2 * f_flower.c Flower Classifier
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: Jiri Pirko <jiri@resnulli.us>
17 #include <linux/if_arp.h>
18 #include <linux/if_ether.h>
20 #include <linux/tc_act/tc_vlan.h>
21 #include <linux/mpls.h>
27 enum flower_matching_flags
{
31 enum flower_endpoint
{
36 enum flower_icmp_field
{
37 FLOWER_ICMP_FIELD_TYPE
,
38 FLOWER_ICMP_FIELD_CODE
41 static void explain(void)
44 "Usage: ... flower [ MATCH-LIST ] [ verbose ]\n"
45 " [ skip_sw | skip_hw ]\n"
46 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
48 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
49 " MATCH := { indev DEV-NAME |\n"
51 " vlan_prio PRIORITY |\n"
52 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
53 " dst_mac MASKED-LLADDR |\n"
54 " src_mac MASKED-LLADDR |\n"
55 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
56 " ip_tos MASKED-IP_TOS |\n"
57 " ip_ttl MASKED-IP_TTL |\n"
58 " mpls_label LABEL |\n"
64 " dst_port PORT-NUMBER |\n"
65 " src_port PORT-NUMBER |\n"
66 " tcp_flags MASKED-TCP_FLAGS |\n"
67 " type MASKED-ICMP-TYPE |\n"
68 " code MASKED-ICMP-CODE |\n"
69 " arp_tip IPV4-PREFIX |\n"
70 " arp_sip IPV4-PREFIX |\n"
71 " arp_op [ request | reply | OP ] |\n"
72 " arp_tha MASKED-LLADDR |\n"
73 " arp_sha MASKED-LLADDR |\n"
74 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
75 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
76 " enc_key_id [ KEY-ID ] |\n"
77 " ip_flags IP-FLAGS | \n"
78 " enc_dst_port [ port_number ] }\n"
79 " FILTERID := X:Y:Z\n"
80 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
81 " ACTION-SPEC := ... look at individual actions\n"
83 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
84 "NOTE: There can be only used one mask per one prio. If user needs\n"
85 " to specify different mask, he has to use different prio.\n");
88 static int flower_parse_eth_addr(char *str
, int addr_type
, int mask_type
,
92 char addr
[ETH_ALEN
], *slash
;
94 slash
= strchr(str
, '/');
98 ret
= ll_addr_a2n(addr
, sizeof(addr
), str
);
101 addattr_l(n
, MAX_MSG
, addr_type
, addr
, sizeof(addr
));
106 if (!get_unsigned(&bits
, slash
+ 1, 10)) {
109 /* Extra 16 bit shift to push mac address into
110 * high bits of uint64_t
112 mask
= htonll(0xffffffffffffULL
<< (16 + 48 - bits
));
113 memcpy(addr
, &mask
, ETH_ALEN
);
115 ret
= ll_addr_a2n(addr
, sizeof(addr
), slash
+ 1);
120 memset(addr
, 0xff, ETH_ALEN
);
122 addattr_l(n
, MAX_MSG
, mask_type
, addr
, sizeof(addr
));
131 static int flower_parse_vlan_eth_type(char *str
, __be16 eth_type
, int type
,
132 __be16
*p_vlan_eth_type
,
135 __be16 vlan_eth_type
;
137 if (eth_type
!= htons(ETH_P_8021Q
)) {
139 "Can't set \"vlan_ethtype\" if ethertype isn't 802.1Q\n");
143 if (ll_proto_a2n(&vlan_eth_type
, str
))
144 invarg("invalid vlan_ethtype", str
);
145 addattr16(n
, MAX_MSG
, type
, vlan_eth_type
);
146 *p_vlan_eth_type
= vlan_eth_type
;
150 struct flag_to_string
{
152 enum flower_matching_flags type
;
156 static struct flag_to_string flags_str
[] = {
157 { TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT
, FLOWER_IP_FLAGS
, "frag" },
158 { TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST
, FLOWER_IP_FLAGS
, "firstfrag" },
161 static int flower_parse_matching_flags(char *str
,
162 enum flower_matching_flags type
,
163 __u32
*mtf
, __u32
*mtf_mask
)
170 token
= strtok(str
, "/");
173 if (!strncmp(token
, "no", 2)) {
180 for (i
= 0; i
< ARRAY_SIZE(flags_str
); i
++) {
181 if (type
!= flags_str
[i
].type
)
184 if (!strcmp(token
, flags_str
[i
].string
)) {
186 *mtf
&= ~flags_str
[i
].flag
;
188 *mtf
|= flags_str
[i
].flag
;
190 *mtf_mask
|= flags_str
[i
].flag
;
198 token
= strtok(NULL
, "/");
204 static int flower_parse_ip_proto(char *str
, __be16 eth_type
, int type
,
205 __u8
*p_ip_proto
, struct nlmsghdr
*n
)
210 if (eth_type
!= htons(ETH_P_IP
) && eth_type
!= htons(ETH_P_IPV6
))
213 if (matches(str
, "tcp") == 0) {
214 ip_proto
= IPPROTO_TCP
;
215 } else if (matches(str
, "udp") == 0) {
216 ip_proto
= IPPROTO_UDP
;
217 } else if (matches(str
, "sctp") == 0) {
218 ip_proto
= IPPROTO_SCTP
;
219 } else if (matches(str
, "icmp") == 0) {
220 if (eth_type
!= htons(ETH_P_IP
))
222 ip_proto
= IPPROTO_ICMP
;
223 } else if (matches(str
, "icmpv6") == 0) {
224 if (eth_type
!= htons(ETH_P_IPV6
))
226 ip_proto
= IPPROTO_ICMPV6
;
228 ret
= get_u8(&ip_proto
, str
, 16);
232 addattr8(n
, MAX_MSG
, type
, ip_proto
);
233 *p_ip_proto
= ip_proto
;
237 fprintf(stderr
, "Illegal \"eth_type\" for ip proto\n");
241 static int __flower_parse_ip_addr(char *str
, int family
,
242 int addr4_type
, int mask4_type
,
243 int addr6_type
, int mask6_type
,
251 ret
= get_prefix(&addr
, str
, family
);
255 if (family
&& (addr
.family
!= family
)) {
256 fprintf(stderr
, "Illegal \"eth_type\" for ip address\n");
260 addattr_l(n
, MAX_MSG
, addr
.family
== AF_INET
? addr4_type
: addr6_type
,
261 addr
.data
, addr
.bytelen
);
263 memset(addr
.data
, 0xff, addr
.bytelen
);
265 for (i
= 0; i
< addr
.bytelen
/ 4; i
++) {
268 } else if (bits
/ 32 >= 1) {
271 addr
.data
[i
] <<= 32 - bits
;
272 addr
.data
[i
] = htonl(addr
.data
[i
]);
277 addattr_l(n
, MAX_MSG
, addr
.family
== AF_INET
? mask4_type
: mask6_type
,
278 addr
.data
, addr
.bytelen
);
283 static int flower_parse_ip_addr(char *str
, __be16 eth_type
,
284 int addr4_type
, int mask4_type
,
285 int addr6_type
, int mask6_type
,
290 if (eth_type
== htons(ETH_P_IP
)) {
292 } else if (eth_type
== htons(ETH_P_IPV6
)) {
294 } else if (!eth_type
) {
300 return __flower_parse_ip_addr(str
, family
, addr4_type
, mask4_type
,
301 addr6_type
, mask6_type
, n
);
304 static bool flower_eth_type_arp(__be16 eth_type
)
306 return eth_type
== htons(ETH_P_ARP
) || eth_type
== htons(ETH_P_RARP
);
309 static int flower_parse_arp_ip_addr(char *str
, __be16 eth_type
,
310 int addr_type
, int mask_type
,
313 if (!flower_eth_type_arp(eth_type
))
316 return __flower_parse_ip_addr(str
, AF_INET
, addr_type
, mask_type
,
317 TCA_FLOWER_UNSPEC
, TCA_FLOWER_UNSPEC
, n
);
320 static int flower_parse_u8(char *str
, int value_type
, int mask_type
,
321 int (*value_from_name
)(const char *str
,
323 bool (*value_validate
)(__u8 value
),
330 slash
= strchr(str
, '/');
334 ret
= value_from_name
? value_from_name(str
, &value
) : -1;
336 ret
= get_u8(&value
, str
, 10);
341 if (value_validate
&& !value_validate(value
))
345 ret
= get_u8(&mask
, slash
+ 1, 10);
353 addattr8(n
, MAX_MSG
, value_type
, value
);
354 addattr8(n
, MAX_MSG
, mask_type
, mask
);
363 static const char *flower_print_arp_op_to_name(__u8 op
)
375 static int flower_arp_op_from_name(const char *name
, __u8
*op
)
377 if (!strcmp(name
, "request"))
379 else if (!strcmp(name
, "reply"))
387 static bool flow_arp_op_validate(__u8 op
)
389 return !op
|| op
== ARPOP_REQUEST
|| op
== ARPOP_REPLY
;
392 static int flower_parse_arp_op(char *str
, __be16 eth_type
,
393 int op_type
, int mask_type
,
396 if (!flower_eth_type_arp(eth_type
))
399 return flower_parse_u8(str
, op_type
, mask_type
, flower_arp_op_from_name
,
400 flow_arp_op_validate
, n
);
403 static int flower_icmp_attr_type(__be16 eth_type
, __u8 ip_proto
,
404 enum flower_icmp_field field
)
406 if (eth_type
== htons(ETH_P_IP
) && ip_proto
== IPPROTO_ICMP
)
407 return field
== FLOWER_ICMP_FIELD_CODE
?
408 TCA_FLOWER_KEY_ICMPV4_CODE
:
409 TCA_FLOWER_KEY_ICMPV4_TYPE
;
410 else if (eth_type
== htons(ETH_P_IPV6
) && ip_proto
== IPPROTO_ICMPV6
)
411 return field
== FLOWER_ICMP_FIELD_CODE
?
412 TCA_FLOWER_KEY_ICMPV6_CODE
:
413 TCA_FLOWER_KEY_ICMPV6_TYPE
;
418 static int flower_icmp_attr_mask_type(__be16 eth_type
, __u8 ip_proto
,
419 enum flower_icmp_field field
)
421 if (eth_type
== htons(ETH_P_IP
) && ip_proto
== IPPROTO_ICMP
)
422 return field
== FLOWER_ICMP_FIELD_CODE
?
423 TCA_FLOWER_KEY_ICMPV4_CODE_MASK
:
424 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK
;
425 else if (eth_type
== htons(ETH_P_IPV6
) && ip_proto
== IPPROTO_ICMPV6
)
426 return field
== FLOWER_ICMP_FIELD_CODE
?
427 TCA_FLOWER_KEY_ICMPV6_CODE_MASK
:
428 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK
;
433 static int flower_parse_icmp(char *str
, __u16 eth_type
, __u8 ip_proto
,
434 enum flower_icmp_field field
, struct nlmsghdr
*n
)
436 int value_type
, mask_type
;
438 value_type
= flower_icmp_attr_type(eth_type
, ip_proto
, field
);
439 mask_type
= flower_icmp_attr_mask_type(eth_type
, ip_proto
, field
);
440 if (value_type
< 0 || mask_type
< 0)
443 return flower_parse_u8(str
, value_type
, mask_type
, NULL
, NULL
, n
);
446 static int flower_port_attr_type(__u8 ip_proto
, enum flower_endpoint endpoint
)
448 if (ip_proto
== IPPROTO_TCP
)
449 return endpoint
== FLOWER_ENDPOINT_SRC
?
450 TCA_FLOWER_KEY_TCP_SRC
:
451 TCA_FLOWER_KEY_TCP_DST
;
452 else if (ip_proto
== IPPROTO_UDP
)
453 return endpoint
== FLOWER_ENDPOINT_SRC
?
454 TCA_FLOWER_KEY_UDP_SRC
:
455 TCA_FLOWER_KEY_UDP_DST
;
456 else if (ip_proto
== IPPROTO_SCTP
)
457 return endpoint
== FLOWER_ENDPOINT_SRC
?
458 TCA_FLOWER_KEY_SCTP_SRC
:
459 TCA_FLOWER_KEY_SCTP_DST
;
464 static int flower_parse_port(char *str
, __u8 ip_proto
,
465 enum flower_endpoint endpoint
,
472 type
= flower_port_attr_type(ip_proto
, endpoint
);
476 ret
= get_be16(&port
, str
, 10);
480 addattr16(n
, MAX_MSG
, type
, port
);
485 #define TCP_FLAGS_MAX_MASK 0xfff
487 static int flower_parse_tcp_flags(char *str
, int flags_type
, int mask_type
,
494 slash
= strchr(str
, '/');
498 ret
= get_u16(&flags
, str
, 16);
499 if (ret
< 0 || flags
& ~TCP_FLAGS_MAX_MASK
)
502 addattr16(n
, MAX_MSG
, flags_type
, htons(flags
));
505 ret
= get_u16(&flags
, slash
+ 1, 16);
506 if (ret
< 0 || flags
& ~TCP_FLAGS_MAX_MASK
)
509 flags
= TCP_FLAGS_MAX_MASK
;
511 addattr16(n
, MAX_MSG
, mask_type
, htons(flags
));
520 static int flower_parse_ip_tos_ttl(char *str
, int key_type
, int mask_type
,
527 slash
= strchr(str
, '/');
531 ret
= get_u8(&tos_ttl
, str
, 10);
533 ret
= get_u8(&tos_ttl
, str
, 16);
537 addattr8(n
, MAX_MSG
, key_type
, tos_ttl
);
540 ret
= get_u8(&tos_ttl
, slash
+ 1, 16);
546 addattr8(n
, MAX_MSG
, mask_type
, tos_ttl
);
555 static int flower_parse_key_id(const char *str
, int type
, struct nlmsghdr
*n
)
560 ret
= get_be32(&key_id
, str
, 10);
562 addattr32(n
, MAX_MSG
, type
, key_id
);
567 static int flower_parse_enc_port(char *str
, int type
, struct nlmsghdr
*n
)
572 ret
= get_be16(&port
, str
, 10);
576 addattr16(n
, MAX_MSG
, type
, port
);
581 static int flower_parse_opt(struct filter_util
*qu
, char *handle
,
582 int argc
, char **argv
, struct nlmsghdr
*n
)
585 struct tcmsg
*t
= NLMSG_DATA(n
);
587 __be16 eth_type
= TC_H_MIN(t
->tcm_info
);
588 __be16 vlan_ethtype
= 0;
589 __u8 ip_proto
= 0xff;
595 ret
= get_u32(&t
->tcm_handle
, handle
, 0);
597 fprintf(stderr
, "Illegal \"handle\"\n");
602 tail
= (struct rtattr
*) (((void *) n
) + NLMSG_ALIGN(n
->nlmsg_len
));
603 addattr_l(n
, MAX_MSG
, TCA_OPTIONS
, NULL
, 0);
606 /*at minimal we will match all ethertype packets */
611 if (matches(*argv
, "classid") == 0 ||
612 matches(*argv
, "flowid") == 0) {
616 ret
= get_tc_classid(&handle
, *argv
);
618 fprintf(stderr
, "Illegal \"classid\"\n");
621 addattr_l(n
, MAX_MSG
, TCA_FLOWER_CLASSID
, &handle
, 4);
622 } else if (matches(*argv
, "hw_tc") == 0) {
628 tc
= strtoul(*argv
, &end
, 0);
630 fprintf(stderr
, "Illegal TC index\n");
633 if (tc
>= TC_QOPT_MAX_QUEUE
) {
634 fprintf(stderr
, "TC index exceeds max range\n");
637 handle
= TC_H_MAKE(TC_H_MAJ(t
->tcm_parent
),
638 TC_H_MIN(tc
+ TC_H_MIN_PRIORITY
));
639 addattr_l(n
, MAX_MSG
, TCA_FLOWER_CLASSID
, &handle
,
641 } else if (matches(*argv
, "ip_flags") == 0) {
643 ret
= flower_parse_matching_flags(*argv
,
648 fprintf(stderr
, "Illegal \"ip_flags\"\n");
651 } else if (matches(*argv
, "verbose") == 0) {
652 flags
|= TCA_CLS_FLAGS_VERBOSE
;
653 } else if (matches(*argv
, "skip_hw") == 0) {
654 flags
|= TCA_CLS_FLAGS_SKIP_HW
;
655 } else if (matches(*argv
, "skip_sw") == 0) {
656 flags
|= TCA_CLS_FLAGS_SKIP_SW
;
657 } else if (matches(*argv
, "indev") == 0) {
659 if (check_ifname(*argv
))
660 invarg("\"indev\" not a valid ifname", *argv
);
661 addattrstrz(n
, MAX_MSG
, TCA_FLOWER_INDEV
, *argv
);
662 } else if (matches(*argv
, "vlan_id") == 0) {
666 if (eth_type
!= htons(ETH_P_8021Q
)) {
668 "Can't set \"vlan_id\" if ethertype isn't 802.1Q\n");
671 ret
= get_u16(&vid
, *argv
, 10);
672 if (ret
< 0 || vid
& ~0xfff) {
673 fprintf(stderr
, "Illegal \"vlan_id\"\n");
676 addattr16(n
, MAX_MSG
, TCA_FLOWER_KEY_VLAN_ID
, vid
);
677 } else if (matches(*argv
, "vlan_prio") == 0) {
681 if (eth_type
!= htons(ETH_P_8021Q
)) {
683 "Can't set \"vlan_prio\" if ethertype isn't 802.1Q\n");
686 ret
= get_u8(&vlan_prio
, *argv
, 10);
687 if (ret
< 0 || vlan_prio
& ~0x7) {
688 fprintf(stderr
, "Illegal \"vlan_prio\"\n");
692 TCA_FLOWER_KEY_VLAN_PRIO
, vlan_prio
);
693 } else if (matches(*argv
, "vlan_ethtype") == 0) {
695 ret
= flower_parse_vlan_eth_type(*argv
, eth_type
,
696 TCA_FLOWER_KEY_VLAN_ETH_TYPE
,
700 } else if (matches(*argv
, "mpls_label") == 0) {
704 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
705 eth_type
!= htons(ETH_P_MPLS_MC
)) {
707 "Can't set \"mpls_label\" if ethertype isn't MPLS\n");
710 ret
= get_u32(&label
, *argv
, 10);
711 if (ret
< 0 || label
& ~(MPLS_LS_LABEL_MASK
>> MPLS_LS_LABEL_SHIFT
)) {
712 fprintf(stderr
, "Illegal \"mpls_label\"\n");
715 addattr32(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_LABEL
, label
);
716 } else if (matches(*argv
, "mpls_tc") == 0) {
720 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
721 eth_type
!= htons(ETH_P_MPLS_MC
)) {
723 "Can't set \"mpls_tc\" if ethertype isn't MPLS\n");
726 ret
= get_u8(&tc
, *argv
, 10);
727 if (ret
< 0 || tc
& ~(MPLS_LS_TC_MASK
>> MPLS_LS_TC_SHIFT
)) {
728 fprintf(stderr
, "Illegal \"mpls_tc\"\n");
731 addattr8(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_TC
, tc
);
732 } else if (matches(*argv
, "mpls_bos") == 0) {
736 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
737 eth_type
!= htons(ETH_P_MPLS_MC
)) {
739 "Can't set \"mpls_bos\" if ethertype isn't MPLS\n");
742 ret
= get_u8(&bos
, *argv
, 10);
743 if (ret
< 0 || bos
& ~(MPLS_LS_S_MASK
>> MPLS_LS_S_SHIFT
)) {
744 fprintf(stderr
, "Illegal \"mpls_bos\"\n");
747 addattr8(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_BOS
, bos
);
748 } else if (matches(*argv
, "mpls_ttl") == 0) {
752 if (eth_type
!= htons(ETH_P_MPLS_UC
) &&
753 eth_type
!= htons(ETH_P_MPLS_MC
)) {
755 "Can't set \"mpls_ttl\" if ethertype isn't MPLS\n");
758 ret
= get_u8(&ttl
, *argv
, 10);
759 if (ret
< 0 || ttl
& ~(MPLS_LS_TTL_MASK
>> MPLS_LS_TTL_SHIFT
)) {
760 fprintf(stderr
, "Illegal \"mpls_ttl\"\n");
763 addattr8(n
, MAX_MSG
, TCA_FLOWER_KEY_MPLS_TTL
, ttl
);
764 } else if (matches(*argv
, "dst_mac") == 0) {
766 ret
= flower_parse_eth_addr(*argv
,
767 TCA_FLOWER_KEY_ETH_DST
,
768 TCA_FLOWER_KEY_ETH_DST_MASK
,
771 fprintf(stderr
, "Illegal \"dst_mac\"\n");
774 } else if (matches(*argv
, "src_mac") == 0) {
776 ret
= flower_parse_eth_addr(*argv
,
777 TCA_FLOWER_KEY_ETH_SRC
,
778 TCA_FLOWER_KEY_ETH_SRC_MASK
,
781 fprintf(stderr
, "Illegal \"src_mac\"\n");
784 } else if (matches(*argv
, "ip_proto") == 0) {
786 ret
= flower_parse_ip_proto(*argv
, vlan_ethtype
?
787 vlan_ethtype
: eth_type
,
788 TCA_FLOWER_KEY_IP_PROTO
,
791 fprintf(stderr
, "Illegal \"ip_proto\"\n");
794 } else if (matches(*argv
, "ip_tos") == 0) {
796 ret
= flower_parse_ip_tos_ttl(*argv
,
797 TCA_FLOWER_KEY_IP_TOS
,
798 TCA_FLOWER_KEY_IP_TOS_MASK
,
801 fprintf(stderr
, "Illegal \"ip_tos\"\n");
804 } else if (matches(*argv
, "ip_ttl") == 0) {
806 ret
= flower_parse_ip_tos_ttl(*argv
,
807 TCA_FLOWER_KEY_IP_TTL
,
808 TCA_FLOWER_KEY_IP_TTL_MASK
,
811 fprintf(stderr
, "Illegal \"ip_ttl\"\n");
814 } else if (matches(*argv
, "dst_ip") == 0) {
816 ret
= flower_parse_ip_addr(*argv
, vlan_ethtype
?
817 vlan_ethtype
: eth_type
,
818 TCA_FLOWER_KEY_IPV4_DST
,
819 TCA_FLOWER_KEY_IPV4_DST_MASK
,
820 TCA_FLOWER_KEY_IPV6_DST
,
821 TCA_FLOWER_KEY_IPV6_DST_MASK
,
824 fprintf(stderr
, "Illegal \"dst_ip\"\n");
827 } else if (matches(*argv
, "src_ip") == 0) {
829 ret
= flower_parse_ip_addr(*argv
, vlan_ethtype
?
830 vlan_ethtype
: eth_type
,
831 TCA_FLOWER_KEY_IPV4_SRC
,
832 TCA_FLOWER_KEY_IPV4_SRC_MASK
,
833 TCA_FLOWER_KEY_IPV6_SRC
,
834 TCA_FLOWER_KEY_IPV6_SRC_MASK
,
837 fprintf(stderr
, "Illegal \"src_ip\"\n");
840 } else if (matches(*argv
, "dst_port") == 0) {
842 ret
= flower_parse_port(*argv
, ip_proto
,
843 FLOWER_ENDPOINT_DST
, n
);
845 fprintf(stderr
, "Illegal \"dst_port\"\n");
848 } else if (matches(*argv
, "src_port") == 0) {
850 ret
= flower_parse_port(*argv
, ip_proto
,
851 FLOWER_ENDPOINT_SRC
, n
);
853 fprintf(stderr
, "Illegal \"src_port\"\n");
856 } else if (matches(*argv
, "tcp_flags") == 0) {
858 ret
= flower_parse_tcp_flags(*argv
,
859 TCA_FLOWER_KEY_TCP_FLAGS
,
860 TCA_FLOWER_KEY_TCP_FLAGS_MASK
,
863 fprintf(stderr
, "Illegal \"tcp_flags\"\n");
866 } else if (matches(*argv
, "type") == 0) {
868 ret
= flower_parse_icmp(*argv
, eth_type
, ip_proto
,
869 FLOWER_ICMP_FIELD_TYPE
, n
);
871 fprintf(stderr
, "Illegal \"icmp type\"\n");
874 } else if (matches(*argv
, "code") == 0) {
876 ret
= flower_parse_icmp(*argv
, eth_type
, ip_proto
,
877 FLOWER_ICMP_FIELD_CODE
, n
);
879 fprintf(stderr
, "Illegal \"icmp code\"\n");
882 } else if (matches(*argv
, "arp_tip") == 0) {
884 ret
= flower_parse_arp_ip_addr(*argv
, vlan_ethtype
?
885 vlan_ethtype
: eth_type
,
886 TCA_FLOWER_KEY_ARP_TIP
,
887 TCA_FLOWER_KEY_ARP_TIP_MASK
,
890 fprintf(stderr
, "Illegal \"arp_tip\"\n");
893 } else if (matches(*argv
, "arp_sip") == 0) {
895 ret
= flower_parse_arp_ip_addr(*argv
, vlan_ethtype
?
896 vlan_ethtype
: eth_type
,
897 TCA_FLOWER_KEY_ARP_SIP
,
898 TCA_FLOWER_KEY_ARP_SIP_MASK
,
901 fprintf(stderr
, "Illegal \"arp_sip\"\n");
904 } else if (matches(*argv
, "arp_op") == 0) {
906 ret
= flower_parse_arp_op(*argv
, vlan_ethtype
?
907 vlan_ethtype
: eth_type
,
908 TCA_FLOWER_KEY_ARP_OP
,
909 TCA_FLOWER_KEY_ARP_OP_MASK
,
912 fprintf(stderr
, "Illegal \"arp_op\"\n");
915 } else if (matches(*argv
, "arp_tha") == 0) {
917 ret
= flower_parse_eth_addr(*argv
,
918 TCA_FLOWER_KEY_ARP_THA
,
919 TCA_FLOWER_KEY_ARP_THA_MASK
,
922 fprintf(stderr
, "Illegal \"arp_tha\"\n");
925 } else if (matches(*argv
, "arp_sha") == 0) {
927 ret
= flower_parse_eth_addr(*argv
,
928 TCA_FLOWER_KEY_ARP_SHA
,
929 TCA_FLOWER_KEY_ARP_SHA_MASK
,
932 fprintf(stderr
, "Illegal \"arp_sha\"\n");
935 } else if (matches(*argv
, "enc_dst_ip") == 0) {
937 ret
= flower_parse_ip_addr(*argv
, 0,
938 TCA_FLOWER_KEY_ENC_IPV4_DST
,
939 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK
,
940 TCA_FLOWER_KEY_ENC_IPV6_DST
,
941 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK
,
944 fprintf(stderr
, "Illegal \"enc_dst_ip\"\n");
947 } else if (matches(*argv
, "enc_src_ip") == 0) {
949 ret
= flower_parse_ip_addr(*argv
, 0,
950 TCA_FLOWER_KEY_ENC_IPV4_SRC
,
951 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK
,
952 TCA_FLOWER_KEY_ENC_IPV6_SRC
,
953 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK
,
956 fprintf(stderr
, "Illegal \"enc_src_ip\"\n");
959 } else if (matches(*argv
, "enc_key_id") == 0) {
961 ret
= flower_parse_key_id(*argv
,
962 TCA_FLOWER_KEY_ENC_KEY_ID
, n
);
964 fprintf(stderr
, "Illegal \"enc_key_id\"\n");
967 } else if (matches(*argv
, "enc_dst_port") == 0) {
969 ret
= flower_parse_enc_port(*argv
,
970 TCA_FLOWER_KEY_ENC_UDP_DST_PORT
, n
);
972 fprintf(stderr
, "Illegal \"enc_dst_port\"\n");
975 } else if (matches(*argv
, "action") == 0) {
977 ret
= parse_action(&argc
, &argv
, TCA_FLOWER_ACT
, n
);
979 fprintf(stderr
, "Illegal \"action\"\n");
983 } else if (strcmp(*argv
, "help") == 0) {
987 fprintf(stderr
, "What is \"%s\"?\n", *argv
);
995 ret
= addattr32(n
, MAX_MSG
, TCA_FLOWER_FLAGS
, flags
);
1000 ret
= addattr32(n
, MAX_MSG
, TCA_FLOWER_KEY_FLAGS
, htonl(mtf
));
1004 ret
= addattr32(n
, MAX_MSG
, TCA_FLOWER_KEY_FLAGS_MASK
, htonl(mtf_mask
));
1009 if (eth_type
!= htons(ETH_P_ALL
)) {
1010 ret
= addattr16(n
, MAX_MSG
, TCA_FLOWER_KEY_ETH_TYPE
, eth_type
);
1015 tail
->rta_len
= (((void *)n
)+n
->nlmsg_len
) - (void *)tail
;
1020 static int __mask_bits(char *addr
, size_t len
)
1027 for (i
= 0; i
< len
; i
++, addr
++) {
1028 for (j
= 7; j
>= 0; j
--) {
1029 if (((*addr
) >> j
) & 0x1) {
1043 static void flower_print_eth_addr(char *name
, struct rtattr
*addr_attr
,
1044 struct rtattr
*mask_attr
)
1046 SPRINT_BUF(namefrm
);
1052 if (!addr_attr
|| RTA_PAYLOAD(addr_attr
) != ETH_ALEN
)
1054 done
= sprintf(out
, "%s",
1055 ll_addr_n2a(RTA_DATA(addr_attr
), ETH_ALEN
,
1056 0, b1
, sizeof(b1
)));
1057 if (mask_attr
&& RTA_PAYLOAD(mask_attr
) == ETH_ALEN
) {
1058 bits
= __mask_bits(RTA_DATA(mask_attr
), ETH_ALEN
);
1060 sprintf(out
+ done
, "/%s",
1061 ll_addr_n2a(RTA_DATA(mask_attr
), ETH_ALEN
,
1062 0, b1
, sizeof(b1
)));
1063 else if (bits
< ETH_ALEN
* 8)
1064 sprintf(out
+ done
, "/%d", bits
);
1067 sprintf(namefrm
, "\n %s %%s", name
);
1068 print_string(PRINT_ANY
, name
, namefrm
, out
);
1071 static void flower_print_eth_type(__be16
*p_eth_type
,
1072 struct rtattr
*eth_type_attr
)
1080 eth_type
= rta_getattr_u16(eth_type_attr
);
1081 if (eth_type
== htons(ETH_P_IP
))
1082 sprintf(out
, "ipv4");
1083 else if (eth_type
== htons(ETH_P_IPV6
))
1084 sprintf(out
, "ipv6");
1085 else if (eth_type
== htons(ETH_P_ARP
))
1086 sprintf(out
, "arp");
1087 else if (eth_type
== htons(ETH_P_RARP
))
1088 sprintf(out
, "rarp");
1090 sprintf(out
, "%04x", ntohs(eth_type
));
1092 print_string(PRINT_ANY
, "eth_type", "\n eth_type %s", out
);
1093 *p_eth_type
= eth_type
;
1096 static void flower_print_ip_proto(__u8
*p_ip_proto
,
1097 struct rtattr
*ip_proto_attr
)
1105 ip_proto
= rta_getattr_u8(ip_proto_attr
);
1106 if (ip_proto
== IPPROTO_TCP
)
1107 sprintf(out
, "tcp");
1108 else if (ip_proto
== IPPROTO_UDP
)
1109 sprintf(out
, "udp");
1110 else if (ip_proto
== IPPROTO_SCTP
)
1111 sprintf(out
, "sctp");
1112 else if (ip_proto
== IPPROTO_ICMP
)
1113 sprintf(out
, "icmp");
1114 else if (ip_proto
== IPPROTO_ICMPV6
)
1115 sprintf(out
, "icmpv6");
1117 sprintf(out
, "%02x", ip_proto
);
1119 print_string(PRINT_ANY
, "ip_proto", "\n ip_proto %s", out
);
1120 *p_ip_proto
= ip_proto
;
1123 static void flower_print_ip_attr(char *name
, struct rtattr
*key_attr
,
1124 struct rtattr
*mask_attr
)
1126 SPRINT_BUF(namefrm
);
1133 done
= sprintf(out
, "%x", rta_getattr_u8(key_attr
));
1135 sprintf(out
+ done
, "/%x", rta_getattr_u8(mask_attr
));
1137 sprintf(namefrm
, "\n %s %%s", name
);
1138 print_string(PRINT_ANY
, name
, namefrm
, out
);
1141 static void flower_print_matching_flags(char *name
,
1142 enum flower_matching_flags type
,
1143 struct rtattr
*attr
,
1144 struct rtattr
*mask_attr
)
1151 if (!mask_attr
|| RTA_PAYLOAD(mask_attr
) != 4)
1154 mtf
= ntohl(rta_getattr_u32(attr
));
1155 mtf_mask
= ntohl(rta_getattr_u32(mask_attr
));
1157 for (i
= 0; i
< ARRAY_SIZE(flags_str
); i
++) {
1158 if (type
!= flags_str
[i
].type
)
1160 if (mtf_mask
& flags_str
[i
].flag
) {
1162 print_string(PRINT_FP
, NULL
, "\n %s ", name
);
1163 open_json_object(name
);
1165 print_string(PRINT_FP
, NULL
, "/", NULL
);
1168 print_bool(PRINT_JSON
, flags_str
[i
].string
, NULL
,
1169 mtf
& flags_str
[i
].flag
);
1170 if (mtf
& flags_str
[i
].flag
)
1171 print_string(PRINT_FP
, NULL
, "%s",
1172 flags_str
[i
].string
);
1174 print_string(PRINT_FP
, NULL
, "no%s",
1175 flags_str
[i
].string
);
1179 close_json_object();
1182 static void flower_print_ip_addr(char *name
, __be16 eth_type
,
1183 struct rtattr
*addr4_attr
,
1184 struct rtattr
*mask4_attr
,
1185 struct rtattr
*addr6_attr
,
1186 struct rtattr
*mask6_attr
)
1188 struct rtattr
*addr_attr
;
1189 struct rtattr
*mask_attr
;
1190 SPRINT_BUF(namefrm
);
1197 if (eth_type
== htons(ETH_P_IP
)) {
1199 addr_attr
= addr4_attr
;
1200 mask_attr
= mask4_attr
;
1202 } else if (eth_type
== htons(ETH_P_IPV6
)) {
1204 addr_attr
= addr6_attr
;
1205 mask_attr
= mask6_attr
;
1210 if (!addr_attr
|| RTA_PAYLOAD(addr_attr
) != len
)
1212 if (!mask_attr
|| RTA_PAYLOAD(mask_attr
) != len
)
1214 done
= sprintf(out
, "%s", rt_addr_n2a_rta(family
, addr_attr
));
1215 bits
= __mask_bits(RTA_DATA(mask_attr
), len
);
1217 sprintf(out
+ done
, "/%s", rt_addr_n2a_rta(family
, mask_attr
));
1218 else if (bits
< len
* 8)
1219 sprintf(out
+ done
, "/%d", bits
);
1221 sprintf(namefrm
, "\n %s %%s", name
);
1222 print_string(PRINT_ANY
, name
, namefrm
, out
);
1224 static void flower_print_ip4_addr(char *name
, struct rtattr
*addr_attr
,
1225 struct rtattr
*mask_attr
)
1227 return flower_print_ip_addr(name
, htons(ETH_P_IP
),
1228 addr_attr
, mask_attr
, 0, 0);
1231 static void flower_print_port(char *name
, struct rtattr
*attr
)
1233 SPRINT_BUF(namefrm
);
1238 sprintf(namefrm
,"\n %s %%u", name
);
1239 print_hu(PRINT_ANY
, name
, namefrm
, rta_getattr_be16(attr
));
1242 static void flower_print_tcp_flags(char *name
, struct rtattr
*flags_attr
,
1243 struct rtattr
*mask_attr
)
1245 SPRINT_BUF(namefrm
);
1252 done
= sprintf(out
, "%x", rta_getattr_be16(flags_attr
));
1254 sprintf(out
+ done
, "%x", rta_getattr_be16(flags_attr
));
1256 sprintf(namefrm
, "\n %s %%s", name
);
1257 print_string(PRINT_ANY
, name
, namefrm
, out
);
1261 static void flower_print_key_id(const char *name
, struct rtattr
*attr
)
1263 SPRINT_BUF(namefrm
);
1268 sprintf(namefrm
,"\n %s %%u", name
);
1269 print_uint(PRINT_ANY
, name
, namefrm
, rta_getattr_be32(attr
));
1272 static void flower_print_masked_u8(const char *name
, struct rtattr
*attr
,
1273 struct rtattr
*mask_attr
,
1274 const char *(*value_to_str
)(__u8 value
))
1276 const char *value_str
= NULL
;
1278 SPRINT_BUF(namefrm
);
1285 value
= rta_getattr_u8(attr
);
1286 mask
= mask_attr
? rta_getattr_u8(mask_attr
) : UINT8_MAX
;
1287 if (mask
== UINT8_MAX
&& value_to_str
)
1288 value_str
= value_to_str(value
);
1291 done
= sprintf(out
, "%s", value_str
);
1293 done
= sprintf(out
, "%d", value
);
1295 if (mask
!= UINT8_MAX
)
1296 sprintf(out
+ done
, "/%d", mask
);
1298 sprintf(namefrm
,"\n %s %%s", name
);
1299 print_string(PRINT_ANY
, name
, namefrm
, out
);
1302 static void flower_print_u8(const char *name
, struct rtattr
*attr
)
1304 flower_print_masked_u8(name
, attr
, NULL
, NULL
);
1307 static void flower_print_u32(const char *name
, struct rtattr
*attr
)
1309 SPRINT_BUF(namefrm
);
1314 sprintf(namefrm
,"\n %s %%u", name
);
1315 print_uint(PRINT_ANY
, name
, namefrm
, rta_getattr_u32(attr
));
1318 static void flower_print_arp_op(const char *name
,
1319 struct rtattr
*op_attr
,
1320 struct rtattr
*mask_attr
)
1322 flower_print_masked_u8(name
, op_attr
, mask_attr
,
1323 flower_print_arp_op_to_name
);
1326 static int flower_print_opt(struct filter_util
*qu
, FILE *f
,
1327 struct rtattr
*opt
, __u32 handle
)
1329 struct rtattr
*tb
[TCA_FLOWER_MAX
+ 1];
1330 int nl_type
, nl_mask_type
;
1331 __be16 eth_type
= 0;
1332 __u8 ip_proto
= 0xff;
1337 parse_rtattr_nested(tb
, TCA_FLOWER_MAX
, opt
);
1340 print_uint(PRINT_ANY
, "handle", "handle 0x%x ", handle
);
1342 if (tb
[TCA_FLOWER_CLASSID
]) {
1343 __u32 h
= rta_getattr_u32(tb
[TCA_FLOWER_CLASSID
]);
1345 if (TC_H_MIN(h
) < TC_H_MIN_PRIORITY
||
1346 TC_H_MIN(h
) > (TC_H_MIN_PRIORITY
+ TC_QOPT_MAX_QUEUE
- 1)) {
1348 print_string(PRINT_ANY
, "classid", "classid %s ",
1349 sprint_tc_classid(h
, b1
));
1351 print_uint(PRINT_ANY
, "hw_tc", "hw_tc %u ",
1352 TC_H_MIN(h
) - TC_H_MIN_PRIORITY
);
1356 if (tb
[TCA_FLOWER_INDEV
]) {
1357 struct rtattr
*attr
= tb
[TCA_FLOWER_INDEV
];
1359 print_string(PRINT_ANY
, "indev", "\n indev %s",
1360 rta_getattr_str(attr
));
1363 open_json_object("keys");
1365 if (tb
[TCA_FLOWER_KEY_VLAN_ID
]) {
1366 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_VLAN_ID
];
1368 print_uint(PRINT_ANY
, "vlan_id", "\n vlan_id %u",
1369 rta_getattr_u16(attr
));
1372 if (tb
[TCA_FLOWER_KEY_VLAN_PRIO
]) {
1373 struct rtattr
*attr
= tb
[TCA_FLOWER_KEY_VLAN_PRIO
];
1375 print_uint(PRINT_ANY
, "vlan_prio", "\n vlan_prio %d",
1376 rta_getattr_u8(attr
));
1379 flower_print_eth_addr("dst_mac", tb
[TCA_FLOWER_KEY_ETH_DST
],
1380 tb
[TCA_FLOWER_KEY_ETH_DST_MASK
]);
1381 flower_print_eth_addr("src_mac", tb
[TCA_FLOWER_KEY_ETH_SRC
],
1382 tb
[TCA_FLOWER_KEY_ETH_SRC_MASK
]);
1384 flower_print_eth_type(ð_type
, tb
[TCA_FLOWER_KEY_ETH_TYPE
]);
1385 flower_print_ip_proto(&ip_proto
, tb
[TCA_FLOWER_KEY_IP_PROTO
]);
1387 flower_print_ip_attr("ip_tos", tb
[TCA_FLOWER_KEY_IP_TOS
],
1388 tb
[TCA_FLOWER_KEY_IP_TOS_MASK
]);
1389 flower_print_ip_attr("ip_ttl", tb
[TCA_FLOWER_KEY_IP_TTL
],
1390 tb
[TCA_FLOWER_KEY_IP_TTL_MASK
]);
1392 flower_print_u32("mpls_label", tb
[TCA_FLOWER_KEY_MPLS_LABEL
]);
1393 flower_print_u8("mpls_tc", tb
[TCA_FLOWER_KEY_MPLS_TC
]);
1394 flower_print_u8("mpls_bos", tb
[TCA_FLOWER_KEY_MPLS_BOS
]);
1395 flower_print_u8("mpls_ttl", tb
[TCA_FLOWER_KEY_MPLS_TTL
]);
1397 flower_print_ip_addr("dst_ip", eth_type
,
1398 tb
[TCA_FLOWER_KEY_IPV4_DST
],
1399 tb
[TCA_FLOWER_KEY_IPV4_DST_MASK
],
1400 tb
[TCA_FLOWER_KEY_IPV6_DST
],
1401 tb
[TCA_FLOWER_KEY_IPV6_DST_MASK
]);
1403 flower_print_ip_addr("src_ip", eth_type
,
1404 tb
[TCA_FLOWER_KEY_IPV4_SRC
],
1405 tb
[TCA_FLOWER_KEY_IPV4_SRC_MASK
],
1406 tb
[TCA_FLOWER_KEY_IPV6_SRC
],
1407 tb
[TCA_FLOWER_KEY_IPV6_SRC_MASK
]);
1409 nl_type
= flower_port_attr_type(ip_proto
, FLOWER_ENDPOINT_DST
);
1411 flower_print_port("dst_port", tb
[nl_type
]);
1412 nl_type
= flower_port_attr_type(ip_proto
, FLOWER_ENDPOINT_SRC
);
1414 flower_print_port("src_port", tb
[nl_type
]);
1416 flower_print_tcp_flags("tcp_flags", tb
[TCA_FLOWER_KEY_TCP_FLAGS
],
1417 tb
[TCA_FLOWER_KEY_TCP_FLAGS_MASK
]);
1419 nl_type
= flower_icmp_attr_type(eth_type
, ip_proto
,
1420 FLOWER_ICMP_FIELD_TYPE
);
1421 nl_mask_type
= flower_icmp_attr_mask_type(eth_type
, ip_proto
,
1422 FLOWER_ICMP_FIELD_TYPE
);
1423 if (nl_type
>= 0 && nl_mask_type
>= 0)
1424 flower_print_masked_u8("icmp_type", tb
[nl_type
],
1425 tb
[nl_mask_type
], NULL
);
1427 nl_type
= flower_icmp_attr_type(eth_type
, ip_proto
,
1428 FLOWER_ICMP_FIELD_CODE
);
1429 nl_mask_type
= flower_icmp_attr_mask_type(eth_type
, ip_proto
,
1430 FLOWER_ICMP_FIELD_CODE
);
1431 if (nl_type
>= 0 && nl_mask_type
>= 0)
1432 flower_print_masked_u8("icmp_code", tb
[nl_type
],
1433 tb
[nl_mask_type
], NULL
);
1435 flower_print_ip4_addr("arp_sip", tb
[TCA_FLOWER_KEY_ARP_SIP
],
1436 tb
[TCA_FLOWER_KEY_ARP_SIP_MASK
]);
1437 flower_print_ip4_addr("arp_tip", tb
[TCA_FLOWER_KEY_ARP_TIP
],
1438 tb
[TCA_FLOWER_KEY_ARP_TIP_MASK
]);
1439 flower_print_arp_op("arp_op", tb
[TCA_FLOWER_KEY_ARP_OP
],
1440 tb
[TCA_FLOWER_KEY_ARP_OP_MASK
]);
1441 flower_print_eth_addr("arp_sha", tb
[TCA_FLOWER_KEY_ARP_SHA
],
1442 tb
[TCA_FLOWER_KEY_ARP_SHA_MASK
]);
1443 flower_print_eth_addr("arp_tha", tb
[TCA_FLOWER_KEY_ARP_THA
],
1444 tb
[TCA_FLOWER_KEY_ARP_THA_MASK
]);
1446 flower_print_ip_addr("enc_dst_ip",
1447 tb
[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK
] ?
1448 htons(ETH_P_IP
) : htons(ETH_P_IPV6
),
1449 tb
[TCA_FLOWER_KEY_ENC_IPV4_DST
],
1450 tb
[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK
],
1451 tb
[TCA_FLOWER_KEY_ENC_IPV6_DST
],
1452 tb
[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK
]);
1454 flower_print_ip_addr("enc_src_ip",
1455 tb
[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK
] ?
1456 htons(ETH_P_IP
) : htons(ETH_P_IPV6
),
1457 tb
[TCA_FLOWER_KEY_ENC_IPV4_SRC
],
1458 tb
[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK
],
1459 tb
[TCA_FLOWER_KEY_ENC_IPV6_SRC
],
1460 tb
[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK
]);
1462 flower_print_key_id("enc_key_id", tb
[TCA_FLOWER_KEY_ENC_KEY_ID
]);
1464 flower_print_port("enc_dst_port", tb
[TCA_FLOWER_KEY_ENC_UDP_DST_PORT
]);
1466 flower_print_matching_flags("ip_flags", FLOWER_IP_FLAGS
,
1467 tb
[TCA_FLOWER_KEY_FLAGS
],
1468 tb
[TCA_FLOWER_KEY_FLAGS_MASK
]);
1470 close_json_object();
1472 if (tb
[TCA_FLOWER_FLAGS
]) {
1473 __u32 flags
= rta_getattr_u32(tb
[TCA_FLOWER_FLAGS
]);
1475 if (flags
& TCA_CLS_FLAGS_SKIP_HW
)
1476 print_bool(PRINT_ANY
, "skip_hw", "\n skip_hw", true);
1477 if (flags
& TCA_CLS_FLAGS_SKIP_SW
)
1478 print_bool(PRINT_ANY
, "skip_sw", "\n skip_sw", true);
1480 if (flags
& TCA_CLS_FLAGS_IN_HW
)
1481 print_bool(PRINT_ANY
, "in_hw", "\n in_hw", true);
1482 else if (flags
& TCA_CLS_FLAGS_NOT_IN_HW
)
1483 print_bool(PRINT_ANY
, "not_in_hw", "\n not_in_hw", true);
1486 if (tb
[TCA_FLOWER_ACT
])
1487 tc_print_action(f
, tb
[TCA_FLOWER_ACT
], 0);
1492 struct filter_util flower_filter_util
= {
1494 .parse_fopt
= flower_parse_opt
,
1495 .print_fopt
= flower_print_opt
,