unsigned int tos, tosmask;
unsigned int pref, prefmask;
unsigned int fwmark, fwmask;
+ uint64_t tun_id;
char iif[IFNAMSIZ];
char oif[IFNAMSIZ];
struct fib_rule_uid_range range;
inet_prefix dst;
int protocol;
int protocolmask;
+ struct fib_rule_port_range sport;
+ struct fib_rule_port_range dport;
+ __u8 ipproto;
} filter;
static inline int frh_get_table(struct fib_rule_hdr *frh, struct rtattr **tb)
return false;
}
+ if (filter.ipproto) {
+ __u8 ipproto = 0;
+
+ if (tb[FRA_IP_PROTO])
+ ipproto = rta_getattr_u8(tb[FRA_IP_PROTO]);
+ if (filter.ipproto != ipproto)
+ return false;
+ }
+
+ if (filter.sport.start) {
+ const struct fib_rule_port_range *r;
+
+ if (!tb[FRA_SPORT_RANGE])
+ return false;
+
+ r = RTA_DATA(tb[FRA_SPORT_RANGE]);
+ if (r->start != filter.sport.start ||
+ r->end != filter.sport.end)
+ return false;
+ }
+
+ if (filter.dport.start) {
+ const struct fib_rule_port_range *r;
+
+ if (!tb[FRA_DPORT_RANGE])
+ return false;
+
+ r = RTA_DATA(tb[FRA_DPORT_RANGE]);
+ if (r->start != filter.dport.start ||
+ r->end != filter.dport.end)
+ return false;
+ }
+
+ if (filter.tun_id) {
+ __u64 tun_id = 0;
+
+ if (tb[FRA_TUN_ID]) {
+ tun_id = ntohll(rta_getattr_u64(tb[FRA_TUN_ID]));
+ if (filter.tun_id != tun_id)
+ return false;
+ } else {
+ return false;
+ }
+ }
+
table = frh_get_table(frh, tb);
if (filter.tb > 0 && filter.tb ^ table)
return false;
if (tb[FRA_FWMASK] &&
(mask = rta_getattr_u32(tb[FRA_FWMASK])) != 0xFFFFFFFF) {
- print_0xhex(PRINT_ANY, "fwmark", "fwmark 0x%x", mark);
- print_0xhex(PRINT_ANY, "fwmask", "/0x%x ", mask);
+ print_0xhex(PRINT_ANY, "fwmark", "fwmark %#llx", mark);
+ print_0xhex(PRINT_ANY, "fwmask", "/%#llx ", mask);
} else {
- print_0xhex(PRINT_ANY, "fwmark", "fwmark 0x%x ", mark);
+ print_0xhex(PRINT_ANY, "fwmark", "fwmark %#llx ", mark);
}
}
}
}
+ if (tb[FRA_TUN_ID]) {
+ __u64 tun_id = ntohll(rta_getattr_u64(tb[FRA_TUN_ID]));
+
+ print_u64(PRINT_ANY, "tun_id", "tun_id %llu ", tun_id);
+ }
+
table = frh_get_table(frh, tb);
if (table) {
print_string(PRINT_ANY, "table",
&filter.range.end) != 2)
invarg("invalid UID range\n", *argv);
+ } else if (matches(*argv, "tun_id") == 0) {
+ __u64 tun_id;
+
+ NEXT_ARG();
+ if (get_u64(&tun_id, *argv, 0))
+ invarg("\"tun_id\" value is invalid\n", *argv);
+ filter.tun_id = tun_id;
} else if (matches(*argv, "lookup") == 0 ||
matches(*argv, "table") == 0) {
__u32 tid;
filter.protocolmask = 0;
}
filter.protocol = prot;
+ } else if (strcmp(*argv, "ipproto") == 0) {
+ int ipproto;
+
+ NEXT_ARG();
+ ipproto = inet_proto_a2n(*argv);
+ if (ipproto < 0)
+ invarg("Invalid \"ipproto\" value\n", *argv);
+ filter.ipproto = ipproto;
+ } else if (strcmp(*argv, "sport") == 0) {
+ struct fib_rule_port_range r;
+ int ret;
+
+ NEXT_ARG();
+ ret = sscanf(*argv, "%hu-%hu", &r.start, &r.end);
+ if (ret == 1)
+ r.end = r.start;
+ else if (ret != 2)
+ invarg("invalid port range\n", *argv);
+ filter.sport = r;
+ } else if (strcmp(*argv, "dport") == 0) {
+ struct fib_rule_port_range r;
+ int ret;
+
+ NEXT_ARG();
+ ret = sscanf(*argv, "%hu-%hu", &r.start, &r.end);
+ if (ret == 1)
+ r.end = r.start;
+ else if (ret != 2)
+ invarg("invalid dport range\n", *argv);
+ filter.dport = r;
} else{
if (matches(*argv, "dst") == 0 ||
matches(*argv, "to") == 0) {
if (rtnl_rtprot_a2n(&proto, *argv))
invarg("\"protocol\" value is invalid\n", *argv);
addattr8(&req.n, sizeof(req), FRA_PROTOCOL, proto);
+ } else if (matches(*argv, "tun_id") == 0) {
+ __u64 tun_id;
+
+ NEXT_ARG();
+ if (get_be64(&tun_id, *argv, 0))
+ invarg("\"tun_id\" value is invalid\n", *argv);
+ addattr64(&req.n, sizeof(req), FRA_TUN_ID, tun_id);
} else if (matches(*argv, "table") == 0 ||
strcmp(*argv, "lookup") == 0) {
NEXT_ARG();