]> git.proxmox.com Git - mirror_iproute2.git/blob - tc/f_u32.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tc: f_u32: Fill in 'linkid' provided by user
[mirror_iproute2.git] / tc / f_u32.c
1 /*
2 * q_u32.c U32 filter.
3 *
4 * This program is free software; you can u32istribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 * Match mark added by Catalin(ux aka Dino) BOIE <catab at umbrella.ro> [5 nov 2004]
11 *
12 */
13
14 #include <stdio.h>
15 #include <stdlib.h>
16 #include <unistd.h>
17 #include <syslog.h>
18 #include <fcntl.h>
19 #include <sys/socket.h>
20 #include <netinet/in.h>
21 #include <arpa/inet.h>
22 #include <string.h>
23 #include <linux/if.h>
24 #include <linux/if_ether.h>
25
26 #include "utils.h"
27 #include "tc_util.h"
28
29 extern int show_pretty;
30
31 static void explain(void)
32 {
33 fprintf(stderr,
34 "Usage: ... u32 [ match SELECTOR ... ] [ link HTID ] [ classid CLASSID ]\n"
35 " [ action ACTION_SPEC ] [ offset OFFSET_SPEC ]\n"
36 " [ ht HTID ] [ hashkey HASHKEY_SPEC ]\n"
37 " [ sample SAMPLE ] [skip-hw | skip-sw]\n"
38 "or u32 divisor DIVISOR\n"
39 "\n"
40 "Where: SELECTOR := SAMPLE SAMPLE ...\n"
41 " SAMPLE := { ip | ip6 | udp | tcp | icmp | u{32|16|8} | mark }\n"
42 " SAMPLE_ARGS [ divisor DIVISOR ]\n"
43 " FILTERID := X:Y:Z\n"
44 "\nNOTE: CLASSID is parsed at hexadecimal input.\n");
45 }
46
47 static int get_u32_handle(__u32 *handle, const char *str)
48 {
49 __u32 htid = 0, hash = 0, nodeid = 0;
50 char *tmp = strchr(str, ':');
51
52 if (tmp == NULL) {
53 if (memcmp("0x", str, 2) == 0)
54 return get_u32(handle, str, 16);
55 return -1;
56 }
57 htid = strtoul(str, &tmp, 16);
58 if (tmp == str && *str != ':' && *str != 0)
59 return -1;
60 if (htid >= 0x1000)
61 return -1;
62 if (*tmp) {
63 str = tmp + 1;
64 hash = strtoul(str, &tmp, 16);
65 if (tmp == str && *str != ':' && *str != 0)
66 return -1;
67 if (hash >= 0x100)
68 return -1;
69 if (*tmp) {
70 str = tmp + 1;
71 nodeid = strtoul(str, &tmp, 16);
72 if (tmp == str && *str != 0)
73 return -1;
74 if (nodeid >= 0x1000)
75 return -1;
76 }
77 }
78 *handle = (htid<<20)|(hash<<12)|nodeid;
79 return 0;
80 }
81
82 static char *sprint_u32_handle(__u32 handle, char *buf)
83 {
84 int bsize = SPRINT_BSIZE-1;
85 __u32 htid = TC_U32_HTID(handle);
86 __u32 hash = TC_U32_HASH(handle);
87 __u32 nodeid = TC_U32_NODE(handle);
88 char *b = buf;
89
90 if (handle == 0) {
91 snprintf(b, bsize, "none");
92 return b;
93 }
94 if (htid) {
95 int l = snprintf(b, bsize, "%x:", htid>>20);
96
97 bsize -= l;
98 b += l;
99 }
100 if (nodeid|hash) {
101 if (hash) {
102 int l = snprintf(b, bsize, "%x", hash);
103
104 bsize -= l;
105 b += l;
106 }
107 if (nodeid) {
108 int l = snprintf(b, bsize, ":%x", nodeid);
109
110 bsize -= l;
111 b += l;
112 }
113 }
114 if (show_raw)
115 snprintf(b, bsize, "[%08x] ", handle);
116 return buf;
117 }
118
119 static int pack_key(struct tc_u32_sel *sel, __u32 key, __u32 mask,
120 int off, int offmask)
121 {
122 int i;
123 int hwm = sel->nkeys;
124
125 key &= mask;
126
127 for (i = 0; i < hwm; i++) {
128 if (sel->keys[i].off == off && sel->keys[i].offmask == offmask) {
129 __u32 intersect = mask & sel->keys[i].mask;
130
131 if ((key ^ sel->keys[i].val) & intersect)
132 return -1;
133 sel->keys[i].val |= key;
134 sel->keys[i].mask |= mask;
135 return 0;
136 }
137 }
138
139 if (hwm >= 128)
140 return -1;
141 if (off % 4)
142 return -1;
143 sel->keys[hwm].val = key;
144 sel->keys[hwm].mask = mask;
145 sel->keys[hwm].off = off;
146 sel->keys[hwm].offmask = offmask;
147 sel->nkeys++;
148 return 0;
149 }
150
151 static int pack_key32(struct tc_u32_sel *sel, __u32 key, __u32 mask,
152 int off, int offmask)
153 {
154 key = htonl(key);
155 mask = htonl(mask);
156 return pack_key(sel, key, mask, off, offmask);
157 }
158
159 static int pack_key16(struct tc_u32_sel *sel, __u32 key, __u32 mask,
160 int off, int offmask)
161 {
162 if (key > 0xFFFF || mask > 0xFFFF)
163 return -1;
164
165 if ((off & 3) == 0) {
166 key <<= 16;
167 mask <<= 16;
168 }
169 off &= ~3;
170 key = htonl(key);
171 mask = htonl(mask);
172
173 return pack_key(sel, key, mask, off, offmask);
174 }
175
176 static int pack_key8(struct tc_u32_sel *sel, __u32 key, __u32 mask, int off,
177 int offmask)
178 {
179 if (key > 0xFF || mask > 0xFF)
180 return -1;
181
182 if ((off & 3) == 0) {
183 key <<= 24;
184 mask <<= 24;
185 } else if ((off & 3) == 1) {
186 key <<= 16;
187 mask <<= 16;
188 } else if ((off & 3) == 2) {
189 key <<= 8;
190 mask <<= 8;
191 }
192 off &= ~3;
193 key = htonl(key);
194 mask = htonl(mask);
195
196 return pack_key(sel, key, mask, off, offmask);
197 }
198
199
200 static int parse_at(int *argc_p, char ***argv_p, int *off, int *offmask)
201 {
202 int argc = *argc_p;
203 char **argv = *argv_p;
204 char *p = *argv;
205
206 if (argc <= 0)
207 return -1;
208
209 if (strlen(p) > strlen("nexthdr+") &&
210 memcmp(p, "nexthdr+", strlen("nexthdr+")) == 0) {
211 *offmask = -1;
212 p += strlen("nexthdr+");
213 } else if (matches(*argv, "nexthdr+") == 0) {
214 NEXT_ARG();
215 *offmask = -1;
216 p = *argv;
217 }
218
219 if (get_integer(off, p, 0))
220 return -1;
221 argc--; argv++;
222
223 *argc_p = argc;
224 *argv_p = argv;
225 return 0;
226 }
227
228
229 static int parse_u32(int *argc_p, char ***argv_p, struct tc_u32_sel *sel,
230 int off, int offmask)
231 {
232 int res = -1;
233 int argc = *argc_p;
234 char **argv = *argv_p;
235 __u32 key;
236 __u32 mask;
237
238 if (argc < 2)
239 return -1;
240
241 if (get_u32(&key, *argv, 0))
242 return -1;
243 argc--; argv++;
244
245 if (get_u32(&mask, *argv, 16))
246 return -1;
247 argc--; argv++;
248
249 if (argc > 0 && strcmp(argv[0], "at") == 0) {
250 NEXT_ARG();
251 if (parse_at(&argc, &argv, &off, &offmask))
252 return -1;
253 }
254
255 res = pack_key32(sel, key, mask, off, offmask);
256 *argc_p = argc;
257 *argv_p = argv;
258 return res;
259 }
260
261 static int parse_u16(int *argc_p, char ***argv_p, struct tc_u32_sel *sel,
262 int off, int offmask)
263 {
264 int res = -1;
265 int argc = *argc_p;
266 char **argv = *argv_p;
267 __u32 key;
268 __u32 mask;
269
270 if (argc < 2)
271 return -1;
272
273 if (get_u32(&key, *argv, 0))
274 return -1;
275 argc--; argv++;
276
277 if (get_u32(&mask, *argv, 16))
278 return -1;
279 argc--; argv++;
280
281 if (argc > 0 && strcmp(argv[0], "at") == 0) {
282 NEXT_ARG();
283 if (parse_at(&argc, &argv, &off, &offmask))
284 return -1;
285 }
286 res = pack_key16(sel, key, mask, off, offmask);
287 *argc_p = argc;
288 *argv_p = argv;
289 return res;
290 }
291
292 static int parse_u8(int *argc_p, char ***argv_p, struct tc_u32_sel *sel,
293 int off, int offmask)
294 {
295 int res = -1;
296 int argc = *argc_p;
297 char **argv = *argv_p;
298 __u32 key;
299 __u32 mask;
300
301 if (argc < 2)
302 return -1;
303
304 if (get_u32(&key, *argv, 0))
305 return -1;
306 argc--; argv++;
307
308 if (get_u32(&mask, *argv, 16))
309 return -1;
310 argc--; argv++;
311
312 if (key > 0xFF || mask > 0xFF)
313 return -1;
314
315 if (argc > 0 && strcmp(argv[0], "at") == 0) {
316 NEXT_ARG();
317 if (parse_at(&argc, &argv, &off, &offmask))
318 return -1;
319 }
320
321 res = pack_key8(sel, key, mask, off, offmask);
322 *argc_p = argc;
323 *argv_p = argv;
324 return res;
325 }
326
327 static int parse_ip_addr(int *argc_p, char ***argv_p, struct tc_u32_sel *sel,
328 int off)
329 {
330 int res = -1;
331 int argc = *argc_p;
332 char **argv = *argv_p;
333 inet_prefix addr;
334 __u32 mask;
335 int offmask = 0;
336
337 if (argc < 1)
338 return -1;
339
340 if (get_prefix_1(&addr, *argv, AF_INET))
341 return -1;
342 argc--; argv++;
343
344 if (argc > 0 && strcmp(argv[0], "at") == 0) {
345 NEXT_ARG();
346 if (parse_at(&argc, &argv, &off, &offmask))
347 return -1;
348 }
349
350 mask = 0;
351 if (addr.bitlen)
352 mask = htonl(0xFFFFFFFF << (32 - addr.bitlen));
353 if (pack_key(sel, addr.data[0], mask, off, offmask) < 0)
354 return -1;
355 res = 0;
356
357 *argc_p = argc;
358 *argv_p = argv;
359 return res;
360 }
361
362 static int parse_ip6_addr(int *argc_p, char ***argv_p,
363 struct tc_u32_sel *sel, int off)
364 {
365 int res = -1;
366 int argc = *argc_p;
367 char **argv = *argv_p;
368 int plen = 128;
369 int i;
370 inet_prefix addr;
371 int offmask = 0;
372
373 if (argc < 1)
374 return -1;
375
376 if (get_prefix_1(&addr, *argv, AF_INET6))
377 return -1;
378 argc--; argv++;
379
380 if (argc > 0 && strcmp(argv[0], "at") == 0) {
381 NEXT_ARG();
382 if (parse_at(&argc, &argv, &off, &offmask))
383 return -1;
384 }
385
386 plen = addr.bitlen;
387 for (i = 0; i < plen; i += 32) {
388 /* if (((i + 31) & ~0x1F) <= plen) { */
389 if (i + 31 <= plen) {
390 res = pack_key(sel, addr.data[i / 32],
391 0xFFFFFFFF, off + 4 * (i / 32), offmask);
392 if (res < 0)
393 return -1;
394 } else if (i < plen) {
395 __u32 mask = htonl(0xFFFFFFFF << (32 - (plen - i)));
396
397 res = pack_key(sel, addr.data[i / 32],
398 mask, off + 4 * (i / 32), offmask);
399 if (res < 0)
400 return -1;
401 }
402 }
403 res = 0;
404
405 *argc_p = argc;
406 *argv_p = argv;
407 return res;
408 }
409
410 static int parse_ip6_class(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
411 {
412 int res = -1;
413 int argc = *argc_p;
414 char **argv = *argv_p;
415 __u32 key;
416 __u32 mask;
417 int off = 0;
418 int offmask = 0;
419
420 if (argc < 2)
421 return -1;
422
423 if (get_u32(&key, *argv, 0))
424 return -1;
425 argc--; argv++;
426
427 if (get_u32(&mask, *argv, 16))
428 return -1;
429 argc--; argv++;
430
431 if (key > 0xFF || mask > 0xFF)
432 return -1;
433
434 key <<= 20;
435 mask <<= 20;
436 key = htonl(key);
437 mask = htonl(mask);
438
439 res = pack_key(sel, key, mask, off, offmask);
440 if (res < 0)
441 return -1;
442
443 *argc_p = argc;
444 *argv_p = argv;
445 return 0;
446 }
447
448 static int parse_ether_addr(int *argc_p, char ***argv_p,
449 struct tc_u32_sel *sel, int off)
450 {
451 int res = -1;
452 int argc = *argc_p;
453 char **argv = *argv_p;
454 __u8 addr[6];
455 int offmask = 0;
456 int i;
457
458 if (argc < 1)
459 return -1;
460
461 if (sscanf(*argv, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
462 addr + 0, addr + 1, addr + 2,
463 addr + 3, addr + 4, addr + 5) != 6) {
464 fprintf(stderr, "parse_ether_addr: improperly formed address '%s'\n",
465 *argv);
466 return -1;
467 }
468
469 argc--; argv++;
470 if (argc > 0 && strcmp(argv[0], "at") == 0) {
471 NEXT_ARG();
472 if (parse_at(&argc, &argv, &off, &offmask))
473 return -1;
474 }
475
476 for (i = 0; i < 6; i++) {
477 res = pack_key8(sel, addr[i], 0xFF, off + i, offmask);
478 if (res < 0)
479 return -1;
480 }
481
482 *argc_p = argc;
483 *argv_p = argv;
484 return res;
485 }
486
487 static int parse_ip(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
488 {
489 int res = -1;
490 int argc = *argc_p;
491 char **argv = *argv_p;
492
493 if (argc < 2)
494 return -1;
495
496 if (strcmp(*argv, "src") == 0) {
497 NEXT_ARG();
498 res = parse_ip_addr(&argc, &argv, sel, 12);
499 } else if (strcmp(*argv, "dst") == 0) {
500 NEXT_ARG();
501 res = parse_ip_addr(&argc, &argv, sel, 16);
502 } else if (strcmp(*argv, "tos") == 0 ||
503 matches(*argv, "dsfield") == 0 ||
504 matches(*argv, "precedence") == 0) {
505 NEXT_ARG();
506 res = parse_u8(&argc, &argv, sel, 1, 0);
507 } else if (strcmp(*argv, "ihl") == 0) {
508 NEXT_ARG();
509 res = parse_u8(&argc, &argv, sel, 0, 0);
510 } else if (strcmp(*argv, "protocol") == 0) {
511 NEXT_ARG();
512 res = parse_u8(&argc, &argv, sel, 9, 0);
513 } else if (strcmp(*argv, "nofrag") == 0) {
514 argc--; argv++;
515 res = pack_key16(sel, 0, 0x3FFF, 6, 0);
516 } else if (strcmp(*argv, "firstfrag") == 0) {
517 argc--; argv++;
518 res = pack_key16(sel, 0x2000, 0x3FFF, 6, 0);
519 } else if (strcmp(*argv, "df") == 0) {
520 argc--; argv++;
521 res = pack_key16(sel, 0x4000, 0x4000, 6, 0);
522 } else if (strcmp(*argv, "mf") == 0) {
523 argc--; argv++;
524 res = pack_key16(sel, 0x2000, 0x2000, 6, 0);
525 } else if (strcmp(*argv, "dport") == 0) {
526 NEXT_ARG();
527 res = parse_u16(&argc, &argv, sel, 22, 0);
528 } else if (strcmp(*argv, "sport") == 0) {
529 NEXT_ARG();
530 res = parse_u16(&argc, &argv, sel, 20, 0);
531 } else if (strcmp(*argv, "icmp_type") == 0) {
532 NEXT_ARG();
533 res = parse_u8(&argc, &argv, sel, 20, 0);
534 } else if (strcmp(*argv, "icmp_code") == 0) {
535 NEXT_ARG();
536 res = parse_u8(&argc, &argv, sel, 21, 0);
537 } else
538 return -1;
539
540 *argc_p = argc;
541 *argv_p = argv;
542 return res;
543 }
544
545 static int parse_ip6(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
546 {
547 int res = -1;
548 int argc = *argc_p;
549 char **argv = *argv_p;
550
551 if (argc < 2)
552 return -1;
553
554 if (strcmp(*argv, "src") == 0) {
555 NEXT_ARG();
556 res = parse_ip6_addr(&argc, &argv, sel, 8);
557 } else if (strcmp(*argv, "dst") == 0) {
558 NEXT_ARG();
559 res = parse_ip6_addr(&argc, &argv, sel, 24);
560 } else if (strcmp(*argv, "priority") == 0) {
561 NEXT_ARG();
562 res = parse_ip6_class(&argc, &argv, sel);
563 } else if (strcmp(*argv, "protocol") == 0) {
564 NEXT_ARG();
565 res = parse_u8(&argc, &argv, sel, 6, 0);
566 } else if (strcmp(*argv, "flowlabel") == 0) {
567 NEXT_ARG();
568 res = parse_u32(&argc, &argv, sel, 0, 0);
569 } else if (strcmp(*argv, "dport") == 0) {
570 NEXT_ARG();
571 res = parse_u16(&argc, &argv, sel, 42, 0);
572 } else if (strcmp(*argv, "sport") == 0) {
573 NEXT_ARG();
574 res = parse_u16(&argc, &argv, sel, 40, 0);
575 } else if (strcmp(*argv, "icmp_type") == 0) {
576 NEXT_ARG();
577 res = parse_u8(&argc, &argv, sel, 40, 0);
578 } else if (strcmp(*argv, "icmp_code") == 0) {
579 NEXT_ARG();
580 res = parse_u8(&argc, &argv, sel, 41, 1);
581 } else
582 return -1;
583
584 *argc_p = argc;
585 *argv_p = argv;
586 return res;
587 }
588
589 static int parse_ether(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
590 {
591 int res = -1;
592 int argc = *argc_p;
593 char **argv = *argv_p;
594
595 if (argc < 2)
596 return -1;
597
598 if (strcmp(*argv, "src") == 0) {
599 NEXT_ARG();
600 res = parse_ether_addr(&argc, &argv, sel, -8);
601 } else if (strcmp(*argv, "dst") == 0) {
602 NEXT_ARG();
603 res = parse_ether_addr(&argc, &argv, sel, -14);
604 } else {
605 fprintf(stderr, "Unknown match: ether %s\n", *argv);
606 return -1;
607 }
608
609 *argc_p = argc;
610 *argv_p = argv;
611 return res;
612 }
613
614 #define parse_tcp parse_udp
615 static int parse_udp(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
616 {
617 int res = -1;
618 int argc = *argc_p;
619 char **argv = *argv_p;
620
621 if (argc < 2)
622 return -1;
623
624 if (strcmp(*argv, "src") == 0) {
625 NEXT_ARG();
626 res = parse_u16(&argc, &argv, sel, 0, -1);
627 } else if (strcmp(*argv, "dst") == 0) {
628 NEXT_ARG();
629 res = parse_u16(&argc, &argv, sel, 2, -1);
630 } else
631 return -1;
632
633 *argc_p = argc;
634 *argv_p = argv;
635 return res;
636 }
637
638
639 static int parse_icmp(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
640 {
641 int res = -1;
642 int argc = *argc_p;
643 char **argv = *argv_p;
644
645 if (argc < 2)
646 return -1;
647
648 if (strcmp(*argv, "type") == 0) {
649 NEXT_ARG();
650 res = parse_u8(&argc, &argv, sel, 0, -1);
651 } else if (strcmp(*argv, "code") == 0) {
652 NEXT_ARG();
653 res = parse_u8(&argc, &argv, sel, 1, -1);
654 } else
655 return -1;
656
657 *argc_p = argc;
658 *argv_p = argv;
659 return res;
660 }
661
662 static int parse_mark(int *argc_p, char ***argv_p, struct nlmsghdr *n)
663 {
664 int res = -1;
665 int argc = *argc_p;
666 char **argv = *argv_p;
667 struct tc_u32_mark mark;
668
669 if (argc <= 1)
670 return -1;
671
672 if (get_u32(&mark.val, *argv, 0)) {
673 fprintf(stderr, "Illegal \"mark\" value\n");
674 return -1;
675 }
676 NEXT_ARG();
677
678 if (get_u32(&mark.mask, *argv, 0)) {
679 fprintf(stderr, "Illegal \"mark\" mask\n");
680 return -1;
681 }
682 NEXT_ARG();
683
684 if ((mark.val & mark.mask) != mark.val) {
685 fprintf(stderr, "Illegal \"mark\" (impossible combination)\n");
686 return -1;
687 }
688
689 addattr_l(n, MAX_MSG, TCA_U32_MARK, &mark, sizeof(mark));
690 res = 0;
691
692 *argc_p = argc;
693 *argv_p = argv;
694 return res;
695 }
696
697 static int parse_selector(int *argc_p, char ***argv_p,
698 struct tc_u32_sel *sel, struct nlmsghdr *n)
699 {
700 int argc = *argc_p;
701 char **argv = *argv_p;
702 int res = -1;
703
704 if (argc <= 0)
705 return -1;
706
707 if (matches(*argv, "u32") == 0) {
708 NEXT_ARG();
709 res = parse_u32(&argc, &argv, sel, 0, 0);
710 } else if (matches(*argv, "u16") == 0) {
711 NEXT_ARG();
712 res = parse_u16(&argc, &argv, sel, 0, 0);
713 } else if (matches(*argv, "u8") == 0) {
714 NEXT_ARG();
715 res = parse_u8(&argc, &argv, sel, 0, 0);
716 } else if (matches(*argv, "ip") == 0) {
717 NEXT_ARG();
718 res = parse_ip(&argc, &argv, sel);
719 } else if (matches(*argv, "ip6") == 0) {
720 NEXT_ARG();
721 res = parse_ip6(&argc, &argv, sel);
722 } else if (matches(*argv, "udp") == 0) {
723 NEXT_ARG();
724 res = parse_udp(&argc, &argv, sel);
725 } else if (matches(*argv, "tcp") == 0) {
726 NEXT_ARG();
727 res = parse_tcp(&argc, &argv, sel);
728 } else if (matches(*argv, "icmp") == 0) {
729 NEXT_ARG();
730 res = parse_icmp(&argc, &argv, sel);
731 } else if (matches(*argv, "mark") == 0) {
732 NEXT_ARG();
733 res = parse_mark(&argc, &argv, n);
734 } else if (matches(*argv, "ether") == 0) {
735 NEXT_ARG();
736 res = parse_ether(&argc, &argv, sel);
737 } else
738 return -1;
739
740 *argc_p = argc;
741 *argv_p = argv;
742 return res;
743 }
744
745 static int parse_offset(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
746 {
747 int argc = *argc_p;
748 char **argv = *argv_p;
749
750 while (argc > 0) {
751 if (matches(*argv, "plus") == 0) {
752 int off;
753
754 NEXT_ARG();
755 if (get_integer(&off, *argv, 0))
756 return -1;
757 sel->off = off;
758 sel->flags |= TC_U32_OFFSET;
759 } else if (matches(*argv, "at") == 0) {
760 int off;
761
762 NEXT_ARG();
763 if (get_integer(&off, *argv, 0))
764 return -1;
765 sel->offoff = off;
766 if (off%2) {
767 fprintf(stderr, "offset \"at\" must be even\n");
768 return -1;
769 }
770 sel->flags |= TC_U32_VAROFFSET;
771 } else if (matches(*argv, "mask") == 0) {
772 NEXT_ARG();
773 if (get_be16(&sel->offmask, *argv, 16))
774 return -1;
775 sel->flags |= TC_U32_VAROFFSET;
776 } else if (matches(*argv, "shift") == 0) {
777 int shift;
778
779 NEXT_ARG();
780 if (get_integer(&shift, *argv, 0))
781 return -1;
782 sel->offshift = shift;
783 sel->flags |= TC_U32_VAROFFSET;
784 } else if (matches(*argv, "eat") == 0) {
785 sel->flags |= TC_U32_EAT;
786 } else {
787 break;
788 }
789 argc--; argv++;
790 }
791
792 *argc_p = argc;
793 *argv_p = argv;
794 return 0;
795 }
796
797 static int parse_hashkey(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
798 {
799 int argc = *argc_p;
800 char **argv = *argv_p;
801
802 while (argc > 0) {
803 if (matches(*argv, "mask") == 0) {
804 NEXT_ARG();
805 if (get_be32(&sel->hmask, *argv, 16))
806 return -1;
807 } else if (matches(*argv, "at") == 0) {
808 int num;
809
810 NEXT_ARG();
811 if (get_integer(&num, *argv, 0))
812 return -1;
813 if (num%4)
814 return -1;
815 sel->hoff = num;
816 } else {
817 break;
818 }
819 argc--; argv++;
820 }
821
822 *argc_p = argc;
823 *argv_p = argv;
824 return 0;
825 }
826
827 static void print_ipv4(FILE *f, const struct tc_u32_key *key)
828 {
829 char abuf[256];
830
831 switch (key->off) {
832 case 0:
833 switch (ntohl(key->mask)) {
834 case 0x0f000000:
835 fprintf(f, "\n match IP ihl %u",
836 ntohl(key->val) >> 24);
837 return;
838 case 0x00ff0000:
839 fprintf(f, "\n match IP dsfield %#x",
840 ntohl(key->val) >> 16);
841 return;
842 }
843 break;
844 case 8:
845 if (ntohl(key->mask) == 0x00ff0000) {
846 fprintf(f, "\n match IP protocol %d",
847 ntohl(key->val) >> 16);
848 return;
849 }
850 break;
851 case 12:
852 case 16: {
853 int bits = mask2bits(key->mask);
854
855 if (bits >= 0) {
856 fprintf(f, "\n %s %s/%d",
857 key->off == 12 ? "match IP src" : "match IP dst",
858 inet_ntop(AF_INET, &key->val,
859 abuf, sizeof(abuf)),
860 bits);
861 return;
862 }
863 }
864 break;
865
866 case 20:
867 switch (ntohl(key->mask)) {
868 case 0x0000ffff:
869 fprintf(f, "\n match dport %u",
870 ntohl(key->val) & 0xffff);
871 return;
872 case 0xffff0000:
873 fprintf(f, "\n match sport %u",
874 ntohl(key->val) >> 16);
875 return;
876 case 0xffffffff:
877 fprintf(f, "\n match dport %u, match sport %u",
878 ntohl(key->val) & 0xffff,
879 ntohl(key->val) >> 16);
880
881 return;
882 }
883 /* XXX: Default print_raw */
884 }
885 }
886
887 static void print_ipv6(FILE *f, const struct tc_u32_key *key)
888 {
889 char abuf[256];
890
891 switch (key->off) {
892 case 0:
893 switch (ntohl(key->mask)) {
894 case 0x0f000000:
895 fprintf(f, "\n match IP ihl %u",
896 ntohl(key->val) >> 24);
897 return;
898 case 0x00ff0000:
899 fprintf(f, "\n match IP dsfield %#x",
900 ntohl(key->val) >> 16);
901 return;
902 }
903 break;
904 case 8:
905 if (ntohl(key->mask) == 0x00ff0000) {
906 fprintf(f, "\n match IP protocol %d",
907 ntohl(key->val) >> 16);
908 return;
909 }
910 break;
911 case 12:
912 case 16: {
913 int bits = mask2bits(key->mask);
914
915 if (bits >= 0) {
916 fprintf(f, "\n %s %s/%d",
917 key->off == 12 ? "match IP src" : "match IP dst",
918 inet_ntop(AF_INET, &key->val,
919 abuf, sizeof(abuf)),
920 bits);
921 return;
922 }
923 }
924 break;
925
926 case 20:
927 switch (ntohl(key->mask)) {
928 case 0x0000ffff:
929 fprintf(f, "\n match sport %u",
930 ntohl(key->val) & 0xffff);
931 return;
932 case 0xffff0000:
933 fprintf(f, "\n match dport %u",
934 ntohl(key->val) >> 16);
935 return;
936 case 0xffffffff:
937 fprintf(f, "\n match sport %u, match dport %u",
938 ntohl(key->val) & 0xffff,
939 ntohl(key->val) >> 16);
940
941 return;
942 }
943 /* XXX: Default print_raw */
944 }
945 }
946
947 static void print_raw(FILE *f, const struct tc_u32_key *key)
948 {
949 fprintf(f, "\n match %08x/%08x at %s%d",
950 (unsigned int)ntohl(key->val),
951 (unsigned int)ntohl(key->mask),
952 key->offmask ? "nexthdr+" : "",
953 key->off);
954 }
955
956 static const struct {
957 __u16 proto;
958 __u16 pad;
959 void (*pprinter)(FILE *f, const struct tc_u32_key *key);
960 } u32_pprinters[] = {
961 {0, 0, print_raw},
962 {ETH_P_IP, 0, print_ipv4},
963 {ETH_P_IPV6, 0, print_ipv6},
964 };
965
966 static void show_keys(FILE *f, const struct tc_u32_key *key)
967 {
968 int i = 0;
969
970 if (!show_pretty)
971 goto show_k;
972
973 for (i = 0; i < ARRAY_SIZE(u32_pprinters); i++) {
974 if (u32_pprinters[i].proto == ntohs(f_proto)) {
975 show_k:
976 u32_pprinters[i].pprinter(f, key);
977 return;
978 }
979 }
980
981 i = 0;
982 goto show_k;
983 }
984
985 static int u32_parse_opt(struct filter_util *qu, char *handle,
986 int argc, char **argv, struct nlmsghdr *n)
987 {
988 struct {
989 struct tc_u32_sel sel;
990 struct tc_u32_key keys[128];
991 } sel = {};
992 struct tcmsg *t = NLMSG_DATA(n);
993 struct rtattr *tail;
994 int sel_ok = 0, terminal_ok = 0;
995 int sample_ok = 0;
996 __u32 htid = 0;
997 __u32 order = 0;
998 __u32 flags = 0;
999
1000 if (handle && get_u32_handle(&t->tcm_handle, handle)) {
1001 fprintf(stderr, "Illegal filter ID\n");
1002 return -1;
1003 }
1004
1005 if (argc == 0)
1006 return 0;
1007
1008 tail = NLMSG_TAIL(n);
1009 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0);
1010
1011 while (argc > 0) {
1012 if (matches(*argv, "match") == 0) {
1013 NEXT_ARG();
1014 if (parse_selector(&argc, &argv, &sel.sel, n)) {
1015 fprintf(stderr, "Illegal \"match\"\n");
1016 return -1;
1017 }
1018 sel_ok++;
1019 continue;
1020 } else if (matches(*argv, "offset") == 0) {
1021 NEXT_ARG();
1022 if (parse_offset(&argc, &argv, &sel.sel)) {
1023 fprintf(stderr, "Illegal \"offset\"\n");
1024 return -1;
1025 }
1026 continue;
1027 } else if (matches(*argv, "hashkey") == 0) {
1028 NEXT_ARG();
1029 if (parse_hashkey(&argc, &argv, &sel.sel)) {
1030 fprintf(stderr, "Illegal \"hashkey\"\n");
1031 return -1;
1032 }
1033 continue;
1034 } else if (matches(*argv, "classid") == 0 ||
1035 strcmp(*argv, "flowid") == 0) {
1036 unsigned int flowid;
1037
1038 NEXT_ARG();
1039 if (get_tc_classid(&flowid, *argv)) {
1040 fprintf(stderr, "Illegal \"classid\"\n");
1041 return -1;
1042 }
1043 addattr_l(n, MAX_MSG, TCA_U32_CLASSID, &flowid, 4);
1044 sel.sel.flags |= TC_U32_TERMINAL;
1045 } else if (matches(*argv, "divisor") == 0) {
1046 unsigned int divisor;
1047
1048 NEXT_ARG();
1049 if (get_unsigned(&divisor, *argv, 0) ||
1050 divisor == 0 ||
1051 divisor > 0x100 || ((divisor - 1) & divisor)) {
1052 fprintf(stderr, "Illegal \"divisor\"\n");
1053 return -1;
1054 }
1055 addattr_l(n, MAX_MSG, TCA_U32_DIVISOR, &divisor, 4);
1056 } else if (matches(*argv, "order") == 0) {
1057 NEXT_ARG();
1058 if (get_u32(&order, *argv, 0)) {
1059 fprintf(stderr, "Illegal \"order\"\n");
1060 return -1;
1061 }
1062 } else if (strcmp(*argv, "link") == 0) {
1063 unsigned int linkid;
1064
1065 NEXT_ARG();
1066 if (get_u32_handle(&linkid, *argv)) {
1067 fprintf(stderr, "Illegal \"link\"\n");
1068 return -1;
1069 }
1070 if (linkid && TC_U32_NODE(linkid)) {
1071 fprintf(stderr, "\"link\" must be a hash table.\n");
1072 return -1;
1073 }
1074 addattr_l(n, MAX_MSG, TCA_U32_LINK, &linkid, 4);
1075 } else if (strcmp(*argv, "ht") == 0) {
1076 unsigned int ht;
1077
1078 NEXT_ARG();
1079 if (get_u32_handle(&ht, *argv)) {
1080 fprintf(stderr, "Illegal \"ht\"\n");
1081 return -1;
1082 }
1083 if (handle && TC_U32_NODE(ht)) {
1084 fprintf(stderr, "\"ht\" must be a hash table.\n");
1085 return -1;
1086 }
1087 if (sample_ok)
1088 htid = (htid & 0xFF000) | (ht & 0xFFF00000);
1089 else
1090 htid = (ht & 0xFFFFF000);
1091 } else if (strcmp(*argv, "sample") == 0) {
1092 __u32 hash;
1093 unsigned int divisor = 0x100;
1094 struct {
1095 struct tc_u32_sel sel;
1096 struct tc_u32_key keys[4];
1097 } sel2 = {};
1098
1099 NEXT_ARG();
1100 if (parse_selector(&argc, &argv, &sel2.sel, n)) {
1101 fprintf(stderr, "Illegal \"sample\"\n");
1102 return -1;
1103 }
1104 if (sel2.sel.nkeys != 1) {
1105 fprintf(stderr, "\"sample\" must contain exactly ONE key.\n");
1106 return -1;
1107 }
1108 if (*argv != 0 && strcmp(*argv, "divisor") == 0) {
1109 NEXT_ARG();
1110 if (get_unsigned(&divisor, *argv, 0) ||
1111 divisor == 0 || divisor > 0x100 ||
1112 ((divisor - 1) & divisor)) {
1113 fprintf(stderr, "Illegal sample \"divisor\"\n");
1114 return -1;
1115 }
1116 NEXT_ARG();
1117 }
1118 hash = sel2.sel.keys[0].val & sel2.sel.keys[0].mask;
1119 hash ^= hash >> 16;
1120 hash ^= hash >> 8;
1121 htid = ((hash % divisor) << 12) | (htid & 0xFFF00000);
1122 sample_ok = 1;
1123 continue;
1124 } else if (strcmp(*argv, "indev") == 0) {
1125 char ind[IFNAMSIZ + 1] = {};
1126
1127 argc--;
1128 argv++;
1129 if (argc < 1) {
1130 fprintf(stderr, "Illegal indev\n");
1131 return -1;
1132 }
1133 strncpy(ind, *argv, sizeof(ind) - 1);
1134 addattr_l(n, MAX_MSG, TCA_U32_INDEV, ind,
1135 strlen(ind) + 1);
1136
1137 } else if (matches(*argv, "action") == 0) {
1138 NEXT_ARG();
1139 if (parse_action(&argc, &argv, TCA_U32_ACT, n)) {
1140 fprintf(stderr, "Illegal \"action\"\n");
1141 return -1;
1142 }
1143 terminal_ok++;
1144 continue;
1145
1146 } else if (matches(*argv, "police") == 0) {
1147 NEXT_ARG();
1148 if (parse_police(&argc, &argv, TCA_U32_POLICE, n)) {
1149 fprintf(stderr, "Illegal \"police\"\n");
1150 return -1;
1151 }
1152 terminal_ok++;
1153 continue;
1154 } else if (strcmp(*argv, "skip_hw") == 0) {
1155 NEXT_ARG();
1156 flags |= TCA_CLS_FLAGS_SKIP_HW;
1157 continue;
1158 } else if (strcmp(*argv, "skip_sw") == 0) {
1159 NEXT_ARG();
1160 flags |= TCA_CLS_FLAGS_SKIP_SW;
1161 continue;
1162 } else if (strcmp(*argv, "help") == 0) {
1163 explain();
1164 return -1;
1165 } else {
1166 fprintf(stderr, "What is \"%s\"?\n", *argv);
1167 explain();
1168 return -1;
1169 }
1170 argc--; argv++;
1171 }
1172
1173 /* We dont necessarily need class/flowids */
1174 if (terminal_ok)
1175 sel.sel.flags |= TC_U32_TERMINAL;
1176
1177 if (order) {
1178 if (TC_U32_NODE(t->tcm_handle) &&
1179 order != TC_U32_NODE(t->tcm_handle)) {
1180 fprintf(stderr, "\"order\" contradicts \"handle\"\n");
1181 return -1;
1182 }
1183 t->tcm_handle |= order;
1184 }
1185
1186 if (htid)
1187 addattr_l(n, MAX_MSG, TCA_U32_HASH, &htid, 4);
1188 if (sel_ok)
1189 addattr_l(n, MAX_MSG, TCA_U32_SEL, &sel,
1190 sizeof(sel.sel) +
1191 sel.sel.nkeys * sizeof(struct tc_u32_key));
1192 if (flags) {
1193 if (!(flags ^ (TCA_CLS_FLAGS_SKIP_HW |
1194 TCA_CLS_FLAGS_SKIP_SW))) {
1195 fprintf(stderr,
1196 "skip_hw and skip_sw are mutually exclusive\n");
1197 return -1;
1198 }
1199 addattr_l(n, MAX_MSG, TCA_U32_FLAGS, &flags, 4);
1200 }
1201
1202 tail->rta_len = (void *) NLMSG_TAIL(n) - (void *) tail;
1203 return 0;
1204 }
1205
1206 static int u32_print_opt(struct filter_util *qu, FILE *f, struct rtattr *opt,
1207 __u32 handle)
1208 {
1209 struct rtattr *tb[TCA_U32_MAX + 1];
1210 struct tc_u32_sel *sel = NULL;
1211 struct tc_u32_pcnt *pf = NULL;
1212
1213 if (opt == NULL)
1214 return 0;
1215
1216 parse_rtattr_nested(tb, TCA_U32_MAX, opt);
1217
1218 if (handle) {
1219 SPRINT_BUF(b1);
1220 fprintf(f, "fh %s ", sprint_u32_handle(handle, b1));
1221 }
1222
1223 if (TC_U32_NODE(handle))
1224 fprintf(f, "order %d ", TC_U32_NODE(handle));
1225
1226 if (tb[TCA_U32_SEL]) {
1227 if (RTA_PAYLOAD(tb[TCA_U32_SEL]) < sizeof(*sel))
1228 return -1;
1229
1230 sel = RTA_DATA(tb[TCA_U32_SEL]);
1231 }
1232
1233 if (tb[TCA_U32_DIVISOR]) {
1234 fprintf(f, "ht divisor %d ",
1235 rta_getattr_u32(tb[TCA_U32_DIVISOR]));
1236 } else if (tb[TCA_U32_HASH]) {
1237 __u32 htid = rta_getattr_u32(tb[TCA_U32_HASH]);
1238
1239 fprintf(f, "key ht %x bkt %x ", TC_U32_USERHTID(htid),
1240 TC_U32_HASH(htid));
1241 } else {
1242 fprintf(f, "??? ");
1243 }
1244 if (tb[TCA_U32_CLASSID]) {
1245 SPRINT_BUF(b1);
1246 fprintf(f, "%sflowid %s ",
1247 !sel || !(sel->flags & TC_U32_TERMINAL) ? "*" : "",
1248 sprint_tc_classid(rta_getattr_u32(tb[TCA_U32_CLASSID]),
1249 b1));
1250 } else if (sel && sel->flags & TC_U32_TERMINAL) {
1251 fprintf(f, "terminal flowid ??? ");
1252 }
1253 if (tb[TCA_U32_LINK]) {
1254 SPRINT_BUF(b1);
1255 fprintf(f, "link %s ",
1256 sprint_u32_handle(rta_getattr_u32(tb[TCA_U32_LINK]),
1257 b1));
1258 }
1259
1260 if (tb[TCA_U32_FLAGS]) {
1261 __u32 flags = rta_getattr_u32(tb[TCA_U32_FLAGS]);
1262
1263 if (flags & TCA_CLS_FLAGS_SKIP_HW)
1264 fprintf(f, "skip_hw ");
1265 if (flags & TCA_CLS_FLAGS_SKIP_SW)
1266 fprintf(f, "skip_sw ");
1267 }
1268
1269 if (tb[TCA_U32_PCNT]) {
1270 if (RTA_PAYLOAD(tb[TCA_U32_PCNT]) < sizeof(*pf)) {
1271 fprintf(f, "Broken perf counters\n");
1272 return -1;
1273 }
1274 pf = RTA_DATA(tb[TCA_U32_PCNT]);
1275 }
1276
1277 if (sel && show_stats && NULL != pf)
1278 fprintf(f, " (rule hit %llu success %llu)",
1279 (unsigned long long) pf->rcnt,
1280 (unsigned long long) pf->rhit);
1281
1282 if (tb[TCA_U32_MARK]) {
1283 struct tc_u32_mark *mark = RTA_DATA(tb[TCA_U32_MARK]);
1284
1285 if (RTA_PAYLOAD(tb[TCA_U32_MARK]) < sizeof(*mark)) {
1286 fprintf(f, "\n Invalid mark (kernel&iproute2 mismatch)\n");
1287 } else {
1288 fprintf(f, "\n mark 0x%04x 0x%04x (success %d)",
1289 mark->val, mark->mask, mark->success);
1290 }
1291 }
1292
1293 if (sel) {
1294 if (sel->nkeys) {
1295 int i;
1296
1297 for (i = 0; i < sel->nkeys; i++) {
1298 show_keys(f, sel->keys + i);
1299 if (show_stats && NULL != pf)
1300 fprintf(f, " (success %llu ) ",
1301 (unsigned long long) pf->kcnts[i]);
1302 }
1303 }
1304
1305 if (sel->flags & (TC_U32_VAROFFSET | TC_U32_OFFSET)) {
1306 fprintf(f, "\n offset ");
1307 if (sel->flags & TC_U32_VAROFFSET)
1308 fprintf(f, "%04x>>%d at %d ",
1309 ntohs(sel->offmask),
1310 sel->offshift, sel->offoff);
1311 if (sel->off)
1312 fprintf(f, "plus %d ", sel->off);
1313 }
1314 if (sel->flags & TC_U32_EAT)
1315 fprintf(f, " eat ");
1316
1317 if (sel->hmask) {
1318 fprintf(f, "\n hash mask %08x at %d ",
1319 (unsigned int)htonl(sel->hmask), sel->hoff);
1320 }
1321 }
1322
1323 if (tb[TCA_U32_POLICE]) {
1324 fprintf(f, "\n");
1325 tc_print_police(f, tb[TCA_U32_POLICE]);
1326 }
1327
1328 if (tb[TCA_U32_INDEV]) {
1329 struct rtattr *idev = tb[TCA_U32_INDEV];
1330
1331 fprintf(f, "\n input dev %s\n", rta_getattr_str(idev));
1332 }
1333
1334 if (tb[TCA_U32_ACT])
1335 tc_print_action(f, tb[TCA_U32_ACT]);
1336
1337 return 0;
1338 }
1339
1340 struct filter_util u32_filter_util = {
1341 .id = "u32",
1342 .parse_fopt = u32_parse_opt,
1343 .print_fopt = u32_print_opt,
1344 };
Upstream mirror of iproute2