]> git.proxmox.com Git - mirror_iproute2.git/blob - tc/f_flower.c
projects / mirror_iproute2.git / blob
? search:


c563666702b50973703f37c0174bfae3f242fdf3
[mirror_iproute2.git] / tc / f_flower.c
1 /*
2 * f_flower.c Flower Classifier
3 *
4 * This program is free software; you can distribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Jiri Pirko <jiri@resnulli.us>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <string.h>
16 #include <net/if.h>
17 #include <linux/if_arp.h>
18 #include <linux/if_ether.h>
19 #include <linux/ip.h>
20 #include <linux/tc_act/tc_vlan.h>
21 #include <linux/mpls.h>
22
23 #include "utils.h"
24 #include "tc_util.h"
25 #include "rt_names.h"
26
27 enum flower_matching_flags {
28 FLOWER_IP_FLAGS,
29 };
30
31 enum flower_endpoint {
32 FLOWER_ENDPOINT_SRC,
33 FLOWER_ENDPOINT_DST
34 };
35
36 enum flower_icmp_field {
37 FLOWER_ICMP_FIELD_TYPE,
38 FLOWER_ICMP_FIELD_CODE
39 };
40
41 static void explain(void)
42 {
43 fprintf(stderr,
44 "Usage: ... flower [ MATCH-LIST ] [ verbose ]\n"
45 " [ skip_sw | skip_hw ]\n"
46 " [ action ACTION-SPEC ] [ classid CLASSID ]\n"
47 "\n"
48 "Where: MATCH-LIST := [ MATCH-LIST ] MATCH\n"
49 " MATCH := { indev DEV-NAME |\n"
50 " vlan_id VID |\n"
51 " vlan_prio PRIORITY |\n"
52 " vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
53 " cvlan_id VID |\n"
54 " cvlan_prio PRIORITY |\n"
55 " cvlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
56 " dst_mac MASKED-LLADDR |\n"
57 " src_mac MASKED-LLADDR |\n"
58 " ip_proto [tcp | udp | sctp | icmp | icmpv6 | IP-PROTO ] |\n"
59 " ip_tos MASKED-IP_TOS |\n"
60 " ip_ttl MASKED-IP_TTL |\n"
61 " mpls_label LABEL |\n"
62 " mpls_tc TC |\n"
63 " mpls_bos BOS |\n"
64 " mpls_ttl TTL |\n"
65 " dst_ip PREFIX |\n"
66 " src_ip PREFIX |\n"
67 " dst_port PORT-NUMBER |\n"
68 " src_port PORT-NUMBER |\n"
69 " tcp_flags MASKED-TCP_FLAGS |\n"
70 " type MASKED-ICMP-TYPE |\n"
71 " code MASKED-ICMP-CODE |\n"
72 " arp_tip IPV4-PREFIX |\n"
73 " arp_sip IPV4-PREFIX |\n"
74 " arp_op [ request | reply | OP ] |\n"
75 " arp_tha MASKED-LLADDR |\n"
76 " arp_sha MASKED-LLADDR |\n"
77 " enc_dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
78 " enc_src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
79 " enc_key_id [ KEY-ID ] |\n"
80 " enc_tos MASKED-IP_TOS |\n"
81 " enc_ttl MASKED-IP_TTL |\n"
82 " geneve_opts MASKED-OPTIONS |\n"
83 " ip_flags IP-FLAGS | \n"
84 " enc_dst_port [ port_number ] }\n"
85 " FILTERID := X:Y:Z\n"
86 " MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
87 " ACTION-SPEC := ... look at individual actions\n"
88 "\n"
89 "NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
90 "NOTE: There can be only used one mask per one prio. If user needs\n"
91 " to specify different mask, he has to use different prio.\n");
92 }
93
94 static int flower_parse_eth_addr(char *str, int addr_type, int mask_type,
95 struct nlmsghdr *n)
96 {
97 int ret, err = -1;
98 char addr[ETH_ALEN], *slash;
99
100 slash = strchr(str, '/');
101 if (slash)
102 *slash = '\0';
103
104 ret = ll_addr_a2n(addr, sizeof(addr), str);
105 if (ret < 0)
106 goto err;
107 addattr_l(n, MAX_MSG, addr_type, addr, sizeof(addr));
108
109 if (slash) {
110 unsigned bits;
111
112 if (!get_unsigned(&bits, slash + 1, 10)) {
113 uint64_t mask;
114
115 /* Extra 16 bit shift to push mac address into
116 * high bits of uint64_t
117 */
118 mask = htonll(0xffffffffffffULL << (16 + 48 - bits));
119 memcpy(addr, &mask, ETH_ALEN);
120 } else {
121 ret = ll_addr_a2n(addr, sizeof(addr), slash + 1);
122 if (ret < 0)
123 goto err;
124 }
125 } else {
126 memset(addr, 0xff, ETH_ALEN);
127 }
128 addattr_l(n, MAX_MSG, mask_type, addr, sizeof(addr));
129
130 err = 0;
131 err:
132 if (slash)
133 *slash = '/';
134 return err;
135 }
136
137 static bool eth_type_vlan(__be16 ethertype)
138 {
139 return ethertype == htons(ETH_P_8021Q) ||
140 ethertype == htons(ETH_P_8021AD);
141 }
142
143 static int flower_parse_vlan_eth_type(char *str, __be16 eth_type, int type,
144 __be16 *p_vlan_eth_type,
145 struct nlmsghdr *n)
146 {
147 __be16 vlan_eth_type;
148
149 if (!eth_type_vlan(eth_type)) {
150 fprintf(stderr, "Can't set \"%s\" if ethertype isn't 802.1Q or 802.1AD\n",
151 type == TCA_FLOWER_KEY_VLAN_ETH_TYPE ? "vlan_ethtype" : "cvlan_ethtype");
152 return -1;
153 }
154
155 if (ll_proto_a2n(&vlan_eth_type, str))
156 invarg("invalid vlan_ethtype", str);
157 addattr16(n, MAX_MSG, type, vlan_eth_type);
158 *p_vlan_eth_type = vlan_eth_type;
159 return 0;
160 }
161
162 struct flag_to_string {
163 int flag;
164 enum flower_matching_flags type;
165 char *string;
166 };
167
168 static struct flag_to_string flags_str[] = {
169 { TCA_FLOWER_KEY_FLAGS_IS_FRAGMENT, FLOWER_IP_FLAGS, "frag" },
170 { TCA_FLOWER_KEY_FLAGS_FRAG_IS_FIRST, FLOWER_IP_FLAGS, "firstfrag" },
171 };
172
173 static int flower_parse_matching_flags(char *str,
174 enum flower_matching_flags type,
175 __u32 *mtf, __u32 *mtf_mask)
176 {
177 char *token;
178 bool no;
179 bool found;
180 int i;
181
182 token = strtok(str, "/");
183
184 while (token) {
185 if (!strncmp(token, "no", 2)) {
186 no = true;
187 token += 2;
188 } else
189 no = false;
190
191 found = false;
192 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
193 if (type != flags_str[i].type)
194 continue;
195
196 if (!strcmp(token, flags_str[i].string)) {
197 if (no)
198 *mtf &= ~flags_str[i].flag;
199 else
200 *mtf |= flags_str[i].flag;
201
202 *mtf_mask |= flags_str[i].flag;
203 found = true;
204 break;
205 }
206 }
207 if (!found)
208 return -1;
209
210 token = strtok(NULL, "/");
211 }
212
213 return 0;
214 }
215
216 static int flower_parse_ip_proto(char *str, __be16 eth_type, int type,
217 __u8 *p_ip_proto, struct nlmsghdr *n)
218 {
219 int ret;
220 __u8 ip_proto;
221
222 if (eth_type != htons(ETH_P_IP) && eth_type != htons(ETH_P_IPV6))
223 goto err;
224
225 if (matches(str, "tcp") == 0) {
226 ip_proto = IPPROTO_TCP;
227 } else if (matches(str, "udp") == 0) {
228 ip_proto = IPPROTO_UDP;
229 } else if (matches(str, "sctp") == 0) {
230 ip_proto = IPPROTO_SCTP;
231 } else if (matches(str, "icmp") == 0) {
232 if (eth_type != htons(ETH_P_IP))
233 goto err;
234 ip_proto = IPPROTO_ICMP;
235 } else if (matches(str, "icmpv6") == 0) {
236 if (eth_type != htons(ETH_P_IPV6))
237 goto err;
238 ip_proto = IPPROTO_ICMPV6;
239 } else {
240 ret = get_u8(&ip_proto, str, 16);
241 if (ret)
242 return -1;
243 }
244 addattr8(n, MAX_MSG, type, ip_proto);
245 *p_ip_proto = ip_proto;
246 return 0;
247
248 err:
249 fprintf(stderr, "Illegal \"eth_type\" for ip proto\n");
250 return -1;
251 }
252
253 static int __flower_parse_ip_addr(char *str, int family,
254 int addr4_type, int mask4_type,
255 int addr6_type, int mask6_type,
256 struct nlmsghdr *n)
257 {
258 int ret;
259 inet_prefix addr;
260 int bits;
261 int i;
262
263 ret = get_prefix(&addr, str, family);
264 if (ret)
265 return -1;
266
267 if (family && (addr.family != family)) {
268 fprintf(stderr, "Illegal \"eth_type\" for ip address\n");
269 return -1;
270 }
271
272 addattr_l(n, MAX_MSG, addr.family == AF_INET ? addr4_type : addr6_type,
273 addr.data, addr.bytelen);
274
275 memset(addr.data, 0xff, addr.bytelen);
276 bits = addr.bitlen;
277 for (i = 0; i < addr.bytelen / 4; i++) {
278 if (!bits) {
279 addr.data[i] = 0;
280 } else if (bits / 32 >= 1) {
281 bits -= 32;
282 } else {
283 addr.data[i] <<= 32 - bits;
284 addr.data[i] = htonl(addr.data[i]);
285 bits = 0;
286 }
287 }
288
289 addattr_l(n, MAX_MSG, addr.family == AF_INET ? mask4_type : mask6_type,
290 addr.data, addr.bytelen);
291
292 return 0;
293 }
294
295 static int flower_parse_ip_addr(char *str, __be16 eth_type,
296 int addr4_type, int mask4_type,
297 int addr6_type, int mask6_type,
298 struct nlmsghdr *n)
299 {
300 int family;
301
302 if (eth_type == htons(ETH_P_IP)) {
303 family = AF_INET;
304 } else if (eth_type == htons(ETH_P_IPV6)) {
305 family = AF_INET6;
306 } else if (!eth_type) {
307 family = AF_UNSPEC;
308 } else {
309 return -1;
310 }
311
312 return __flower_parse_ip_addr(str, family, addr4_type, mask4_type,
313 addr6_type, mask6_type, n);
314 }
315
316 static bool flower_eth_type_arp(__be16 eth_type)
317 {
318 return eth_type == htons(ETH_P_ARP) || eth_type == htons(ETH_P_RARP);
319 }
320
321 static int flower_parse_arp_ip_addr(char *str, __be16 eth_type,
322 int addr_type, int mask_type,
323 struct nlmsghdr *n)
324 {
325 if (!flower_eth_type_arp(eth_type))
326 return -1;
327
328 return __flower_parse_ip_addr(str, AF_INET, addr_type, mask_type,
329 TCA_FLOWER_UNSPEC, TCA_FLOWER_UNSPEC, n);
330 }
331
332 static int flower_parse_u8(char *str, int value_type, int mask_type,
333 int (*value_from_name)(const char *str,
334 __u8 *value),
335 bool (*value_validate)(__u8 value),
336 struct nlmsghdr *n)
337 {
338 char *slash;
339 int ret, err = -1;
340 __u8 value, mask;
341
342 slash = strchr(str, '/');
343 if (slash)
344 *slash = '\0';
345
346 ret = value_from_name ? value_from_name(str, &value) : -1;
347 if (ret < 0) {
348 ret = get_u8(&value, str, 10);
349 if (ret)
350 goto err;
351 }
352
353 if (value_validate && !value_validate(value))
354 goto err;
355
356 if (slash) {
357 ret = get_u8(&mask, slash + 1, 10);
358 if (ret)
359 goto err;
360 }
361 else {
362 mask = UINT8_MAX;
363 }
364
365 addattr8(n, MAX_MSG, value_type, value);
366 addattr8(n, MAX_MSG, mask_type, mask);
367
368 err = 0;
369 err:
370 if (slash)
371 *slash = '/';
372 return err;
373 }
374
375 static const char *flower_print_arp_op_to_name(__u8 op)
376 {
377 switch (op) {
378 case ARPOP_REQUEST:
379 return "request";
380 case ARPOP_REPLY:
381 return "reply";
382 default:
383 return NULL;
384 }
385 }
386
387 static int flower_arp_op_from_name(const char *name, __u8 *op)
388 {
389 if (!strcmp(name, "request"))
390 *op = ARPOP_REQUEST;
391 else if (!strcmp(name, "reply"))
392 *op = ARPOP_REPLY;
393 else
394 return -1;
395
396 return 0;
397 }
398
399 static bool flow_arp_op_validate(__u8 op)
400 {
401 return !op || op == ARPOP_REQUEST || op == ARPOP_REPLY;
402 }
403
404 static int flower_parse_arp_op(char *str, __be16 eth_type,
405 int op_type, int mask_type,
406 struct nlmsghdr *n)
407 {
408 if (!flower_eth_type_arp(eth_type))
409 return -1;
410
411 return flower_parse_u8(str, op_type, mask_type, flower_arp_op_from_name,
412 flow_arp_op_validate, n);
413 }
414
415 static int flower_icmp_attr_type(__be16 eth_type, __u8 ip_proto,
416 enum flower_icmp_field field)
417 {
418 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
419 return field == FLOWER_ICMP_FIELD_CODE ?
420 TCA_FLOWER_KEY_ICMPV4_CODE :
421 TCA_FLOWER_KEY_ICMPV4_TYPE;
422 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
423 return field == FLOWER_ICMP_FIELD_CODE ?
424 TCA_FLOWER_KEY_ICMPV6_CODE :
425 TCA_FLOWER_KEY_ICMPV6_TYPE;
426
427 return -1;
428 }
429
430 static int flower_icmp_attr_mask_type(__be16 eth_type, __u8 ip_proto,
431 enum flower_icmp_field field)
432 {
433 if (eth_type == htons(ETH_P_IP) && ip_proto == IPPROTO_ICMP)
434 return field == FLOWER_ICMP_FIELD_CODE ?
435 TCA_FLOWER_KEY_ICMPV4_CODE_MASK :
436 TCA_FLOWER_KEY_ICMPV4_TYPE_MASK;
437 else if (eth_type == htons(ETH_P_IPV6) && ip_proto == IPPROTO_ICMPV6)
438 return field == FLOWER_ICMP_FIELD_CODE ?
439 TCA_FLOWER_KEY_ICMPV6_CODE_MASK :
440 TCA_FLOWER_KEY_ICMPV6_TYPE_MASK;
441
442 return -1;
443 }
444
445 static int flower_parse_icmp(char *str, __u16 eth_type, __u8 ip_proto,
446 enum flower_icmp_field field, struct nlmsghdr *n)
447 {
448 int value_type, mask_type;
449
450 value_type = flower_icmp_attr_type(eth_type, ip_proto, field);
451 mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto, field);
452 if (value_type < 0 || mask_type < 0)
453 return -1;
454
455 return flower_parse_u8(str, value_type, mask_type, NULL, NULL, n);
456 }
457
458 static int flower_port_attr_type(__u8 ip_proto, enum flower_endpoint endpoint)
459 {
460 if (ip_proto == IPPROTO_TCP)
461 return endpoint == FLOWER_ENDPOINT_SRC ?
462 TCA_FLOWER_KEY_TCP_SRC :
463 TCA_FLOWER_KEY_TCP_DST;
464 else if (ip_proto == IPPROTO_UDP)
465 return endpoint == FLOWER_ENDPOINT_SRC ?
466 TCA_FLOWER_KEY_UDP_SRC :
467 TCA_FLOWER_KEY_UDP_DST;
468 else if (ip_proto == IPPROTO_SCTP)
469 return endpoint == FLOWER_ENDPOINT_SRC ?
470 TCA_FLOWER_KEY_SCTP_SRC :
471 TCA_FLOWER_KEY_SCTP_DST;
472 else
473 return -1;
474 }
475
476 static int flower_port_range_attr_type(__u8 ip_proto, enum flower_endpoint type,
477 __be16 *min_port_type,
478 __be16 *max_port_type)
479 {
480 if (ip_proto == IPPROTO_TCP || ip_proto == IPPROTO_UDP ||
481 ip_proto == IPPROTO_SCTP) {
482 if (type == FLOWER_ENDPOINT_SRC) {
483 *min_port_type = TCA_FLOWER_KEY_PORT_SRC_MIN;
484 *max_port_type = TCA_FLOWER_KEY_PORT_SRC_MAX;
485 } else {
486 *min_port_type = TCA_FLOWER_KEY_PORT_DST_MIN;
487 *max_port_type = TCA_FLOWER_KEY_PORT_DST_MAX;
488 }
489 } else {
490 return -1;
491 }
492 return 0;
493 }
494
495 static int flower_parse_port(char *str, __u8 ip_proto,
496 enum flower_endpoint endpoint,
497 struct nlmsghdr *n)
498 {
499 __u16 min, max;
500 int ret;
501
502 ret = sscanf(str, "%hu-%hu", &min, &max);
503
504 if (ret == 1) {
505 int type;
506
507 type = flower_port_attr_type(ip_proto, endpoint);
508 if (type < 0)
509 return -1;
510 addattr16(n, MAX_MSG, type, htons(min));
511 } else if (ret == 2) {
512 __be16 min_port_type, max_port_type;
513
514 if (max <= min) {
515 fprintf(stderr, "max value should be greater than min value\n");
516 return -1;
517 }
518 if (flower_port_range_attr_type(ip_proto, endpoint,
519 &min_port_type, &max_port_type))
520 return -1;
521
522 addattr16(n, MAX_MSG, min_port_type, htons(min));
523 addattr16(n, MAX_MSG, max_port_type, htons(max));
524 } else {
525 return -1;
526 }
527 return 0;
528 }
529
530 #define TCP_FLAGS_MAX_MASK 0xfff
531
532 static int flower_parse_tcp_flags(char *str, int flags_type, int mask_type,
533 struct nlmsghdr *n)
534 {
535 char *slash;
536 int ret, err = -1;
537 __u16 flags;
538
539 slash = strchr(str, '/');
540 if (slash)
541 *slash = '\0';
542
543 ret = get_u16(&flags, str, 16);
544 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
545 goto err;
546
547 addattr16(n, MAX_MSG, flags_type, htons(flags));
548
549 if (slash) {
550 ret = get_u16(&flags, slash + 1, 16);
551 if (ret < 0 || flags & ~TCP_FLAGS_MAX_MASK)
552 goto err;
553 } else {
554 flags = TCP_FLAGS_MAX_MASK;
555 }
556 addattr16(n, MAX_MSG, mask_type, htons(flags));
557
558 err = 0;
559 err:
560 if (slash)
561 *slash = '/';
562 return err;
563 }
564
565 static int flower_parse_ip_tos_ttl(char *str, int key_type, int mask_type,
566 struct nlmsghdr *n)
567 {
568 char *slash;
569 int ret, err = -1;
570 __u8 tos_ttl;
571
572 slash = strchr(str, '/');
573 if (slash)
574 *slash = '\0';
575
576 ret = get_u8(&tos_ttl, str, 10);
577 if (ret < 0)
578 ret = get_u8(&tos_ttl, str, 16);
579 if (ret < 0)
580 goto err;
581
582 addattr8(n, MAX_MSG, key_type, tos_ttl);
583
584 if (slash) {
585 ret = get_u8(&tos_ttl, slash + 1, 16);
586 if (ret < 0)
587 goto err;
588 } else {
589 tos_ttl = 0xff;
590 }
591 addattr8(n, MAX_MSG, mask_type, tos_ttl);
592
593 err = 0;
594 err:
595 if (slash)
596 *slash = '/';
597 return err;
598 }
599
600 static int flower_parse_key_id(const char *str, int type, struct nlmsghdr *n)
601 {
602 int ret;
603 __be32 key_id;
604
605 ret = get_be32(&key_id, str, 10);
606 if (!ret)
607 addattr32(n, MAX_MSG, type, key_id);
608
609 return ret;
610 }
611
612 static int flower_parse_enc_port(char *str, int type, struct nlmsghdr *n)
613 {
614 int ret;
615 __be16 port;
616
617 ret = get_be16(&port, str, 10);
618 if (ret)
619 return -1;
620
621 addattr16(n, MAX_MSG, type, port);
622
623 return 0;
624 }
625
626 static int flower_parse_geneve_opts(char *str, struct nlmsghdr *n)
627 {
628 struct rtattr *nest;
629 char *token;
630 int i, err;
631
632 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_GENEVE);
633
634 i = 1;
635 token = strsep(&str, ":");
636 while (token) {
637 switch (i) {
638 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS:
639 {
640 __be16 opt_class;
641
642 if (!strlen(token))
643 break;
644 err = get_be16(&opt_class, token, 16);
645 if (err)
646 return err;
647
648 addattr16(n, MAX_MSG, i, opt_class);
649 break;
650 }
651 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE:
652 {
653 __u8 opt_type;
654
655 if (!strlen(token))
656 break;
657 err = get_u8(&opt_type, token, 16);
658 if (err)
659 return err;
660
661 addattr8(n, MAX_MSG, i, opt_type);
662 break;
663 }
664 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA:
665 {
666 size_t token_len = strlen(token);
667 __u8 *opts;
668
669 if (!token_len)
670 break;
671 opts = malloc(token_len / 2);
672 if (!opts)
673 return -1;
674 if (hex2mem(token, opts, token_len / 2) < 0) {
675 free(opts);
676 return -1;
677 }
678 addattr_l(n, MAX_MSG, i, opts, token_len / 2);
679 free(opts);
680
681 break;
682 }
683 default:
684 fprintf(stderr, "Unknown \"geneve_opts\" type\n");
685 return -1;
686 }
687
688 token = strsep(&str, ":");
689 i++;
690 }
691 addattr_nest_end(n, nest);
692
693 return 0;
694 }
695
696 static int flower_parse_enc_opt_part(char *str, struct nlmsghdr *n)
697 {
698 char *token;
699 int err;
700
701 token = strsep(&str, ",");
702 while (token) {
703 err = flower_parse_geneve_opts(token, n);
704 if (err)
705 return err;
706
707 token = strsep(&str, ",");
708 }
709
710 return 0;
711 }
712
713 static int flower_check_enc_opt_key(char *key)
714 {
715 int key_len, col_cnt = 0;
716
717 key_len = strlen(key);
718 while ((key = strchr(key, ':'))) {
719 if (strlen(key) == key_len)
720 return -1;
721
722 key_len = strlen(key) - 1;
723 col_cnt++;
724 key++;
725 }
726
727 if (col_cnt != 2 || !key_len)
728 return -1;
729
730 return 0;
731 }
732
733 static int flower_parse_enc_opts(char *str, struct nlmsghdr *n)
734 {
735 char key[XATTR_SIZE_MAX], mask[XATTR_SIZE_MAX];
736 int data_len, key_len, mask_len, err;
737 char *token, *slash;
738 struct rtattr *nest;
739
740 key_len = 0;
741 mask_len = 0;
742 token = strsep(&str, ",");
743 while (token) {
744 slash = strchr(token, '/');
745 if (slash)
746 *slash = '\0';
747
748 if ((key_len + strlen(token) > XATTR_SIZE_MAX) ||
749 flower_check_enc_opt_key(token))
750 return -1;
751
752 strcpy(&key[key_len], token);
753 key_len += strlen(token) + 1;
754 key[key_len - 1] = ',';
755
756 if (!slash) {
757 /* Pad out mask when not provided */
758 if (mask_len + strlen(token) > XATTR_SIZE_MAX)
759 return -1;
760
761 data_len = strlen(rindex(token, ':'));
762 sprintf(&mask[mask_len], "ffff:ff:");
763 mask_len += 8;
764 memset(&mask[mask_len], 'f', data_len - 1);
765 mask_len += data_len;
766 mask[mask_len - 1] = ',';
767 token = strsep(&str, ",");
768 continue;
769 }
770
771 if (mask_len + strlen(slash + 1) > XATTR_SIZE_MAX)
772 return -1;
773
774 strcpy(&mask[mask_len], slash + 1);
775 mask_len += strlen(slash + 1) + 1;
776 mask[mask_len - 1] = ',';
777
778 *slash = '/';
779 token = strsep(&str, ",");
780 }
781 key[key_len - 1] = '\0';
782 mask[mask_len - 1] = '\0';
783
784 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS);
785 err = flower_parse_enc_opt_part(key, n);
786 if (err)
787 return err;
788 addattr_nest_end(n, nest);
789
790 nest = addattr_nest(n, MAX_MSG, TCA_FLOWER_KEY_ENC_OPTS_MASK);
791 err = flower_parse_enc_opt_part(mask, n);
792 if (err)
793 return err;
794 addattr_nest_end(n, nest);
795
796 return 0;
797 }
798
799 static int flower_parse_opt(struct filter_util *qu, char *handle,
800 int argc, char **argv, struct nlmsghdr *n)
801 {
802 int ret;
803 struct tcmsg *t = NLMSG_DATA(n);
804 struct rtattr *tail;
805 __be16 eth_type = TC_H_MIN(t->tcm_info);
806 __be16 vlan_ethtype = 0;
807 __be16 cvlan_ethtype = 0;
808 __u8 ip_proto = 0xff;
809 __u32 flags = 0;
810 __u32 mtf = 0;
811 __u32 mtf_mask = 0;
812
813 if (handle) {
814 ret = get_u32(&t->tcm_handle, handle, 0);
815 if (ret) {
816 fprintf(stderr, "Illegal \"handle\"\n");
817 return -1;
818 }
819 }
820
821 tail = (struct rtattr *) (((void *) n) + NLMSG_ALIGN(n->nlmsg_len));
822 addattr_l(n, MAX_MSG, TCA_OPTIONS, NULL, 0);
823
824 if (argc == 0) {
825 /*at minimal we will match all ethertype packets */
826 goto parse_done;
827 }
828
829 while (argc > 0) {
830 if (matches(*argv, "classid") == 0 ||
831 matches(*argv, "flowid") == 0) {
832 unsigned int handle;
833
834 NEXT_ARG();
835 ret = get_tc_classid(&handle, *argv);
836 if (ret) {
837 fprintf(stderr, "Illegal \"classid\"\n");
838 return -1;
839 }
840 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle, 4);
841 } else if (matches(*argv, "hw_tc") == 0) {
842 unsigned int handle;
843 __u32 tc;
844 char *end;
845
846 NEXT_ARG();
847 tc = strtoul(*argv, &end, 0);
848 if (*end) {
849 fprintf(stderr, "Illegal TC index\n");
850 return -1;
851 }
852 if (tc >= TC_QOPT_MAX_QUEUE) {
853 fprintf(stderr, "TC index exceeds max range\n");
854 return -1;
855 }
856 handle = TC_H_MAKE(TC_H_MAJ(t->tcm_parent),
857 TC_H_MIN(tc + TC_H_MIN_PRIORITY));
858 addattr_l(n, MAX_MSG, TCA_FLOWER_CLASSID, &handle,
859 sizeof(handle));
860 } else if (matches(*argv, "ip_flags") == 0) {
861 NEXT_ARG();
862 ret = flower_parse_matching_flags(*argv,
863 FLOWER_IP_FLAGS,
864 &mtf,
865 &mtf_mask);
866 if (ret < 0) {
867 fprintf(stderr, "Illegal \"ip_flags\"\n");
868 return -1;
869 }
870 } else if (matches(*argv, "verbose") == 0) {
871 flags |= TCA_CLS_FLAGS_VERBOSE;
872 } else if (matches(*argv, "skip_hw") == 0) {
873 flags |= TCA_CLS_FLAGS_SKIP_HW;
874 } else if (matches(*argv, "skip_sw") == 0) {
875 flags |= TCA_CLS_FLAGS_SKIP_SW;
876 } else if (matches(*argv, "indev") == 0) {
877 NEXT_ARG();
878 if (check_ifname(*argv))
879 invarg("\"indev\" not a valid ifname", *argv);
880 addattrstrz(n, MAX_MSG, TCA_FLOWER_INDEV, *argv);
881 } else if (matches(*argv, "vlan_id") == 0) {
882 __u16 vid;
883
884 NEXT_ARG();
885 if (!eth_type_vlan(eth_type)) {
886 fprintf(stderr, "Can't set \"vlan_id\" if ethertype isn't 802.1Q or 802.1AD\n");
887 return -1;
888 }
889 ret = get_u16(&vid, *argv, 10);
890 if (ret < 0 || vid & ~0xfff) {
891 fprintf(stderr, "Illegal \"vlan_id\"\n");
892 return -1;
893 }
894 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_VLAN_ID, vid);
895 } else if (matches(*argv, "vlan_prio") == 0) {
896 __u8 vlan_prio;
897
898 NEXT_ARG();
899 if (!eth_type_vlan(eth_type)) {
900 fprintf(stderr, "Can't set \"vlan_prio\" if ethertype isn't 802.1Q or 802.1AD\n");
901 return -1;
902 }
903 ret = get_u8(&vlan_prio, *argv, 10);
904 if (ret < 0 || vlan_prio & ~0x7) {
905 fprintf(stderr, "Illegal \"vlan_prio\"\n");
906 return -1;
907 }
908 addattr8(n, MAX_MSG,
909 TCA_FLOWER_KEY_VLAN_PRIO, vlan_prio);
910 } else if (matches(*argv, "vlan_ethtype") == 0) {
911 NEXT_ARG();
912 ret = flower_parse_vlan_eth_type(*argv, eth_type,
913 TCA_FLOWER_KEY_VLAN_ETH_TYPE,
914 &vlan_ethtype, n);
915 if (ret < 0)
916 return -1;
917 } else if (matches(*argv, "cvlan_id") == 0) {
918 __u16 vid;
919
920 NEXT_ARG();
921 if (!eth_type_vlan(vlan_ethtype)) {
922 fprintf(stderr, "Can't set \"cvlan_id\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
923 return -1;
924 }
925 ret = get_u16(&vid, *argv, 10);
926 if (ret < 0 || vid & ~0xfff) {
927 fprintf(stderr, "Illegal \"cvlan_id\"\n");
928 return -1;
929 }
930 addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CVLAN_ID, vid);
931 } else if (matches(*argv, "cvlan_prio") == 0) {
932 __u8 cvlan_prio;
933
934 NEXT_ARG();
935 if (!eth_type_vlan(vlan_ethtype)) {
936 fprintf(stderr, "Can't set \"cvlan_prio\" if inner vlan ethertype isn't 802.1Q or 802.1AD\n");
937 return -1;
938 }
939 ret = get_u8(&cvlan_prio, *argv, 10);
940 if (ret < 0 || cvlan_prio & ~0x7) {
941 fprintf(stderr, "Illegal \"cvlan_prio\"\n");
942 return -1;
943 }
944 addattr8(n, MAX_MSG,
945 TCA_FLOWER_KEY_CVLAN_PRIO, cvlan_prio);
946 } else if (matches(*argv, "cvlan_ethtype") == 0) {
947 NEXT_ARG();
948 ret = flower_parse_vlan_eth_type(*argv, vlan_ethtype,
949 TCA_FLOWER_KEY_CVLAN_ETH_TYPE,
950 &cvlan_ethtype, n);
951 if (ret < 0)
952 return -1;
953 } else if (matches(*argv, "mpls_label") == 0) {
954 __u32 label;
955
956 NEXT_ARG();
957 if (eth_type != htons(ETH_P_MPLS_UC) &&
958 eth_type != htons(ETH_P_MPLS_MC)) {
959 fprintf(stderr,
960 "Can't set \"mpls_label\" if ethertype isn't MPLS\n");
961 return -1;
962 }
963 ret = get_u32(&label, *argv, 10);
964 if (ret < 0 || label & ~(MPLS_LS_LABEL_MASK >> MPLS_LS_LABEL_SHIFT)) {
965 fprintf(stderr, "Illegal \"mpls_label\"\n");
966 return -1;
967 }
968 addattr32(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_LABEL, label);
969 } else if (matches(*argv, "mpls_tc") == 0) {
970 __u8 tc;
971
972 NEXT_ARG();
973 if (eth_type != htons(ETH_P_MPLS_UC) &&
974 eth_type != htons(ETH_P_MPLS_MC)) {
975 fprintf(stderr,
976 "Can't set \"mpls_tc\" if ethertype isn't MPLS\n");
977 return -1;
978 }
979 ret = get_u8(&tc, *argv, 10);
980 if (ret < 0 || tc & ~(MPLS_LS_TC_MASK >> MPLS_LS_TC_SHIFT)) {
981 fprintf(stderr, "Illegal \"mpls_tc\"\n");
982 return -1;
983 }
984 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TC, tc);
985 } else if (matches(*argv, "mpls_bos") == 0) {
986 __u8 bos;
987
988 NEXT_ARG();
989 if (eth_type != htons(ETH_P_MPLS_UC) &&
990 eth_type != htons(ETH_P_MPLS_MC)) {
991 fprintf(stderr,
992 "Can't set \"mpls_bos\" if ethertype isn't MPLS\n");
993 return -1;
994 }
995 ret = get_u8(&bos, *argv, 10);
996 if (ret < 0 || bos & ~(MPLS_LS_S_MASK >> MPLS_LS_S_SHIFT)) {
997 fprintf(stderr, "Illegal \"mpls_bos\"\n");
998 return -1;
999 }
1000 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_BOS, bos);
1001 } else if (matches(*argv, "mpls_ttl") == 0) {
1002 __u8 ttl;
1003
1004 NEXT_ARG();
1005 if (eth_type != htons(ETH_P_MPLS_UC) &&
1006 eth_type != htons(ETH_P_MPLS_MC)) {
1007 fprintf(stderr,
1008 "Can't set \"mpls_ttl\" if ethertype isn't MPLS\n");
1009 return -1;
1010 }
1011 ret = get_u8(&ttl, *argv, 10);
1012 if (ret < 0 || ttl & ~(MPLS_LS_TTL_MASK >> MPLS_LS_TTL_SHIFT)) {
1013 fprintf(stderr, "Illegal \"mpls_ttl\"\n");
1014 return -1;
1015 }
1016 addattr8(n, MAX_MSG, TCA_FLOWER_KEY_MPLS_TTL, ttl);
1017 } else if (matches(*argv, "dst_mac") == 0) {
1018 NEXT_ARG();
1019 ret = flower_parse_eth_addr(*argv,
1020 TCA_FLOWER_KEY_ETH_DST,
1021 TCA_FLOWER_KEY_ETH_DST_MASK,
1022 n);
1023 if (ret < 0) {
1024 fprintf(stderr, "Illegal \"dst_mac\"\n");
1025 return -1;
1026 }
1027 } else if (matches(*argv, "src_mac") == 0) {
1028 NEXT_ARG();
1029 ret = flower_parse_eth_addr(*argv,
1030 TCA_FLOWER_KEY_ETH_SRC,
1031 TCA_FLOWER_KEY_ETH_SRC_MASK,
1032 n);
1033 if (ret < 0) {
1034 fprintf(stderr, "Illegal \"src_mac\"\n");
1035 return -1;
1036 }
1037 } else if (matches(*argv, "ip_proto") == 0) {
1038 NEXT_ARG();
1039 ret = flower_parse_ip_proto(*argv, cvlan_ethtype ?
1040 cvlan_ethtype : vlan_ethtype ?
1041 vlan_ethtype : eth_type,
1042 TCA_FLOWER_KEY_IP_PROTO,
1043 &ip_proto, n);
1044 if (ret < 0) {
1045 fprintf(stderr, "Illegal \"ip_proto\"\n");
1046 return -1;
1047 }
1048 } else if (matches(*argv, "ip_tos") == 0) {
1049 NEXT_ARG();
1050 ret = flower_parse_ip_tos_ttl(*argv,
1051 TCA_FLOWER_KEY_IP_TOS,
1052 TCA_FLOWER_KEY_IP_TOS_MASK,
1053 n);
1054 if (ret < 0) {
1055 fprintf(stderr, "Illegal \"ip_tos\"\n");
1056 return -1;
1057 }
1058 } else if (matches(*argv, "ip_ttl") == 0) {
1059 NEXT_ARG();
1060 ret = flower_parse_ip_tos_ttl(*argv,
1061 TCA_FLOWER_KEY_IP_TTL,
1062 TCA_FLOWER_KEY_IP_TTL_MASK,
1063 n);
1064 if (ret < 0) {
1065 fprintf(stderr, "Illegal \"ip_ttl\"\n");
1066 return -1;
1067 }
1068 } else if (matches(*argv, "dst_ip") == 0) {
1069 NEXT_ARG();
1070 ret = flower_parse_ip_addr(*argv, cvlan_ethtype ?
1071 cvlan_ethtype : vlan_ethtype ?
1072 vlan_ethtype : eth_type,
1073 TCA_FLOWER_KEY_IPV4_DST,
1074 TCA_FLOWER_KEY_IPV4_DST_MASK,
1075 TCA_FLOWER_KEY_IPV6_DST,
1076 TCA_FLOWER_KEY_IPV6_DST_MASK,
1077 n);
1078 if (ret < 0) {
1079 fprintf(stderr, "Illegal \"dst_ip\"\n");
1080 return -1;
1081 }
1082 } else if (matches(*argv, "src_ip") == 0) {
1083 NEXT_ARG();
1084 ret = flower_parse_ip_addr(*argv, cvlan_ethtype ?
1085 cvlan_ethtype : vlan_ethtype ?
1086 vlan_ethtype : eth_type,
1087 TCA_FLOWER_KEY_IPV4_SRC,
1088 TCA_FLOWER_KEY_IPV4_SRC_MASK,
1089 TCA_FLOWER_KEY_IPV6_SRC,
1090 TCA_FLOWER_KEY_IPV6_SRC_MASK,
1091 n);
1092 if (ret < 0) {
1093 fprintf(stderr, "Illegal \"src_ip\"\n");
1094 return -1;
1095 }
1096 } else if (matches(*argv, "dst_port") == 0) {
1097 NEXT_ARG();
1098 ret = flower_parse_port(*argv, ip_proto,
1099 FLOWER_ENDPOINT_DST, n);
1100 if (ret < 0) {
1101 fprintf(stderr, "Illegal \"dst_port\"\n");
1102 return -1;
1103 }
1104 } else if (matches(*argv, "src_port") == 0) {
1105 NEXT_ARG();
1106 ret = flower_parse_port(*argv, ip_proto,
1107 FLOWER_ENDPOINT_SRC, n);
1108 if (ret < 0) {
1109 fprintf(stderr, "Illegal \"src_port\"\n");
1110 return -1;
1111 }
1112 } else if (matches(*argv, "tcp_flags") == 0) {
1113 NEXT_ARG();
1114 ret = flower_parse_tcp_flags(*argv,
1115 TCA_FLOWER_KEY_TCP_FLAGS,
1116 TCA_FLOWER_KEY_TCP_FLAGS_MASK,
1117 n);
1118 if (ret < 0) {
1119 fprintf(stderr, "Illegal \"tcp_flags\"\n");
1120 return -1;
1121 }
1122 } else if (matches(*argv, "type") == 0) {
1123 NEXT_ARG();
1124 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1125 FLOWER_ICMP_FIELD_TYPE, n);
1126 if (ret < 0) {
1127 fprintf(stderr, "Illegal \"icmp type\"\n");
1128 return -1;
1129 }
1130 } else if (matches(*argv, "code") == 0) {
1131 NEXT_ARG();
1132 ret = flower_parse_icmp(*argv, eth_type, ip_proto,
1133 FLOWER_ICMP_FIELD_CODE, n);
1134 if (ret < 0) {
1135 fprintf(stderr, "Illegal \"icmp code\"\n");
1136 return -1;
1137 }
1138 } else if (matches(*argv, "arp_tip") == 0) {
1139 NEXT_ARG();
1140 ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
1141 vlan_ethtype : eth_type,
1142 TCA_FLOWER_KEY_ARP_TIP,
1143 TCA_FLOWER_KEY_ARP_TIP_MASK,
1144 n);
1145 if (ret < 0) {
1146 fprintf(stderr, "Illegal \"arp_tip\"\n");
1147 return -1;
1148 }
1149 } else if (matches(*argv, "arp_sip") == 0) {
1150 NEXT_ARG();
1151 ret = flower_parse_arp_ip_addr(*argv, vlan_ethtype ?
1152 vlan_ethtype : eth_type,
1153 TCA_FLOWER_KEY_ARP_SIP,
1154 TCA_FLOWER_KEY_ARP_SIP_MASK,
1155 n);
1156 if (ret < 0) {
1157 fprintf(stderr, "Illegal \"arp_sip\"\n");
1158 return -1;
1159 }
1160 } else if (matches(*argv, "arp_op") == 0) {
1161 NEXT_ARG();
1162 ret = flower_parse_arp_op(*argv, vlan_ethtype ?
1163 vlan_ethtype : eth_type,
1164 TCA_FLOWER_KEY_ARP_OP,
1165 TCA_FLOWER_KEY_ARP_OP_MASK,
1166 n);
1167 if (ret < 0) {
1168 fprintf(stderr, "Illegal \"arp_op\"\n");
1169 return -1;
1170 }
1171 } else if (matches(*argv, "arp_tha") == 0) {
1172 NEXT_ARG();
1173 ret = flower_parse_eth_addr(*argv,
1174 TCA_FLOWER_KEY_ARP_THA,
1175 TCA_FLOWER_KEY_ARP_THA_MASK,
1176 n);
1177 if (ret < 0) {
1178 fprintf(stderr, "Illegal \"arp_tha\"\n");
1179 return -1;
1180 }
1181 } else if (matches(*argv, "arp_sha") == 0) {
1182 NEXT_ARG();
1183 ret = flower_parse_eth_addr(*argv,
1184 TCA_FLOWER_KEY_ARP_SHA,
1185 TCA_FLOWER_KEY_ARP_SHA_MASK,
1186 n);
1187 if (ret < 0) {
1188 fprintf(stderr, "Illegal \"arp_sha\"\n");
1189 return -1;
1190 }
1191 } else if (matches(*argv, "enc_dst_ip") == 0) {
1192 NEXT_ARG();
1193 ret = flower_parse_ip_addr(*argv, 0,
1194 TCA_FLOWER_KEY_ENC_IPV4_DST,
1195 TCA_FLOWER_KEY_ENC_IPV4_DST_MASK,
1196 TCA_FLOWER_KEY_ENC_IPV6_DST,
1197 TCA_FLOWER_KEY_ENC_IPV6_DST_MASK,
1198 n);
1199 if (ret < 0) {
1200 fprintf(stderr, "Illegal \"enc_dst_ip\"\n");
1201 return -1;
1202 }
1203 } else if (matches(*argv, "enc_src_ip") == 0) {
1204 NEXT_ARG();
1205 ret = flower_parse_ip_addr(*argv, 0,
1206 TCA_FLOWER_KEY_ENC_IPV4_SRC,
1207 TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK,
1208 TCA_FLOWER_KEY_ENC_IPV6_SRC,
1209 TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK,
1210 n);
1211 if (ret < 0) {
1212 fprintf(stderr, "Illegal \"enc_src_ip\"\n");
1213 return -1;
1214 }
1215 } else if (matches(*argv, "enc_key_id") == 0) {
1216 NEXT_ARG();
1217 ret = flower_parse_key_id(*argv,
1218 TCA_FLOWER_KEY_ENC_KEY_ID, n);
1219 if (ret < 0) {
1220 fprintf(stderr, "Illegal \"enc_key_id\"\n");
1221 return -1;
1222 }
1223 } else if (matches(*argv, "enc_dst_port") == 0) {
1224 NEXT_ARG();
1225 ret = flower_parse_enc_port(*argv,
1226 TCA_FLOWER_KEY_ENC_UDP_DST_PORT, n);
1227 if (ret < 0) {
1228 fprintf(stderr, "Illegal \"enc_dst_port\"\n");
1229 return -1;
1230 }
1231 } else if (matches(*argv, "enc_tos") == 0) {
1232 NEXT_ARG();
1233 ret = flower_parse_ip_tos_ttl(*argv,
1234 TCA_FLOWER_KEY_ENC_IP_TOS,
1235 TCA_FLOWER_KEY_ENC_IP_TOS_MASK,
1236 n);
1237 if (ret < 0) {
1238 fprintf(stderr, "Illegal \"enc_tos\"\n");
1239 return -1;
1240 }
1241 } else if (matches(*argv, "enc_ttl") == 0) {
1242 NEXT_ARG();
1243 ret = flower_parse_ip_tos_ttl(*argv,
1244 TCA_FLOWER_KEY_ENC_IP_TTL,
1245 TCA_FLOWER_KEY_ENC_IP_TTL_MASK,
1246 n);
1247 if (ret < 0) {
1248 fprintf(stderr, "Illegal \"enc_ttl\"\n");
1249 return -1;
1250 }
1251 } else if (matches(*argv, "geneve_opts") == 0) {
1252 NEXT_ARG();
1253 ret = flower_parse_enc_opts(*argv, n);
1254 if (ret < 0) {
1255 fprintf(stderr, "Illegal \"geneve_opts\"\n");
1256 return -1;
1257 }
1258 } else if (matches(*argv, "action") == 0) {
1259 NEXT_ARG();
1260 ret = parse_action(&argc, &argv, TCA_FLOWER_ACT, n);
1261 if (ret) {
1262 fprintf(stderr, "Illegal \"action\"\n");
1263 return -1;
1264 }
1265 continue;
1266 } else if (strcmp(*argv, "help") == 0) {
1267 explain();
1268 return -1;
1269 } else {
1270 fprintf(stderr, "What is \"%s\"?\n", *argv);
1271 explain();
1272 return -1;
1273 }
1274 argc--; argv++;
1275 }
1276
1277 parse_done:
1278 ret = addattr32(n, MAX_MSG, TCA_FLOWER_FLAGS, flags);
1279 if (ret)
1280 return ret;
1281
1282 if (mtf_mask) {
1283 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS, htonl(mtf));
1284 if (ret)
1285 return ret;
1286
1287 ret = addattr32(n, MAX_MSG, TCA_FLOWER_KEY_FLAGS_MASK, htonl(mtf_mask));
1288 if (ret)
1289 return ret;
1290 }
1291
1292 if (eth_type != htons(ETH_P_ALL)) {
1293 ret = addattr16(n, MAX_MSG, TCA_FLOWER_KEY_ETH_TYPE, eth_type);
1294 if (ret)
1295 return ret;
1296 }
1297
1298 tail->rta_len = (((void *)n)+n->nlmsg_len) - (void *)tail;
1299
1300 return 0;
1301 }
1302
1303 static int __mask_bits(char *addr, size_t len)
1304 {
1305 int bits = 0;
1306 bool hole = false;
1307 int i;
1308 int j;
1309
1310 for (i = 0; i < len; i++, addr++) {
1311 for (j = 7; j >= 0; j--) {
1312 if (((*addr) >> j) & 0x1) {
1313 if (hole)
1314 return -1;
1315 bits++;
1316 } else if (bits) {
1317 hole = true;
1318 } else{
1319 return -1;
1320 }
1321 }
1322 }
1323 return bits;
1324 }
1325
1326 static void flower_print_eth_addr(char *name, struct rtattr *addr_attr,
1327 struct rtattr *mask_attr)
1328 {
1329 SPRINT_BUF(namefrm);
1330 SPRINT_BUF(out);
1331 SPRINT_BUF(b1);
1332 size_t done;
1333 int bits;
1334
1335 if (!addr_attr || RTA_PAYLOAD(addr_attr) != ETH_ALEN)
1336 return;
1337 done = sprintf(out, "%s",
1338 ll_addr_n2a(RTA_DATA(addr_attr), ETH_ALEN,
1339 0, b1, sizeof(b1)));
1340 if (mask_attr && RTA_PAYLOAD(mask_attr) == ETH_ALEN) {
1341 bits = __mask_bits(RTA_DATA(mask_attr), ETH_ALEN);
1342 if (bits < 0)
1343 sprintf(out + done, "/%s",
1344 ll_addr_n2a(RTA_DATA(mask_attr), ETH_ALEN,
1345 0, b1, sizeof(b1)));
1346 else if (bits < ETH_ALEN * 8)
1347 sprintf(out + done, "/%d", bits);
1348 }
1349
1350 sprintf(namefrm, "\n %s %%s", name);
1351 print_string(PRINT_ANY, name, namefrm, out);
1352 }
1353
1354 static void flower_print_eth_type(__be16 *p_eth_type,
1355 struct rtattr *eth_type_attr)
1356 {
1357 SPRINT_BUF(out);
1358 __be16 eth_type;
1359
1360 if (!eth_type_attr)
1361 return;
1362
1363 eth_type = rta_getattr_u16(eth_type_attr);
1364 if (eth_type == htons(ETH_P_IP))
1365 sprintf(out, "ipv4");
1366 else if (eth_type == htons(ETH_P_IPV6))
1367 sprintf(out, "ipv6");
1368 else if (eth_type == htons(ETH_P_ARP))
1369 sprintf(out, "arp");
1370 else if (eth_type == htons(ETH_P_RARP))
1371 sprintf(out, "rarp");
1372 else
1373 sprintf(out, "%04x", ntohs(eth_type));
1374
1375 print_string(PRINT_ANY, "eth_type", "\n eth_type %s", out);
1376 *p_eth_type = eth_type;
1377 }
1378
1379 static void flower_print_ip_proto(__u8 *p_ip_proto,
1380 struct rtattr *ip_proto_attr)
1381 {
1382 SPRINT_BUF(out);
1383 __u8 ip_proto;
1384
1385 if (!ip_proto_attr)
1386 return;
1387
1388 ip_proto = rta_getattr_u8(ip_proto_attr);
1389 if (ip_proto == IPPROTO_TCP)
1390 sprintf(out, "tcp");
1391 else if (ip_proto == IPPROTO_UDP)
1392 sprintf(out, "udp");
1393 else if (ip_proto == IPPROTO_SCTP)
1394 sprintf(out, "sctp");
1395 else if (ip_proto == IPPROTO_ICMP)
1396 sprintf(out, "icmp");
1397 else if (ip_proto == IPPROTO_ICMPV6)
1398 sprintf(out, "icmpv6");
1399 else
1400 sprintf(out, "%02x", ip_proto);
1401
1402 print_string(PRINT_ANY, "ip_proto", "\n ip_proto %s", out);
1403 *p_ip_proto = ip_proto;
1404 }
1405
1406 static void flower_print_ip_attr(const char *name, struct rtattr *key_attr,
1407 struct rtattr *mask_attr)
1408 {
1409 SPRINT_BUF(namefrm);
1410 SPRINT_BUF(out);
1411 size_t done;
1412
1413 if (!key_attr)
1414 return;
1415
1416 done = sprintf(out, "0x%x", rta_getattr_u8(key_attr));
1417 if (mask_attr)
1418 sprintf(out + done, "/%x", rta_getattr_u8(mask_attr));
1419
1420 print_string(PRINT_FP, NULL, "%s ", _SL_);
1421 sprintf(namefrm, "%s %%s", name);
1422 print_string(PRINT_ANY, name, namefrm, out);
1423 }
1424
1425 static void flower_print_matching_flags(char *name,
1426 enum flower_matching_flags type,
1427 struct rtattr *attr,
1428 struct rtattr *mask_attr)
1429 {
1430 int i;
1431 int count = 0;
1432 __u32 mtf;
1433 __u32 mtf_mask;
1434
1435 if (!mask_attr || RTA_PAYLOAD(mask_attr) != 4)
1436 return;
1437
1438 mtf = ntohl(rta_getattr_u32(attr));
1439 mtf_mask = ntohl(rta_getattr_u32(mask_attr));
1440
1441 for (i = 0; i < ARRAY_SIZE(flags_str); i++) {
1442 if (type != flags_str[i].type)
1443 continue;
1444 if (mtf_mask & flags_str[i].flag) {
1445 if (++count == 1) {
1446 print_string(PRINT_FP, NULL, "\n %s ", name);
1447 open_json_object(name);
1448 } else {
1449 print_string(PRINT_FP, NULL, "/", NULL);
1450 }
1451
1452 print_bool(PRINT_JSON, flags_str[i].string, NULL,
1453 mtf & flags_str[i].flag);
1454 if (mtf & flags_str[i].flag)
1455 print_string(PRINT_FP, NULL, "%s",
1456 flags_str[i].string);
1457 else
1458 print_string(PRINT_FP, NULL, "no%s",
1459 flags_str[i].string);
1460 }
1461 }
1462 if (count)
1463 close_json_object();
1464 }
1465
1466 static void flower_print_ip_addr(char *name, __be16 eth_type,
1467 struct rtattr *addr4_attr,
1468 struct rtattr *mask4_attr,
1469 struct rtattr *addr6_attr,
1470 struct rtattr *mask6_attr)
1471 {
1472 struct rtattr *addr_attr;
1473 struct rtattr *mask_attr;
1474 SPRINT_BUF(namefrm);
1475 SPRINT_BUF(out);
1476 size_t done;
1477 int family;
1478 size_t len;
1479 int bits;
1480
1481 if (eth_type == htons(ETH_P_IP)) {
1482 family = AF_INET;
1483 addr_attr = addr4_attr;
1484 mask_attr = mask4_attr;
1485 len = 4;
1486 } else if (eth_type == htons(ETH_P_IPV6)) {
1487 family = AF_INET6;
1488 addr_attr = addr6_attr;
1489 mask_attr = mask6_attr;
1490 len = 16;
1491 } else {
1492 return;
1493 }
1494 if (!addr_attr || RTA_PAYLOAD(addr_attr) != len)
1495 return;
1496 if (!mask_attr || RTA_PAYLOAD(mask_attr) != len)
1497 return;
1498 done = sprintf(out, "%s", rt_addr_n2a_rta(family, addr_attr));
1499 bits = __mask_bits(RTA_DATA(mask_attr), len);
1500 if (bits < 0)
1501 sprintf(out + done, "/%s", rt_addr_n2a_rta(family, mask_attr));
1502 else if (bits < len * 8)
1503 sprintf(out + done, "/%d", bits);
1504
1505 sprintf(namefrm, "\n %s %%s", name);
1506 print_string(PRINT_ANY, name, namefrm, out);
1507 }
1508 static void flower_print_ip4_addr(char *name, struct rtattr *addr_attr,
1509 struct rtattr *mask_attr)
1510 {
1511 return flower_print_ip_addr(name, htons(ETH_P_IP),
1512 addr_attr, mask_attr, 0, 0);
1513 }
1514
1515 static void flower_print_port(char *name, struct rtattr *attr)
1516 {
1517 SPRINT_BUF(namefrm);
1518
1519 if (!attr)
1520 return;
1521
1522 sprintf(namefrm,"\n %s %%u", name);
1523 print_hu(PRINT_ANY, name, namefrm, rta_getattr_be16(attr));
1524 }
1525
1526 static void flower_print_port_range(char *name, struct rtattr *min_attr,
1527 struct rtattr *max_attr)
1528 {
1529 if (!min_attr || !max_attr)
1530 return;
1531
1532 if (is_json_context()) {
1533 open_json_object(name);
1534 print_hu(PRINT_JSON, "start", NULL, rta_getattr_be16(min_attr));
1535 print_hu(PRINT_JSON, "end", NULL, rta_getattr_be16(max_attr));
1536 close_json_object();
1537 } else {
1538 SPRINT_BUF(namefrm);
1539 SPRINT_BUF(out);
1540 size_t done;
1541
1542 done = sprintf(out, "%u", rta_getattr_be16(min_attr));
1543 sprintf(out + done, "-%u", rta_getattr_be16(max_attr));
1544 sprintf(namefrm, "\n %s %%s", name);
1545 print_string(PRINT_ANY, name, namefrm, out);
1546 }
1547 }
1548
1549 static void flower_print_tcp_flags(const char *name, struct rtattr *flags_attr,
1550 struct rtattr *mask_attr)
1551 {
1552 SPRINT_BUF(namefrm);
1553 SPRINT_BUF(out);
1554 size_t done;
1555
1556 if (!flags_attr)
1557 return;
1558
1559 done = sprintf(out, "0x%x", rta_getattr_be16(flags_attr));
1560 if (mask_attr)
1561 sprintf(out + done, "/%x", rta_getattr_be16(mask_attr));
1562
1563 print_string(PRINT_FP, NULL, "%s ", _SL_);
1564 sprintf(namefrm, "%s %%s", name);
1565 print_string(PRINT_ANY, name, namefrm, out);
1566 }
1567
1568
1569 static void flower_print_key_id(const char *name, struct rtattr *attr)
1570 {
1571 SPRINT_BUF(namefrm);
1572
1573 if (!attr)
1574 return;
1575
1576 sprintf(namefrm,"\n %s %%u", name);
1577 print_uint(PRINT_ANY, name, namefrm, rta_getattr_be32(attr));
1578 }
1579
1580 static void flower_print_geneve_opts(const char *name, struct rtattr *attr,
1581 char *strbuf)
1582 {
1583 struct rtattr *tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX + 1];
1584 int ii, data_len, offset = 0, slen = 0;
1585 struct rtattr *i = RTA_DATA(attr);
1586 int rem = RTA_PAYLOAD(attr);
1587 __u8 type, data_r[rem];
1588 char data[rem * 2 + 1];
1589 __u16 class;
1590
1591 open_json_array(PRINT_JSON, name);
1592 while (rem) {
1593 parse_rtattr(tb, TCA_FLOWER_KEY_ENC_OPT_GENEVE_MAX, i, rem);
1594 class = rta_getattr_be16(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS]);
1595 type = rta_getattr_u8(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE]);
1596 data_len = RTA_PAYLOAD(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]);
1597 hexstring_n2a(RTA_DATA(tb[TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA]),
1598 data_len, data, sizeof(data));
1599 hex2mem(data, data_r, data_len);
1600 offset += data_len + 20;
1601 rem -= data_len + 20;
1602 i = RTA_DATA(attr) + offset;
1603
1604 open_json_object(NULL);
1605 print_uint(PRINT_JSON, "class", NULL, class);
1606 print_uint(PRINT_JSON, "type", NULL, type);
1607 open_json_array(PRINT_JSON, "data");
1608 for (ii = 0; ii < data_len; ii++)
1609 print_uint(PRINT_JSON, NULL, NULL, data_r[ii]);
1610 close_json_array(PRINT_JSON, "data");
1611 close_json_object();
1612
1613 slen += sprintf(strbuf + slen, "%04x:%02x:%s",
1614 class, type, data);
1615 if (rem)
1616 slen += sprintf(strbuf + slen, ",");
1617 }
1618 close_json_array(PRINT_JSON, name);
1619 }
1620
1621 static void flower_print_geneve_parts(const char *name, struct rtattr *attr,
1622 char *key, char *mask)
1623 {
1624 char *namefrm = "\n geneve_opt %s";
1625 char *key_token, *mask_token, *out;
1626 int len;
1627
1628 out = malloc(RTA_PAYLOAD(attr) * 4 + 3);
1629 if (!out)
1630 return;
1631
1632 len = 0;
1633 key_token = strsep(&key, ",");
1634 mask_token = strsep(&mask, ",");
1635 while (key_token) {
1636 len += sprintf(&out[len], "%s/%s,", key_token, mask_token);
1637 mask_token = strsep(&mask, ",");
1638 key_token = strsep(&key, ",");
1639 }
1640
1641 out[len - 1] = '\0';
1642 print_string(PRINT_FP, name, namefrm, out);
1643 free(out);
1644 }
1645
1646 static void flower_print_enc_opts(const char *name, struct rtattr *attr,
1647 struct rtattr *mask_attr)
1648 {
1649 struct rtattr *key_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
1650 struct rtattr *msk_tb[TCA_FLOWER_KEY_ENC_OPTS_MAX + 1];
1651 char *key, *msk;
1652
1653 if (!attr)
1654 return;
1655
1656 key = malloc(RTA_PAYLOAD(attr) * 2 + 1);
1657 if (!key)
1658 return;
1659
1660 msk = malloc(RTA_PAYLOAD(attr) * 2 + 1);
1661 if (!msk)
1662 goto err_key_free;
1663
1664 parse_rtattr_nested(key_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, attr);
1665 flower_print_geneve_opts("geneve_opt_key",
1666 key_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], key);
1667
1668 parse_rtattr_nested(msk_tb, TCA_FLOWER_KEY_ENC_OPTS_MAX, mask_attr);
1669 flower_print_geneve_opts("geneve_opt_mask",
1670 msk_tb[TCA_FLOWER_KEY_ENC_OPTS_GENEVE], msk);
1671
1672 flower_print_geneve_parts(name, attr, key, msk);
1673
1674 free(msk);
1675 err_key_free:
1676 free(key);
1677 }
1678
1679 static void flower_print_masked_u8(const char *name, struct rtattr *attr,
1680 struct rtattr *mask_attr,
1681 const char *(*value_to_str)(__u8 value))
1682 {
1683 const char *value_str = NULL;
1684 __u8 value, mask;
1685 SPRINT_BUF(namefrm);
1686 SPRINT_BUF(out);
1687 size_t done;
1688
1689 if (!attr)
1690 return;
1691
1692 value = rta_getattr_u8(attr);
1693 mask = mask_attr ? rta_getattr_u8(mask_attr) : UINT8_MAX;
1694 if (mask == UINT8_MAX && value_to_str)
1695 value_str = value_to_str(value);
1696
1697 if (value_str)
1698 done = sprintf(out, "%s", value_str);
1699 else
1700 done = sprintf(out, "%d", value);
1701
1702 if (mask != UINT8_MAX)
1703 sprintf(out + done, "/%d", mask);
1704
1705 sprintf(namefrm,"\n %s %%s", name);
1706 print_string(PRINT_ANY, name, namefrm, out);
1707 }
1708
1709 static void flower_print_u8(const char *name, struct rtattr *attr)
1710 {
1711 flower_print_masked_u8(name, attr, NULL, NULL);
1712 }
1713
1714 static void flower_print_u32(const char *name, struct rtattr *attr)
1715 {
1716 SPRINT_BUF(namefrm);
1717
1718 if (!attr)
1719 return;
1720
1721 sprintf(namefrm,"\n %s %%u", name);
1722 print_uint(PRINT_ANY, name, namefrm, rta_getattr_u32(attr));
1723 }
1724
1725 static void flower_print_arp_op(const char *name,
1726 struct rtattr *op_attr,
1727 struct rtattr *mask_attr)
1728 {
1729 flower_print_masked_u8(name, op_attr, mask_attr,
1730 flower_print_arp_op_to_name);
1731 }
1732
1733 static int flower_print_opt(struct filter_util *qu, FILE *f,
1734 struct rtattr *opt, __u32 handle)
1735 {
1736 struct rtattr *tb[TCA_FLOWER_MAX + 1];
1737 __be16 min_port_type, max_port_type;
1738 int nl_type, nl_mask_type;
1739 __be16 eth_type = 0;
1740 __u8 ip_proto = 0xff;
1741
1742 if (!opt)
1743 return 0;
1744
1745 parse_rtattr_nested(tb, TCA_FLOWER_MAX, opt);
1746
1747 if (handle)
1748 print_uint(PRINT_ANY, "handle", "handle 0x%x ", handle);
1749
1750 if (tb[TCA_FLOWER_CLASSID]) {
1751 __u32 h = rta_getattr_u32(tb[TCA_FLOWER_CLASSID]);
1752
1753 if (TC_H_MIN(h) < TC_H_MIN_PRIORITY ||
1754 TC_H_MIN(h) > (TC_H_MIN_PRIORITY + TC_QOPT_MAX_QUEUE - 1)) {
1755 SPRINT_BUF(b1);
1756 print_string(PRINT_ANY, "classid", "classid %s ",
1757 sprint_tc_classid(h, b1));
1758 } else {
1759 print_uint(PRINT_ANY, "hw_tc", "hw_tc %u ",
1760 TC_H_MIN(h) - TC_H_MIN_PRIORITY);
1761 }
1762 }
1763
1764 if (tb[TCA_FLOWER_INDEV]) {
1765 struct rtattr *attr = tb[TCA_FLOWER_INDEV];
1766
1767 print_string(PRINT_ANY, "indev", "\n indev %s",
1768 rta_getattr_str(attr));
1769 }
1770
1771 open_json_object("keys");
1772
1773 if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
1774 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ID];
1775
1776 print_uint(PRINT_ANY, "vlan_id", "\n vlan_id %u",
1777 rta_getattr_u16(attr));
1778 }
1779
1780 if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
1781 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_PRIO];
1782
1783 print_uint(PRINT_ANY, "vlan_prio", "\n vlan_prio %d",
1784 rta_getattr_u8(attr));
1785 }
1786
1787 if (tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE]) {
1788 SPRINT_BUF(buf);
1789 struct rtattr *attr = tb[TCA_FLOWER_KEY_VLAN_ETH_TYPE];
1790
1791 print_string(PRINT_ANY, "vlan_ethtype", "\n vlan_ethtype %s",
1792 ll_proto_n2a(rta_getattr_u16(attr),
1793 buf, sizeof(buf)));
1794 }
1795
1796 if (tb[TCA_FLOWER_KEY_CVLAN_ID]) {
1797 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ID];
1798
1799 print_uint(PRINT_ANY, "cvlan_id", "\n cvlan_id %u",
1800 rta_getattr_u16(attr));
1801 }
1802
1803 if (tb[TCA_FLOWER_KEY_CVLAN_PRIO]) {
1804 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_PRIO];
1805
1806 print_uint(PRINT_ANY, "cvlan_prio", "\n cvlan_prio %d",
1807 rta_getattr_u8(attr));
1808 }
1809
1810 if (tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE]) {
1811 SPRINT_BUF(buf);
1812 struct rtattr *attr = tb[TCA_FLOWER_KEY_CVLAN_ETH_TYPE];
1813
1814 print_string(PRINT_ANY, "cvlan_ethtype", "\n cvlan_ethtype %s",
1815 ll_proto_n2a(rta_getattr_u16(attr),
1816 buf, sizeof(buf)));
1817 }
1818
1819 flower_print_eth_addr("dst_mac", tb[TCA_FLOWER_KEY_ETH_DST],
1820 tb[TCA_FLOWER_KEY_ETH_DST_MASK]);
1821 flower_print_eth_addr("src_mac", tb[TCA_FLOWER_KEY_ETH_SRC],
1822 tb[TCA_FLOWER_KEY_ETH_SRC_MASK]);
1823
1824 flower_print_eth_type(&eth_type, tb[TCA_FLOWER_KEY_ETH_TYPE]);
1825 flower_print_ip_proto(&ip_proto, tb[TCA_FLOWER_KEY_IP_PROTO]);
1826
1827 flower_print_ip_attr("ip_tos", tb[TCA_FLOWER_KEY_IP_TOS],
1828 tb[TCA_FLOWER_KEY_IP_TOS_MASK]);
1829 flower_print_ip_attr("ip_ttl", tb[TCA_FLOWER_KEY_IP_TTL],
1830 tb[TCA_FLOWER_KEY_IP_TTL_MASK]);
1831
1832 flower_print_u32("mpls_label", tb[TCA_FLOWER_KEY_MPLS_LABEL]);
1833 flower_print_u8("mpls_tc", tb[TCA_FLOWER_KEY_MPLS_TC]);
1834 flower_print_u8("mpls_bos", tb[TCA_FLOWER_KEY_MPLS_BOS]);
1835 flower_print_u8("mpls_ttl", tb[TCA_FLOWER_KEY_MPLS_TTL]);
1836
1837 flower_print_ip_addr("dst_ip", eth_type,
1838 tb[TCA_FLOWER_KEY_IPV4_DST],
1839 tb[TCA_FLOWER_KEY_IPV4_DST_MASK],
1840 tb[TCA_FLOWER_KEY_IPV6_DST],
1841 tb[TCA_FLOWER_KEY_IPV6_DST_MASK]);
1842
1843 flower_print_ip_addr("src_ip", eth_type,
1844 tb[TCA_FLOWER_KEY_IPV4_SRC],
1845 tb[TCA_FLOWER_KEY_IPV4_SRC_MASK],
1846 tb[TCA_FLOWER_KEY_IPV6_SRC],
1847 tb[TCA_FLOWER_KEY_IPV6_SRC_MASK]);
1848
1849 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_DST);
1850 if (nl_type >= 0)
1851 flower_print_port("dst_port", tb[nl_type]);
1852 nl_type = flower_port_attr_type(ip_proto, FLOWER_ENDPOINT_SRC);
1853 if (nl_type >= 0)
1854 flower_print_port("src_port", tb[nl_type]);
1855
1856 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_DST,
1857 &min_port_type, &max_port_type))
1858 flower_print_port_range("dst_port",
1859 tb[min_port_type], tb[max_port_type]);
1860
1861 if (!flower_port_range_attr_type(ip_proto, FLOWER_ENDPOINT_SRC,
1862 &min_port_type, &max_port_type))
1863 flower_print_port_range("src_port",
1864 tb[min_port_type], tb[max_port_type]);
1865
1866 flower_print_tcp_flags("tcp_flags", tb[TCA_FLOWER_KEY_TCP_FLAGS],
1867 tb[TCA_FLOWER_KEY_TCP_FLAGS_MASK]);
1868
1869 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
1870 FLOWER_ICMP_FIELD_TYPE);
1871 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
1872 FLOWER_ICMP_FIELD_TYPE);
1873 if (nl_type >= 0 && nl_mask_type >= 0)
1874 flower_print_masked_u8("icmp_type", tb[nl_type],
1875 tb[nl_mask_type], NULL);
1876
1877 nl_type = flower_icmp_attr_type(eth_type, ip_proto,
1878 FLOWER_ICMP_FIELD_CODE);
1879 nl_mask_type = flower_icmp_attr_mask_type(eth_type, ip_proto,
1880 FLOWER_ICMP_FIELD_CODE);
1881 if (nl_type >= 0 && nl_mask_type >= 0)
1882 flower_print_masked_u8("icmp_code", tb[nl_type],
1883 tb[nl_mask_type], NULL);
1884
1885 flower_print_ip4_addr("arp_sip", tb[TCA_FLOWER_KEY_ARP_SIP],
1886 tb[TCA_FLOWER_KEY_ARP_SIP_MASK]);
1887 flower_print_ip4_addr("arp_tip", tb[TCA_FLOWER_KEY_ARP_TIP],
1888 tb[TCA_FLOWER_KEY_ARP_TIP_MASK]);
1889 flower_print_arp_op("arp_op", tb[TCA_FLOWER_KEY_ARP_OP],
1890 tb[TCA_FLOWER_KEY_ARP_OP_MASK]);
1891 flower_print_eth_addr("arp_sha", tb[TCA_FLOWER_KEY_ARP_SHA],
1892 tb[TCA_FLOWER_KEY_ARP_SHA_MASK]);
1893 flower_print_eth_addr("arp_tha", tb[TCA_FLOWER_KEY_ARP_THA],
1894 tb[TCA_FLOWER_KEY_ARP_THA_MASK]);
1895
1896 flower_print_ip_addr("enc_dst_ip",
1897 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] ?
1898 htons(ETH_P_IP) : htons(ETH_P_IPV6),
1899 tb[TCA_FLOWER_KEY_ENC_IPV4_DST],
1900 tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK],
1901 tb[TCA_FLOWER_KEY_ENC_IPV6_DST],
1902 tb[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK]);
1903
1904 flower_print_ip_addr("enc_src_ip",
1905 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] ?
1906 htons(ETH_P_IP) : htons(ETH_P_IPV6),
1907 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC],
1908 tb[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK],
1909 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC],
1910 tb[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK]);
1911
1912 flower_print_key_id("enc_key_id", tb[TCA_FLOWER_KEY_ENC_KEY_ID]);
1913
1914 flower_print_port("enc_dst_port", tb[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]);
1915
1916 flower_print_ip_attr("enc_tos", tb[TCA_FLOWER_KEY_ENC_IP_TOS],
1917 tb[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]);
1918 flower_print_ip_attr("enc_ttl", tb[TCA_FLOWER_KEY_ENC_IP_TTL],
1919 tb[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]);
1920 flower_print_enc_opts("enc_opt", tb[TCA_FLOWER_KEY_ENC_OPTS],
1921 tb[TCA_FLOWER_KEY_ENC_OPTS_MASK]);
1922
1923 flower_print_matching_flags("ip_flags", FLOWER_IP_FLAGS,
1924 tb[TCA_FLOWER_KEY_FLAGS],
1925 tb[TCA_FLOWER_KEY_FLAGS_MASK]);
1926
1927 close_json_object();
1928
1929 if (tb[TCA_FLOWER_FLAGS]) {
1930 __u32 flags = rta_getattr_u32(tb[TCA_FLOWER_FLAGS]);
1931
1932 if (flags & TCA_CLS_FLAGS_SKIP_HW)
1933 print_bool(PRINT_ANY, "skip_hw", "\n skip_hw", true);
1934 if (flags & TCA_CLS_FLAGS_SKIP_SW)
1935 print_bool(PRINT_ANY, "skip_sw", "\n skip_sw", true);
1936
1937 if (flags & TCA_CLS_FLAGS_IN_HW) {
1938 print_bool(PRINT_ANY, "in_hw", "\n in_hw", true);
1939
1940 if (tb[TCA_FLOWER_IN_HW_COUNT]) {
1941 __u32 count = rta_getattr_u32(tb[TCA_FLOWER_IN_HW_COUNT]);
1942
1943 print_uint(PRINT_ANY, "in_hw_count",
1944 " in_hw_count %u", count);
1945 }
1946 }
1947 else if (flags & TCA_CLS_FLAGS_NOT_IN_HW)
1948 print_bool(PRINT_ANY, "not_in_hw", "\n not_in_hw", true);
1949 }
1950
1951 if (tb[TCA_FLOWER_ACT])
1952 tc_print_action(f, tb[TCA_FLOWER_ACT], 0);
1953
1954 return 0;
1955 }
1956
1957 struct filter_util flower_filter_util = {
1958 .id = "flower",
1959 .parse_fopt = flower_parse_opt,
1960 .print_fopt = flower_print_opt,
1961 };
Upstream mirror of iproute2