]> git.proxmox.com Git - mirror_iproute2.git/blob - tc/f_flower.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'master' into net-next
[mirror_iproute2.git] / tc / f_flower.c
1 /*
2 * f_flower.c Flower Classifier
3 *
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Jiri Pirko <jiri@resnulli.us>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <syslog.h>
16 #include <string.h>
17 #include <net/if.h>
18 #include <linux/if_ether.h>
19 #include <linux/ip.h>
20 #include <linux/tc_act/tc_vlan.h>
21
22 #include "utils.h"
23 #include "tc_util.h"
24 #include "rt_names.h"
25
26 enum flower_endpoint {
27 FLOWER_ENDPOINT_SRC,
28 FLOWER_ENDPOINT_DST
29 };
30
31 enum flower_icmp_field {
32 FLOWER_ICMP_FIELD_TYPE,
33 FLOWER_ICMP_FIELD_CODE
34 };
35
36 static void explain(void)
37 {
38 fprintf(stderr,
39 "Usage: ... flower [ MATCH-LIST ]\n"
40 " [ skip_sw | skip_hw ]\n"
41 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
42 "\n"
43 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
44 " MATCH := { indev DEV-NAME |\n"
45 " vlan_id VID |\n"
46 " vlan_prio PRIORITY |\n"
47 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
48 " dst_mac MASKED-LLADDR |\n"
49 " src_mac MASKED-LLADDR |\n"
50 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
51 " dst_ip PREFIX |\n"
52 " src_ip PREFIX |\n"
53 " dst_port PORT-NUMBER |\n"
54 " src_port PORT-NUMBER |\n"
55 " type ICMP-TYPE |\n"
56 " code ICMP-CODE |\n"
57 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
58 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
59 " enc_key_id [ KEY-ID ] |\n"
60 " matching_flags MATCHING-FLAGS | \n"
61 " enc_dst_port [ UDP-PORT ] }\n"
62 " FILTERID := X:Y:Z\n"
63 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
64 " ACTION-SPEC := ... look at individual actions\n"
65 "\n"
66 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
67 "NOTE: There can be only used one mask per one prio. If user needs\n"
68 " to specify different mask, he has to use different prio.\n");
69 }
70
71 static int flower_parse_eth_addr(char *str, int addr_type, int mask_type,
72 struct nlmsghdr *n)
73 {
74 int ret, err = -1;
75 char addr[ETH_ALEN], *slash;
76
77 slash = strchr(str, '/');
78 if (slash)
79 *slash = '\0';
80
81 ret = ll_addr_a2n(addr, sizeof(addr), str);
82 if (ret < 0)
83 goto err;
84 addattr_l(n, MAX_MSG, addr_type, addr, sizeof(addr));
85
86 if (slash) {
87 unsigned bits;
88
89 if (!get_unsigned(&bits, slash + 1, 10)) {
90 uint64_t mask;
91
92 /* Extra 16 bit shift to push mac address into
93 * high bits of uint64_t
94 */
95 mask = htonll(0xffffffffffffULL << (16 + 48 - bits));
96 memcpy(addr, &mask, ETH_ALEN);
97 } else {
98 ret = ll_addr_a2n(addr, sizeof(addr), slash + 1);
99 if (ret < 0)
100 goto err;
101 }
102 } else {
103 memset(addr, 0xff, ETH_ALEN);
104 }
105 addattr_l(n, MAX_MSG, mask_type, addr, sizeof(addr));
106
107 err = 0;
108 err:
109 if (slash)
110 *slash = '/';
111 return err;
112 }
113
114 static int flower_parse_vlan_eth_type(char *str, __be16 eth_type, int type,
115 __be16 *p_vlan_eth_type,
116 struct nlmsghdr *n)
117 {
118 __be16 vlan_eth_type;
119
120 if (eth_type != htons(ETH_P_8021Q)) {
121 fprintf(stderr,
122 "Can't set \"vlan_ethtype\" if ethertype isn't 802.1Q\n");
123 return -1;
124 }
125
126 if (ll_proto_a2n(&vlan_eth_type, str))
127 invarg("invalid vlan_ethtype", str);
128 addattr16(n, MAX_MSG, type, vlan_eth_type);
129 *p_vlan_eth_type = vlan_eth_type;
130 return 0;
131 }
132
133 static int flower_parse_matching_flags(char *str, int type, int mask_type,
134 struct nlmsghdr *n)
135 {
136 __u32 mtf, mtf_mask;
137 char *c;
138
139 c = strchr(str, '/');
140 if (c)
141 *c = '\0';
142
143 if (get_u32(&mtf, str, 0))
144 return -1;
145
146 if (c) {
147 if (get_u32(&mtf_mask, ++c, 0))
148 return -1;
149 } else {
150 mtf_mask = 0xffffffff;
151 }
152
153 addattr32(n, MAX_MSG, type, htonl(mtf));
154 addattr32(n, MAX_MSG, mask_type, htonl(mtf_mask));
155 return 0;
156 }
157
158 static int flower_parse_ip_proto(char *str, __be16 eth_type, int type,
159 __u8 *p_ip_proto, struct nlmsghdr *n)
160 {
161 int ret;
162 __u8 ip_proto;
163
164 if (eth_type != htons(ETH_P_IP) && eth_type != htons(ETH_P_IPV6))
165 goto err;
166
167 if (matches(str, "tcp") == 0) {
168 ip_proto = IPPROTO_TCP;
169 } else if (matches(str, "udp") == 0) {
170 ip_proto = IPPROTO_UDP;
171 } else if (matches(str, "sctp") == 0) {
172 ip_proto = IPPROTO_SCTP;
173 } else if (matches(str, "icmp") == 0) {
174 if (eth_type != htons(ETH_P_IP))
175 goto err;
176 ip_proto = IPPROTO_ICMP;
177 } else if (matches(str, "icmpv6") == 0) {
178 if (eth_type != htons(ETH_P_IPV6))
179 goto err;
180 ip_proto = IPPROTO_ICMPV6;
181 } else {
182 ret = get_u8(&ip_proto, str, 16);
183 if (ret)
184 return -1;
185 }
186 addattr8(n, MAX_MSG, type, ip_proto);
187 *p_ip_proto = ip_proto;
188 return 0;
189
190 err:
191 fprintf(stderr, "Illegal \"eth_type\" for ip proto\n");
192 return -1;
193 }
194
195 static int flower_parse_ip_addr(char *str, __be16 eth_type,
196 int addr4_type, int mask4_type,
197 int addr6_type, int mask6_type,
198 struct nlmsghdr *n)
199 {
200 int ret;
201 inet_prefix addr;
202 int family;
203 int bits;
204 int i;
205
206 if (eth_type == htons(ETH_P_IP)) {
207 family = AF_INET;
208 } else if (eth_type == htons(ETH_P_IPV6)) {
209 family = AF_INET6;
210 } else if (!eth_type) {
211 family = AF_UNSPEC;
212 } else {
213 return -1;
214 }
215
216 ret = get_prefix(&addr, str, family);
217 if (ret)
218 return -1;
219
220 if (family && (addr.family != family)) {
221 fprintf(stderr, "Illegal \"eth_type\" for ip address\n");
222 return -1;
223 }
224
225 addattr_l(n, MAX_MSG, addr.family == AF_INET ? addr4_type : addr6_type,
226 addr.data, addr.bytelen);
227
228 memset(addr.data, 0xff, addr.bytelen);
229 bits = addr.bitlen;
230 for (i = 0; i < addr.bytelen / 4; i++) {
231 if (!bits) {
232 addr.data[i] = 0;
233 } else if (bits / 32 >= 1) {
234 bits -= 32;
235 } else {
236 addr.data[i] <<= 32 - bits;
237 addr.data[i] = htonl(addr.data[i]);
238 bits = 0;
239 }
240 }
241
242 addattr_l(n, MAX_MSG, addr.family == AF_INET ? mask4_type : mask6_type,
243 addr.data, addr.bytelen);
244
245 return 0;
246 }
247
248 static int flower_icmp_attr_type(__be16 eth_type, __u8 ip_proto,
249 enum flower_icmp_field field)
250 {
251 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
252 return field == FLOWER_ICMP_FIELD_CODE ?
253 TCA_FLOWER_KEY_ICMPV4_CODE :
254 TCA_FLOWER_KEY_ICMPV4_TYPE;
255 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
256 return field == FLOWER_ICMP_FIELD_CODE ?
257 TCA_FLOWER_KEY_ICMPV6_CODE :
258 TCA_FLOWER_KEY_ICMPV6_TYPE;
259
260 return -1;
261 }
262
263 static int flower_parse_icmp(char *str, __u16 eth_type, __u8 ip_proto,
264 enum flower_icmp_field field, struct nlmsghdr *n)
265 {
266 int ret;
267 int type;
268 uint8_t value;
269
270 type = flower_icmp_attr_type(eth_type, ip_proto, field);
271 if (type < 0)
272 return -1;
273
274 ret = get_u8(&value, str, 10);
275 if (ret)
276 return -1;
277
278 addattr8(n, MAX_MSG, type, value);
279
280 return 0;
281 }
282
283 static int flower_port_attr_type(__u8 ip_proto, enum flower_endpoint endpoint)
284 {
285 if (ip_proto == IPPROTO_TCP)
286 return endpoint == FLOWER_ENDPOINT_SRC ?
287 TCA_FLOWER_KEY_TCP_SRC :
288 TCA_FLOWER_KEY_TCP_DST;
289 else if (ip_proto == IPPROTO_UDP)
290 return endpoint == FLOWER_ENDPOINT_SRC ?
291 TCA_FLOWER_KEY_UDP_SRC :
292 TCA_FLOWER_KEY_UDP_DST;
293 else if (ip_proto == IPPROTO_SCTP)
294 return endpoint == FLOWER_ENDPOINT_SRC ?
295 TCA_FLOWER_KEY_SCTP_SRC :
296 TCA_FLOWER_KEY_SCTP_DST;
297 else
298 return -1;
299 }
300
301 static int flower_parse_port(char *str, __u8 ip_proto,
302 enum flower_endpoint endpoint,
303 struct nlmsghdr *n)
304 {
305 int ret;
306 int type;
307 __be16 port;
308
309 type = flower_port_attr_type(ip_proto, endpoint);
310 if (type < 0)
311 return -1;
312
313 ret = get_be16(&port, str, 10);
314 if (ret)
315 return -1;
316
317 addattr16(n, MAX_MSG, type, port);
318
319 return 0;
320 }
321
322 static int flower_parse_key_id(const char *str, int type, struct nlmsghdr *n)
323 {
324 int ret;
325 __be32 key_id;
326
327 ret = get_be32(&key_id, str, 10);
328 if (!ret)
329 addattr32(n, MAX_MSG, type, key_id);
330
331 return ret;
332 }
333
334 static int flower_parse_enc_port(char *str, int type, struct nlmsghdr *n)
335 {
336 int ret;
337 __be16 port;
338
339 ret = get_be16(&port, str, 10);
340 if (ret)
341 return -1;
342
343 addattr16(n, MAX_MSG, type, port);
344
345 return 0;
346 }
347
348 static int flower_parse_opt(struct filter_util *qu, char *handle,
349 int argc, char **argv, struct nlmsghdr *n)
350 {
351 int ret;
352 struct tcmsg *t = NLMSG_DATA(n);
353 struct rtattr *tail;
354 __be16 eth_type = TC_H_MIN(t->tcm_info);
355 __be16 vlan_ethtype = 0;
356 __u8 ip_proto = 0xff;
357 __u32 flags = 0;
358
359 if (handle) {
360 ret = get_u32(&t->tcm_handle, handle, 0);
361 if (ret) {
362 fprintf(stderr, "Illegal \"handle\"\n");
363 return -1;
364 }
365 }
366
367 tail = (struct rtattr *) (((void *) n) + NLMSG_ALIGN(n->nlmsg_len));
368 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0);
369
370 if (argc == 0) {
371 /*at minimal we will match all ethertype packets */
372 goto parse_done;
373 }
374
375 while (argc > 0) {
376 if (matches(*argv, "classid") == 0 ||
377 matches(*argv, "flowid") == 0) {
378 unsigned int handle;
379
380 NEXT_ARG();
381 ret = get_tc_classid(&handle, *argv);
382 if (ret) {
383 fprintf(stderr, "Illegal \"classid\"\n");
384 return -1;
385 }
386 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle, 4);
387 } else if (matches(*argv, "matching_flags") == 0) {
388 NEXT_ARG();
389 ret = flower_parse_matching_flags(*argv,
390 TCA_FLOWER_KEY_FLAGS,
391 TCA_FLOWER_KEY_FLAGS_MASK,
392 n);
393 if (ret < 0) {
394 fprintf(stderr, "Illegal \"matching_flags\"\n");
395 return -1;
396 }
397 } else if (matches(*argv, "skip_hw") == 0) {
398 flags |= TCA_CLS_FLAGS_SKIP_HW;
399 } else if (matches(*argv, "skip_sw") == 0) {
400 flags |= TCA_CLS_FLAGS_SKIP_SW;
401 } else if (matches(*argv, "indev") == 0) {
402 char ifname[IFNAMSIZ] = {};
403
404 NEXT_ARG();
405 strncpy(ifname, *argv, sizeof(ifname) - 1);
406 addattrstrz(n, MAX_MSG, TCA_FLOWER_INDEV, ifname);
407 } else if (matches(*argv, "vlan_id") == 0) {
408 __u16 vid;
409
410 NEXT_ARG();
411 if (eth_type != htons(ETH_P_8021Q)) {
412 fprintf(stderr,
413 "Can't set \"vlan_id\" if ethertype isn't 802.1Q\n");
414 return -1;
415 }
416 ret = get_u16(&vid, *argv, 10);
417 if (ret < 0 || vid & ~0xfff) {
418 fprintf(stderr, "Illegal \"vlan_id\"\n");
419 return -1;
420 }
421 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_VLAN_ID, vid);
422 } else if (matches(*argv, "vlan_prio") == 0) {
423 __u8 vlan_prio;
424
425 NEXT_ARG();
426 if (eth_type != htons(ETH_P_8021Q)) {
427 fprintf(stderr,
428 "Can't set \"vlan_prio\" if ethertype isn't 802.1Q\n");
429 return -1;
430 }
431 ret = get_u8(&vlan_prio, *argv, 10);
432 if (ret < 0 || vlan_prio & ~0x7) {
433 fprintf(stderr, "Illegal \"vlan_prio\"\n");
434 return -1;
435 }
436 addattr8(n, MAX_MSG,
437 TCA_FLOWER_KEY_VLAN_PRIO, vlan_prio);
438 } else if (matches(*argv, "vlan_ethtype") == 0) {
439 NEXT_ARG();
440 ret = flower_parse_vlan_eth_type(*argv, eth_type,
441 TCA_FLOWER_KEY_VLAN_ETH_TYPE,
442 &vlan_ethtype, n);
443 if (ret < 0)
444 return -1;
445 } else if (matches(*argv, "dst_mac") == 0) {
446 NEXT_ARG();
447 ret = flower_parse_eth_addr(*argv,
448 TCA_FLOWER_KEY_ETH_DST,
449 TCA_FLOWER_KEY_ETH_DST_MASK,
450 n);
451 if (ret < 0) {
452 fprintf(stderr, "Illegal \"dst_mac\"\n");
453 return -1;
454 }
455 } else if (matches(*argv, "src_mac") == 0) {
456 NEXT_ARG();
457 ret = flower_parse_eth_addr(*argv,
458 TCA_FLOWER_KEY_ETH_SRC,
459 TCA_FLOWER_KEY_ETH_SRC_MASK,
460 n);
461 if (ret < 0) {
462 fprintf(stderr, "Illegal \"src_mac\"\n");
463 return -1;
464 }
465 } else if (matches(*argv, "ip_proto") == 0) {
466 NEXT_ARG();
467 ret = flower_parse_ip_proto(*argv, vlan_ethtype ?
468 vlan_ethtype : eth_type,
469 TCA_FLOWER_KEY_IP_PROTO,
470 &ip_proto, n);
471 if (ret < 0) {
472 fprintf(stderr, "Illegal \"ip_proto\"\n");
473 return -1;
474 }
475 } else if (matches(*argv, "dst_ip") == 0) {
476 NEXT_ARG();
477 ret = flower_parse_ip_addr(*argv, vlan_ethtype ?
478 vlan_ethtype : eth_type,
479 TCA_FLOWER_KEY_IPV4_DST,
480 TCA_FLOWER_KEY_IPV4_DST_MASK,
481 TCA_FLOWER_KEY_IPV6_DST,
482 TCA_FLOWER_KEY_IPV6_DST_MASK,
483 n);
484 if (ret < 0) {
485 fprintf(stderr, "Illegal \"dst_ip\"\n");
486 return -1;
487 }
488 } else if (matches(*argv, "src_ip") == 0) {
489 NEXT_ARG();
490 ret = flower_parse_ip_addr(*argv, vlan_ethtype ?
491 vlan_ethtype : eth_type,
492 TCA_FLOWER_KEY_IPV4_SRC,
493 TCA_FLOWER_KEY_IPV4_SRC_MASK,
494 TCA_FLOWER_KEY_IPV6_SRC,
495 TCA_FLOWER_KEY_IPV6_SRC_MASK,
496 n);
497 if (ret < 0) {
498 fprintf(stderr, "Illegal \"src_ip\"\n");
499 return -1;
500 }
501 } else if (matches(*argv, "dst_port") == 0) {
502 NEXT_ARG();
503 ret = flower_parse_port(*argv, ip_proto,
504 FLOWER_ENDPOINT_DST, n);
505 if (ret < 0) {
506 fprintf(stderr, "Illegal \"dst_port\"\n");
507 return -1;
508 }
509 } else if (matches(*argv, "src_port") == 0) {
510 NEXT_ARG();
511 ret = flower_parse_port(*argv, ip_proto,
512 FLOWER_ENDPOINT_SRC, n);
513 if (ret < 0) {
514 fprintf(stderr, "Illegal \"src_port\"\n");
515 return -1;
516 }
517 } else if (matches(*argv, "type") == 0) {
518 NEXT_ARG();
519 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
520 FLOWER_ICMP_FIELD_TYPE, n);
521 if (ret < 0) {
522 fprintf(stderr, "Illegal \"icmp type\"\n");
523 return -1;
524 }
525 } else if (matches(*argv, "code") == 0) {
526 NEXT_ARG();
527 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
528 FLOWER_ICMP_FIELD_CODE, n);
529 if (ret < 0) {
530 fprintf(stderr, "Illegal \"icmp code\"\n");
531 return -1;
532 }
533 } else if (matches(*argv, "enc_dst_ip") == 0) {
534 NEXT_ARG();
535 ret = flower_parse_ip_addr(*argv, 0,
536 TCA_FLOWER_KEY_ENC_IPV4_DST,
537 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
538 TCA_FLOWER_KEY_ENC_IPV6_DST,
539 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
540 n);
541 if (ret < 0) {
542 fprintf(stderr, "Illegal \"enc_dst_ip\"\n");
543 return -1;
544 }
545 } else if (matches(*argv, "enc_src_ip") == 0) {
546 NEXT_ARG();
547 ret = flower_parse_ip_addr(*argv, 0,
548 TCA_FLOWER_KEY_ENC_IPV4_SRC,
549 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
550 TCA_FLOWER_KEY_ENC_IPV6_SRC,
551 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
552 n);
553 if (ret < 0) {
554 fprintf(stderr, "Illegal \"enc_src_ip\"\n");
555 return -1;
556 }
557 } else if (matches(*argv, "enc_key_id") == 0) {
558 NEXT_ARG();
559 ret = flower_parse_key_id(*argv,
560 TCA_FLOWER_KEY_ENC_KEY_ID, n);
561 if (ret < 0) {
562 fprintf(stderr, "Illegal \"enc_key_id\"\n");
563 return -1;
564 }
565 } else if (matches(*argv, "enc_dst_port") == 0) {
566 NEXT_ARG();
567 ret = flower_parse_enc_port(*argv,
568 TCA_FLOWER_KEY_ENC_UDP_DST_PORT, n);
569 if (ret < 0) {
570 fprintf(stderr, "Illegal \"enc_dst_port\"\n");
571 return -1;
572 }
573 } else if (matches(*argv, "action") == 0) {
574 NEXT_ARG();
575 ret = parse_action(&argc, &argv, TCA_FLOWER_ACT, n);
576 if (ret) {
577 fprintf(stderr, "Illegal \"action\"\n");
578 return -1;
579 }
580 continue;
581 } else if (strcmp(*argv, "help") == 0) {
582 explain();
583 return -1;
584 } else {
585 fprintf(stderr, "What is \"%s\"?\n", *argv);
586 explain();
587 return -1;
588 }
589 argc--; argv++;
590 }
591
592 parse_done:
593 addattr32(n, MAX_MSG, TCA_FLOWER_FLAGS, flags);
594
595 ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, eth_type);
596 if (ret) {
597 fprintf(stderr, "Illegal \"eth_type\"(0x%x)\n",
598 ntohs(eth_type));
599 return -1;
600 }
601
602 tail->rta_len = (((void *)n)+n->nlmsg_len) - (void *)tail;
603
604 return 0;
605 }
606
607 static int __mask_bits(char *addr, size_t len)
608 {
609 int bits = 0;
610 bool hole = false;
611 int i;
612 int j;
613
614 for (i = 0; i < len; i++, addr++) {
615 for (j = 7; j >= 0; j--) {
616 if (((*addr) >> j) & 0x1) {
617 if (hole)
618 return -1;
619 bits++;
620 } else if (bits) {
621 hole = true;
622 } else{
623 return -1;
624 }
625 }
626 }
627 return bits;
628 }
629
630 static void flower_print_eth_addr(FILE *f, char *name,
631 struct rtattr *addr_attr,
632 struct rtattr *mask_attr)
633 {
634 SPRINT_BUF(b1);
635 int bits;
636
637 if (!addr_attr || RTA_PAYLOAD(addr_attr) != ETH_ALEN)
638 return;
639 fprintf(f, "\n %s %s", name, ll_addr_n2a(RTA_DATA(addr_attr), ETH_ALEN,
640 0, b1, sizeof(b1)));
641 if (!mask_attr || RTA_PAYLOAD(mask_attr) != ETH_ALEN)
642 return;
643 bits = __mask_bits(RTA_DATA(mask_attr), ETH_ALEN);
644 if (bits < 0)
645 fprintf(f, "/%s", ll_addr_n2a(RTA_DATA(mask_attr), ETH_ALEN,
646 0, b1, sizeof(b1)));
647 else if (bits < ETH_ALEN * 8)
648 fprintf(f, "/%d", bits);
649 }
650
651 static void flower_print_eth_type(FILE *f, __be16 *p_eth_type,
652 struct rtattr *eth_type_attr)
653 {
654 __be16 eth_type;
655
656 if (!eth_type_attr)
657 return;
658
659 eth_type = rta_getattr_u16(eth_type_attr);
660 fprintf(f, "\n eth_type ");
661 if (eth_type == htons(ETH_P_IP))
662 fprintf(f, "ipv4");
663 else if (eth_type == htons(ETH_P_IPV6))
664 fprintf(f, "ipv6");
665 else
666 fprintf(f, "%04x", ntohs(eth_type));
667 *p_eth_type = eth_type;
668 }
669
670 static void flower_print_ip_proto(FILE *f, __u8 *p_ip_proto,
671 struct rtattr *ip_proto_attr)
672 {
673 __u8 ip_proto;
674
675 if (!ip_proto_attr)
676 return;
677
678 ip_proto = rta_getattr_u8(ip_proto_attr);
679 fprintf(f, "\n ip_proto ");
680 if (ip_proto == IPPROTO_TCP)
681 fprintf(f, "tcp");
682 else if (ip_proto == IPPROTO_UDP)
683 fprintf(f, "udp");
684 else if (ip_proto == IPPROTO_SCTP)
685 fprintf(f, "sctp");
686 else if (ip_proto == IPPROTO_ICMP)
687 fprintf(f, "icmp");
688 else if (ip_proto == IPPROTO_ICMPV6)
689 fprintf(f, "icmpv6");
690 else
691 fprintf(f, "%02x", ip_proto);
692 *p_ip_proto = ip_proto;
693 }
694
695 static void flower_print_matching_flags(FILE *f, char *name,
696 struct rtattr *attr,
697 struct rtattr *mask_attr)
698 {
699 if (!mask_attr || RTA_PAYLOAD(mask_attr) != 4)
700 return;
701
702 fprintf(f, "\n %s 0x%08x/0x%08x", name, ntohl(rta_getattr_u32(attr)),
703 mask_attr ? ntohl(rta_getattr_u32(mask_attr)) : 0xffffffff);
704 }
705
706 static void flower_print_ip_addr(FILE *f, char *name, __be16 eth_type,
707 struct rtattr *addr4_attr,
708 struct rtattr *mask4_attr,
709 struct rtattr *addr6_attr,
710 struct rtattr *mask6_attr)
711 {
712 struct rtattr *addr_attr;
713 struct rtattr *mask_attr;
714 int family;
715 size_t len;
716 int bits;
717
718 if (eth_type == htons(ETH_P_IP)) {
719 family = AF_INET;
720 addr_attr = addr4_attr;
721 mask_attr = mask4_attr;
722 len = 4;
723 } else if (eth_type == htons(ETH_P_IPV6)) {
724 family = AF_INET6;
725 addr_attr = addr6_attr;
726 mask_attr = mask6_attr;
727 len = 16;
728 } else {
729 return;
730 }
731 if (!addr_attr || RTA_PAYLOAD(addr_attr) != len)
732 return;
733 fprintf(f, "\n %s %s", name, rt_addr_n2a_rta(family, addr_attr));
734 if (!mask_attr || RTA_PAYLOAD(mask_attr) != len)
735 return;
736 bits = __mask_bits(RTA_DATA(mask_attr), len);
737 if (bits < 0)
738 fprintf(f, "/%s", rt_addr_n2a_rta(family, mask_attr));
739 else if (bits < len * 8)
740 fprintf(f, "/%d", bits);
741 }
742
743 static void flower_print_port(FILE *f, char *name, struct rtattr *attr)
744 {
745 if (attr)
746 fprintf(f, "\n %s %d", name, rta_getattr_be16(attr));
747 }
748
749 static void flower_print_key_id(FILE *f, const char *name,
750 struct rtattr *attr)
751 {
752 if (attr)
753 fprintf(f, "\n %s %d", name, rta_getattr_be32(attr));
754 }
755
756 static void flower_print_icmp(FILE *f, char *name, struct rtattr *attr)
757 {
758 if (attr)
759 fprintf(f, "\n %s %d", name, rta_getattr_u8(attr));
760 }
761
762 static int flower_print_opt(struct filter_util *qu, FILE *f,
763 struct rtattr *opt, __u32 handle)
764 {
765 struct rtattr *tb[TCA_FLOWER_MAX + 1];
766 __be16 eth_type = 0;
767 __u8 ip_proto = 0xff;
768 int nl_type;
769
770 if (!opt)
771 return 0;
772
773 parse_rtattr_nested(tb, TCA_FLOWER_MAX, opt);
774
775 if (handle)
776 fprintf(f, "handle 0x%x ", handle);
777
778 if (tb[TCA_FLOWER_CLASSID]) {
779 SPRINT_BUF(b1);
780 fprintf(f, "classid %s ",
781 sprint_tc_classid(rta_getattr_u32(tb[TCA_FLOWER_CLASSID]),
782 b1));
783 }
784
785 if (tb[TCA_FLOWER_INDEV]) {
786 struct rtattr *attr = tb[TCA_FLOWER_INDEV];
787
788 fprintf(f, "\n indev %s", rta_getattr_str(attr));
789 }
790
791 if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
792 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ID];
793
794 fprintf(f, "\n vlan_id %d", rta_getattr_u16(attr));
795 }
796
797 if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
798 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_PRIO];
799
800 fprintf(f, "\n vlan_prio %d", rta_getattr_u8(attr));
801 }
802
803 flower_print_eth_addr(f, "dst_mac", tb[TCA_FLOWER_KEY_ETH_DST],
804 tb[TCA_FLOWER_KEY_ETH_DST_MASK]);
805 flower_print_eth_addr(f, "src_mac", tb[TCA_FLOWER_KEY_ETH_SRC],
806 tb[TCA_FLOWER_KEY_ETH_SRC_MASK]);
807
808 flower_print_eth_type(f, &eth_type, tb[TCA_FLOWER_KEY_ETH_TYPE]);
809 flower_print_ip_proto(f, &ip_proto, tb[TCA_FLOWER_KEY_IP_PROTO]);
810
811 flower_print_ip_addr(f, "dst_ip", eth_type,
812 tb[TCA_FLOWER_KEY_IPV4_DST],
813 tb[TCA_FLOWER_KEY_IPV4_DST_MASK],
814 tb[TCA_FLOWER_KEY_IPV6_DST],
815 tb[TCA_FLOWER_KEY_IPV6_DST_MASK]);
816
817 flower_print_ip_addr(f, "src_ip", eth_type,
818 tb[TCA_FLOWER_KEY_IPV4_SRC],
819 tb[TCA_FLOWER_KEY_IPV4_SRC_MASK],
820 tb[TCA_FLOWER_KEY_IPV6_SRC],
821 tb[TCA_FLOWER_KEY_IPV6_SRC_MASK]);
822
823 nl_type = flower_port_attr_type(ip_proto, false);
824 if (nl_type >= 0)
825 flower_print_port(f, "dst_port", tb[nl_type]);
826 nl_type = flower_port_attr_type(ip_proto, true);
827 if (nl_type >= 0)
828 flower_print_port(f, "src_port", tb[nl_type]);
829
830 nl_type = flower_icmp_attr_type(eth_type, ip_proto, false);
831 if (nl_type >= 0)
832 flower_print_icmp(f, "icmp_type", tb[nl_type]);
833 nl_type = flower_icmp_attr_type(eth_type, ip_proto, true);
834 if (nl_type >= 0)
835 flower_print_icmp(f, "icmp_code", tb[nl_type]);
836
837 flower_print_ip_addr(f, "enc_dst_ip",
838 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] ?
839 htons(ETH_P_IP) : htons(ETH_P_IPV6),
840 tb[TCA_FLOWER_KEY_ENC_IPV4_DST],
841 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK],
842 tb[TCA_FLOWER_KEY_ENC_IPV6_DST],
843 tb[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK]);
844
845 flower_print_ip_addr(f, "enc_src_ip",
846 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] ?
847 htons(ETH_P_IP) : htons(ETH_P_IPV6),
848 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC],
849 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK],
850 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC],
851 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK]);
852
853 flower_print_key_id(f, "enc_key_id",
854 tb[TCA_FLOWER_KEY_ENC_KEY_ID]);
855
856 flower_print_port(f, "enc_dst_port",
857 tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]);
858
859 flower_print_matching_flags(f, "matching_flags",
860 tb[TCA_FLOWER_KEY_FLAGS],
861 tb[TCA_FLOWER_KEY_FLAGS_MASK]);
862
863 if (tb[TCA_FLOWER_FLAGS]) {
864 __u32 flags = rta_getattr_u32(tb[TCA_FLOWER_FLAGS]);
865
866 if (flags & TCA_CLS_FLAGS_SKIP_HW)
867 fprintf(f, "\n skip_hw");
868 if (flags & TCA_CLS_FLAGS_SKIP_SW)
869 fprintf(f, "\n skip_sw");
870 }
871
872 if (tb[TCA_FLOWER_ACT])
873 tc_print_action(f, tb[TCA_FLOWER_ACT]);
874
875 return 0;
876 }
877
878 struct filter_util flower_filter_util = {
879 .id = "flower",
880 .parse_fopt = flower_parse_opt,
881 .print_fopt = flower_print_opt,
882 };
Upstream mirror of iproute2