]> git.proxmox.com Git - mirror_iproute2.git/blob - tc/f_flower.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tc: Fix output of ip attributes
[mirror_iproute2.git] / tc / f_flower.c
1 /*
2 * f_flower.c Flower Classifier
3 *
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Jiri Pirko <jiri@resnulli.us>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <string.h>
16 #include <net/if.h>
17 #include <linux/if_arp.h>
18 #include <linux/if_ether.h>
19 #include <linux/ip.h>
20 #include <linux/tc_act/tc_vlan.h>
21 #include <linux/mpls.h>
22
23 #include "utils.h"
24 #include "tc_util.h"
25 #include "rt_names.h"
26
27 enum flower_matching_flags {
28 FLOWER_IP_FLAGS,
29 };
30
31 enum flower_endpoint {
32 FLOWER_ENDPOINT_SRC,
33 FLOWER_ENDPOINT_DST
34 };
35
36 enum flower_icmp_field {
37 FLOWER_ICMP_FIELD_TYPE,
38 FLOWER_ICMP_FIELD_CODE
39 };
40
41 static void explain(void)
42 {
43 fprintf(stderr,
44 "Usage: ... flower [ MATCH-LIST ] [ verbose ]\n"
45 " [ skip_sw | skip_hw ]\n"
46 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
47 "\n"
48 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
49 " MATCH := { indev DEV-NAME |\n"
50 " vlan_id VID |\n"
51 " vlan_prio PRIORITY |\n"
52 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
53 " dst_mac MASKED-LLADDR |\n"
54 " src_mac MASKED-LLADDR |\n"
55 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
56 " ip_tos MASKED-IP_TOS |\n"
57 " ip_ttl MASKED-IP_TTL |\n"
58 " mpls_label LABEL |\n"
59 " mpls_tc TC |\n"
60 " mpls_bos BOS |\n"
61 " mpls_ttl TTL |\n"
62 " dst_ip PREFIX |\n"
63 " src_ip PREFIX |\n"
64 " dst_port PORT-NUMBER |\n"
65 " src_port PORT-NUMBER |\n"
66 " tcp_flags MASKED-TCP_FLAGS |\n"
67 " type MASKED-ICMP-TYPE |\n"
68 " code MASKED-ICMP-CODE |\n"
69 " arp_tip IPV4-PREFIX |\n"
70 " arp_sip IPV4-PREFIX |\n"
71 " arp_op [ request | reply | OP ] |\n"
72 " arp_tha MASKED-LLADDR |\n"
73 " arp_sha MASKED-LLADDR |\n"
74 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
75 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
76 " enc_key_id [ KEY-ID ] |\n"
77 " ip_flags IP-FLAGS | \n"
78 " enc_dst_port [ port_number ] }\n"
79 " FILTERID := X:Y:Z\n"
80 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
81 " ACTION-SPEC := ... look at individual actions\n"
82 "\n"
83 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
84 "NOTE: There can be only used one mask per one prio. If user needs\n"
85 " to specify different mask, he has to use different prio.\n");
86 }
87
88 static int flower_parse_eth_addr(char *str, int addr_type, int mask_type,
89 struct nlmsghdr *n)
90 {
91 int ret, err = -1;
92 char addr[ETH_ALEN], *slash;
93
94 slash = strchr(str, '/');
95 if (slash)
96 *slash = '\0';
97
98 ret = ll_addr_a2n(addr, sizeof(addr), str);
99 if (ret < 0)
100 goto err;
101 addattr_l(n, MAX_MSG, addr_type, addr, sizeof(addr));
102
103 if (slash) {
104 unsigned bits;
105
106 if (!get_unsigned(&bits, slash + 1, 10)) {
107 uint64_t mask;
108
109 /* Extra 16 bit shift to push mac address into
110 * high bits of uint64_t
111 */
112 mask = htonll(0xffffffffffffULL << (16 + 48 - bits));
113 memcpy(addr, &mask, ETH_ALEN);
114 } else {
115 ret = ll_addr_a2n(addr, sizeof(addr), slash + 1);
116 if (ret < 0)
117 goto err;
118 }
119 } else {
120 memset(addr, 0xff, ETH_ALEN);
121 }
122 addattr_l(n, MAX_MSG, mask_type, addr, sizeof(addr));
123
124 err = 0;
125 err:
126 if (slash)
127 *slash = '/';
128 return err;
129 }
130
131 static int flower_parse_vlan_eth_type(char *str, __be16 eth_type, int type,
132 __be16 *p_vlan_eth_type,
133 struct nlmsghdr *n)
134 {
135 __be16 vlan_eth_type;
136
137 if (eth_type != htons(ETH_P_8021Q)) {
138 fprintf(stderr,
139 "Can't set \"vlan_ethtype\" if ethertype isn't 802.1Q\n");
140 return -1;
141 }
142
143 if (ll_proto_a2n(&vlan_eth_type, str))
144 invarg("invalid vlan_ethtype", str);
145 addattr16(n, MAX_MSG, type, vlan_eth_type);
146 *p_vlan_eth_type = vlan_eth_type;
147 return 0;
148 }
149
150 struct flag_to_string {
151 int flag;
152 enum flower_matching_flags type;
153 char *string;
154 };
155
156 static struct flag_to_string flags_str[] = {
157 { TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT, FLOWER_IP_FLAGS, "frag" },
158 { TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST, FLOWER_IP_FLAGS, "firstfrag" },
159 };
160
161 static int flower_parse_matching_flags(char *str,
162 enum flower_matching_flags type,
163 __u32 *mtf, __u32 *mtf_mask)
164 {
165 char *token;
166 bool no;
167 bool found;
168 int i;
169
170 token = strtok(str, "/");
171
172 while (token) {
173 if (!strncmp(token, "no", 2)) {
174 no = true;
175 token += 2;
176 } else
177 no = false;
178
179 found = false;
180 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
181 if (type != flags_str[i].type)
182 continue;
183
184 if (!strcmp(token, flags_str[i].string)) {
185 if (no)
186 *mtf &= ~flags_str[i].flag;
187 else
188 *mtf |= flags_str[i].flag;
189
190 *mtf_mask |= flags_str[i].flag;
191 found = true;
192 break;
193 }
194 }
195 if (!found)
196 return -1;
197
198 token = strtok(NULL, "/");
199 }
200
201 return 0;
202 }
203
204 static int flower_parse_ip_proto(char *str, __be16 eth_type, int type,
205 __u8 *p_ip_proto, struct nlmsghdr *n)
206 {
207 int ret;
208 __u8 ip_proto;
209
210 if (eth_type != htons(ETH_P_IP) && eth_type != htons(ETH_P_IPV6))
211 goto err;
212
213 if (matches(str, "tcp") == 0) {
214 ip_proto = IPPROTO_TCP;
215 } else if (matches(str, "udp") == 0) {
216 ip_proto = IPPROTO_UDP;
217 } else if (matches(str, "sctp") == 0) {
218 ip_proto = IPPROTO_SCTP;
219 } else if (matches(str, "icmp") == 0) {
220 if (eth_type != htons(ETH_P_IP))
221 goto err;
222 ip_proto = IPPROTO_ICMP;
223 } else if (matches(str, "icmpv6") == 0) {
224 if (eth_type != htons(ETH_P_IPV6))
225 goto err;
226 ip_proto = IPPROTO_ICMPV6;
227 } else {
228 ret = get_u8(&ip_proto, str, 16);
229 if (ret)
230 return -1;
231 }
232 addattr8(n, MAX_MSG, type, ip_proto);
233 *p_ip_proto = ip_proto;
234 return 0;
235
236 err:
237 fprintf(stderr, "Illegal \"eth_type\" for ip proto\n");
238 return -1;
239 }
240
241 static int __flower_parse_ip_addr(char *str, int family,
242 int addr4_type, int mask4_type,
243 int addr6_type, int mask6_type,
244 struct nlmsghdr *n)
245 {
246 int ret;
247 inet_prefix addr;
248 int bits;
249 int i;
250
251 ret = get_prefix(&addr, str, family);
252 if (ret)
253 return -1;
254
255 if (family && (addr.family != family)) {
256 fprintf(stderr, "Illegal \"eth_type\" for ip address\n");
257 return -1;
258 }
259
260 addattr_l(n, MAX_MSG, addr.family == AF_INET ? addr4_type : addr6_type,
261 addr.data, addr.bytelen);
262
263 memset(addr.data, 0xff, addr.bytelen);
264 bits = addr.bitlen;
265 for (i = 0; i < addr.bytelen / 4; i++) {
266 if (!bits) {
267 addr.data[i] = 0;
268 } else if (bits / 32 >= 1) {
269 bits -= 32;
270 } else {
271 addr.data[i] <<= 32 - bits;
272 addr.data[i] = htonl(addr.data[i]);
273 bits = 0;
274 }
275 }
276
277 addattr_l(n, MAX_MSG, addr.family == AF_INET ? mask4_type : mask6_type,
278 addr.data, addr.bytelen);
279
280 return 0;
281 }
282
283 static int flower_parse_ip_addr(char *str, __be16 eth_type,
284 int addr4_type, int mask4_type,
285 int addr6_type, int mask6_type,
286 struct nlmsghdr *n)
287 {
288 int family;
289
290 if (eth_type == htons(ETH_P_IP)) {
291 family = AF_INET;
292 } else if (eth_type == htons(ETH_P_IPV6)) {
293 family = AF_INET6;
294 } else if (!eth_type) {
295 family = AF_UNSPEC;
296 } else {
297 return -1;
298 }
299
300 return __flower_parse_ip_addr(str, family, addr4_type, mask4_type,
301 addr6_type, mask6_type, n);
302 }
303
304 static bool flower_eth_type_arp(__be16 eth_type)
305 {
306 return eth_type == htons(ETH_P_ARP) || eth_type == htons(ETH_P_RARP);
307 }
308
309 static int flower_parse_arp_ip_addr(char *str, __be16 eth_type,
310 int addr_type, int mask_type,
311 struct nlmsghdr *n)
312 {
313 if (!flower_eth_type_arp(eth_type))
314 return -1;
315
316 return __flower_parse_ip_addr(str, AF_INET, addr_type, mask_type,
317 TCA_FLOWER_UNSPEC, TCA_FLOWER_UNSPEC, n);
318 }
319
320 static int flower_parse_u8(char *str, int value_type, int mask_type,
321 int (*value_from_name)(const char *str,
322 __u8 *value),
323 bool (*value_validate)(__u8 value),
324 struct nlmsghdr *n)
325 {
326 char *slash;
327 int ret, err = -1;
328 __u8 value, mask;
329
330 slash = strchr(str, '/');
331 if (slash)
332 *slash = '\0';
333
334 ret = value_from_name ? value_from_name(str, &value) : -1;
335 if (ret < 0) {
336 ret = get_u8(&value, str, 10);
337 if (ret)
338 goto err;
339 }
340
341 if (value_validate && !value_validate(value))
342 goto err;
343
344 if (slash) {
345 ret = get_u8(&mask, slash + 1, 10);
346 if (ret)
347 goto err;
348 }
349 else {
350 mask = UINT8_MAX;
351 }
352
353 addattr8(n, MAX_MSG, value_type, value);
354 addattr8(n, MAX_MSG, mask_type, mask);
355
356 err = 0;
357 err:
358 if (slash)
359 *slash = '/';
360 return err;
361 }
362
363 static const char *flower_print_arp_op_to_name(__u8 op)
364 {
365 switch (op) {
366 case ARPOP_REQUEST:
367 return "request";
368 case ARPOP_REPLY:
369 return "reply";
370 default:
371 return NULL;
372 }
373 }
374
375 static int flower_arp_op_from_name(const char *name, __u8 *op)
376 {
377 if (!strcmp(name, "request"))
378 *op = ARPOP_REQUEST;
379 else if (!strcmp(name, "reply"))
380 *op = ARPOP_REPLY;
381 else
382 return -1;
383
384 return 0;
385 }
386
387 static bool flow_arp_op_validate(__u8 op)
388 {
389 return !op || op == ARPOP_REQUEST || op == ARPOP_REPLY;
390 }
391
392 static int flower_parse_arp_op(char *str, __be16 eth_type,
393 int op_type, int mask_type,
394 struct nlmsghdr *n)
395 {
396 if (!flower_eth_type_arp(eth_type))
397 return -1;
398
399 return flower_parse_u8(str, op_type, mask_type, flower_arp_op_from_name,
400 flow_arp_op_validate, n);
401 }
402
403 static int flower_icmp_attr_type(__be16 eth_type, __u8 ip_proto,
404 enum flower_icmp_field field)
405 {
406 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
407 return field == FLOWER_ICMP_FIELD_CODE ?
408 TCA_FLOWER_KEY_ICMPV4_CODE :
409 TCA_FLOWER_KEY_ICMPV4_TYPE;
410 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
411 return field == FLOWER_ICMP_FIELD_CODE ?
412 TCA_FLOWER_KEY_ICMPV6_CODE :
413 TCA_FLOWER_KEY_ICMPV6_TYPE;
414
415 return -1;
416 }
417
418 static int flower_icmp_attr_mask_type(__be16 eth_type, __u8 ip_proto,
419 enum flower_icmp_field field)
420 {
421 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
422 return field == FLOWER_ICMP_FIELD_CODE ?
423 TCA_FLOWER_KEY_ICMPV4_CODE_MASK :
424 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK;
425 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
426 return field == FLOWER_ICMP_FIELD_CODE ?
427 TCA_FLOWER_KEY_ICMPV6_CODE_MASK :
428 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK;
429
430 return -1;
431 }
432
433 static int flower_parse_icmp(char *str, __u16 eth_type, __u8 ip_proto,
434 enum flower_icmp_field field, struct nlmsghdr *n)
435 {
436 int value_type, mask_type;
437
438 value_type = flower_icmp_attr_type(eth_type, ip_proto, field);
439 mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto, field);
440 if (value_type < 0 || mask_type < 0)
441 return -1;
442
443 return flower_parse_u8(str, value_type, mask_type, NULL, NULL, n);
444 }
445
446 static int flower_port_attr_type(__u8 ip_proto, enum flower_endpoint endpoint)
447 {
448 if (ip_proto == IPPROTO_TCP)
449 return endpoint == FLOWER_ENDPOINT_SRC ?
450 TCA_FLOWER_KEY_TCP_SRC :
451 TCA_FLOWER_KEY_TCP_DST;
452 else if (ip_proto == IPPROTO_UDP)
453 return endpoint == FLOWER_ENDPOINT_SRC ?
454 TCA_FLOWER_KEY_UDP_SRC :
455 TCA_FLOWER_KEY_UDP_DST;
456 else if (ip_proto == IPPROTO_SCTP)
457 return endpoint == FLOWER_ENDPOINT_SRC ?
458 TCA_FLOWER_KEY_SCTP_SRC :
459 TCA_FLOWER_KEY_SCTP_DST;
460 else
461 return -1;
462 }
463
464 static int flower_parse_port(char *str, __u8 ip_proto,
465 enum flower_endpoint endpoint,
466 struct nlmsghdr *n)
467 {
468 int ret;
469 int type;
470 __be16 port;
471
472 type = flower_port_attr_type(ip_proto, endpoint);
473 if (type < 0)
474 return -1;
475
476 ret = get_be16(&port, str, 10);
477 if (ret)
478 return -1;
479
480 addattr16(n, MAX_MSG, type, port);
481
482 return 0;
483 }
484
485 #define TCP_FLAGS_MAX_MASK 0xfff
486
487 static int flower_parse_tcp_flags(char *str, int flags_type, int mask_type,
488 struct nlmsghdr *n)
489 {
490 char *slash;
491 int ret, err = -1;
492 __u16 flags;
493
494 slash = strchr(str, '/');
495 if (slash)
496 *slash = '\0';
497
498 ret = get_u16(&flags, str, 16);
499 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
500 goto err;
501
502 addattr16(n, MAX_MSG, flags_type, htons(flags));
503
504 if (slash) {
505 ret = get_u16(&flags, slash + 1, 16);
506 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
507 goto err;
508 } else {
509 flags = TCP_FLAGS_MAX_MASK;
510 }
511 addattr16(n, MAX_MSG, mask_type, htons(flags));
512
513 err = 0;
514 err:
515 if (slash)
516 *slash = '/';
517 return err;
518 }
519
520 static int flower_parse_ip_tos_ttl(char *str, int key_type, int mask_type,
521 struct nlmsghdr *n)
522 {
523 char *slash;
524 int ret, err = -1;
525 __u8 tos_ttl;
526
527 slash = strchr(str, '/');
528 if (slash)
529 *slash = '\0';
530
531 ret = get_u8(&tos_ttl, str, 10);
532 if (ret < 0)
533 ret = get_u8(&tos_ttl, str, 16);
534 if (ret < 0)
535 goto err;
536
537 addattr8(n, MAX_MSG, key_type, tos_ttl);
538
539 if (slash) {
540 ret = get_u8(&tos_ttl, slash + 1, 16);
541 if (ret < 0)
542 goto err;
543 } else {
544 tos_ttl = 0xff;
545 }
546 addattr8(n, MAX_MSG, mask_type, tos_ttl);
547
548 err = 0;
549 err:
550 if (slash)
551 *slash = '/';
552 return err;
553 }
554
555 static int flower_parse_key_id(const char *str, int type, struct nlmsghdr *n)
556 {
557 int ret;
558 __be32 key_id;
559
560 ret = get_be32(&key_id, str, 10);
561 if (!ret)
562 addattr32(n, MAX_MSG, type, key_id);
563
564 return ret;
565 }
566
567 static int flower_parse_enc_port(char *str, int type, struct nlmsghdr *n)
568 {
569 int ret;
570 __be16 port;
571
572 ret = get_be16(&port, str, 10);
573 if (ret)
574 return -1;
575
576 addattr16(n, MAX_MSG, type, port);
577
578 return 0;
579 }
580
581 static int flower_parse_opt(struct filter_util *qu, char *handle,
582 int argc, char **argv, struct nlmsghdr *n)
583 {
584 int ret;
585 struct tcmsg *t = NLMSG_DATA(n);
586 struct rtattr *tail;
587 __be16 eth_type = TC_H_MIN(t->tcm_info);
588 __be16 vlan_ethtype = 0;
589 __u8 ip_proto = 0xff;
590 __u32 flags = 0;
591 __u32 mtf = 0;
592 __u32 mtf_mask = 0;
593
594 if (handle) {
595 ret = get_u32(&t->tcm_handle, handle, 0);
596 if (ret) {
597 fprintf(stderr, "Illegal \"handle\"\n");
598 return -1;
599 }
600 }
601
602 tail = (struct rtattr *) (((void *) n) + NLMSG_ALIGN(n->nlmsg_len));
603 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0);
604
605 if (argc == 0) {
606 /*at minimal we will match all ethertype packets */
607 goto parse_done;
608 }
609
610 while (argc > 0) {
611 if (matches(*argv, "classid") == 0 ||
612 matches(*argv, "flowid") == 0) {
613 unsigned int handle;
614
615 NEXT_ARG();
616 ret = get_tc_classid(&handle, *argv);
617 if (ret) {
618 fprintf(stderr, "Illegal \"classid\"\n");
619 return -1;
620 }
621 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle, 4);
622 } else if (matches(*argv, "hw_tc") == 0) {
623 unsigned int handle;
624 __u32 tc;
625 char *end;
626
627 NEXT_ARG();
628 tc = strtoul(*argv, &end, 0);
629 if (*end) {
630 fprintf(stderr, "Illegal TC index\n");
631 return -1;
632 }
633 if (tc >= TC_QOPT_MAX_QUEUE) {
634 fprintf(stderr, "TC index exceeds max range\n");
635 return -1;
636 }
637 handle = TC_H_MAKE(TC_H_MAJ(t->tcm_parent),
638 TC_H_MIN(tc + TC_H_MIN_PRIORITY));
639 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle,
640 sizeof(handle));
641 } else if (matches(*argv, "ip_flags") == 0) {
642 NEXT_ARG();
643 ret = flower_parse_matching_flags(*argv,
644 FLOWER_IP_FLAGS,
645 &mtf,
646 &mtf_mask);
647 if (ret < 0) {
648 fprintf(stderr, "Illegal \"ip_flags\"\n");
649 return -1;
650 }
651 } else if (matches(*argv, "verbose") == 0) {
652 flags |= TCA_CLS_FLAGS_VERBOSE;
653 } else if (matches(*argv, "skip_hw") == 0) {
654 flags |= TCA_CLS_FLAGS_SKIP_HW;
655 } else if (matches(*argv, "skip_sw") == 0) {
656 flags |= TCA_CLS_FLAGS_SKIP_SW;
657 } else if (matches(*argv, "indev") == 0) {
658 NEXT_ARG();
659 if (check_ifname(*argv))
660 invarg("\"indev\" not a valid ifname", *argv);
661 addattrstrz(n, MAX_MSG, TCA_FLOWER_INDEV, *argv);
662 } else if (matches(*argv, "vlan_id") == 0) {
663 __u16 vid;
664
665 NEXT_ARG();
666 if (eth_type != htons(ETH_P_8021Q)) {
667 fprintf(stderr,
668 "Can't set \"vlan_id\" if ethertype isn't 802.1Q\n");
669 return -1;
670 }
671 ret = get_u16(&vid, *argv, 10);
672 if (ret < 0 || vid & ~0xfff) {
673 fprintf(stderr, "Illegal \"vlan_id\"\n");
674 return -1;
675 }
676 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_VLAN_ID, vid);
677 } else if (matches(*argv, "vlan_prio") == 0) {
678 __u8 vlan_prio;
679
680 NEXT_ARG();
681 if (eth_type != htons(ETH_P_8021Q)) {
682 fprintf(stderr,
683 "Can't set \"vlan_prio\" if ethertype isn't 802.1Q\n");
684 return -1;
685 }
686 ret = get_u8(&vlan_prio, *argv, 10);
687 if (ret < 0 || vlan_prio & ~0x7) {
688 fprintf(stderr, "Illegal \"vlan_prio\"\n");
689 return -1;
690 }
691 addattr8(n, MAX_MSG,
692 TCA_FLOWER_KEY_VLAN_PRIO, vlan_prio);
693 } else if (matches(*argv, "vlan_ethtype") == 0) {
694 NEXT_ARG();
695 ret = flower_parse_vlan_eth_type(*argv, eth_type,
696 TCA_FLOWER_KEY_VLAN_ETH_TYPE,
697 &vlan_ethtype, n);
698 if (ret < 0)
699 return -1;
700 } else if (matches(*argv, "mpls_label") == 0) {
701 __u32 label;
702
703 NEXT_ARG();
704 if (eth_type != htons(ETH_P_MPLS_UC) &&
705 eth_type != htons(ETH_P_MPLS_MC)) {
706 fprintf(stderr,
707 "Can't set \"mpls_label\" if ethertype isn't MPLS\n");
708 return -1;
709 }
710 ret = get_u32(&label, *argv, 10);
711 if (ret < 0 || label & ~(MPLS_LS_LABEL_MASK >> MPLS_LS_LABEL_SHIFT)) {
712 fprintf(stderr, "Illegal \"mpls_label\"\n");
713 return -1;
714 }
715 addattr32(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_LABEL, label);
716 } else if (matches(*argv, "mpls_tc") == 0) {
717 __u8 tc;
718
719 NEXT_ARG();
720 if (eth_type != htons(ETH_P_MPLS_UC) &&
721 eth_type != htons(ETH_P_MPLS_MC)) {
722 fprintf(stderr,
723 "Can't set \"mpls_tc\" if ethertype isn't MPLS\n");
724 return -1;
725 }
726 ret = get_u8(&tc, *argv, 10);
727 if (ret < 0 || tc & ~(MPLS_LS_TC_MASK >> MPLS_LS_TC_SHIFT)) {
728 fprintf(stderr, "Illegal \"mpls_tc\"\n");
729 return -1;
730 }
731 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TC, tc);
732 } else if (matches(*argv, "mpls_bos") == 0) {
733 __u8 bos;
734
735 NEXT_ARG();
736 if (eth_type != htons(ETH_P_MPLS_UC) &&
737 eth_type != htons(ETH_P_MPLS_MC)) {
738 fprintf(stderr,
739 "Can't set \"mpls_bos\" if ethertype isn't MPLS\n");
740 return -1;
741 }
742 ret = get_u8(&bos, *argv, 10);
743 if (ret < 0 || bos & ~(MPLS_LS_S_MASK >> MPLS_LS_S_SHIFT)) {
744 fprintf(stderr, "Illegal \"mpls_bos\"\n");
745 return -1;
746 }
747 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_BOS, bos);
748 } else if (matches(*argv, "mpls_ttl") == 0) {
749 __u8 ttl;
750
751 NEXT_ARG();
752 if (eth_type != htons(ETH_P_MPLS_UC) &&
753 eth_type != htons(ETH_P_MPLS_MC)) {
754 fprintf(stderr,
755 "Can't set \"mpls_ttl\" if ethertype isn't MPLS\n");
756 return -1;
757 }
758 ret = get_u8(&ttl, *argv, 10);
759 if (ret < 0 || ttl & ~(MPLS_LS_TTL_MASK >> MPLS_LS_TTL_SHIFT)) {
760 fprintf(stderr, "Illegal \"mpls_ttl\"\n");
761 return -1;
762 }
763 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TTL, ttl);
764 } else if (matches(*argv, "dst_mac") == 0) {
765 NEXT_ARG();
766 ret = flower_parse_eth_addr(*argv,
767 TCA_FLOWER_KEY_ETH_DST,
768 TCA_FLOWER_KEY_ETH_DST_MASK,
769 n);
770 if (ret < 0) {
771 fprintf(stderr, "Illegal \"dst_mac\"\n");
772 return -1;
773 }
774 } else if (matches(*argv, "src_mac") == 0) {
775 NEXT_ARG();
776 ret = flower_parse_eth_addr(*argv,
777 TCA_FLOWER_KEY_ETH_SRC,
778 TCA_FLOWER_KEY_ETH_SRC_MASK,
779 n);
780 if (ret < 0) {
781 fprintf(stderr, "Illegal \"src_mac\"\n");
782 return -1;
783 }
784 } else if (matches(*argv, "ip_proto") == 0) {
785 NEXT_ARG();
786 ret = flower_parse_ip_proto(*argv, vlan_ethtype ?
787 vlan_ethtype : eth_type,
788 TCA_FLOWER_KEY_IP_PROTO,
789 &ip_proto, n);
790 if (ret < 0) {
791 fprintf(stderr, "Illegal \"ip_proto\"\n");
792 return -1;
793 }
794 } else if (matches(*argv, "ip_tos") == 0) {
795 NEXT_ARG();
796 ret = flower_parse_ip_tos_ttl(*argv,
797 TCA_FLOWER_KEY_IP_TOS,
798 TCA_FLOWER_KEY_IP_TOS_MASK,
799 n);
800 if (ret < 0) {
801 fprintf(stderr, "Illegal \"ip_tos\"\n");
802 return -1;
803 }
804 } else if (matches(*argv, "ip_ttl") == 0) {
805 NEXT_ARG();
806 ret = flower_parse_ip_tos_ttl(*argv,
807 TCA_FLOWER_KEY_IP_TTL,
808 TCA_FLOWER_KEY_IP_TTL_MASK,
809 n);
810 if (ret < 0) {
811 fprintf(stderr, "Illegal \"ip_ttl\"\n");
812 return -1;
813 }
814 } else if (matches(*argv, "dst_ip") == 0) {
815 NEXT_ARG();
816 ret = flower_parse_ip_addr(*argv, vlan_ethtype ?
817 vlan_ethtype : eth_type,
818 TCA_FLOWER_KEY_IPV4_DST,
819 TCA_FLOWER_KEY_IPV4_DST_MASK,
820 TCA_FLOWER_KEY_IPV6_DST,
821 TCA_FLOWER_KEY_IPV6_DST_MASK,
822 n);
823 if (ret < 0) {
824 fprintf(stderr, "Illegal \"dst_ip\"\n");
825 return -1;
826 }
827 } else if (matches(*argv, "src_ip") == 0) {
828 NEXT_ARG();
829 ret = flower_parse_ip_addr(*argv, vlan_ethtype ?
830 vlan_ethtype : eth_type,
831 TCA_FLOWER_KEY_IPV4_SRC,
832 TCA_FLOWER_KEY_IPV4_SRC_MASK,
833 TCA_FLOWER_KEY_IPV6_SRC,
834 TCA_FLOWER_KEY_IPV6_SRC_MASK,
835 n);
836 if (ret < 0) {
837 fprintf(stderr, "Illegal \"src_ip\"\n");
838 return -1;
839 }
840 } else if (matches(*argv, "dst_port") == 0) {
841 NEXT_ARG();
842 ret = flower_parse_port(*argv, ip_proto,
843 FLOWER_ENDPOINT_DST, n);
844 if (ret < 0) {
845 fprintf(stderr, "Illegal \"dst_port\"\n");
846 return -1;
847 }
848 } else if (matches(*argv, "src_port") == 0) {
849 NEXT_ARG();
850 ret = flower_parse_port(*argv, ip_proto,
851 FLOWER_ENDPOINT_SRC, n);
852 if (ret < 0) {
853 fprintf(stderr, "Illegal \"src_port\"\n");
854 return -1;
855 }
856 } else if (matches(*argv, "tcp_flags") == 0) {
857 NEXT_ARG();
858 ret = flower_parse_tcp_flags(*argv,
859 TCA_FLOWER_KEY_TCP_FLAGS,
860 TCA_FLOWER_KEY_TCP_FLAGS_MASK,
861 n);
862 if (ret < 0) {
863 fprintf(stderr, "Illegal \"tcp_flags\"\n");
864 return -1;
865 }
866 } else if (matches(*argv, "type") == 0) {
867 NEXT_ARG();
868 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
869 FLOWER_ICMP_FIELD_TYPE, n);
870 if (ret < 0) {
871 fprintf(stderr, "Illegal \"icmp type\"\n");
872 return -1;
873 }
874 } else if (matches(*argv, "code") == 0) {
875 NEXT_ARG();
876 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
877 FLOWER_ICMP_FIELD_CODE, n);
878 if (ret < 0) {
879 fprintf(stderr, "Illegal \"icmp code\"\n");
880 return -1;
881 }
882 } else if (matches(*argv, "arp_tip") == 0) {
883 NEXT_ARG();
884 ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
885 vlan_ethtype : eth_type,
886 TCA_FLOWER_KEY_ARP_TIP,
887 TCA_FLOWER_KEY_ARP_TIP_MASK,
888 n);
889 if (ret < 0) {
890 fprintf(stderr, "Illegal \"arp_tip\"\n");
891 return -1;
892 }
893 } else if (matches(*argv, "arp_sip") == 0) {
894 NEXT_ARG();
895 ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
896 vlan_ethtype : eth_type,
897 TCA_FLOWER_KEY_ARP_SIP,
898 TCA_FLOWER_KEY_ARP_SIP_MASK,
899 n);
900 if (ret < 0) {
901 fprintf(stderr, "Illegal \"arp_sip\"\n");
902 return -1;
903 }
904 } else if (matches(*argv, "arp_op") == 0) {
905 NEXT_ARG();
906 ret = flower_parse_arp_op(*argv, vlan_ethtype ?
907 vlan_ethtype : eth_type,
908 TCA_FLOWER_KEY_ARP_OP,
909 TCA_FLOWER_KEY_ARP_OP_MASK,
910 n);
911 if (ret < 0) {
912 fprintf(stderr, "Illegal \"arp_op\"\n");
913 return -1;
914 }
915 } else if (matches(*argv, "arp_tha") == 0) {
916 NEXT_ARG();
917 ret = flower_parse_eth_addr(*argv,
918 TCA_FLOWER_KEY_ARP_THA,
919 TCA_FLOWER_KEY_ARP_THA_MASK,
920 n);
921 if (ret < 0) {
922 fprintf(stderr, "Illegal \"arp_tha\"\n");
923 return -1;
924 }
925 } else if (matches(*argv, "arp_sha") == 0) {
926 NEXT_ARG();
927 ret = flower_parse_eth_addr(*argv,
928 TCA_FLOWER_KEY_ARP_SHA,
929 TCA_FLOWER_KEY_ARP_SHA_MASK,
930 n);
931 if (ret < 0) {
932 fprintf(stderr, "Illegal \"arp_sha\"\n");
933 return -1;
934 }
935 } else if (matches(*argv, "enc_dst_ip") == 0) {
936 NEXT_ARG();
937 ret = flower_parse_ip_addr(*argv, 0,
938 TCA_FLOWER_KEY_ENC_IPV4_DST,
939 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
940 TCA_FLOWER_KEY_ENC_IPV6_DST,
941 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
942 n);
943 if (ret < 0) {
944 fprintf(stderr, "Illegal \"enc_dst_ip\"\n");
945 return -1;
946 }
947 } else if (matches(*argv, "enc_src_ip") == 0) {
948 NEXT_ARG();
949 ret = flower_parse_ip_addr(*argv, 0,
950 TCA_FLOWER_KEY_ENC_IPV4_SRC,
951 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
952 TCA_FLOWER_KEY_ENC_IPV6_SRC,
953 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
954 n);
955 if (ret < 0) {
956 fprintf(stderr, "Illegal \"enc_src_ip\"\n");
957 return -1;
958 }
959 } else if (matches(*argv, "enc_key_id") == 0) {
960 NEXT_ARG();
961 ret = flower_parse_key_id(*argv,
962 TCA_FLOWER_KEY_ENC_KEY_ID, n);
963 if (ret < 0) {
964 fprintf(stderr, "Illegal \"enc_key_id\"\n");
965 return -1;
966 }
967 } else if (matches(*argv, "enc_dst_port") == 0) {
968 NEXT_ARG();
969 ret = flower_parse_enc_port(*argv,
970 TCA_FLOWER_KEY_ENC_UDP_DST_PORT, n);
971 if (ret < 0) {
972 fprintf(stderr, "Illegal \"enc_dst_port\"\n");
973 return -1;
974 }
975 } else if (matches(*argv, "action") == 0) {
976 NEXT_ARG();
977 ret = parse_action(&argc, &argv, TCA_FLOWER_ACT, n);
978 if (ret) {
979 fprintf(stderr, "Illegal \"action\"\n");
980 return -1;
981 }
982 continue;
983 } else if (strcmp(*argv, "help") == 0) {
984 explain();
985 return -1;
986 } else {
987 fprintf(stderr, "What is \"%s\"?\n", *argv);
988 explain();
989 return -1;
990 }
991 argc--; argv++;
992 }
993
994 parse_done:
995 ret = addattr32(n, MAX_MSG, TCA_FLOWER_FLAGS, flags);
996 if (ret)
997 return ret;
998
999 if (mtf_mask) {
1000 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS, htonl(mtf));
1001 if (ret)
1002 return ret;
1003
1004 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS_MASK, htonl(mtf_mask));
1005 if (ret)
1006 return ret;
1007 }
1008
1009 if (eth_type != htons(ETH_P_ALL)) {
1010 ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, eth_type);
1011 if (ret)
1012 return ret;
1013 }
1014
1015 tail->rta_len = (((void *)n)+n->nlmsg_len) - (void *)tail;
1016
1017 return 0;
1018 }
1019
1020 static int __mask_bits(char *addr, size_t len)
1021 {
1022 int bits = 0;
1023 bool hole = false;
1024 int i;
1025 int j;
1026
1027 for (i = 0; i < len; i++, addr++) {
1028 for (j = 7; j >= 0; j--) {
1029 if (((*addr) >> j) & 0x1) {
1030 if (hole)
1031 return -1;
1032 bits++;
1033 } else if (bits) {
1034 hole = true;
1035 } else{
1036 return -1;
1037 }
1038 }
1039 }
1040 return bits;
1041 }
1042
1043 static void flower_print_eth_addr(char *name, struct rtattr *addr_attr,
1044 struct rtattr *mask_attr)
1045 {
1046 SPRINT_BUF(namefrm);
1047 SPRINT_BUF(out);
1048 SPRINT_BUF(b1);
1049 size_t done;
1050 int bits;
1051
1052 if (!addr_attr || RTA_PAYLOAD(addr_attr) != ETH_ALEN)
1053 return;
1054 done = sprintf(out, "%s",
1055 ll_addr_n2a(RTA_DATA(addr_attr), ETH_ALEN,
1056 0, b1, sizeof(b1)));
1057 if (mask_attr && RTA_PAYLOAD(mask_attr) == ETH_ALEN) {
1058 bits = __mask_bits(RTA_DATA(mask_attr), ETH_ALEN);
1059 if (bits < 0)
1060 sprintf(out + done, "/%s",
1061 ll_addr_n2a(RTA_DATA(mask_attr), ETH_ALEN,
1062 0, b1, sizeof(b1)));
1063 else if (bits < ETH_ALEN * 8)
1064 sprintf(out + done, "/%d", bits);
1065 }
1066
1067 sprintf(namefrm, "\n %s %%s", name);
1068 print_string(PRINT_ANY, name, namefrm, out);
1069 }
1070
1071 static void flower_print_eth_type(__be16 *p_eth_type,
1072 struct rtattr *eth_type_attr)
1073 {
1074 SPRINT_BUF(out);
1075 __be16 eth_type;
1076
1077 if (!eth_type_attr)
1078 return;
1079
1080 eth_type = rta_getattr_u16(eth_type_attr);
1081 if (eth_type == htons(ETH_P_IP))
1082 sprintf(out, "ipv4");
1083 else if (eth_type == htons(ETH_P_IPV6))
1084 sprintf(out, "ipv6");
1085 else if (eth_type == htons(ETH_P_ARP))
1086 sprintf(out, "arp");
1087 else if (eth_type == htons(ETH_P_RARP))
1088 sprintf(out, "rarp");
1089 else
1090 sprintf(out, "%04x", ntohs(eth_type));
1091
1092 print_string(PRINT_ANY, "eth_type", "\n eth_type %s", out);
1093 *p_eth_type = eth_type;
1094 }
1095
1096 static void flower_print_ip_proto(__u8 *p_ip_proto,
1097 struct rtattr *ip_proto_attr)
1098 {
1099 SPRINT_BUF(out);
1100 __u8 ip_proto;
1101
1102 if (!ip_proto_attr)
1103 return;
1104
1105 ip_proto = rta_getattr_u8(ip_proto_attr);
1106 if (ip_proto == IPPROTO_TCP)
1107 sprintf(out, "tcp");
1108 else if (ip_proto == IPPROTO_UDP)
1109 sprintf(out, "udp");
1110 else if (ip_proto == IPPROTO_SCTP)
1111 sprintf(out, "sctp");
1112 else if (ip_proto == IPPROTO_ICMP)
1113 sprintf(out, "icmp");
1114 else if (ip_proto == IPPROTO_ICMPV6)
1115 sprintf(out, "icmpv6");
1116 else
1117 sprintf(out, "%02x", ip_proto);
1118
1119 print_string(PRINT_ANY, "ip_proto", "\n ip_proto %s", out);
1120 *p_ip_proto = ip_proto;
1121 }
1122
1123 static void flower_print_ip_attr(char *name, struct rtattr *key_attr,
1124 struct rtattr *mask_attr)
1125 {
1126 SPRINT_BUF(namefrm);
1127 SPRINT_BUF(out);
1128 size_t done;
1129
1130 if (!key_attr)
1131 return;
1132
1133 done = sprintf(out, "%x", rta_getattr_u8(key_attr));
1134 if (mask_attr)
1135 sprintf(out + done, "/%x", rta_getattr_u8(mask_attr));
1136
1137 sprintf(namefrm, "\n %s %%s", name);
1138 print_string(PRINT_ANY, name, namefrm, out);
1139 }
1140
1141 static void flower_print_matching_flags(char *name,
1142 enum flower_matching_flags type,
1143 struct rtattr *attr,
1144 struct rtattr *mask_attr)
1145 {
1146 int i;
1147 int count = 0;
1148 __u32 mtf;
1149 __u32 mtf_mask;
1150
1151 if (!mask_attr || RTA_PAYLOAD(mask_attr) != 4)
1152 return;
1153
1154 mtf = ntohl(rta_getattr_u32(attr));
1155 mtf_mask = ntohl(rta_getattr_u32(mask_attr));
1156
1157 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
1158 if (type != flags_str[i].type)
1159 continue;
1160 if (mtf_mask & flags_str[i].flag) {
1161 if (++count == 1) {
1162 print_string(PRINT_FP, NULL, "\n %s ", name);
1163 open_json_object(name);
1164 } else {
1165 print_string(PRINT_FP, NULL, "/", NULL);
1166 }
1167
1168 print_bool(PRINT_JSON, flags_str[i].string, NULL,
1169 mtf & flags_str[i].flag);
1170 if (mtf & flags_str[i].flag)
1171 print_string(PRINT_FP, NULL, "%s",
1172 flags_str[i].string);
1173 else
1174 print_string(PRINT_FP, NULL, "no%s",
1175 flags_str[i].string);
1176 }
1177 }
1178 if (count)
1179 close_json_object();
1180 }
1181
1182 static void flower_print_ip_addr(char *name, __be16 eth_type,
1183 struct rtattr *addr4_attr,
1184 struct rtattr *mask4_attr,
1185 struct rtattr *addr6_attr,
1186 struct rtattr *mask6_attr)
1187 {
1188 struct rtattr *addr_attr;
1189 struct rtattr *mask_attr;
1190 SPRINT_BUF(namefrm);
1191 SPRINT_BUF(out);
1192 size_t done;
1193 int family;
1194 size_t len;
1195 int bits;
1196
1197 if (eth_type == htons(ETH_P_IP)) {
1198 family = AF_INET;
1199 addr_attr = addr4_attr;
1200 mask_attr = mask4_attr;
1201 len = 4;
1202 } else if (eth_type == htons(ETH_P_IPV6)) {
1203 family = AF_INET6;
1204 addr_attr = addr6_attr;
1205 mask_attr = mask6_attr;
1206 len = 16;
1207 } else {
1208 return;
1209 }
1210 if (!addr_attr || RTA_PAYLOAD(addr_attr) != len)
1211 return;
1212 if (!mask_attr || RTA_PAYLOAD(mask_attr) != len)
1213 return;
1214 done = sprintf(out, "%s", rt_addr_n2a_rta(family, addr_attr));
1215 bits = __mask_bits(RTA_DATA(mask_attr), len);
1216 if (bits < 0)
1217 sprintf(out + done, "/%s", rt_addr_n2a_rta(family, mask_attr));
1218 else if (bits < len * 8)
1219 sprintf(out + done, "/%d", bits);
1220
1221 sprintf(namefrm, "\n %s %%s", name);
1222 print_string(PRINT_ANY, name, namefrm, out);
1223 }
1224 static void flower_print_ip4_addr(char *name, struct rtattr *addr_attr,
1225 struct rtattr *mask_attr)
1226 {
1227 return flower_print_ip_addr(name, htons(ETH_P_IP),
1228 addr_attr, mask_attr, 0, 0);
1229 }
1230
1231 static void flower_print_port(char *name, struct rtattr *attr)
1232 {
1233 SPRINT_BUF(namefrm);
1234
1235 if (!attr)
1236 return;
1237
1238 sprintf(namefrm,"\n %s %%u", name);
1239 print_hu(PRINT_ANY, name, namefrm, rta_getattr_be16(attr));
1240 }
1241
1242 static void flower_print_tcp_flags(char *name, struct rtattr *flags_attr,
1243 struct rtattr *mask_attr)
1244 {
1245 SPRINT_BUF(namefrm);
1246 SPRINT_BUF(out);
1247 size_t done;
1248
1249 if (!flags_attr)
1250 return;
1251
1252 done = sprintf(out, "%x", rta_getattr_be16(flags_attr));
1253 if (mask_attr)
1254 sprintf(out + done, "%x", rta_getattr_be16(flags_attr));
1255
1256 sprintf(namefrm, "\n %s %%s", name);
1257 print_string(PRINT_ANY, name, namefrm, out);
1258 }
1259
1260
1261 static void flower_print_key_id(const char *name, struct rtattr *attr)
1262 {
1263 SPRINT_BUF(namefrm);
1264
1265 if (!attr)
1266 return;
1267
1268 sprintf(namefrm,"\n %s %%u", name);
1269 print_uint(PRINT_ANY, name, namefrm, rta_getattr_be32(attr));
1270 }
1271
1272 static void flower_print_masked_u8(const char *name, struct rtattr *attr,
1273 struct rtattr *mask_attr,
1274 const char *(*value_to_str)(__u8 value))
1275 {
1276 const char *value_str = NULL;
1277 __u8 value, mask;
1278 SPRINT_BUF(namefrm);
1279 SPRINT_BUF(out);
1280 size_t done;
1281
1282 if (!attr)
1283 return;
1284
1285 value = rta_getattr_u8(attr);
1286 mask = mask_attr ? rta_getattr_u8(mask_attr) : UINT8_MAX;
1287 if (mask == UINT8_MAX && value_to_str)
1288 value_str = value_to_str(value);
1289
1290 if (value_str)
1291 done = sprintf(out, "%s", value_str);
1292 else
1293 done = sprintf(out, "%d", value);
1294
1295 if (mask != UINT8_MAX)
1296 sprintf(out + done, "/%d", mask);
1297
1298 sprintf(namefrm,"\n %s %%s", name);
1299 print_string(PRINT_ANY, name, namefrm, out);
1300 }
1301
1302 static void flower_print_u8(const char *name, struct rtattr *attr)
1303 {
1304 flower_print_masked_u8(name, attr, NULL, NULL);
1305 }
1306
1307 static void flower_print_u32(const char *name, struct rtattr *attr)
1308 {
1309 SPRINT_BUF(namefrm);
1310
1311 if (!attr)
1312 return;
1313
1314 sprintf(namefrm,"\n %s %%u", name);
1315 print_uint(PRINT_ANY, name, namefrm, rta_getattr_u32(attr));
1316 }
1317
1318 static void flower_print_arp_op(const char *name,
1319 struct rtattr *op_attr,
1320 struct rtattr *mask_attr)
1321 {
1322 flower_print_masked_u8(name, op_attr, mask_attr,
1323 flower_print_arp_op_to_name);
1324 }
1325
1326 static int flower_print_opt(struct filter_util *qu, FILE *f,
1327 struct rtattr *opt, __u32 handle)
1328 {
1329 struct rtattr *tb[TCA_FLOWER_MAX + 1];
1330 int nl_type, nl_mask_type;
1331 __be16 eth_type = 0;
1332 __u8 ip_proto = 0xff;
1333
1334 if (!opt)
1335 return 0;
1336
1337 parse_rtattr_nested(tb, TCA_FLOWER_MAX, opt);
1338
1339 if (handle)
1340 print_uint(PRINT_ANY, "handle", "handle 0x%x ", handle);
1341
1342 if (tb[TCA_FLOWER_CLASSID]) {
1343 __u32 h = rta_getattr_u32(tb[TCA_FLOWER_CLASSID]);
1344
1345 if (TC_H_MIN(h) < TC_H_MIN_PRIORITY ||
1346 TC_H_MIN(h) > (TC_H_MIN_PRIORITY + TC_QOPT_MAX_QUEUE - 1)) {
1347 SPRINT_BUF(b1);
1348 print_string(PRINT_ANY, "classid", "classid %s ",
1349 sprint_tc_classid(h, b1));
1350 } else {
1351 print_uint(PRINT_ANY, "hw_tc", "hw_tc %u ",
1352 TC_H_MIN(h) - TC_H_MIN_PRIORITY);
1353 }
1354 }
1355
1356 if (tb[TCA_FLOWER_INDEV]) {
1357 struct rtattr *attr = tb[TCA_FLOWER_INDEV];
1358
1359 print_string(PRINT_ANY, "indev", "\n indev %s",
1360 rta_getattr_str(attr));
1361 }
1362
1363 open_json_object("keys");
1364
1365 if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
1366 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ID];
1367
1368 print_uint(PRINT_ANY, "vlan_id", "\n vlan_id %u",
1369 rta_getattr_u16(attr));
1370 }
1371
1372 if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
1373 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_PRIO];
1374
1375 print_uint(PRINT_ANY, "vlan_prio", "\n vlan_prio %d",
1376 rta_getattr_u8(attr));
1377 }
1378
1379 flower_print_eth_addr("dst_mac", tb[TCA_FLOWER_KEY_ETH_DST],
1380 tb[TCA_FLOWER_KEY_ETH_DST_MASK]);
1381 flower_print_eth_addr("src_mac", tb[TCA_FLOWER_KEY_ETH_SRC],
1382 tb[TCA_FLOWER_KEY_ETH_SRC_MASK]);
1383
1384 flower_print_eth_type(&eth_type, tb[TCA_FLOWER_KEY_ETH_TYPE]);
1385 flower_print_ip_proto(&ip_proto, tb[TCA_FLOWER_KEY_IP_PROTO]);
1386
1387 flower_print_ip_attr("ip_tos", tb[TCA_FLOWER_KEY_IP_TOS],
1388 tb[TCA_FLOWER_KEY_IP_TOS_MASK]);
1389 flower_print_ip_attr("ip_ttl", tb[TCA_FLOWER_KEY_IP_TTL],
1390 tb[TCA_FLOWER_KEY_IP_TTL_MASK]);
1391
1392 flower_print_u32("mpls_label", tb[TCA_FLOWER_KEY_MPLS_LABEL]);
1393 flower_print_u8("mpls_tc", tb[TCA_FLOWER_KEY_MPLS_TC]);
1394 flower_print_u8("mpls_bos", tb[TCA_FLOWER_KEY_MPLS_BOS]);
1395 flower_print_u8("mpls_ttl", tb[TCA_FLOWER_KEY_MPLS_TTL]);
1396
1397 flower_print_ip_addr("dst_ip", eth_type,
1398 tb[TCA_FLOWER_KEY_IPV4_DST],
1399 tb[TCA_FLOWER_KEY_IPV4_DST_MASK],
1400 tb[TCA_FLOWER_KEY_IPV6_DST],
1401 tb[TCA_FLOWER_KEY_IPV6_DST_MASK]);
1402
1403 flower_print_ip_addr("src_ip", eth_type,
1404 tb[TCA_FLOWER_KEY_IPV4_SRC],
1405 tb[TCA_FLOWER_KEY_IPV4_SRC_MASK],
1406 tb[TCA_FLOWER_KEY_IPV6_SRC],
1407 tb[TCA_FLOWER_KEY_IPV6_SRC_MASK]);
1408
1409 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_DST);
1410 if (nl_type >= 0)
1411 flower_print_port("dst_port", tb[nl_type]);
1412 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_SRC);
1413 if (nl_type >= 0)
1414 flower_print_port("src_port", tb[nl_type]);
1415
1416 flower_print_tcp_flags("tcp_flags", tb[TCA_FLOWER_KEY_TCP_FLAGS],
1417 tb[TCA_FLOWER_KEY_TCP_FLAGS_MASK]);
1418
1419 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
1420 FLOWER_ICMP_FIELD_TYPE);
1421 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
1422 FLOWER_ICMP_FIELD_TYPE);
1423 if (nl_type >= 0 && nl_mask_type >= 0)
1424 flower_print_masked_u8("icmp_type", tb[nl_type],
1425 tb[nl_mask_type], NULL);
1426
1427 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
1428 FLOWER_ICMP_FIELD_CODE);
1429 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
1430 FLOWER_ICMP_FIELD_CODE);
1431 if (nl_type >= 0 && nl_mask_type >= 0)
1432 flower_print_masked_u8("icmp_code", tb[nl_type],
1433 tb[nl_mask_type], NULL);
1434
1435 flower_print_ip4_addr("arp_sip", tb[TCA_FLOWER_KEY_ARP_SIP],
1436 tb[TCA_FLOWER_KEY_ARP_SIP_MASK]);
1437 flower_print_ip4_addr("arp_tip", tb[TCA_FLOWER_KEY_ARP_TIP],
1438 tb[TCA_FLOWER_KEY_ARP_TIP_MASK]);
1439 flower_print_arp_op("arp_op", tb[TCA_FLOWER_KEY_ARP_OP],
1440 tb[TCA_FLOWER_KEY_ARP_OP_MASK]);
1441 flower_print_eth_addr("arp_sha", tb[TCA_FLOWER_KEY_ARP_SHA],
1442 tb[TCA_FLOWER_KEY_ARP_SHA_MASK]);
1443 flower_print_eth_addr("arp_tha", tb[TCA_FLOWER_KEY_ARP_THA],
1444 tb[TCA_FLOWER_KEY_ARP_THA_MASK]);
1445
1446 flower_print_ip_addr("enc_dst_ip",
1447 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] ?
1448 htons(ETH_P_IP) : htons(ETH_P_IPV6),
1449 tb[TCA_FLOWER_KEY_ENC_IPV4_DST],
1450 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK],
1451 tb[TCA_FLOWER_KEY_ENC_IPV6_DST],
1452 tb[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK]);
1453
1454 flower_print_ip_addr("enc_src_ip",
1455 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] ?
1456 htons(ETH_P_IP) : htons(ETH_P_IPV6),
1457 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC],
1458 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK],
1459 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC],
1460 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK]);
1461
1462 flower_print_key_id("enc_key_id", tb[TCA_FLOWER_KEY_ENC_KEY_ID]);
1463
1464 flower_print_port("enc_dst_port", tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]);
1465
1466 flower_print_matching_flags("ip_flags", FLOWER_IP_FLAGS,
1467 tb[TCA_FLOWER_KEY_FLAGS],
1468 tb[TCA_FLOWER_KEY_FLAGS_MASK]);
1469
1470 close_json_object();
1471
1472 if (tb[TCA_FLOWER_FLAGS]) {
1473 __u32 flags = rta_getattr_u32(tb[TCA_FLOWER_FLAGS]);
1474
1475 if (flags & TCA_CLS_FLAGS_SKIP_HW)
1476 print_bool(PRINT_ANY, "skip_hw", "\n skip_hw", true);
1477 if (flags & TCA_CLS_FLAGS_SKIP_SW)
1478 print_bool(PRINT_ANY, "skip_sw", "\n skip_sw", true);
1479
1480 if (flags & TCA_CLS_FLAGS_IN_HW)
1481 print_bool(PRINT_ANY, "in_hw", "\n in_hw", true);
1482 else if (flags & TCA_CLS_FLAGS_NOT_IN_HW)
1483 print_bool(PRINT_ANY, "not_in_hw", "\n not_in_hw", true);
1484 }
1485
1486 if (tb[TCA_FLOWER_ACT])
1487 tc_print_action(f, tb[TCA_FLOWER_ACT], 0);
1488
1489 return 0;
1490 }
1491
1492 struct filter_util flower_filter_util = {
1493 .id = "flower",
1494 .parse_fopt = flower_parse_opt,
1495 .print_fopt = flower_print_opt,
1496 };
Upstream mirror of iproute2