegal TC index\n");
1372 return -1;
1373 }
1374 if (tc >= TC_QOPT_MAX_QUEUE) {
1375 fprintf(stderr, "TC index exceeds max range\n");
1376 return -1;
1377 }
1378 handle = TC_H_MAKE(TC_H_MAJ(t->tcm_parent),
1379 TC_H_MIN(tc + TC_H_MIN_PRIORITY));
1380 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle,
1381 sizeof(handle));
1382 } else if (matches(*argv, "ip_flags") == 0) {
1383 NEXT_ARG();
1384 ret = flower_parse_matching_flags(*argv,
1385 FLOWER_IP_FLAGS,
1386 &mtf,
1387 &mtf_mask);
1388 if (ret < 0) {
1389 fprintf(stderr, "Illegal \"ip_flags\"\n");
1390 return -1;
1391 }
1392 } else if (matches(*argv, "verbose") == 0) {
1393 flags |= TCA_CLS_FLAGS_VERBOSE;
1394 } else if (matches(*argv, "skip_hw") == 0) {
1395 flags |= TCA_CLS_FLAGS_SKIP_HW;
1396 } else if (matches(*argv, "skip_sw") == 0) {
1397 flags |= TCA_CLS_FLAGS_SKIP_SW;
1398 } else if (matches(*argv, "ct_state") == 0) {
1399 NEXT_ARG();
1400 ret = flower_parse_ct_state(*argv, n);
1401 if (ret < 0) {
1402 fprintf(stderr, "Illegal \"ct_state\"\n");
1403 return -1;
1404 }
1405 } else if (matches(*argv, "ct_zone") == 0) {
1406 NEXT_ARG();
1407 ret = flower_parse_ct_zone(*argv, n);
1408 if (ret < 0) {
1409 fprintf(stderr, "Illegal \"ct_zone\"\n");
1410 return -1;
1411 }
1412 } else if (matches(*argv, "ct_mark") == 0) {
1413 NEXT_ARG();
1414 ret = flower_parse_ct_mark(*argv, n);
1415 if (ret < 0) {
1416 fprintf(stderr, "Illegal \"ct_mark\"\n");
1417 return -1;
1418 }
1419 } else if (matches(*argv, "ct_label") == 0) {
1420 NEXT_ARG();
1421 ret = flower_parse_ct_labels(*argv, n);
1422 if (ret < 0) {
1423 fprintf(stderr, "Illegal \"ct_label\"\n");
1424 return -1;
1425 }
1426 } else if (matches(*argv, "indev") == 0) {
1427 NEXT_ARG();
1428 if (check_ifname(*argv))
1429 invarg("\"indev\" not a valid ifname", *argv);
1430 addattrstrz(n, MAX_MSG, TCA_FLOWER_INDEV, *argv);
1431 } else if (matches(*argv, "vlan_id") == 0) {
1432 __u16 vid;
1433
1434 NEXT_ARG();
1435 if (!eth_type_vlan(tc_proto)) {
1436 fprintf(stderr, "Can't set \"vlan_id\" if ethertype isn't 802.1Q or 802.1AD\n");
1437 return -1;
1438 }
1439 ret = get_u16(&vid, *argv, 10);
1440 if (ret < 0 || vid & ~0xfff) {
1441 fprintf(stderr, "Illegal \"vlan_id\"\n");
1442 return -1;
1443 }
1444 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_VLAN_ID, vid);
1445 } else if (matches(*argv, "vlan_prio") == 0) {
1446 __u8 vlan_prio;
1447
1448 NEXT_ARG();
1449 if (!eth_type_vlan(tc_proto)) {
1450 fprintf(stderr, "Can't set \"vlan_prio\" if ethertype isn't 802.1Q or 802.1AD\n");
1451 return -1;
1452 }
1453 ret = get_u8(&vlan_prio, *argv, 10);
1454 if (ret < 0 || vlan_prio & ~0x7) {
1455 fprintf(stderr, "Illegal \"vlan_prio\"\n");
1456 return -1;
1457 }
1458 addattr8(n, MAX_MSG,
1459 TCA_FLOWER_KEY_VLAN_PRIO, vlan_prio);
1460 } else if (matches(*argv, "vlan_ethtype") == 0) {
1461 NEXT_ARG();
1462 ret = flower_parse_vlan_eth_type(*argv, eth_type,
1463 TCA_FLOWER_KEY_VLAN_ETH_TYPE,
1464 &vlan_ethtype, n);
1465 if (ret < 0)
1466 return -1;
1467 /* get new ethtype for later parsing */
1468 eth_type = vlan_ethtype;
1469 } else if (matches(*argv, "cvlan_id") == 0) {
1470 __u16 vid;
1471
1472 NEXT_ARG();
1473 if (!eth_type_vlan(vlan_ethtype)) {
1474 fprintf(stderr, "Can't set \"cvlan_id\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1475 return -1;
1476 }
1477 ret = get_u16(&vid, *argv, 10);
1478 if (ret < 0 || vid & ~0xfff) {
1479 fprintf(stderr, "Illegal \"cvlan_id\"\n");
1480 return -1;
1481 }
1482 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CVLAN_ID, vid);
1483 } else if (matches(*argv, "cvlan_prio") == 0) {
1484 __u8 cvlan_prio;
1485
1486 NEXT_ARG();
1487 if (!eth_type_vlan(vlan_ethtype)) {
1488 fprintf(stderr, "Can't set \"cvlan_prio\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
1489 return -1;
1490 }
1491 ret = get_u8(&cvlan_prio, *argv, 10);
1492 if (ret < 0 || cvlan_prio & ~0x7) {
1493 fprintf(stderr, "Illegal \"cvlan_prio\"\n");
1494 return -1;
1495 }
1496 addattr8(n, MAX_MSG,
1497 TCA_FLOWER_KEY_CVLAN_PRIO, cvlan_prio);
1498 } else if (matches(*argv, "cvlan_ethtype") == 0) {
1499 NEXT_ARG();
1500 /* get new ethtype for later parsing */
1501 ret = flower_parse_vlan_eth_type(*argv, vlan_ethtype,
1502 TCA_FLOWER_KEY_CVLAN_ETH_TYPE,
1503 &eth_type, n);
1504 if (ret < 0)
1505 return -1;
1506 } else if (matches(*argv, "mpls") == 0) {
1507 NEXT_ARG();
1508 if (eth_type != htons(ETH_P_MPLS_UC) &&
1509 eth_type != htons(ETH_P_MPLS_MC)) {
1510 fprintf(stderr,
1511 "Can't set \"mpls\" if ethertype isn't MPLS\n");
1512 return -1;
1513 }
1514 if (mpls_format_old) {
1515 fprintf(stderr,
1516 "Can't set \"mpls\" if \"mpls_label\", \"mpls_tc\", \"mpls_bos\" or \"mpls_ttl\" is set\n");
1517 return -1;
1518 }
1519 mpls_format_new = true;
1520 if (flower_parse_mpls(&argc, &argv, n) < 0)
1521 return -1;
1522 continue;
1523 } else if (matches(*argv, "mpls_label") == 0) {
1524 __u32 label;
1525
1526 NEXT_ARG();
1527 if (eth_type != htons(ETH_P_MPLS_UC) &&
1528 eth_type != htons(ETH_P_MPLS_MC)) {
1529 fprintf(stderr,
1530 "Can't set \"mpls_label\" if ethertype isn't MPLS\n");
1531 return -1;
1532 }
1533 if (mpls_format_new) {
1534 fprintf(stderr,
1535 "Can't set \"mpls_label\" if \"mpls\" is set\n");
1536 return -1;
1537 }
1538 mpls_format_old = true;
1539 ret = get_u32(&label, *argv, 10);
1540 if (ret < 0 || label & ~(MPLS_LS_LABEL_MASK >> MPLS_LS_LABEL_SHIFT)) {
1541 fprintf(stderr, "Illegal \"mpls_label\"\n");
1542 return -1;
1543 }
1544 addattr32(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_LABEL, label);
1545 } else if (matches(*argv, "mpls_tc") == 0) {
1546 __u8 tc;
1547
1548 NEXT_ARG();
1549 if (eth_type != htons(ETH_P_MPLS_UC) &&
1550 eth_type != htons(ETH_P_MPLS_MC)) {
1551 fprintf(stderr,
1552 "Can't set \"mpls_tc\" if ethertype isn't MPLS\n");
1553 return -1;
1554 }
1555 if (mpls_format_new) {
1556 fprintf(stderr,
1557 "Can't set \"mpls_tc\" if \"mpls\" is set\n");
1558 return -1;
1559 }
1560 mpls_format_old = true;
1561 ret = get_u8(&tc, *argv, 10);
1562 if (ret < 0 || tc & ~(MPLS_LS_TC_MASK >> MPLS_LS_TC_SHIFT)) {
1563 fprintf(stderr, "Illegal \"mpls_tc\"\n");
1564 return -1;
1565 }
1566 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TC, tc);
1567 } else if (matches(*argv, "mpls_bos") == 0) {
1568 __u8 bos;
1569
1570 NEXT_ARG();
1571 if (eth_type != htons(ETH_P_MPLS_UC) &&
1572 eth_type != htons(ETH_P_MPLS_MC)) {
1573 fprintf(stderr,
1574 "Can't set \"mpls_bos\" if ethertype isn't MPLS\n");
1575 return -1;
1576 }
1577 if (mpls_format_new) {
1578 fprintf(stderr,
1579 "Can't set \"mpls_bos\" if \"mpls\" is set\n");
1580 return -1;
1581 }
1582 mpls_format_old = true;
1583 ret = get_u8(&bos, *argv, 10);
1584 if (ret < 0 || bos & ~(MPLS_LS_S_MASK >> MPLS_LS_S_SHIFT)) {
1585 fprintf(stderr, "Illegal \"mpls_bos\"\n");
1586 return -1;
1587 }
1588 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_BOS, bos);
1589 } else if (matches(*argv, "mpls_ttl") == 0) {
1590 __u8 ttl;
1591
1592 NEXT_ARG();
1593 if (eth_type != htons(ETH_P_MPLS_UC) &&
1594 eth_type != htons(ETH_P_MPLS_MC)) {
1595 fprintf(stderr,
1596 "Can't set \"mpls_ttl\" if ethertype isn't MPLS\n");
1597 return -1;
1598 }
1599 if (mpls_format_new) {
1600 fprintf(stderr,
1601 "Can't set \"mpls_ttl\" if \"mpls\" is set\n");
1602 return -1;
1603 }
1604 mpls_format_old = true;
1605 ret = get_u8(&ttl, *argv, 10);
1606 if (ret < 0 || ttl & ~(MPLS_LS_TTL_MASK >> MPLS_LS_TTL_SHIFT)) {
1607 fprintf(stderr, "Illegal \"mpls_ttl\"\n");
1608 return -1;
1609 }
1610 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TTL, ttl);
1611 } else if (matches(*argv, "dst_mac") == 0) {
1612 NEXT_ARG();
1613 ret = flower_parse_eth_addr(*argv,
1614 TCA_FLOWER_KEY_ETH_DST,
1615 TCA_FLOWER_KEY_ETH_DST_MASK,
1616 n);
1617 if (ret < 0) {
1618 fprintf(stderr, "Illegal \"dst_mac\"\n");
1619 return -1;
1620 }
1621 } else if (matches(*argv, "src_mac") == 0) {
1622 NEXT_ARG();
1623 ret = flower_parse_eth_addr(*argv,
1624 TCA_FLOWER_KEY_ETH_SRC,
1625 TCA_FLOWER_KEY_ETH_SRC_MASK,
1626 n);
1627 if (ret < 0) {
1628 fprintf(stderr, "Illegal \"src_mac\"\n");
1629 return -1;
1630 }
1631 } else if (matches(*argv, "ip_proto") == 0) {
1632 NEXT_ARG();
1633 ret = flower_parse_ip_proto(*argv, eth_type,
1634 TCA_FLOWER_KEY_IP_PROTO,
1635 &ip_proto, n);
1636 if (ret < 0) {
1637 fprintf(stderr, "Illegal \"ip_proto\"\n");
1638 return -1;
1639 }
1640 } else if (matches(*argv, "ip_tos") == 0) {
1641 NEXT_ARG();
1642 ret = flower_parse_ip_tos_ttl(*argv,
1643 TCA_FLOWER_KEY_IP_TOS,
1644 TCA_FLOWER_KEY_IP_TOS_MASK,
1645 n);
1646 if (ret < 0) {
1647 fprintf(stderr, "Illegal \"ip_tos\"\n");
1648 return -1;
1649 }
1650 } else if (matches(*argv, "ip_ttl") == 0) {
1651 NEXT_ARG();
1652 ret = flower_parse_ip_tos_ttl(*argv,
1653 TCA_FLOWER_KEY_IP_TTL,
1654 TCA_FLOWER_KEY_IP_TTL_MASK,
1655 n);
1656 if (ret < 0) {
1657 fprintf(stderr, "Illegal \"ip_ttl\"\n");
1658 return -1;
1659 }
1660 } else if (matches(*argv, "dst_ip") == 0) {
1661 NEXT_ARG();
1662 ret = flower_parse_ip_addr(*argv, eth_type,
1663 TCA_FLOWER_KEY_IPV4_DST,
1664 TCA_FLOWER_KEY_IPV4_DST_MASK,
1665 TCA_FLOWER_KEY_IPV6_DST,
1666 TCA_FLOWER_KEY_IPV6_DST_MASK,
1667 n);
1668 if (ret < 0) {
1669 fprintf(stderr, "Illegal \"dst_ip\"\n");
1670 return -1;
1671 }
1672 } else if (matches(*argv, "src_ip") == 0) {
1673 NEXT_ARG();
1674 ret = flower_parse_ip_addr(*argv, eth_type,
1675 TCA_FLOWER_KEY_IPV4_SRC,
1676 TCA_FLOWER_KEY_IPV4_SRC_MASK,
1677 TCA_FLOWER_KEY_IPV6_SRC,
1678 TCA_FLOWER_KEY_IPV6_SRC_MASK,
1679 n);
1680 if (ret < 0) {
1681 fprintf(stderr, "Illegal \"src_ip\"\n");
1682 return -1;
1683 }
1684 } else if (matches(*argv, "dst_port") == 0) {
1685 NEXT_ARG();
1686 ret = flower_parse_port(*argv, ip_proto,
1687 FLOWER_ENDPOINT_DST, n);
1688 if (ret < 0) {
1689 fprintf(stderr, "Illegal \"dst_port\"\n");
1690 return -1;
1691 }
1692 } else if (matches(*argv, "src_port") == 0) {
1693 NEXT_ARG();
1694 ret = flower_parse_port(*argv, ip_proto,
1695 FLOWER_ENDPOINT_SRC, n);
1696 if (ret < 0) {
1697 fprintf(stderr, "Illegal \"src_port\"\n");
1698 return -1;
1699 }
1700 } else if (matches(*argv, "tcp_flags") == 0) {
1701 NEXT_ARG();
1702 ret = flower_parse_tcp_flags(*argv,
1703 TCA_FLOWER_KEY_TCP_FLAGS,
1704 TCA_FLOWER_KEY_TCP_FLAGS_MASK,
1705 n);
1706 if (ret < 0) {
1707 fprintf(stderr, "Illegal \"tcp_flags\"\n");
1708 return -1;
1709 }
1710 } else if (matches(*argv, "type") == 0) {
1711 NEXT_ARG();
1712 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1713 FLOWER_ICMP_FIELD_TYPE, n);
1714 if (ret < 0) {
1715 fprintf(stderr, "Illegal \"icmp type\"\n");
1716 return -1;
1717 }
1718 } else if (matches(*argv, "code") == 0) {
1719 NEXT_ARG();
1720 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1721 FLOWER_ICMP_FIELD_CODE, n);
1722 if (ret < 0) {
1723 fprintf(stderr, "Illegal \"icmp code\"\n");
1724 return -1;
1725 }
1726 } else if (matches(*argv, "arp_tip") == 0) {
1727 NEXT_ARG();
1728 ret = flower_parse_arp_ip_addr(*argv, eth_type,
1729 TCA_FLOWER_KEY_ARP_TIP,
1730 TCA_FLOWER_KEY_ARP_TIP_MASK,
1731 n);
1732 if (ret < 0) {
1733 fprintf(stderr, "Illegal \"arp_tip\"\n");
1734 return -1;
1735 }
1736 } else if (matches(*argv, "arp_sip") == 0) {
1737 NEXT_ARG();
1738 ret = flower_parse_arp_ip_addr(*argv, eth_type,
1739 TCA_FLOWER_KEY_ARP_SIP,
1740 TCA_FLOWER_KEY_ARP_SIP_MASK,
1741 n);
1742 if (ret < 0) {
1743 fprintf(stderr, "Illegal \"arp_sip\"\n");
1744 return -1;
1745 }
1746 } else if (matches(*argv, "arp_op") == 0) {
1747 NEXT_ARG();
1748 ret = flower_parse_arp_op(*argv, eth_type,
1749 TCA_FLOWER_KEY_ARP_OP,
1750 TCA_FLOWER_KEY_ARP_OP_MASK,
1751 n);
1752 if (ret < 0) {
1753 fprintf(stderr, "Illegal \"arp_op\"\n");
1754 return -1;
1755 }
1756 } else if (matches(*argv, "arp_tha") == 0) {
1757 NEXT_ARG();
1758 ret = flower_parse_eth_addr(*argv,
1759 TCA_FLOWER_KEY_ARP_THA,
1760 TCA_FLOWER_KEY_ARP_THA_MASK,
1761 n);
1762 if (ret < 0) {
1763 fprintf(stderr, "Illegal \"arp_tha\"\n");
1764 return -1;
1765 }
1766 } else if (matches(*argv, "arp_sha") == 0) {
1767 NEXT_ARG();
1768 ret = flower_parse_eth_addr(*argv,
1769 TCA_FLOWER_KEY_ARP_SHA,
1770 TCA_FLOWER_KEY_ARP_SHA_MASK,
1771 n);
1772 if (ret < 0) {
1773 fprintf(stderr, "Illegal \"arp_sha\"\n");
1774 return -1;
1775 }
1776 } else if (matches(*argv, "enc_dst_ip") == 0) {
1777 NEXT_ARG();
1778 ret = flower_parse_ip_addr(*argv, 0,
1779 TCA_FLOWER_KEY_ENC_IPV4_DST,
1780 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
1781 TCA_FLOWER_KEY_ENC_IPV6_DST,
1782 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
1783 n);
1784 if (ret < 0) {
1785 fprintf(stderr, "Illegal \"enc_dst_ip\"\n");
1786 return -1;
1787 }
1788 } else if (matches(*argv, "enc_src_ip") == 0) {
1789 NEXT_ARG();
1790 ret = flower_parse_ip_addr(*argv, 0,
1791 TCA_FLOWER_KEY_ENC_IPV4_SRC,
1792 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
1793 TCA_FLOWER_KEY_ENC_IPV6_SRC,
1794 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
1795 n);
1796 if (ret < 0) {
1797 fprintf(stderr, "Illegal \"enc_src_ip\"\n");
1798 return -1;
1799 }
1800 } else if (matches(*argv, "enc_key_id") == 0) {
1801 NEXT_ARG();
1802 ret = flower_parse_key_id(*argv,
1803 TCA_FLOWER_KEY_ENC_KEY_ID, n);
1804 if (ret < 0) {
1805 fprintf(stderr, "Illegal \"enc_key_id\"\n");
1806 return -1;
1807 }
1808 } else if (matches(*argv, "enc_dst_port") == 0) {
1809 NEXT_ARG();
1810 ret = flower_parse_enc_port(*argv,
1811 TCA_FLOWER_KEY_ENC_UDP_DST_PORT, n);
1812 if (ret < 0) {
1813 fprintf(stderr, "Illegal \"enc_dst_port\"\n");
1814 return -1;
1815 }
1816 } else if (matches(*argv, "enc_tos") == 0) {
1817 NEXT_ARG();
1818 ret = flower_parse_ip_tos_ttl(*argv,
1819 TCA_FLOWER_KEY_ENC_IP_TOS,
1820 TCA_FLOWER_KEY_ENC_IP_TOS_MASK,
1821 n);
1822 if (ret < 0) {
1823 fprintf(stderr, "Illegal \"enc_tos\"\n");
1824 return -1;
1825 }
1826 } else if (matches(*argv, "enc_ttl") == 0) {
1827 NEXT_ARG();
1828 ret = flower_parse_ip_tos_ttl(*argv,
1829 TCA_FLOWER_KEY_ENC_IP_TTL,
1830 TCA_FLOWER_KEY_ENC_IP_TTL_MASK,
1831 n);
1832 if (ret < 0) {
1833 fprintf(stderr, "Illegal \"enc_ttl\"\n");
1834 return -1;
1835 }
1836 } else if (matches(*argv, "geneve_opts") == 0) {
1837 NEXT_ARG();
1838 ret = flower_parse_enc_opts_geneve(*argv, n);
1839 if (ret < 0) {
1840 fprintf(stderr, "Illegal \"geneve_opts\"\n");
1841 return -1;
1842 }
1843 } else if (matches(*argv, "vxlan_opts") == 0) {
1844 NEXT_ARG();
1845 ret = flower_parse_enc_opts_vxlan(*argv, n);
1846 if (ret < 0) {
1847 fprintf(stderr, "Illegal \"vxlan_opts\"\n");
1848 return -1;
1849 }
1850 } else if (matches(*argv, "erspan_opts") == 0) {
1851 NEXT_ARG();
1852 ret = flower_parse_enc_opts_erspan(*argv, n);
1853 if (ret < 0) {
1854 fprintf(stderr, "Illegal \"erspan_opts\"\n");
1855 return -1;
1856 }
1857 } else if (matches(*argv, "action") == 0) {
1858 NEXT_ARG();
1859 ret = parse_action(&argc, &argv, TCA_FLOWER_ACT, n);
1860 if (ret) {
1861 fprintf(stderr, "Illegal \"action\"\n");
1862 return -1;
1863 }
1864 continue;
1865 } else if (strcmp(*argv, "help") == 0) {
1866 explain();
1867 return -1;
1868 } else {
1869 fprintf(stderr, "What is \"%s\"?\n", *argv);
1870 explain();
1871 return -1;
1872 }
1873 argc--; argv++;
1874 }
1875
1876 parse_done:
1877 ret = addattr32(n, MAX_MSG, TCA_FLOWER_FLAGS, flags);
1878 if (ret)
1879 return ret;
1880
1881 if (mtf_mask) {
1882 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS, htonl(mtf));
1883 if (ret)
1884 return ret;
1885
1886 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS_MASK, htonl(mtf_mask));
1887 if (ret)
1888 return ret;
1889 }
1890
1891 if (tc_proto != htons(ETH_P_ALL)) {
1892 ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, tc_proto);
1893 if (ret)
1894 return ret;
1895 }
1896
1897 tail->rta_len = (((void *)n)+n->nlmsg_len) - (void *)tail;
1898
1899 return 0;
1900 }
1901
1902 static int __mask_bits(char *addr, size_t len)
1903 {
1904 int bits = 0;
1905 bool hole = false;
1906 int i;
1907 int j;
1908
1909 for (i = 0; i < len; i++, addr++) {
1910 for (j = 7; j >= 0; j--) {
1911 if (((*addr) >> j) & 0x1) {
1912 if (hole)
1913 return -1;
1914 bits++;
1915 } else if (bits) {
1916 hole = true;
1917 } else{
1918 return -1;
1919 }
1920 }
1921 }
1922 return bits;
1923 }
1924
1925 static void flower_print_eth_addr(char *name, struct rtattr *addr_attr,
1926 struct rtattr *mask_attr)
1927 {
1928 SPRINT_BUF(namefrm);
1929 SPRINT_BUF(out);
1930 SPRINT_BUF(b1);
1931 size_t done;
1932 int bits;
1933
1934 if (!addr_attr || RTA_PAYLOAD(addr_attr) != ETH_ALEN)
1935 return;
1936 done = sprintf(out, "%s",
1937 ll_addr_n2a(RTA_DATA(addr_attr), ETH_ALEN,
1938 0, b1, sizeof(b1)));
1939 if (mask_attr && RTA_PAYLOAD(mask_attr) == ETH_ALEN) {
1940 bits = __mask_bits(RTA_DATA(mask_attr), ETH_ALEN);
1941 if (bits < 0)
1942 sprintf(out + done, "/%s",
1943 ll_addr_n2a(RTA_DATA(mask_attr), ETH_ALEN,
1944 0, b1, sizeof(b1)));
1945 else if (bits < ETH_ALEN * 8)
1946 sprintf(out + done, "/%d", bits);
1947 }
1948
1949 print_nl();
1950 sprintf(namefrm, " %s %%s", name);
1951 print_string(PRINT_ANY, name, namefrm, out);
1952 }
1953
1954 static void flower_print_eth_type(__be16 *p_eth_type,
1955 struct rtattr *eth_type_attr)
1956 {
1957 SPRINT_BUF(out);
1958 __be16 eth_type;
1959
1960 if (!eth_type_attr)
1961 return;
1962
1963 eth_type = rta_getattr_u16(eth_type_attr);
1964 if (eth_type == htons(ETH_P_IP))
1965 sprintf(out, "ipv4");
1966 else if (eth_type == htons(ETH_P_IPV6))
1967 sprintf(out, "ipv6");
1968 else if (eth_type == htons(ETH_P_ARP))
1969 sprintf(out, "arp");
1970 else if (eth_type == htons(ETH_P_RARP))
1971 sprintf(out, "rarp");
1972 else
1973 sprintf(out, "%04x", ntohs(eth_type));
1974
1975 print_nl();
1976 print_string(PRINT_ANY, "eth_type", " eth_type %s", out);
1977 *p_eth_type = eth_type;
1978 }
1979
1980 static void flower_print_ip_proto(__u8 *p_ip_proto,
1981 struct rtattr *ip_proto_attr)
1982 {
1983 SPRINT_BUF(out);
1984 __u8 ip_proto;
1985
1986 if (!ip_proto_attr)
1987 return;
1988
1989 ip_proto = rta_getattr_u8(ip_proto_attr);
1990 if (ip_proto == IPPROTO_TCP)
1991 sprintf(out, "tcp");
1992 else if (ip_proto == IPPROTO_UDP)
1993 sprintf(out, "udp");
1994 else if (ip_proto == IPPROTO_SCTP)
1995 sprintf(out, "sctp");
1996 else if (ip_proto == IPPROTO_ICMP)
1997 sprintf(out, "icmp");
1998 else if (ip_proto == IPPROTO_ICMPV6)
1999 sprintf(out, "icmpv6");
2000 else
2001 sprintf(out, "%02x", ip_proto);
2002
2003 print_nl();
2004 print_string(PRINT_ANY, "ip_proto", " ip_proto %s", out);
2005 *p_ip_proto = ip_proto;
2006 }
2007
2008 static void flower_print_ip_attr(const char *name, struct rtattr *key_attr,
2009 struct rtattr *mask_attr)
2010 {
2011 print_masked_u8(name, key_attr, mask_attr, true);
2012 }
2013
2014 static void flower_print_matching_flags(char *name,
2015 enum flower_matching_flags type,
2016 struct rtattr *attr,
2017 struct rtattr *mask_attr)
2018 {
2019 int i;
2020 int count = 0;
2021 __u32 mtf;
2022 __u32 mtf_mask;
2023
2024 if (!mask_attr || RTA_PAYLOAD(mask_attr) != 4)
2025 return;
2026
2027 mtf = ntohl(rta_getattr_u32(attr));
2028 mtf_mask = ntohl(rta_getattr_u32(mask_attr));
2029
2030 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
2031 if (type != flags_str[i].type)
2032 continue;
2033 if (mtf_mask & flags_str[i].flag) {
2034 if (++count == 1) {
2035 print_nl();
2036 print_string(PRINT_FP, NULL, " %s ", name);
2037 open_json_object(name);
2038 } else {
2039 print_string(PRINT_FP, NULL, "/", NULL);
2040 }
2041
2042 print_bool(PRINT_JSON, flags_str[i].string, NULL,
2043 mtf & flags_str[i].flag);
2044 if (mtf & flags_str[i].flag)
2045 print_string(PRINT_FP, NULL, "%s",
2046 flags_str[i].string);
2047 else
2048 print_string(PRINT_FP, NULL, "no%s",
2049 flags_str[i].string);
2050 }
2051 }
2052 if (count)
2053 close_json_object();
2054 }
2055
2056 static void flower_print_ip_addr(char *name, __be16 eth_type,
2057 struct rtattr *addr4_attr,
2058 struct rtattr *mask4_attr,
2059 struct rtattr *addr6_attr,
2060 struct rtattr *mask6_attr)
2061 {
2062 struct rtattr *addr_attr;
2063 struct rtattr *mask_attr;
2064 SPRINT_BUF(namefrm);
2065 SPRINT_BUF(out);
2066 size_t done;
2067 int family;
2068 size_t len;
2069 int bits;
2070
2071 if (eth_type == htons(ETH_P_IP)) {
2072 family = AF_INET;
2073 addr_attr = addr4_attr;
2074 mask_attr = mask4_attr;
2075 len = 4;
2076 } else if (eth_type == htons(ETH_P_IPV6)) {
2077 family = AF_INET6;
2078 addr_attr = addr6_attr;
2079 mask_attr = mask6_attr;
2080 len = 16;
2081 } else {
2082 return;
2083 }
2084 if (!addr_attr || RTA_PAYLOAD(addr_attr) != len)
2085 return;
2086 if (!mask_attr || RTA_PAYLOAD(mask_attr) != len)
2087 return;
2088 done = sprintf(out, "%s", rt_addr_n2a_rta(family, addr_attr));
2089 bits = __mask_bits(RTA_DATA(mask_attr), len);
2090 if (bits < 0)
2091 sprintf(out + done, "/%s", rt_addr_n2a_rta(family, mask_attr));
2092 else if (bits < len * 8)
2093 sprintf(out + done, "/%d", bits);
2094
2095 print_nl();
2096 sprintf(namefrm, " %s %%s", name);
2097 print_string(PRINT_ANY, name, namefrm, out);
2098 }
2099 static void flower_print_ip4_addr(char *name, struct rtattr *addr_attr,
2100 struct rtattr *mask_attr)
2101 {
2102 return flower_print_ip_addr(name, htons(ETH_P_IP),
2103 addr_attr, mask_attr, 0, 0);
2104 }
2105
2106 static void flower_print_port(char *name, struct rtattr *attr,
2107 struct rtattr *mask_attr)
2108 {
2109 print_masked_be16(name, attr, mask_attr, true);
2110 }
2111
2112 static void flower_print_port_range(char *name, struct rtattr *min_attr,
2113 struct rtattr *max_attr)
2114 {
2115 if (!min_attr || !max_attr)
2116 return;
2117
2118 if (is_json_context()) {
2119 open_json_object(name);
2120 print_hu(PRINT_JSON, "start", NULL, rta_getattr_be16(min_attr));
2121 print_hu(PRINT_JSON, "end", NULL, rta_getattr_be16(max_attr));
2122 close_json_object();
2123 } else {
2124 SPRINT_BUF(namefrm);
2125 SPRINT_BUF(out);
2126 size_t done;
2127
2128 done = sprintf(out, "%u", rta_getattr_be16(min_attr));
2129 sprintf(out + done, "-%u", rta_getattr_be16(max_attr));
2130 print_nl();
2131 sprintf(namefrm, " %s %%s", name);
2132 print_string(PRINT_ANY, name, namefrm, out);
2133 }
2134 }
2135
2136 static void flower_print_tcp_flags(const char *name, struct rtattr *flags_attr,
2137 struct rtattr *mask_attr)
2138 {
2139 SPRINT_BUF(namefrm);
2140 SPRINT_BUF(out);
2141 size_t done;
2142
2143 if (!flags_attr)
2144 return;
2145
2146 done = sprintf(out, "0x%x", rta_getattr_be16(flags_attr));
2147 if (mask_attr)
2148 sprintf(out + done, "/%x", rta_getattr_be16(mask_attr));
2149
2150 print_nl();
2151 sprintf(namefrm, " %s %%s", name);
2152 print_string(PRINT_ANY, name, namefrm, out);
2153 }
2154
2155 static void flower_print_ct_state(struct rtattr *flags_attr,
2156 struct rtattr *mask_attr)
2157 {
2158 SPRINT_BUF(out);
2159 uint16_t state;
2160 uint16_t state_mask;
2161 size_t done = 0;
2162 int i;
2163
2164 if (!flags_attr)
2165 return;
2166
2167 state = rta_getattr_u16(flags_attr);
2168 if (mask_attr)
2169 state_mask = rta_getattr_u16(mask_attr);
2170 else
2171 state_mask = UINT16_MAX;
2172
2173 for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
2174 if (!(state_mask & flower_ct_states[i].flag))
2175 continue;
2176
2177 if (state & flower_ct_states[i].flag)
2178 done += sprintf(out + done, "+%s",
2179 flower_ct_states[i].str);
2180 else
2181 done += sprintf(out + done, "-%s",
2182 flower_ct_states[i].str);
2183 }
2184
2185 print_nl();
2186 print_string(PRINT_ANY, "ct_state", " ct_state %s", out);
2187 }
2188
2189 static void flower_print_ct_label(struct rtattr *attr,
2190 struct rtattr *mask_attr)
2191 {
2192 const unsigned char *str;
2193 bool print_mask = false;
2194 int data_len, i;
2195 SPRINT_BUF(out);
2196 char *p;
2197
2198 if (!attr)
2199 return;
2200
2201 data_len = RTA_PAYLOAD(attr);
2202 hexstring_n2a(RTA_DATA(attr), data_len, out, sizeof(out));
2203 p = out + data_len*2;
2204
2205 data_len = RTA_PAYLOAD(attr);
2206 str = RTA_DATA(mask_attr);
2207 if (data_len != 16)
2208 print_mask = true;
2209 for (i = 0; !print_mask && i < data_len; i++) {
2210 if (str[i] != 0xff)
2211 print_mask = true;
2212 }
2213 if (print_mask) {
2214 *p++ = '/';
2215 hexstring_n2a(RTA_DATA(mask_attr), data_len, p,
2216 sizeof(out)-(p-out));
2217 p += data_len*2;
2218 }
2219 *p = '\0';
2220
2221 print_nl();
2222 print_string(PRINT_ANY, "ct_label", " ct_label %s", out);
2223 }
2224
2225 static void flower_print_ct_zone(struct rtattr *attr,
2226 struct rtattr *mask_attr)
2227 {
2228 print_masked_u16("ct_zone", attr, mask_attr, true);
2229 }
2230
2231 static void flower_print_ct_mark(struct rtattr *attr,
2232 struct rtattr *mask_attr)
2233 {
2234 print_masked_u32("ct_mark", attr, mask_attr, true);
2235 }
2236
2237 static void flower_print_key_id(const char *name, struct rtattr *attr)
2238 {
2239 SPRINT_BUF(namefrm);
2240
2241 if (!attr)
2242 return;
2243
2244 print_nl();
2245 sprintf(namefrm, " %s %%u", name);
2246 print_uint(PRINT_ANY, name, namefrm, rta_getattr_be32(attr));
2247 }
2248
2249 static void flower_print_geneve_opts(const char *name, struct rtattr *attr,
2250 char *strbuf)
2251 {
2252 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX + 1];
2253 int ii, data_len, offset = 0, slen = 0;
2254 struct rtattr *i = RTA_DATA(attr);
2255 int rem = RTA_PAYLOAD(attr);
2256 __u8 type, data_r[rem];
2257 char data[rem * 2 + 1];
2258 __u16 class;
2259
2260 open_json_array(PRINT_JSON, name);
2261 while (rem) {
2262 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX, i, rem);
2263 class = rta_getattr_be16(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS]);
2264 type = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE]);
2265 data_len = RTA_PAYLOAD(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]);
2266 hexstring_n2a(RTA_DATA(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]),
2267 data_len, data, sizeof(data));
2268 hex2mem(data, data_r, data_len);
2269 offset += data_len + 20;
2270 rem -= data_len + 20;
2271 i = RTA_DATA(attr) + offset;
2272
2273 open_json_object(NULL);
2274 print_uint(PRINT_JSON, "class", NULL, class);
2275 print_uint(PRINT_JSON, "type", NULL, type);
2276 open_json_array(PRINT_JSON, "data");
2277 for (ii = 0; ii < data_len; ii++)
2278 print_uint(PRINT_JSON, NULL, NULL, data_r[ii]);
2279 close_json_array(PRINT_JSON, "data");
2280 close_json_object();
2281
2282 slen += sprintf(strbuf + slen, "%04x:%02x:%s",
2283 class, type, data);
2284 if (rem)
2285 slen += sprintf(strbuf + slen, ",");
2286 }
2287 close_json_array(PRINT_JSON, name);
2288 }
2289
2290 static void flower_print_vxlan_opts(const char *name, struct rtattr *attr,
2291 char *strbuf)
2292 {
2293 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_VXLAN_MAX + 1];
2294 struct rtattr *i = RTA_DATA(attr);
2295 int rem = RTA_PAYLOAD(attr);
2296 __u32 gbp;
2297
2298 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_VXLAN_MAX, i, rem);
2299 gbp = rta_getattr_u32(tb[TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP]);
2300
2301 open_json_array(PRINT_JSON, name);
2302 open_json_object(NULL);
2303 print_uint(PRINT_JSON, "gbp", NULL, gbp);
2304 close_json_object();
2305 close_json_array(PRINT_JSON, name);
2306
2307 sprintf(strbuf, "%u", gbp);
2308 }
2309
2310 static void flower_print_erspan_opts(const char *name, struct rtattr *attr,
2311 char *strbuf)
2312 {
2313 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_MAX + 1];
2314 __u8 ver, hwid, dir;
2315 __u32 idx;
2316
2317 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_ERSPAN_MAX, RTA_DATA(attr),
2318 RTA_PAYLOAD(attr));
2319 ver = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER]);
2320 if (ver == 1) {
2321 idx = rta_getattr_be32(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX]);
2322 hwid = 0;
2323 dir = 0;
2324 } else {
2325 idx = 0;
2326 hwid = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID]);
2327 dir = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR]);
2328 }
2329
2330 open_json_array(PRINT_JSON, name);
2331 open_json_object(NULL);
2332 print_uint(PRINT_JSON, "ver", NULL, ver);
2333 print_uint(PRINT_JSON, "index", NULL, idx);
2334 print_uint(PRINT_JSON, "dir", NULL, dir);
2335 print_uint(PRINT_JSON, "hwid", NULL, hwid);
2336 close_json_object();
2337 close_json_array(PRINT_JSON, name);
2338
2339 sprintf(strbuf, "%u:%u:%u:%u", ver, idx, dir, hwid);
2340 }
2341
2342 static void flower_print_enc_parts(const char *name, const char *namefrm,
2343 struct rtattr *attr, char *key, char *mask)
2344 {
2345 char *key_token, *mask_token, *out;
2346 int len;
2347
2348 out = malloc(RTA_PAYLOAD(attr) * 4 + 3);
2349 if (!out)
2350 return;
2351
2352 len = 0;
2353 key_token = strsep(&key, ",");
2354 mask_token = strsep(&mask, ",");
2355 while (key_token) {
2356 len += sprintf(&out[len], "%s/%s,", key_token, mask_token);
2357 mask_token = strsep(&mask, ",");
2358 key_token = strsep(&key, ",");
2359 }
2360
2361 out[len - 1] = '\0';
2362 print_nl();
2363 print_string(PRINT_FP, name, namefrm, out);
2364 free(out);
2365 }
2366
2367 static void flower_print_enc_opts(const char *name, struct rtattr *attr,
2368 struct rtattr *mask_attr)
2369 {
2370 struct rtattr *key_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
2371 struct rtattr *msk_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
2372 char *key, *msk;
2373
2374 if (!attr)
2375 return;
2376
2377 key = malloc(RTA_PAYLOAD(attr) * 2 + 1);
2378 if (!key)
2379 return;
2380
2381 msk = malloc(RTA_PAYLOAD(attr) * 2 + 1);
2382 if (!msk)
2383 goto err_key_free;
2384
2385 parse_rtattr_nested(key_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, attr);
2386 parse_rtattr_nested(msk_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, mask_attr);
2387
2388 if (key_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE]) {
2389 flower_print_geneve_opts("geneve_opt_key",
2390 key_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], key);
2391
2392 if (msk_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE])
2393 flower_print_geneve_opts("geneve_opt_mask",
2394 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], msk);
2395
2396 flower_print_enc_parts(name, " geneve_opts %s", attr, key,
2397 msk);
2398 } else if (key_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN]) {
2399 flower_print_vxlan_opts("vxlan_opt_key",
2400 key_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN], key);
2401
2402 if (msk_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN])
2403 flower_print_vxlan_opts("vxlan_opt_mask",
2404 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_VXLAN], msk);
2405
2406 flower_print_enc_parts(name, " vxlan_opts %s", attr, key,
2407 msk);
2408 } else if (key_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN]) {
2409 flower_print_erspan_opts("erspan_opt_key",
2410 key_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN], key);
2411
2412 if (msk_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN])
2413 flower_print_erspan_opts("erspan_opt_mask",
2414 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_ERSPAN], msk);
2415
2416 flower_print_enc_parts(name, " erspan_opts %s", attr, key,
2417 msk);
2418 }
2419
2420 free(msk);
2421 err_key_free:
2422 free(key);
2423 }
2424
2425 static void flower_print_masked_u8(const char *name, struct rtattr *attr,
2426 struct rtattr *mask_attr,
2427 const char *(*value_to_str)(__u8 value))
2428 {
2429 const char *value_str = NULL;
2430 __u8 value, mask;
2431 SPRINT_BUF(namefrm);
2432 SPRINT_BUF(out);
2433 size_t done;
2434
2435 if (!attr)
2436 return;
2437
2438 value = rta_getattr_u8(attr);
2439 mask = mask_attr ? rta_getattr_u8(mask_attr) : UINT8_MAX;
2440 if (mask == UINT8_MAX && value_to_str)
2441 value_str = value_to_str(value);
2442
2443 if (value_str)
2444 done = sprintf(out, "%s", value_str);
2445 else
2446 done = sprintf(out, "%d", value);
2447
2448 if (mask != UINT8_MAX)
2449 sprintf(out + done, "/%d", mask);
2450
2451 print_nl();
2452 sprintf(namefrm, " %s %%s", name);
2453 print_string(PRINT_ANY, name, namefrm, out);
2454 }
2455
2456 static void flower_print_u8(const char *name, struct rtattr *attr)
2457 {
2458 flower_print_masked_u8(name, attr, NULL, NULL);
2459 }
2460
2461 static void flower_print_u32(const char *name, struct rtattr *attr)
2462 {
2463 SPRINT_BUF(namefrm);
2464
2465 if (!attr)
2466 return;
2467
2468 print_nl();
2469 sprintf(namefrm, " %s %%u", name);
2470 print_uint(PRINT_ANY, name, namefrm, rta_getattr_u32(attr));
2471 }
2472
2473 static void flower_print_mpls_opt_lse(const char *name, struct rtattr *lse)
2474 {
2475 struct rtattr *tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_MAX + 1];
2476 struct rtattr *attr;
2477
2478 if (lse->rta_type != (TCA_FLOWER_KEY_MPLS_OPTS_LSE | NLA_F_NESTED)) {
2479 fprintf(stderr, "rta_type 0x%x, expecting 0x%x (0x%x & 0x%x)\n",
2480 lse->rta_type,
2481 TCA_FLOWER_KEY_MPLS_OPTS_LSE & NLA_F_NESTED,
2482 TCA_FLOWER_KEY_MPLS_OPTS_LSE, NLA_F_NESTED);
2483 return;
2484 }
2485
2486 parse_rtattr(tb, TCA_FLOWER_KEY_MPLS_OPT_LSE_MAX, RTA_DATA(lse),
2487 RTA_PAYLOAD(lse));
2488
2489 print_nl();
2490 open_json_array(PRINT_ANY, name);
2491 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH];
2492 if (attr)
2493 print_hhu(PRINT_ANY, "depth", " depth %u",
2494 rta_getattr_u8(attr));
2495 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL];
2496 if (attr)
2497 print_uint(PRINT_ANY, "label", " label %u",
2498 rta_getattr_u32(attr));
2499 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_TC];
2500 if (attr)
2501 print_hhu(PRINT_ANY, "tc", " tc %u", rta_getattr_u8(attr));
2502 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS];
2503 if (attr)
2504 print_hhu(PRINT_ANY, "bos", " bos %u", rta_getattr_u8(attr));
2505 attr = tb[TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL];
2506 if (attr)
2507 print_hhu(PRINT_ANY, "ttl", " ttl %u", rta_getattr_u8(attr));
2508 close_json_array(PRINT_JSON, NULL);
2509 }
2510
2511 static void flower_print_mpls_opts(const char *name, struct rtattr *attr)
2512 {
2513 struct rtattr *lse;
2514 int rem;
2515
2516 if (!attr || !(attr->rta_type & NLA_F_NESTED))
2517 return;
2518
2519 print_nl();
2520 open_json_array(PRINT_ANY, name);
2521 rem = RTA_PAYLOAD(attr);
2522 lse = RTA_DATA(attr);
2523 while (RTA_OK(lse, rem)) {
2524 flower_print_mpls_opt_lse(" lse", lse);
2525 lse = RTA_NEXT(lse, rem);
2526 };
2527 if (rem)
2528 fprintf(stderr, "!!!Deficit %d, rta_len=%d\n",
2529 rem, lse->rta_len);
2530 close_json_array(PRINT_JSON, NULL);
2531 }
2532
2533 static void flower_print_arp_op(const char *name,
2534 struct rtattr *op_attr,
2535 struct rtattr *mask_attr)
2536 {
2537 flower_print_masked_u8(name, op_attr, mask_attr,
2538 flower_print_arp_op_to_name);
2539 }
2540
2541 static int flower_print_opt(struct filter_util *qu, FILE *f,
2542 struct rtattr *opt, __u32 handle)
2543 {
2544 struct rtattr *tb[TCA_FLOWER_MAX + 1];
2545 __be16 min_port_type, max_port_type;
2546 int nl_type, nl_mask_type;
2547 __be16 eth_type = 0;
2548 __u8 ip_proto = 0xff;
2549
2550 if (!opt)
2551 return 0;
2552
2553 parse_rtattr_nested(tb, TCA_FLOWER_MAX, opt);
2554
2555 if (handle)
2556 print_uint(PRINT_ANY, "handle", "handle 0x%x ", handle);
2557
2558 if (tb[TCA_FLOWER_CLASSID]) {
2559 __u32 h = rta_getattr_u32(tb[TCA_FLOWER_CLASSID]);
2560
2561 if (TC_H_MIN(h) < TC_H_MIN_PRIORITY ||
2562 TC_H_MIN(h) > (TC_H_MIN_PRIORITY + TC_QOPT_MAX_QUEUE - 1)) {
2563 SPRINT_BUF(b1);
2564 print_string(PRINT_ANY, "classid", "classid %s ",
2565 sprint_tc_classid(h, b1));
2566 } else {
2567 print_uint(PRINT_ANY, "hw_tc", "hw_tc %u ",
2568 TC_H_MIN(h) - TC_H_MIN_PRIORITY);
2569 }
2570 }
2571
2572 if (tb[TCA_FLOWER_INDEV]) {
2573 struct rtattr *attr = tb[TCA_FLOWER_INDEV];
2574
2575 print_nl();
2576 print_string(PRINT_ANY, "indev", " indev %s",
2577 rta_getattr_str(attr));
2578 }
2579
2580 open_json_object("keys");
2581
2582 if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
2583 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ID];
2584
2585 print_nl();
2586 print_uint(PRINT_ANY, "vlan_id", " vlan_id %u",
2587 rta_getattr_u16(attr));
2588 }
2589
2590 if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
2591 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_PRIO];
2592
2593 print_nl();
2594 print_uint(PRINT_ANY, "vlan_prio", " vlan_prio %d",
2595 rta_getattr_u8(attr));
2596 }
2597
2598 if (tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE]) {
2599 SPRINT_BUF(buf);
2600 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE];
2601
2602 print_nl();
2603 print_string(PRINT_ANY, "vlan_ethtype", " vlan_ethtype %s",
2604 ll_proto_n2a(rta_getattr_u16(attr),
2605 buf, sizeof(buf)));
2606 }
2607
2608 if (tb[TCA_FLOWER_KEY_CVLAN_ID]) {
2609 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ID];
2610
2611 print_nl();
2612 print_uint(PRINT_ANY, "cvlan_id", " cvlan_id %u",
2613 rta_getattr_u16(attr));
2614 }
2615
2616 if (tb[TCA_FLOWER_KEY_CVLAN_PRIO]) {
2617 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_PRIO];
2618
2619 print_nl();
2620 print_uint(PRINT_ANY, "cvlan_prio", " cvlan_prio %d",
2621 rta_getattr_u8(attr));
2622 }
2623
2624 if (tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE]) {
2625 SPRINT_BUF(buf);
2626 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE];
2627
2628 print_nl();
2629 print_string(PRINT_ANY, "cvlan_ethtype", " cvlan_ethtype %s",
2630 ll_proto_n2a(rta_getattr_u16(attr),
2631 buf, sizeof(buf)));
2632 }
2633
2634 flower_print_eth_addr("dst_mac", tb[TCA_FLOWER_KEY_ETH_DST],
2635 tb[TCA_FLOWER_KEY_ETH_DST_MASK]);
2636 flower_print_eth_addr("src_mac", tb[TCA_FLOWER_KEY_ETH_SRC],
2637 tb[TCA_FLOWER_KEY_ETH_SRC_MASK]);
2638
2639 flower_print_eth_type(&eth_type, tb[TCA_FLOWER_KEY_ETH_TYPE]);
2640 flower_print_ip_proto(&ip_proto, tb[TCA_FLOWER_KEY_IP_PROTO]);
2641
2642 flower_print_ip_attr("ip_tos", tb[TCA_FLOWER_KEY_IP_TOS],
2643 tb[TCA_FLOWER_KEY_IP_TOS_MASK]);
2644 flower_print_ip_attr("ip_ttl", tb[TCA_FLOWER_KEY_IP_TTL],
2645 tb[TCA_FLOWER_KEY_IP_TTL_MASK]);
2646
2647 flower_print_mpls_opts(" mpls", tb[TCA_FLOWER_KEY_MPLS_OPTS]);
2648 flower_print_u32("mpls_label", tb[TCA_FLOWER_KEY_MPLS_LABEL]);
2649 flower_print_u8("mpls_tc", tb[TCA_FLOWER_KEY_MPLS_TC]);
2650 flower_print_u8("mpls_bos", tb[TCA_FLOWER_KEY_MPLS_BOS]);
2651 flower_print_u8("mpls_ttl", tb[TCA_FLOWER_KEY_MPLS_TTL]);
2652
2653 flower_print_ip_addr("dst_ip", eth_type,
2654 tb[TCA_FLOWER_KEY_IPV4_DST],
2655 tb[TCA_FLOWER_KEY_IPV4_DST_MASK],
2656 tb[TCA_FLOWER_KEY_IPV6_DST],
2657 tb[TCA_FLOWER_KEY_IPV6_DST_MASK]);
2658
2659 flower_print_ip_addr("src_ip", eth_type,
2660 tb[TCA_FLOWER_KEY_IPV4_SRC],
2661 tb[TCA_FLOWER_KEY_IPV4_SRC_MASK],
2662 tb[TCA_FLOWER_KEY_IPV6_SRC],
2663 tb[TCA_FLOWER_KEY_IPV6_SRC_MASK]);
2664
2665 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_DST);
2666 nl_mask_type = flower_port_attr_mask_type(ip_proto, FLOWER_ENDPOINT_DST);
2667 if (nl_type >= 0)
2668 flower_print_port("dst_port", tb[nl_type], tb[nl_mask_type]);
2669 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_SRC);
2670 nl_mask_type = flower_port_attr_mask_type(ip_proto, FLOWER_ENDPOINT_SRC);
2671 if (nl_type >= 0)
2672 flower_print_port("src_port", tb[nl_type], tb[nl_mask_type]);
2673
2674 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_DST,
2675 &min_port_type, &max_port_type))
2676 flower_print_port_range("dst_port",
2677 tb[min_port_type], tb[max_port_type]);
2678
2679 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_SRC,
2680 &min_port_type, &max_port_type))
2681 flower_print_port_range("src_port",
2682 tb[min_port_type], tb[max_port_type]);
2683
2684 flower_print_tcp_flags("tcp_flags", tb[TCA_FLOWER_KEY_TCP_FLAGS],
2685 tb[TCA_FLOWER_KEY_TCP_FLAGS_MASK]);
2686
2687 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
2688 FLOWER_ICMP_FIELD_TYPE);
2689 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
2690 FLOWER_ICMP_FIELD_TYPE);
2691 if (nl_type >= 0 && nl_mask_type >= 0)
2692 flower_print_masked_u8("icmp_type", tb[nl_type],
2693 tb[nl_mask_type], NULL);
2694
2695 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
2696 FLOWER_ICMP_FIELD_CODE);
2697 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
2698 FLOWER_ICMP_FIELD_CODE);
2699 if (nl_type >= 0 && nl_mask_type >= 0)
2700 flower_print_masked_u8("icmp_code", tb[nl_type],
2701 tb[nl_mask_type], NULL);
2702
2703 flower_print_ip4_addr("arp_sip", tb[TCA_FLOWER_KEY_ARP_SIP],
2704 tb[TCA_FLOWER_KEY_ARP_SIP_MASK]);
2705 flower_print_ip4_addr("arp_tip", tb[TCA_FLOWER_KEY_ARP_TIP],
2706 tb[TCA_FLOWER_KEY_ARP_TIP_MASK]);
2707 flower_print_arp_op("arp_op", tb[TCA_FLOWER_KEY_ARP_OP],
2708 tb[TCA_FLOWER_KEY_ARP_OP_MASK]);
2709 flower_print_eth_addr("arp_sha", tb[TCA_FLOWER_KEY_ARP_SHA],
2710 tb[TCA_FLOWER_KEY_ARP_SHA_MASK]);
2711 flower_print_eth_addr("arp_tha", tb[TCA_FLOWER_KEY_ARP_THA],
2712 tb[TCA_FLOWER_KEY_ARP_THA_MASK]);
2713
2714 flower_print_ip_addr("enc_dst_ip",
2715 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] ?
2716 htons(ETH_P_IP) : htons(ETH_P_IPV6),
2717 tb[TCA_FLOWER_KEY_ENC_IPV4_DST],
2718 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK],
2719 tb[TCA_FLOWER_KEY_ENC_IPV6_DST],
2720 tb[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK]);
2721
2722 flower_print_ip_addr("enc_src_ip",
2723 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] ?
2724 htons(ETH_P_IP) : htons(ETH_P_IPV6),
2725 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC],
2726 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK],
2727 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC],
2728 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK]);
2729
2730 flower_print_key_id("enc_key_id", tb[TCA_FLOWER_KEY_ENC_KEY_ID]);
2731
2732 flower_print_port("enc_dst_port", tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT],
2733 tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK]);
2734
2735 flower_print_ip_attr("enc_tos", tb[TCA_FLOWER_KEY_ENC_IP_TOS],
2736 tb[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]);
2737 flower_print_ip_attr("enc_ttl", tb[TCA_FLOWER_KEY_ENC_IP_TTL],
2738 tb[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]);
2739 flower_print_enc_opts("enc_opt", tb[TCA_FLOWER_KEY_ENC_OPTS],
2740 tb[TCA_FLOWER_KEY_ENC_OPTS_MASK]);
2741
2742 flower_print_matching_flags("ip_flags", FLOWER_IP_FLAGS,
2743 tb[TCA_FLOWER_KEY_FLAGS],
2744 tb[TCA_FLOWER_KEY_FLAGS_MASK]);
2745
2746 flower_print_ct_state(tb[TCA_FLOWER_KEY_CT_STATE],
2747 tb[TCA_FLOWER_KEY_CT_STATE_MASK]);
2748 flower_print_ct_zone(tb[TCA_FLOWER_KEY_CT_ZONE],
2749 tb[TCA_FLOWER_KEY_CT_ZONE_MASK]);
2750 flower_print_ct_mark(tb[TCA_FLOWER_KEY_CT_MARK],
2751 tb[TCA_FLOWER_KEY_CT_MARK_MASK]);
2752 flower_print_ct_label(tb[TCA_FLOWER_KEY_CT_LABELS],
2753 tb[TCA_FLOWER_KEY_CT_LABELS_MASK]);
2754
2755 close_json_object();
2756
2757 if (tb[TCA_FLOWER_FLAGS]) {
2758 __u32 flags = rta_getattr_u32(tb[TCA_FLOWER_FLAGS]);
2759
2760 if (flags & TCA_CLS_FLAGS_SKIP_HW) {
2761 print_nl();
2762 print_bool(PRINT_ANY, "skip_hw", " skip_hw", true);
2763 }
2764 if (flags & TCA_CLS_FLAGS_SKIP_SW) {
2765 print_nl();
2766 print_bool(PRINT_ANY, "skip_sw", " skip_sw", true);
2767 }
2768 if (flags & TCA_CLS_FLAGS_IN_HW) {
2769 print_nl();
2770 print_bool(PRINT_ANY, "in_hw", " in_hw", true);
2771
2772 if (tb[TCA_FLOWER_IN_HW_COUNT]) {
2773 __u32 count = rta_getattr_u32(tb[TCA_FLOWER_IN_HW_COUNT]);
2774
2775 print_uint(PRINT_ANY, "in_hw_count",
2776 " in_hw_count %u", count);
2777 }
2778 }
2779 else if (flags & TCA_CLS_FLAGS_NOT_IN_HW) {
2780 print_nl();
2781 print_bool(PRINT_ANY, "not_in_hw", " not_in_hw", true);
2782 }
2783 }
2784
2785 if (tb[TCA_FLOWER_ACT])
2786 tc_print_action(f, tb[TCA_FLOWER_ACT], 0);
2787
2788 return 0;
2789 }
2790
2791 struct filter_util flower_filter_util = {
2792 .id = "flower",
2793 .parse_fopt = flower_parse_opt,
2794 .print_fopt = flower_print_opt,
2795 };
Upstream mirror of iproute2