]> git.proxmox.com Git - mirror_frr.git/blob - isisd/isis_pfpacket.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
zebra, lib: fix the ZEBRA_INTERFACE_VRF_UPDATE zapi message
[mirror_frr.git] / isisd / isis_pfpacket.c
1 /*
2 * IS-IS Rout(e)ing protocol - isis_pfpacket.c
3 *
4 * Copyright (C) 2001,2002 Sampo Saaristo
5 * Tampere University of Technology
6 * Institute of Communications Engineering
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public Licenseas published by the Free
10 * Software Foundation; either version 2 of the License, or (at your option)
11 * any later version.
12 *
13 * This program is distributed in the hope that it will be useful,but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 * more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
22
23 #include <zebra.h>
24 #if ISIS_METHOD == ISIS_METHOD_PFPACKET
25 #include <net/ethernet.h> /* the L2 protocols */
26 #include <netpacket/packet.h>
27
28 #include <linux/filter.h>
29
30 #include "log.h"
31 #include "network.h"
32 #include "stream.h"
33 #include "if.h"
34 #include "lib_errors.h"
35
36 #include "isisd/dict.h"
37 #include "isisd/isis_constants.h"
38 #include "isisd/isis_common.h"
39 #include "isisd/isis_circuit.h"
40 #include "isisd/isis_flags.h"
41 #include "isisd/isisd.h"
42 #include "isisd/isis_constants.h"
43 #include "isisd/isis_circuit.h"
44 #include "isisd/isis_network.h"
45
46 #include "privs.h"
47
48 /* tcpdump -i eth0 'isis' -dd */
49 static struct sock_filter isisfilter[] = {
50 /* NB: we're in SOCK_DGRAM, so src/dst mac + length are stripped
51 * off!
52 * (OTOH it's a bit more lower-layer agnostic and might work
53 * over GRE?) */
54 /* { 0x28, 0, 0, 0x0000000c - 14 }, */
55 /* { 0x25, 5, 0, 0x000005dc }, */
56 {0x28, 0, 0, 0x0000000e - 14}, {0x15, 0, 3, 0x0000fefe},
57 {0x30, 0, 0, 0x00000011 - 14}, {0x15, 0, 1, 0x00000083},
58 {0x6, 0, 0, 0x00040000}, {0x6, 0, 0, 0x00000000},
59 };
60
61 static struct sock_fprog bpf = {
62 .len = array_size(isisfilter),
63 .filter = isisfilter,
64 };
65
66 /*
67 * Table 9 - Architectural constants for use with ISO 8802 subnetworks
68 * ISO 10589 - 8.4.8
69 */
70
71 uint8_t ALL_L1_ISS[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x14};
72 uint8_t ALL_L2_ISS[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x15};
73 uint8_t ALL_ISS[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x05};
74 uint8_t ALL_ESS[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x04};
75
76 static uint8_t discard_buff[8192];
77 static uint8_t sock_buff[8192];
78
79 /*
80 * if level is 0 we are joining p2p multicast
81 * FIXME: and the p2p multicast being ???
82 */
83 static int isis_multicast_join(int fd, int registerto, int if_num)
84 {
85 struct packet_mreq mreq;
86
87 memset(&mreq, 0, sizeof(mreq));
88 mreq.mr_ifindex = if_num;
89 if (registerto) {
90 mreq.mr_type = PACKET_MR_MULTICAST;
91 mreq.mr_alen = ETH_ALEN;
92 if (registerto == 1)
93 memcpy(&mreq.mr_address, ALL_L1_ISS, ETH_ALEN);
94 else if (registerto == 2)
95 memcpy(&mreq.mr_address, ALL_L2_ISS, ETH_ALEN);
96 else if (registerto == 3)
97 memcpy(&mreq.mr_address, ALL_ISS, ETH_ALEN);
98 else
99 memcpy(&mreq.mr_address, ALL_ESS, ETH_ALEN);
100
101 } else {
102 mreq.mr_type = PACKET_MR_ALLMULTI;
103 }
104 #ifdef EXTREME_DEBUG
105 zlog_debug(
106 "isis_multicast_join(): fd=%d, reg_to=%d, if_num=%d, "
107 "address = %02x:%02x:%02x:%02x:%02x:%02x",
108 fd, registerto, if_num, mreq.mr_address[0], mreq.mr_address[1],
109 mreq.mr_address[2], mreq.mr_address[3], mreq.mr_address[4],
110 mreq.mr_address[5]);
111 #endif /* EXTREME_DEBUG */
112 if (setsockopt(fd, SOL_PACKET, PACKET_ADD_MEMBERSHIP, &mreq,
113 sizeof(struct packet_mreq))) {
114 zlog_warn("isis_multicast_join(): setsockopt(): %s",
115 safe_strerror(errno));
116 return ISIS_WARNING;
117 }
118
119 return ISIS_OK;
120 }
121
122 static int open_packet_socket(struct isis_circuit *circuit)
123 {
124 struct sockaddr_ll s_addr;
125 int fd, retval = ISIS_OK;
126
127 fd = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL));
128 if (fd < 0) {
129 zlog_warn("open_packet_socket(): socket() failed %s",
130 safe_strerror(errno));
131 return ISIS_WARNING;
132 }
133
134 if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, &bpf, sizeof(bpf))) {
135 zlog_warn("open_packet_socket(): SO_ATTACH_FILTER failed: %s",
136 safe_strerror(errno));
137 }
138
139 /*
140 * Bind to the physical interface
141 */
142 memset(&s_addr, 0, sizeof(struct sockaddr_ll));
143 s_addr.sll_family = AF_PACKET;
144 s_addr.sll_protocol = htons(ETH_P_ALL);
145 s_addr.sll_ifindex = circuit->interface->ifindex;
146
147 if (bind(fd, (struct sockaddr *)(&s_addr), sizeof(struct sockaddr_ll))
148 < 0) {
149 zlog_warn("open_packet_socket(): bind() failed: %s",
150 safe_strerror(errno));
151 close(fd);
152 return ISIS_WARNING;
153 }
154
155 circuit->fd = fd;
156
157 if (if_is_broadcast(circuit->interface)) {
158 /*
159 * Join to multicast groups
160 * according to
161 * 8.4.2 - Broadcast subnetwork IIH PDUs
162 * FIXME: is there a case only one will fail??
163 */
164 /* joining ALL_L1_ISS */
165 retval |= isis_multicast_join(circuit->fd, 1,
166 circuit->interface->ifindex);
167 /* joining ALL_L2_ISS */
168 retval |= isis_multicast_join(circuit->fd, 2,
169 circuit->interface->ifindex);
170 /* joining ALL_ISS (used in RFC 5309 p2p-over-lan as well) */
171 retval |= isis_multicast_join(circuit->fd, 3,
172 circuit->interface->ifindex);
173 } else {
174 retval = isis_multicast_join(circuit->fd, 0,
175 circuit->interface->ifindex);
176 }
177
178 return retval;
179 }
180
181 /*
182 * Create the socket and set the tx/rx funcs
183 */
184 int isis_sock_init(struct isis_circuit *circuit)
185 {
186 int retval = ISIS_OK;
187
188 frr_elevate_privs(&isisd_privs) {
189
190 retval = open_packet_socket(circuit);
191
192 if (retval != ISIS_OK) {
193 zlog_warn("%s: could not initialize the socket",
194 __func__);
195 break;
196 }
197
198 /* Assign Rx and Tx callbacks are based on real if type */
199 if (if_is_broadcast(circuit->interface)) {
200 circuit->tx = isis_send_pdu_bcast;
201 circuit->rx = isis_recv_pdu_bcast;
202 } else if (if_is_pointopoint(circuit->interface)) {
203 circuit->tx = isis_send_pdu_p2p;
204 circuit->rx = isis_recv_pdu_p2p;
205 } else {
206 zlog_warn("isis_sock_init(): unknown circuit type");
207 retval = ISIS_WARNING;
208 break;
209 }
210 }
211
212 return retval;
213 }
214
215 static inline int llc_check(uint8_t *llc)
216 {
217 if (*llc != ISO_SAP || *(llc + 1) != ISO_SAP || *(llc + 2) != 3)
218 return 0;
219
220 return 1;
221 }
222
223 int isis_recv_pdu_bcast(struct isis_circuit *circuit, uint8_t *ssnpa)
224 {
225 int bytesread, addr_len;
226 struct sockaddr_ll s_addr;
227 uint8_t llc[LLC_LEN];
228
229 addr_len = sizeof(s_addr);
230
231 memset(&s_addr, 0, sizeof(struct sockaddr_ll));
232
233 bytesread =
234 recvfrom(circuit->fd, (void *)&llc, LLC_LEN, MSG_PEEK,
235 (struct sockaddr *)&s_addr, (socklen_t *)&addr_len);
236
237 if ((bytesread < 0)
238 || (s_addr.sll_ifindex != (int)circuit->interface->ifindex)) {
239 if (bytesread < 0) {
240 zlog_warn(
241 "isis_recv_packet_bcast(): ifname %s, fd %d, "
242 "bytesread %d, recvfrom(): %s",
243 circuit->interface->name, circuit->fd,
244 bytesread, safe_strerror(errno));
245 }
246 if (s_addr.sll_ifindex != (int)circuit->interface->ifindex) {
247 zlog_warn(
248 "packet is received on multiple interfaces: "
249 "socket interface %d, circuit interface %d, "
250 "packet type %u",
251 s_addr.sll_ifindex, circuit->interface->ifindex,
252 s_addr.sll_pkttype);
253 }
254
255 /* get rid of the packet */
256 bytesread = recvfrom(circuit->fd, discard_buff,
257 sizeof(discard_buff), MSG_DONTWAIT,
258 (struct sockaddr *)&s_addr,
259 (socklen_t *)&addr_len);
260
261 if (bytesread < 0)
262 zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed");
263
264 return ISIS_WARNING;
265 }
266 /*
267 * Filtering by llc field, discard packets sent by this host (other
268 * circuit)
269 */
270 if (!llc_check(llc) || s_addr.sll_pkttype == PACKET_OUTGOING) {
271 /* Read the packet into discard buff */
272 bytesread = recvfrom(circuit->fd, discard_buff,
273 sizeof(discard_buff), MSG_DONTWAIT,
274 (struct sockaddr *)&s_addr,
275 (socklen_t *)&addr_len);
276 if (bytesread < 0)
277 zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed");
278 return ISIS_WARNING;
279 }
280
281 /* on lan we have to read to the static buff first */
282 bytesread = recvfrom(circuit->fd, sock_buff, sizeof(sock_buff),
283 MSG_DONTWAIT, (struct sockaddr *)&s_addr,
284 (socklen_t *)&addr_len);
285 if (bytesread < 0) {
286 zlog_warn("isis_recv_pdu_bcast(): recvfrom() failed");
287 return ISIS_WARNING;
288 }
289
290 /* then we lose the LLC */
291 stream_write(circuit->rcv_stream, sock_buff + LLC_LEN,
292 bytesread - LLC_LEN);
293
294 memcpy(ssnpa, &s_addr.sll_addr, s_addr.sll_halen);
295
296 return ISIS_OK;
297 }
298
299 int isis_recv_pdu_p2p(struct isis_circuit *circuit, uint8_t *ssnpa)
300 {
301 int bytesread, addr_len;
302 struct sockaddr_ll s_addr;
303
304 memset(&s_addr, 0, sizeof(struct sockaddr_ll));
305 addr_len = sizeof(s_addr);
306
307 /* we can read directly to the stream */
308 (void)stream_recvfrom(
309 circuit->rcv_stream, circuit->fd, circuit->interface->mtu, 0,
310 (struct sockaddr *)&s_addr, (socklen_t *)&addr_len);
311
312 if (s_addr.sll_pkttype == PACKET_OUTGOING) {
313 /* Read the packet into discard buff */
314 bytesread = recvfrom(circuit->fd, discard_buff,
315 sizeof(discard_buff), MSG_DONTWAIT,
316 (struct sockaddr *)&s_addr,
317 (socklen_t *)&addr_len);
318 if (bytesread < 0)
319 zlog_warn("isis_recv_pdu_p2p(): recvfrom() failed");
320 return ISIS_WARNING;
321 }
322
323 /* If we don't have protocol type 0x00FE which is
324 * ISO over GRE we exit with pain :)
325 */
326 if (ntohs(s_addr.sll_protocol) != 0x00FE) {
327 zlog_warn("isis_recv_pdu_p2p(): protocol mismatch(): %X",
328 ntohs(s_addr.sll_protocol));
329 return ISIS_WARNING;
330 }
331
332 memcpy(ssnpa, &s_addr.sll_addr, s_addr.sll_halen);
333
334 return ISIS_OK;
335 }
336
337 int isis_send_pdu_bcast(struct isis_circuit *circuit, int level)
338 {
339 struct msghdr msg;
340 struct iovec iov[2];
341
342 /* we need to do the LLC in here because of P2P circuits, which will
343 * not need it
344 */
345 struct sockaddr_ll sa;
346
347 stream_set_getp(circuit->snd_stream, 0);
348 memset(&sa, 0, sizeof(struct sockaddr_ll));
349 sa.sll_family = AF_PACKET;
350
351 size_t frame_size = stream_get_endp(circuit->snd_stream) + LLC_LEN;
352 sa.sll_protocol = htons(isis_ethertype(frame_size));
353 sa.sll_ifindex = circuit->interface->ifindex;
354 sa.sll_halen = ETH_ALEN;
355 /* RFC5309 section 4.1 recommends ALL_ISS */
356 if (circuit->circ_type == CIRCUIT_T_P2P)
357 memcpy(&sa.sll_addr, ALL_ISS, ETH_ALEN);
358 else if (level == 1)
359 memcpy(&sa.sll_addr, ALL_L1_ISS, ETH_ALEN);
360 else
361 memcpy(&sa.sll_addr, ALL_L2_ISS, ETH_ALEN);
362
363 /* on a broadcast circuit */
364 /* first we put the LLC in */
365 sock_buff[0] = 0xFE;
366 sock_buff[1] = 0xFE;
367 sock_buff[2] = 0x03;
368
369 memset(&msg, 0, sizeof(msg));
370 msg.msg_name = &sa;
371 msg.msg_namelen = sizeof(struct sockaddr_ll);
372 msg.msg_iov = iov;
373 msg.msg_iovlen = 2;
374 iov[0].iov_base = sock_buff;
375 iov[0].iov_len = LLC_LEN;
376 iov[1].iov_base = circuit->snd_stream->data;
377 iov[1].iov_len = stream_get_endp(circuit->snd_stream);
378
379 if (sendmsg(circuit->fd, &msg, 0) < 0) {
380 zlog_warn("IS-IS pfpacket: could not transmit packet on %s: %s",
381 circuit->interface->name, safe_strerror(errno));
382 if (ERRNO_IO_RETRY(errno))
383 return ISIS_WARNING;
384 return ISIS_ERROR;
385 }
386 return ISIS_OK;
387 }
388
389 int isis_send_pdu_p2p(struct isis_circuit *circuit, int level)
390 {
391 struct sockaddr_ll sa;
392 ssize_t rv;
393
394 stream_set_getp(circuit->snd_stream, 0);
395 memset(&sa, 0, sizeof(struct sockaddr_ll));
396 sa.sll_family = AF_PACKET;
397 sa.sll_ifindex = circuit->interface->ifindex;
398 sa.sll_halen = ETH_ALEN;
399 if (level == 1)
400 memcpy(&sa.sll_addr, ALL_L1_ISS, ETH_ALEN);
401 else
402 memcpy(&sa.sll_addr, ALL_L2_ISS, ETH_ALEN);
403
404
405 /* lets try correcting the protocol */
406 sa.sll_protocol = htons(0x00FE);
407 rv = sendto(circuit->fd, circuit->snd_stream->data,
408 stream_get_endp(circuit->snd_stream), 0,
409 (struct sockaddr *)&sa, sizeof(struct sockaddr_ll));
410 if (rv < 0) {
411 zlog_warn("IS-IS pfpacket: could not transmit packet on %s: %s",
412 circuit->interface->name, safe_strerror(errno));
413 if (ERRNO_IO_RETRY(errno))
414 return ISIS_WARNING;
415 return ISIS_ERROR;
416 }
417 return ISIS_OK;
418 }
419
420 #endif /* ISIS_METHOD == ISIS_METHOD_PFPACKET */
FRRouting mirror