2 * m_egress.c ingress/egress packet mirror/redir actions module
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: J Hadi Salim (hadi@cyberus.ca)
11 * TODO: Add Ingress support
20 #include <sys/socket.h>
21 #include <netinet/in.h>
22 #include <arpa/inet.h>
26 #include <linux/tc_act/tc_mirred.h>
33 fprintf(stderr
, "Usage: mirred <DIRECTION> <ACTION> [index INDEX] <dev DEVICENAME> \n");
34 fprintf(stderr
, "where: \n");
35 fprintf(stderr
, "DIRECTION := <ingress | egress>\n");
36 fprintf(stderr
, "aCTION := <mirror | redirect>\n");
37 fprintf(stderr
, " : INDEX is the specific policy instance id\n");
38 fprintf(stderr
, " : DEVICENAME is the devicename \n");
41 #define usage() return(-1)
43 char *mirred_n2a(int action
)
46 case TCA_EGRESS_REDIR
:
47 return "Egress Redirect";
48 case TCA_INGRESS_REDIR
:
49 return "Ingress Redirect";
50 case TCA_EGRESS_MIRROR
:
51 return "Egress Mirror";
52 case TCA_INGRESS_MIRROR
:
53 return "Ingress Mirror";
60 parse_egress(struct action_util
*a
, int *argc_p
, char ***argv_p
, int tca_id
, struct nlmsghdr
*n
)
64 char **argv
= *argv_p
;
65 int ok
= 0, iok
= 0, mirror
=0,redir
=0;
69 struct rtnl_handle rth
;
71 memset(d
,0,sizeof(d
)-1);
72 memset(&p
,0,sizeof(struct tc_mirred
));
76 if (matches(*argv
, "action") == 0) {
78 } else if (matches(*argv
, "egress") == 0) {
84 if (matches(*argv
, "index") == 0) {
86 if (get_u32(&p
.index
, *argv
, 10)) {
87 fprintf(stderr
, "Illegal \"index\"\n");
97 fprintf(stderr
, "was expecting egress (%s)\n", *argv
);
100 } else if (!mirror
&& matches(*argv
, "mirror") == 0) {
103 fprintf(stderr
, "Cant have both mirror and redir\n");
106 p
.eaction
= TCA_EGRESS_MIRROR
;
107 p
.action
= TC_ACT_PIPE
;
109 } else if (!redir
&& matches(*argv
, "redirect") == 0) {
112 fprintf(stderr
, "Cant have both mirror and redir\n");
115 p
.eaction
= TCA_EGRESS_REDIR
;
116 p
.action
= TC_ACT_STOLEN
;
118 } else if ((redir
|| mirror
) && matches(*argv
, "dev") == 0) {
121 duparg("dev", *argv
);
123 strncpy(d
, *argv
, sizeof(d
)-1);
144 if (rtnl_open(&rth
, 0) < 0) {
145 fprintf(stderr
, "Cannot open rtnetlink\n");
151 if ((idx
= ll_name_to_index(d
)) == 0) {
152 fprintf(stderr
, "Cannot find device \"%s\"\n", d
);
162 if (argc
&& p
.eaction
== TCA_EGRESS_MIRROR
) {
164 if (matches(*argv
, "reclassify") == 0) {
165 p
.action
= TC_POLICE_RECLASSIFY
;
167 } else if (matches(*argv
, "pipe") == 0) {
168 p
.action
= TC_POLICE_PIPE
;
170 } else if (matches(*argv
, "drop") == 0 ||
171 matches(*argv
, "shot") == 0) {
172 p
.action
= TC_POLICE_SHOT
;
174 } else if (matches(*argv
, "continue") == 0) {
175 p
.action
= TC_POLICE_UNSPEC
;
177 } else if (matches(*argv
, "pass") == 0) {
178 p
.action
= TC_POLICE_OK
;
185 if (iok
&& matches(*argv
, "index") == 0) {
186 fprintf(stderr
, "mirred: Illegal double index\n");
189 if (matches(*argv
, "index") == 0) {
191 if (get_u32(&p
.index
, *argv
, 10)) {
192 fprintf(stderr
, "mirred: Illegal \"index\"\n");
202 fprintf(stdout
, "Action %d device %s ifindex %d\n",p
.action
, d
,p
.ifindex
);
204 tail
= NLMSG_TAIL(n
);
205 addattr_l(n
, MAX_MSG
, tca_id
, NULL
, 0);
206 addattr_l(n
, MAX_MSG
, TCA_MIRRED_PARMS
, &p
, sizeof (p
));
207 tail
->rta_len
= (void *) NLMSG_TAIL(n
) - (void *) tail
;
216 parse_mirred(struct action_util
*a
, int *argc_p
, char ***argv_p
, int tca_id
, struct nlmsghdr
*n
)
220 char **argv
= *argv_p
;
223 fprintf(stderr
,"mirred bad arguement count %d\n", argc
);
227 if (matches(*argv
, "mirred") == 0) {
230 fprintf(stderr
,"mirred bad arguement %s\n", *argv
);
235 if (matches(*argv
, "egress") == 0 || matches(*argv
, "index") == 0) {
236 int ret
= parse_egress(a
, &argc
, &argv
, tca_id
, n
);
243 } else if (matches(*argv
, "ingress") == 0) {
244 fprintf(stderr
,"mirred ingress not supported at the moment\n");
247 fprintf(stderr
,"mirred not supported %s\n", *argv
);
255 print_mirred(struct action_util
*au
,FILE * f
, struct rtattr
*arg
)
258 struct rtattr
*tb
[TCA_MIRRED_MAX
+ 1];
259 struct rtnl_handle rth
;
266 parse_rtattr_nested(tb
, TCA_MIRRED_MAX
, arg
);
268 if (tb
[TCA_MIRRED_PARMS
] == NULL
) {
269 fprintf(f
, "[NULL mirred parameters]");
272 p
= RTA_DATA(tb
[TCA_MIRRED_PARMS
]);
274 if (rtnl_open(&rth
, 0) < 0) {
275 fprintf(stderr
, "Cannot open rtnetlink\n");
282 if ((dev
= ll_index_to_name(p
->ifindex
)) == 0) {
283 fprintf(stderr
, "Cannot find device %d\n", p
->ifindex
);
288 fprintf(f
, "mirred (%s to device %s) %s", mirred_n2a(p
->eaction
), dev
,action_n2a(p
->action
, b1
, sizeof (b1
)));
291 fprintf(f
, "\tindex %d ref %d bind %d",p
->index
,p
->refcnt
,p
->bindcnt
);
294 if (tb
[TCA_MIRRED_TM
]) {
295 struct tcf_t
*tm
= RTA_DATA(tb
[TCA_MIRRED_TM
]);
304 struct action_util mirred_util_util
= {
306 .parse_aopt
= parse_mirred
,
307 .print_aopt
= print_mirred
,