Blame tc/m_mirred.c

Packit d3f73b
/*
Packit d3f73b
 * m_egress.c		ingress/egress packet mirror/redir actions module
Packit d3f73b
 *
Packit d3f73b
 *		This program is free software; you can distribute it and/or
Packit d3f73b
 *		modify it under the terms of the GNU General Public License
Packit d3f73b
 *		as published by the Free Software Foundation; either version
Packit d3f73b
 *		2 of the License, or (at your option) any later version.
Packit d3f73b
 *
Packit d3f73b
 * Authors:  J Hadi Salim (hadi@cyberus.ca)
Packit d3f73b
 *
Packit d3f73b
 * TODO: Add Ingress support
Packit d3f73b
 *
Packit d3f73b
 */
Packit d3f73b
Packit d3f73b
#include <stdio.h>
Packit d3f73b
#include <stdlib.h>
Packit d3f73b
#include <unistd.h>
Packit d3f73b
#include <fcntl.h>
Packit d3f73b
#include <sys/socket.h>
Packit d3f73b
#include <netinet/in.h>
Packit d3f73b
#include <arpa/inet.h>
Packit d3f73b
#include <string.h>
Packit d3f73b
#include "utils.h"
Packit d3f73b
#include "tc_util.h"
Packit d3f73b
#include "tc_common.h"
Packit d3f73b
#include <linux/tc_act/tc_mirred.h>
Packit d3f73b
Packit d3f73b
static void
Packit d3f73b
explain(void)
Packit d3f73b
{
Packit d3f73b
	fprintf(stderr,
Packit d3f73b
		"Usage: mirred <DIRECTION> <ACTION> [index INDEX] <dev DEVICENAME>\n"
Packit d3f73b
		"where:\n"
Packit d3f73b
		"\tDIRECTION := <ingress | egress>\n"
Packit d3f73b
		"\tACTION := <mirror | redirect>\n"
Packit d3f73b
		"\tINDEX  is the specific policy instance id\n"
Packit d3f73b
		"\tDEVICENAME is the devicename\n");
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
static void
Packit d3f73b
usage(void)
Packit d3f73b
{
Packit d3f73b
	explain();
Packit d3f73b
	exit(-1);
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
static const char *mirred_n2a(int action)
Packit d3f73b
{
Packit d3f73b
	switch (action) {
Packit d3f73b
	case TCA_EGRESS_REDIR:
Packit d3f73b
		return "Egress Redirect";
Packit d3f73b
	case TCA_INGRESS_REDIR:
Packit d3f73b
		return "Ingress Redirect";
Packit d3f73b
	case TCA_EGRESS_MIRROR:
Packit d3f73b
		return "Egress Mirror";
Packit d3f73b
	case TCA_INGRESS_MIRROR:
Packit d3f73b
		return "Ingress Mirror";
Packit d3f73b
	default:
Packit d3f73b
		return "unknown";
Packit d3f73b
	}
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
static const char *mirred_direction(int action)
Packit d3f73b
{
Packit d3f73b
	switch (action) {
Packit d3f73b
	case TCA_EGRESS_REDIR:
Packit d3f73b
	case TCA_EGRESS_MIRROR:
Packit d3f73b
		return "egress";
Packit d3f73b
	case TCA_INGRESS_REDIR:
Packit d3f73b
	case TCA_INGRESS_MIRROR:
Packit d3f73b
		return "ingress";
Packit d3f73b
	default:
Packit d3f73b
		return "unknown";
Packit d3f73b
	}
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
static const char *mirred_action(int action)
Packit d3f73b
{
Packit d3f73b
	switch (action) {
Packit d3f73b
	case TCA_EGRESS_REDIR:
Packit d3f73b
	case TCA_INGRESS_REDIR:
Packit d3f73b
		return "redirect";
Packit d3f73b
	case TCA_EGRESS_MIRROR:
Packit d3f73b
	case TCA_INGRESS_MIRROR:
Packit d3f73b
		return "mirror";
Packit d3f73b
	default:
Packit d3f73b
		return "unknown";
Packit d3f73b
	}
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
static int
Packit d3f73b
parse_direction(struct action_util *a, int *argc_p, char ***argv_p,
Packit d3f73b
		int tca_id, struct nlmsghdr *n)
Packit d3f73b
{
Packit d3f73b
Packit d3f73b
	int argc = *argc_p;
Packit d3f73b
	char **argv = *argv_p;
Packit d3f73b
	int ok = 0, iok = 0, mirror = 0, redir = 0, ingress = 0, egress = 0;
Packit d3f73b
	struct tc_mirred p = {};
Packit d3f73b
	struct rtattr *tail;
Packit d3f73b
	char d[IFNAMSIZ] = {};
Packit d3f73b
Packit d3f73b
	while (argc > 0) {
Packit d3f73b
Packit d3f73b
		if (matches(*argv, "action") == 0) {
Packit d3f73b
			NEXT_ARG();
Packit d3f73b
			break;
Packit d3f73b
		} else if (!egress && matches(*argv, "egress") == 0) {
Packit d3f73b
			egress = 1;
Packit d3f73b
			if (ingress) {
Packit d3f73b
				fprintf(stderr,
Packit d3f73b
					"Can't have both egress and ingress\n");
Packit d3f73b
				return -1;
Packit d3f73b
			}
Packit d3f73b
			NEXT_ARG();
Packit d3f73b
			ok++;
Packit d3f73b
			continue;
Packit d3f73b
		} else if (!ingress && matches(*argv, "ingress") == 0) {
Packit d3f73b
			ingress = 1;
Packit d3f73b
			if (egress) {
Packit d3f73b
				fprintf(stderr,
Packit d3f73b
					"Can't have both ingress and egress\n");
Packit d3f73b
				return -1;
Packit d3f73b
			}
Packit d3f73b
			NEXT_ARG();
Packit d3f73b
			ok++;
Packit d3f73b
			continue;
Packit d3f73b
		} else {
Packit d3f73b
Packit d3f73b
			if (matches(*argv, "index") == 0) {
Packit d3f73b
				NEXT_ARG();
Packit d3f73b
				if (get_u32(&p.index, *argv, 10)) {
Packit d3f73b
					fprintf(stderr, "Illegal \"index\"\n");
Packit d3f73b
					return -1;
Packit d3f73b
				}
Packit d3f73b
				iok++;
Packit d3f73b
				if (!ok) {
Packit d3f73b
					argc--;
Packit d3f73b
					argv++;
Packit d3f73b
					break;
Packit d3f73b
				}
Packit d3f73b
			} else if (!ok) {
Packit d3f73b
				fprintf(stderr,
Packit d3f73b
					"was expecting egress or ingress (%s)\n",
Packit d3f73b
					*argv);
Packit d3f73b
				break;
Packit d3f73b
Packit d3f73b
			} else if (!mirror && matches(*argv, "mirror") == 0) {
Packit d3f73b
				mirror = 1;
Packit d3f73b
				if (redir) {
Packit d3f73b
					fprintf(stderr,
Packit d3f73b
						"Can't have both mirror and redir\n");
Packit d3f73b
					return -1;
Packit d3f73b
				}
Packit d3f73b
				p.eaction = egress ? TCA_EGRESS_MIRROR :
Packit d3f73b
					TCA_INGRESS_MIRROR;
Packit d3f73b
				p.action = TC_ACT_PIPE;
Packit d3f73b
				ok++;
Packit d3f73b
			} else if (!redir && matches(*argv, "redirect") == 0) {
Packit d3f73b
				redir = 1;
Packit d3f73b
				if (mirror) {
Packit d3f73b
					fprintf(stderr,
Packit d3f73b
						"Can't have both mirror and redir\n");
Packit d3f73b
					return -1;
Packit d3f73b
				}
Packit d3f73b
				p.eaction = egress ? TCA_EGRESS_REDIR :
Packit d3f73b
					TCA_INGRESS_REDIR;
Packit d3f73b
				p.action = TC_ACT_STOLEN;
Packit d3f73b
				ok++;
Packit d3f73b
			} else if ((redir || mirror) &&
Packit d3f73b
				   matches(*argv, "dev") == 0) {
Packit d3f73b
				NEXT_ARG();
Packit d3f73b
				if (strlen(d))
Packit d3f73b
					duparg("dev", *argv);
Packit d3f73b
Packit d3f73b
				strncpy(d, *argv, sizeof(d)-1);
Packit d3f73b
				argc--;
Packit d3f73b
				argv++;
Packit d3f73b
Packit d3f73b
				break;
Packit d3f73b
Packit d3f73b
			}
Packit d3f73b
		}
Packit d3f73b
Packit d3f73b
		NEXT_ARG();
Packit d3f73b
	}
Packit d3f73b
Packit d3f73b
	if (!ok && !iok)
Packit d3f73b
		return -1;
Packit d3f73b
Packit d3f73b
	if (d[0])  {
Packit d3f73b
		int idx;
Packit d3f73b
Packit d3f73b
		ll_init_map(&rth);
Packit d3f73b
Packit d3f73b
		idx = ll_name_to_index(d);
Packit d3f73b
		if (!idx)
Packit d3f73b
			return nodev(d);
Packit d3f73b
Packit d3f73b
		p.ifindex = idx;
Packit d3f73b
	}
Packit d3f73b
Packit d3f73b
Packit d3f73b
	if (p.eaction == TCA_EGRESS_MIRROR || p.eaction == TCA_INGRESS_MIRROR)
Packit d3f73b
		parse_action_control_dflt(&argc, &argv, &p.action, false,
Packit d3f73b
					  TC_ACT_PIPE);
Packit d3f73b
Packit d3f73b
	if (argc) {
Packit d3f73b
		if (iok && matches(*argv, "index") == 0) {
Packit d3f73b
			fprintf(stderr, "mirred: Illegal double index\n");
Packit d3f73b
			return -1;
Packit d3f73b
		}
Packit d3f73b
Packit d3f73b
		if (matches(*argv, "index") == 0) {
Packit d3f73b
			NEXT_ARG();
Packit d3f73b
			if (get_u32(&p.index, *argv, 10)) {
Packit d3f73b
				fprintf(stderr,
Packit d3f73b
					"mirred: Illegal \"index\"\n");
Packit d3f73b
				return -1;
Packit d3f73b
			}
Packit d3f73b
			argc--;
Packit d3f73b
			argv++;
Packit d3f73b
		}
Packit d3f73b
	}
Packit d3f73b
Packit d3f73b
	tail = addattr_nest(n, MAX_MSG, tca_id);
Packit d3f73b
	addattr_l(n, MAX_MSG, TCA_MIRRED_PARMS, &p, sizeof(p));
Packit d3f73b
	addattr_nest_end(n, tail);
Packit d3f73b
Packit d3f73b
	*argc_p = argc;
Packit d3f73b
	*argv_p = argv;
Packit d3f73b
	return 0;
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
Packit d3f73b
static int
Packit d3f73b
parse_mirred(struct action_util *a, int *argc_p, char ***argv_p,
Packit d3f73b
	     int tca_id, struct nlmsghdr *n)
Packit d3f73b
{
Packit d3f73b
Packit d3f73b
	int argc = *argc_p;
Packit d3f73b
	char **argv = *argv_p;
Packit d3f73b
Packit d3f73b
	if (argc < 0) {
Packit d3f73b
		fprintf(stderr, "mirred bad argument count %d\n", argc);
Packit d3f73b
		return -1;
Packit d3f73b
	}
Packit d3f73b
Packit d3f73b
	if (matches(*argv, "mirred") == 0) {
Packit d3f73b
		NEXT_ARG();
Packit d3f73b
	} else {
Packit d3f73b
		fprintf(stderr, "mirred bad argument %s\n", *argv);
Packit d3f73b
		return -1;
Packit d3f73b
	}
Packit d3f73b
Packit d3f73b
Packit d3f73b
	if (matches(*argv, "egress") == 0 || matches(*argv, "ingress") == 0 ||
Packit d3f73b
	    matches(*argv, "index") == 0) {
Packit d3f73b
		int ret = parse_direction(a, &argc, &argv, tca_id, n);
Packit d3f73b
Packit d3f73b
		if (ret == 0) {
Packit d3f73b
			*argc_p = argc;
Packit d3f73b
			*argv_p = argv;
Packit d3f73b
			return 0;
Packit d3f73b
		}
Packit d3f73b
Packit d3f73b
	} else if (matches(*argv, "help") == 0) {
Packit d3f73b
		usage();
Packit d3f73b
	} else {
Packit d3f73b
		fprintf(stderr, "mirred option not supported %s\n", *argv);
Packit d3f73b
	}
Packit d3f73b
Packit d3f73b
	return -1;
Packit d3f73b
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
static int
Packit d3f73b
print_mirred(struct action_util *au, FILE *f, struct rtattr *arg)
Packit d3f73b
{
Packit d3f73b
	struct tc_mirred *p;
Packit d3f73b
	struct rtattr *tb[TCA_MIRRED_MAX + 1];
Packit d3f73b
	const char *dev;
Packit d3f73b
Packit d3f73b
	if (arg == NULL)
Packit d3f73b
		return -1;
Packit d3f73b
Packit d3f73b
	parse_rtattr_nested(tb, TCA_MIRRED_MAX, arg);
Packit d3f73b
Packit d3f73b
	if (tb[TCA_MIRRED_PARMS] == NULL) {
Packit d3f73b
		fprintf(stderr, "Missing mirred parameters\n");
Packit d3f73b
		return -1;
Packit d3f73b
	}
Packit d3f73b
	p = RTA_DATA(tb[TCA_MIRRED_PARMS]);
Packit d3f73b
Packit d3f73b
	dev = ll_index_to_name(p->ifindex);
Packit d3f73b
	if (dev == 0) {
Packit d3f73b
		fprintf(stderr, "Cannot find device %d\n", p->ifindex);
Packit d3f73b
		return -1;
Packit d3f73b
	}
Packit d3f73b
Packit d3f73b
	print_string(PRINT_ANY, "kind", "%s ", "mirred");
Packit d3f73b
	print_string(PRINT_FP, NULL, "(%s", mirred_n2a(p->eaction));
Packit d3f73b
	print_string(PRINT_JSON, "mirred_action", NULL,
Packit d3f73b
		     mirred_action(p->eaction));
Packit d3f73b
	print_string(PRINT_JSON, "direction", NULL,
Packit d3f73b
		     mirred_direction(p->eaction));
Packit d3f73b
	print_string(PRINT_ANY, "to_dev", " to device %s)", dev);
Packit d3f73b
	print_action_control(f, " ", p->action, "");
Packit d3f73b
Packit d3f73b
	print_uint(PRINT_ANY, "index", "\n \tindex %u", p->index);
Packit d3f73b
	print_int(PRINT_ANY, "ref", " ref %d", p->refcnt);
Packit d3f73b
	print_int(PRINT_ANY, "bind", " bind %d", p->bindcnt);
Packit d3f73b
Packit d3f73b
	if (show_stats) {
Packit d3f73b
		if (tb[TCA_MIRRED_TM]) {
Packit d3f73b
			struct tcf_t *tm = RTA_DATA(tb[TCA_MIRRED_TM]);
Packit d3f73b
Packit d3f73b
			print_tm(f, tm);
Packit d3f73b
		}
Packit d3f73b
	}
Packit d3f73b
	print_string(PRINT_FP, NULL, "%s", "\n ");
Packit d3f73b
	return 0;
Packit d3f73b
}
Packit d3f73b
Packit d3f73b
struct action_util mirred_action_util = {
Packit d3f73b
	.id = "mirred",
Packit d3f73b
	.parse_aopt = parse_mirred,
Packit d3f73b
	.print_aopt = print_mirred,
Packit d3f73b
};