|
Packit Service |
3880ab |
/*
|
|
Packit Service |
3880ab |
* tc_filter.c "tc filter".
|
|
Packit Service |
3880ab |
*
|
|
Packit Service |
3880ab |
* This program is free software; you can redistribute it and/or
|
|
Packit Service |
3880ab |
* modify it under the terms of the GNU General Public License
|
|
Packit Service |
3880ab |
* as published by the Free Software Foundation; either version
|
|
Packit Service |
3880ab |
* 2 of the License, or (at your option) any later version.
|
|
Packit Service |
3880ab |
*
|
|
Packit Service |
3880ab |
* Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
|
|
Packit Service |
3880ab |
*
|
|
Packit Service |
3880ab |
*/
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
#include <stdio.h>
|
|
Packit Service |
3880ab |
#include <stdlib.h>
|
|
Packit Service |
3880ab |
#include <unistd.h>
|
|
Packit Service |
3880ab |
#include <fcntl.h>
|
|
Packit Service |
3880ab |
#include <sys/socket.h>
|
|
Packit Service |
3880ab |
#include <netinet/in.h>
|
|
Packit Service |
3880ab |
#include <arpa/inet.h>
|
|
Packit Service |
3880ab |
#include <string.h>
|
|
Packit Service |
3880ab |
#include <linux/if_ether.h>
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
#include "rt_names.h"
|
|
Packit Service |
3880ab |
#include "utils.h"
|
|
Packit Service |
3880ab |
#include "tc_util.h"
|
|
Packit Service |
3880ab |
#include "tc_common.h"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
static void usage(void)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Usage: tc filter [ add | del | change | replace | show ] [ dev STRING ]\n"
|
|
Packit Service |
3880ab |
" tc filter [ add | del | change | replace | show ] [ block BLOCK_INDEX ]\n"
|
|
Packit Service |
3880ab |
" tc filter get dev STRING parent CLASSID protocol PROTO handle FILTERID pref PRIO FILTER_TYPE\n"
|
|
Packit Service |
3880ab |
" tc filter get block BLOCK_INDEX protocol PROTO handle FILTERID pref PRIO FILTER_TYPE\n"
|
|
Packit Service |
3880ab |
" [ pref PRIO ] protocol PROTO [ chain CHAIN_INDEX ]\n"
|
|
Packit Service |
3880ab |
" [ estimator INTERVAL TIME_CONSTANT ]\n"
|
|
Packit Service |
3880ab |
" [ root | ingress | egress | parent CLASSID ]\n"
|
|
Packit Service |
3880ab |
" [ handle FILTERID ] [ [ FILTER_TYPE ] [ help | OPTIONS ] ]\n"
|
|
Packit Service |
3880ab |
"\n"
|
|
Packit Service |
3880ab |
" tc filter show [ dev STRING ] [ root | ingress | egress | parent CLASSID ]\n"
|
|
Packit Service |
3880ab |
" tc filter show [ block BLOCK_INDEX ]\n"
|
|
Packit Service |
3880ab |
"Where:\n"
|
|
Packit Service |
3880ab |
"FILTER_TYPE := { rsvp | u32 | bpf | fw | route | etc. }\n"
|
|
Packit Service |
3880ab |
"FILTERID := ... format depends on classifier, see there\n"
|
|
Packit Service |
3880ab |
"OPTIONS := ... try tc filter add <desired FILTER_KIND> help\n");
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
static void chain_usage(void)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Usage: tc chain [ add | del | get | show ] [ dev STRING ]\n"
|
|
Packit Service |
3880ab |
" tc chain [ add | del | get | show ] [ block BLOCK_INDEX ] ]\n");
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
struct tc_filter_req {
|
|
Packit Service |
3880ab |
struct nlmsghdr n;
|
|
Packit Service |
3880ab |
struct tcmsg t;
|
|
Packit Service |
3880ab |
char buf[MAX_MSG];
|
|
Packit Service |
3880ab |
};
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
struct {
|
|
Packit Service |
3880ab |
struct nlmsghdr n;
|
|
Packit Service |
3880ab |
struct tcmsg t;
|
|
Packit Service |
3880ab |
char buf[MAX_MSG];
|
|
Packit Service |
3880ab |
} req = {
|
|
Packit Service |
3880ab |
.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
|
|
Packit Service |
3880ab |
.n.nlmsg_flags = NLM_F_REQUEST | flags,
|
|
Packit Service |
3880ab |
.n.nlmsg_type = cmd,
|
|
Packit Service |
3880ab |
.t.tcm_family = AF_UNSPEC,
|
|
Packit Service |
3880ab |
};
|
|
Packit Service |
3880ab |
struct filter_util *q = NULL;
|
|
Packit Service |
3880ab |
__u32 prio = 0;
|
|
Packit Service |
3880ab |
__u32 protocol = 0;
|
|
Packit Service |
3880ab |
int protocol_set = 0;
|
|
Packit Service |
3880ab |
__u32 block_index = 0;
|
|
Packit Service |
3880ab |
__u32 chain_index;
|
|
Packit Service |
3880ab |
int chain_index_set = 0;
|
|
Packit Service |
3880ab |
char *fhandle = NULL;
|
|
Packit Service |
3880ab |
char d[IFNAMSIZ] = {};
|
|
Packit Service |
3880ab |
char k[FILTER_NAMESZ] = {};
|
|
Packit Service |
3880ab |
struct tc_estimator est = {};
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (cmd == RTM_NEWTFILTER && flags & NLM_F_CREATE)
|
|
Packit Service |
3880ab |
protocol = htons(ETH_P_ALL);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
while (argc > 0) {
|
|
Packit Service |
3880ab |
if (strcmp(*argv, "dev") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (d[0])
|
|
Packit Service |
3880ab |
duparg("dev", *argv);
|
|
Packit Service |
3880ab |
if (block_index) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
strncpy(d, *argv, sizeof(d)-1);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "block") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (block_index)
|
|
Packit Service |
3880ab |
duparg("block", *argv);
|
|
Packit Service |
3880ab |
if (d[0]) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
if (get_u32(&block_index, *argv, 0) || !block_index)
|
|
Packit Service |
3880ab |
invarg("invalid block index value", *argv);
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "root") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"root\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
req.t.tcm_parent = TC_H_ROOT;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "ingress") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"ingress\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
|
|
Packit Service |
3880ab |
TC_H_MIN_INGRESS);
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "egress") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"egress\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
|
|
Packit Service |
3880ab |
TC_H_MIN_EGRESS);
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "parent") == 0) {
|
|
Packit Service |
3880ab |
__u32 handle;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent)
|
|
Packit Service |
3880ab |
duparg("parent", *argv);
|
|
Packit Service |
3880ab |
if (get_tc_classid(&handle, *argv))
|
|
Packit Service |
3880ab |
invarg("Invalid parent ID", *argv);
|
|
Packit Service |
3880ab |
req.t.tcm_parent = handle;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "handle") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (fhandle)
|
|
Packit Service |
3880ab |
duparg("handle", *argv);
|
|
Packit Service |
3880ab |
fhandle = *argv;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "preference") == 0 ||
|
|
Packit Service |
3880ab |
matches(*argv, "priority") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (prio)
|
|
Packit Service |
3880ab |
duparg("priority", *argv);
|
|
Packit Service |
3880ab |
if (get_u32(&prio, *argv, 0) || prio > 0xFFFF)
|
|
Packit Service |
3880ab |
invarg("invalid priority value", *argv);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "protocol") == 0) {
|
|
Packit Service |
3880ab |
__u16 id;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (protocol_set)
|
|
Packit Service |
3880ab |
duparg("protocol", *argv);
|
|
Packit Service |
3880ab |
if (ll_proto_a2n(&id, *argv))
|
|
Packit Service |
3880ab |
invarg("invalid protocol", *argv);
|
|
Packit Service |
3880ab |
protocol = id;
|
|
Packit Service |
3880ab |
protocol_set = 1;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "chain") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (chain_index_set)
|
|
Packit Service |
3880ab |
duparg("chain", *argv);
|
|
Packit Service |
3880ab |
if (get_u32(&chain_index, *argv, 0))
|
|
Packit Service |
3880ab |
invarg("invalid chain index value", *argv);
|
|
Packit Service |
3880ab |
chain_index_set = 1;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "estimator") == 0) {
|
|
Packit Service |
3880ab |
if (parse_estimator(&argc, &argv, &est) < 0)
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "help") == 0) {
|
|
Packit Service |
3880ab |
usage();
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
} else {
|
|
Packit Service |
3880ab |
strncpy(k, *argv, sizeof(k)-1);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
q = get_filter_kind(k);
|
|
Packit Service |
3880ab |
argc--; argv++;
|
|
Packit Service |
3880ab |
break;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
argc--; argv++;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (chain_index_set)
|
|
Packit Service |
3880ab |
addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (k[0])
|
|
Packit Service |
3880ab |
addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (d[0]) {
|
|
Packit Service |
3880ab |
ll_init_map(&rth);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
req.t.tcm_ifindex = ll_name_to_index(d);
|
|
Packit Service |
3880ab |
if (req.t.tcm_ifindex == 0) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Cannot find device \"%s\"\n", d);
|
|
Packit Service |
3880ab |
return 1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
} else if (block_index) {
|
|
Packit Service |
3880ab |
req.t.tcm_ifindex = TCM_IFINDEX_MAGIC_BLOCK;
|
|
Packit Service |
3880ab |
req.t.tcm_block_index = block_index;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (q) {
|
|
Packit Service |
3880ab |
if (q->parse_fopt(q, fhandle, argc, argv, &req.n))
|
|
Packit Service |
3880ab |
return 1;
|
|
Packit Service |
3880ab |
} else {
|
|
Packit Service |
3880ab |
if (fhandle) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Must specify filter type when using \"handle\"\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
if (argc) {
|
|
Packit Service |
3880ab |
if (matches(*argv, "help") == 0)
|
|
Packit Service |
3880ab |
usage();
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n",
|
|
Packit Service |
3880ab |
*argv);
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (est.ewma_log)
|
|
Packit Service |
3880ab |
addattr_l(&req.n, sizeof(req), TCA_RATE, &est, sizeof(est));
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (rtnl_talk(&rth, &req.n, NULL) < 0) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "We have an error talking to the kernel\n");
|
|
Packit Service |
3880ab |
return 2;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
static __u32 filter_parent;
|
|
Packit Service |
3880ab |
static int filter_ifindex;
|
|
Packit Service |
3880ab |
static __u32 filter_prio;
|
|
Packit Service |
3880ab |
static __u32 filter_protocol;
|
|
Packit Service |
3880ab |
static __u32 filter_chain_index;
|
|
Packit Service |
3880ab |
static int filter_chain_index_set;
|
|
Packit Service |
3880ab |
static __u32 filter_block_index;
|
|
Packit Service |
3880ab |
__u16 f_proto;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
int print_filter(struct nlmsghdr *n, void *arg)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
FILE *fp = (FILE *)arg;
|
|
Packit Service |
3880ab |
struct tcmsg *t = NLMSG_DATA(n);
|
|
Packit Service |
3880ab |
int len = n->nlmsg_len;
|
|
Packit Service |
3880ab |
struct rtattr *tb[TCA_MAX+1];
|
|
Packit Service |
3880ab |
struct filter_util *q;
|
|
Packit Service |
3880ab |
char abuf[256];
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (n->nlmsg_type != RTM_NEWTFILTER &&
|
|
Packit Service |
3880ab |
n->nlmsg_type != RTM_GETTFILTER &&
|
|
Packit Service |
3880ab |
n->nlmsg_type != RTM_DELTFILTER &&
|
|
Packit Service |
3880ab |
n->nlmsg_type != RTM_NEWCHAIN &&
|
|
Packit Service |
3880ab |
n->nlmsg_type != RTM_GETCHAIN &&
|
|
Packit Service |
3880ab |
n->nlmsg_type != RTM_DELCHAIN) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Not a filter(cmd %d)\n", n->nlmsg_type);
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
len -= NLMSG_LENGTH(sizeof(*t));
|
|
Packit Service |
3880ab |
if (len < 0) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Wrong len %d\n", len);
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
parse_rtattr_flags(tb, TCA_MAX, TCA_RTA(t), len, NLA_F_NESTED);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (tb[TCA_KIND] == NULL && (n->nlmsg_type == RTM_NEWTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_GETTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_DELTFILTER)) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "print_filter: NULL kind\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
open_json_object(NULL);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (n->nlmsg_type == RTM_DELTFILTER || n->nlmsg_type == RTM_DELCHAIN)
|
|
Packit Service |
3880ab |
print_bool(PRINT_ANY, "deleted", "deleted ", true);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if ((n->nlmsg_type == RTM_NEWTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_NEWCHAIN) &&
|
|
Packit Service |
3880ab |
(n->nlmsg_flags & NLM_F_CREATE) &&
|
|
Packit Service |
3880ab |
!(n->nlmsg_flags & NLM_F_EXCL))
|
|
Packit Service |
3880ab |
print_bool(PRINT_ANY, "replaced", "replaced ", true);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if ((n->nlmsg_type == RTM_NEWTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_NEWCHAIN) &&
|
|
Packit Service |
3880ab |
(n->nlmsg_flags & NLM_F_CREATE) &&
|
|
Packit Service |
3880ab |
(n->nlmsg_flags & NLM_F_EXCL))
|
|
Packit Service |
3880ab |
print_bool(PRINT_ANY, "added", "added ", true);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (n->nlmsg_type == RTM_NEWTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_GETTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_DELTFILTER)
|
|
Packit Service |
3880ab |
print_string(PRINT_FP, NULL, "filter ", NULL);
|
|
Packit Service |
3880ab |
else
|
|
Packit Service |
3880ab |
print_string(PRINT_FP, NULL, "chain ", NULL);
|
|
Packit Service |
3880ab |
if (t->tcm_ifindex == TCM_IFINDEX_MAGIC_BLOCK) {
|
|
Packit Service |
3880ab |
if (!filter_block_index ||
|
|
Packit Service |
3880ab |
filter_block_index != t->tcm_block_index)
|
|
Packit Service |
3880ab |
print_uint(PRINT_ANY, "block", "block %u ",
|
|
Packit Service |
3880ab |
t->tcm_block_index);
|
|
Packit Service |
3880ab |
} else {
|
|
Packit Service |
3880ab |
if (!filter_ifindex || filter_ifindex != t->tcm_ifindex)
|
|
Packit Service |
3880ab |
print_devname(PRINT_ANY, t->tcm_ifindex);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (!filter_parent || filter_parent != t->tcm_parent) {
|
|
Packit Service |
3880ab |
if (t->tcm_parent == TC_H_ROOT)
|
|
Packit Service |
3880ab |
print_bool(PRINT_ANY, "root", "root ", true);
|
|
Packit Service |
3880ab |
else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_INGRESS))
|
|
Packit Service |
3880ab |
print_bool(PRINT_ANY, "ingress", "ingress ", true);
|
|
Packit Service |
3880ab |
else if (t->tcm_parent == TC_H_MAKE(TC_H_CLSACT, TC_H_MIN_EGRESS))
|
|
Packit Service |
3880ab |
print_bool(PRINT_ANY, "egress", "egress ", true);
|
|
Packit Service |
3880ab |
else {
|
|
Packit Service |
3880ab |
print_tc_classid(abuf, sizeof(abuf), t->tcm_parent);
|
|
Packit Service |
3880ab |
print_string(PRINT_ANY, "parent", "parent %s ", abuf);
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (t->tcm_info && (n->nlmsg_type == RTM_NEWTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_DELTFILTER ||
|
|
Packit Service |
3880ab |
n->nlmsg_type == RTM_GETTFILTER)) {
|
|
Packit Service |
3880ab |
f_proto = TC_H_MIN(t->tcm_info);
|
|
Packit Service |
3880ab |
__u32 prio = TC_H_MAJ(t->tcm_info)>>16;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (!filter_protocol || filter_protocol != f_proto) {
|
|
Packit Service |
3880ab |
if (f_proto) {
|
|
Packit Service |
3880ab |
SPRINT_BUF(b1);
|
|
Packit Service |
3880ab |
print_string(PRINT_ANY, "protocol",
|
|
Packit Service |
3880ab |
"protocol %s ",
|
|
Packit Service |
3880ab |
ll_proto_n2a(f_proto, b1, sizeof(b1)));
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
if (!filter_prio || filter_prio != prio) {
|
|
Packit Service |
3880ab |
if (prio)
|
|
Packit Service |
3880ab |
print_uint(PRINT_ANY, "pref", "pref %u ", prio);
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
if (tb[TCA_KIND])
|
|
Packit Service |
3880ab |
print_string(PRINT_ANY, "kind", "%s ", rta_getattr_str(tb[TCA_KIND]));
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (tb[TCA_CHAIN]) {
|
|
Packit Service |
3880ab |
__u32 chain_index = rta_getattr_u32(tb[TCA_CHAIN]);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (!filter_chain_index_set ||
|
|
Packit Service |
3880ab |
filter_chain_index != chain_index)
|
|
Packit Service |
3880ab |
print_uint(PRINT_ANY, "chain", "chain %u ",
|
|
Packit Service |
3880ab |
chain_index);
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (tb[TCA_KIND]) {
|
|
Packit Service |
3880ab |
q = get_filter_kind(RTA_DATA(tb[TCA_KIND]));
|
|
Packit Service |
3880ab |
if (tb[TCA_OPTIONS]) {
|
|
Packit Service |
3880ab |
open_json_object("options");
|
|
Packit Service |
3880ab |
if (q)
|
|
Packit Service |
3880ab |
q->print_fopt(q, fp, tb[TCA_OPTIONS], t->tcm_handle);
|
|
Packit Service |
3880ab |
else
|
|
Packit Service |
3880ab |
fprintf(stderr, "cannot parse option parameters\n");
|
|
Packit Service |
3880ab |
close_json_object();
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
print_nl();
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (show_stats && (tb[TCA_STATS] || tb[TCA_STATS2])) {
|
|
Packit Service |
3880ab |
print_tcstats_attr(fp, tb, " ", NULL);
|
|
Packit Service |
3880ab |
print_nl();
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
close_json_object();
|
|
Packit Service |
3880ab |
fflush(fp);
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
static int tc_filter_get(int cmd, unsigned int flags, int argc, char **argv)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
struct {
|
|
Packit Service |
3880ab |
struct nlmsghdr n;
|
|
Packit Service |
3880ab |
struct tcmsg t;
|
|
Packit Service |
3880ab |
char buf[MAX_MSG];
|
|
Packit Service |
3880ab |
} req = {
|
|
Packit Service |
3880ab |
.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
|
|
Packit Service |
3880ab |
/* NLM_F_ECHO is for backward compatibility. old kernels never
|
|
Packit Service |
3880ab |
* respond without it and newer kernels will ignore it.
|
|
Packit Service |
3880ab |
* In old kernels there is a side effect:
|
|
Packit Service |
3880ab |
* In addition to a response to the GET you will receive an
|
|
Packit Service |
3880ab |
* event (if you do tc mon).
|
|
Packit Service |
3880ab |
*/
|
|
Packit Service |
3880ab |
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ECHO | flags,
|
|
Packit Service |
3880ab |
.n.nlmsg_type = cmd,
|
|
Packit Service |
3880ab |
.t.tcm_parent = TC_H_UNSPEC,
|
|
Packit Service |
3880ab |
.t.tcm_family = AF_UNSPEC,
|
|
Packit Service |
3880ab |
};
|
|
Packit Service |
3880ab |
struct nlmsghdr *answer;
|
|
Packit Service |
3880ab |
struct filter_util *q = NULL;
|
|
Packit Service |
3880ab |
__u32 prio = 0;
|
|
Packit Service |
3880ab |
__u32 protocol = 0;
|
|
Packit Service |
3880ab |
int protocol_set = 0;
|
|
Packit Service |
3880ab |
__u32 chain_index;
|
|
Packit Service |
3880ab |
int chain_index_set = 0;
|
|
Packit Service |
3880ab |
__u32 block_index = 0;
|
|
Packit Service |
3880ab |
__u32 parent_handle = 0;
|
|
Packit Service |
3880ab |
char *fhandle = NULL;
|
|
Packit Service |
3880ab |
char d[IFNAMSIZ] = {};
|
|
Packit Service |
3880ab |
char k[FILTER_NAMESZ] = {};
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
while (argc > 0) {
|
|
Packit Service |
3880ab |
if (strcmp(*argv, "dev") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (d[0])
|
|
Packit Service |
3880ab |
duparg("dev", *argv);
|
|
Packit Service |
3880ab |
if (block_index) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
strncpy(d, *argv, sizeof(d)-1);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "block") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (block_index)
|
|
Packit Service |
3880ab |
duparg("block", *argv);
|
|
Packit Service |
3880ab |
if (d[0]) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
if (get_u32(&block_index, *argv, 0) || !block_index)
|
|
Packit Service |
3880ab |
invarg("invalid block index value", *argv);
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "root") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"root\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
req.t.tcm_parent = TC_H_ROOT;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "ingress") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"ingress\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
|
|
Packit Service |
3880ab |
TC_H_MIN_INGRESS);
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "egress") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"egress\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
req.t.tcm_parent = TC_H_MAKE(TC_H_CLSACT,
|
|
Packit Service |
3880ab |
TC_H_MIN_EGRESS);
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "parent") == 0) {
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent)
|
|
Packit Service |
3880ab |
duparg("parent", *argv);
|
|
Packit Service |
3880ab |
if (get_tc_classid(&parent_handle, *argv))
|
|
Packit Service |
3880ab |
invarg("Invalid parent ID", *argv);
|
|
Packit Service |
3880ab |
req.t.tcm_parent = parent_handle;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "handle") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (fhandle)
|
|
Packit Service |
3880ab |
duparg("handle", *argv);
|
|
Packit Service |
3880ab |
fhandle = *argv;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "preference") == 0 ||
|
|
Packit Service |
3880ab |
matches(*argv, "priority") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (prio)
|
|
Packit Service |
3880ab |
duparg("priority", *argv);
|
|
Packit Service |
3880ab |
if (get_u32(&prio, *argv, 0) || prio > 0xFFFF)
|
|
Packit Service |
3880ab |
invarg("invalid priority value", *argv);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "protocol") == 0) {
|
|
Packit Service |
3880ab |
__u16 id;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (protocol_set)
|
|
Packit Service |
3880ab |
duparg("protocol", *argv);
|
|
Packit Service |
3880ab |
if (ll_proto_a2n(&id, *argv))
|
|
Packit Service |
3880ab |
invarg("invalid protocol", *argv);
|
|
Packit Service |
3880ab |
protocol = id;
|
|
Packit Service |
3880ab |
protocol_set = 1;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "chain") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (chain_index_set)
|
|
Packit Service |
3880ab |
duparg("chain", *argv);
|
|
Packit Service |
3880ab |
if (get_u32(&chain_index, *argv, 0))
|
|
Packit Service |
3880ab |
invarg("invalid chain index value", *argv);
|
|
Packit Service |
3880ab |
chain_index_set = 1;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "help") == 0) {
|
|
Packit Service |
3880ab |
usage();
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
} else {
|
|
Packit Service |
3880ab |
if (!**argv)
|
|
Packit Service |
3880ab |
invarg("invalid filter name", *argv);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
strncpy(k, *argv, sizeof(k)-1);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
q = get_filter_kind(k);
|
|
Packit Service |
3880ab |
argc--; argv++;
|
|
Packit Service |
3880ab |
break;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
argc--; argv++;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (cmd == RTM_GETTFILTER) {
|
|
Packit Service |
3880ab |
if (!protocol_set) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Must specify filter protocol\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (!prio) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Must specify filter priority\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (chain_index_set)
|
|
Packit Service |
3880ab |
addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent == TC_H_UNSPEC) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Must specify filter parent\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (cmd == RTM_GETTFILTER) {
|
|
Packit Service |
3880ab |
if (k[0])
|
|
Packit Service |
3880ab |
addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1);
|
|
Packit Service |
3880ab |
else {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Must specify filter type\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (d[0]) {
|
|
Packit Service |
3880ab |
ll_init_map(&rth);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
req.t.tcm_ifindex = ll_name_to_index(d);
|
|
Packit Service |
3880ab |
if (!req.t.tcm_ifindex)
|
|
Packit Service |
3880ab |
return -nodev(d);
|
|
Packit Service |
3880ab |
filter_ifindex = req.t.tcm_ifindex;
|
|
Packit Service |
3880ab |
} else if (block_index) {
|
|
Packit Service |
3880ab |
req.t.tcm_ifindex = TCM_IFINDEX_MAGIC_BLOCK;
|
|
Packit Service |
3880ab |
req.t.tcm_block_index = block_index;
|
|
Packit Service |
3880ab |
filter_block_index = block_index;
|
|
Packit Service |
3880ab |
} else {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Must specify netdevice \"dev\" or block index \"block\"\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (cmd == RTM_GETTFILTER &&
|
|
Packit Service |
3880ab |
q->parse_fopt(q, fhandle, argc, argv, &req.n))
|
|
Packit Service |
3880ab |
return 1;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (!fhandle && cmd == RTM_GETTFILTER) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Must specify filter \"handle\"\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (argc) {
|
|
Packit Service |
3880ab |
if (matches(*argv, "help") == 0)
|
|
Packit Service |
3880ab |
usage();
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n",
|
|
Packit Service |
3880ab |
*argv);
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (rtnl_talk(&rth, &req.n, &answer) < 0) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "We have an error talking to the kernel\n");
|
|
Packit Service |
3880ab |
return 2;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
new_json_obj(json);
|
|
Packit Service |
3880ab |
print_filter(answer, (void *)stdout);
|
|
Packit Service |
3880ab |
delete_json_obj();
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
free(answer);
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
static int tc_filter_list(int cmd, int argc, char **argv)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
struct {
|
|
Packit Service |
3880ab |
struct nlmsghdr n;
|
|
Packit Service |
3880ab |
struct tcmsg t;
|
|
Packit Service |
3880ab |
char buf[MAX_MSG];
|
|
Packit Service |
3880ab |
} req = {
|
|
Packit Service |
3880ab |
.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)),
|
|
Packit Service |
3880ab |
.n.nlmsg_type = cmd,
|
|
Packit Service |
3880ab |
.t.tcm_parent = TC_H_UNSPEC,
|
|
Packit Service |
3880ab |
.t.tcm_family = AF_UNSPEC,
|
|
Packit Service |
3880ab |
};
|
|
Packit Service |
3880ab |
char d[IFNAMSIZ] = {};
|
|
Packit Service |
3880ab |
__u32 prio = 0;
|
|
Packit Service |
3880ab |
__u32 protocol = 0;
|
|
Packit Service |
3880ab |
__u32 chain_index;
|
|
Packit Service |
3880ab |
__u32 block_index = 0;
|
|
Packit Service |
3880ab |
char *fhandle = NULL;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
while (argc > 0) {
|
|
Packit Service |
3880ab |
if (strcmp(*argv, "dev") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (d[0])
|
|
Packit Service |
3880ab |
duparg("dev", *argv);
|
|
Packit Service |
3880ab |
if (block_index) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Error: \"dev\" cannot be used in the same time as \"block\"\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
strncpy(d, *argv, sizeof(d)-1);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "block") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (block_index)
|
|
Packit Service |
3880ab |
duparg("block", *argv);
|
|
Packit Service |
3880ab |
if (d[0]) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Error: \"block\" cannot be used in the same time as \"dev\"\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
if (get_u32(&block_index, *argv, 0) || !block_index)
|
|
Packit Service |
3880ab |
invarg("invalid block index value", *argv);
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "root") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"root\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
filter_parent = req.t.tcm_parent = TC_H_ROOT;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "ingress") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"ingress\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
filter_parent = TC_H_MAKE(TC_H_CLSACT,
|
|
Packit Service |
3880ab |
TC_H_MIN_INGRESS);
|
|
Packit Service |
3880ab |
req.t.tcm_parent = filter_parent;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "egress") == 0) {
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent) {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
"Error: \"egress\" is duplicate parent ID\n");
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
filter_parent = TC_H_MAKE(TC_H_CLSACT,
|
|
Packit Service |
3880ab |
TC_H_MIN_EGRESS);
|
|
Packit Service |
3880ab |
req.t.tcm_parent = filter_parent;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "parent") == 0) {
|
|
Packit Service |
3880ab |
__u32 handle;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (req.t.tcm_parent)
|
|
Packit Service |
3880ab |
duparg("parent", *argv);
|
|
Packit Service |
3880ab |
if (get_tc_classid(&handle, *argv))
|
|
Packit Service |
3880ab |
invarg("invalid parent ID", *argv);
|
|
Packit Service |
3880ab |
filter_parent = req.t.tcm_parent = handle;
|
|
Packit Service |
3880ab |
} else if (strcmp(*argv, "handle") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (fhandle)
|
|
Packit Service |
3880ab |
duparg("handle", *argv);
|
|
Packit Service |
3880ab |
fhandle = *argv;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "preference") == 0 ||
|
|
Packit Service |
3880ab |
matches(*argv, "priority") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (prio)
|
|
Packit Service |
3880ab |
duparg("priority", *argv);
|
|
Packit Service |
3880ab |
if (get_u32(&prio, *argv, 0))
|
|
Packit Service |
3880ab |
invarg("invalid preference", *argv);
|
|
Packit Service |
3880ab |
filter_prio = prio;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "protocol") == 0) {
|
|
Packit Service |
3880ab |
__u16 res;
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (protocol)
|
|
Packit Service |
3880ab |
duparg("protocol", *argv);
|
|
Packit Service |
3880ab |
if (ll_proto_a2n(&res, *argv))
|
|
Packit Service |
3880ab |
invarg("invalid protocol", *argv);
|
|
Packit Service |
3880ab |
protocol = res;
|
|
Packit Service |
3880ab |
filter_protocol = protocol;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "chain") == 0) {
|
|
Packit Service |
3880ab |
NEXT_ARG();
|
|
Packit Service |
3880ab |
if (filter_chain_index_set)
|
|
Packit Service |
3880ab |
duparg("chain", *argv);
|
|
Packit Service |
3880ab |
if (get_u32(&chain_index, *argv, 0))
|
|
Packit Service |
3880ab |
invarg("invalid chain index value", *argv);
|
|
Packit Service |
3880ab |
filter_chain_index_set = 1;
|
|
Packit Service |
3880ab |
filter_chain_index = chain_index;
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "help") == 0) {
|
|
Packit Service |
3880ab |
usage();
|
|
Packit Service |
3880ab |
} else {
|
|
Packit Service |
3880ab |
fprintf(stderr,
|
|
Packit Service |
3880ab |
" What is \"%s\"? Try \"tc filter help\"\n",
|
|
Packit Service |
3880ab |
*argv);
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
argc--; argv++;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
ll_init_map(&rth);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (d[0]) {
|
|
Packit Service |
3880ab |
req.t.tcm_ifindex = ll_name_to_index(d);
|
|
Packit Service |
3880ab |
if (!req.t.tcm_ifindex)
|
|
Packit Service |
3880ab |
return -nodev(d);
|
|
Packit Service |
3880ab |
filter_ifindex = req.t.tcm_ifindex;
|
|
Packit Service |
3880ab |
} else if (block_index) {
|
|
Packit Service |
3880ab |
if (!tc_qdisc_block_exists(block_index)) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Cannot find block \"%u\"\n", block_index);
|
|
Packit Service |
3880ab |
return 1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
req.t.tcm_ifindex = TCM_IFINDEX_MAGIC_BLOCK;
|
|
Packit Service |
3880ab |
req.t.tcm_block_index = block_index;
|
|
Packit Service |
3880ab |
filter_block_index = block_index;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (filter_chain_index_set)
|
|
Packit Service |
3880ab |
addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index);
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
if (rtnl_dump_request_n(&rth, &req.n) < 0) {
|
|
Packit Service |
3880ab |
perror("Cannot send dump request");
|
|
Packit Service |
3880ab |
return 1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
new_json_obj(json);
|
|
Packit Service |
3880ab |
if (rtnl_dump_filter(&rth, print_filter, stdout) < 0) {
|
|
Packit Service |
3880ab |
fprintf(stderr, "Dump terminated\n");
|
|
Packit Service |
3880ab |
return 1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
delete_json_obj();
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
int do_filter(int argc, char **argv)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
if (argc < 1)
|
|
Packit Service |
3880ab |
return tc_filter_list(RTM_GETTFILTER, 0, NULL);
|
|
Packit Service |
3880ab |
if (matches(*argv, "add") == 0)
|
|
Packit Service |
3880ab |
return tc_filter_modify(RTM_NEWTFILTER, NLM_F_EXCL|NLM_F_CREATE,
|
|
Packit Service |
3880ab |
argc-1, argv+1);
|
|
Packit Service |
3880ab |
if (matches(*argv, "change") == 0)
|
|
Packit Service |
3880ab |
return tc_filter_modify(RTM_NEWTFILTER, 0, argc-1, argv+1);
|
|
Packit Service |
3880ab |
if (matches(*argv, "replace") == 0)
|
|
Packit Service |
3880ab |
return tc_filter_modify(RTM_NEWTFILTER, NLM_F_CREATE, argc-1,
|
|
Packit Service |
3880ab |
argv+1);
|
|
Packit Service |
3880ab |
if (matches(*argv, "delete") == 0)
|
|
Packit Service |
3880ab |
return tc_filter_modify(RTM_DELTFILTER, 0, argc-1, argv+1);
|
|
Packit Service |
3880ab |
if (matches(*argv, "get") == 0)
|
|
Packit Service |
3880ab |
return tc_filter_get(RTM_GETTFILTER, 0, argc-1, argv+1);
|
|
Packit Service |
3880ab |
if (matches(*argv, "list") == 0 || matches(*argv, "show") == 0
|
|
Packit Service |
3880ab |
|| matches(*argv, "lst") == 0)
|
|
Packit Service |
3880ab |
return tc_filter_list(RTM_GETTFILTER, argc-1, argv+1);
|
|
Packit Service |
3880ab |
if (matches(*argv, "help") == 0) {
|
|
Packit Service |
3880ab |
usage();
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
fprintf(stderr, "Command \"%s\" is unknown, try \"tc filter help\".\n",
|
|
Packit Service |
3880ab |
*argv);
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
int do_chain(int argc, char **argv)
|
|
Packit Service |
3880ab |
{
|
|
Packit Service |
3880ab |
if (argc < 1)
|
|
Packit Service |
3880ab |
return tc_filter_list(RTM_GETCHAIN, 0, NULL);
|
|
Packit Service |
3880ab |
if (matches(*argv, "add") == 0) {
|
|
Packit Service |
3880ab |
return tc_filter_modify(RTM_NEWCHAIN, NLM_F_EXCL | NLM_F_CREATE,
|
|
Packit Service |
3880ab |
argc - 1, argv + 1);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "delete") == 0) {
|
|
Packit Service |
3880ab |
return tc_filter_modify(RTM_DELCHAIN, 0,
|
|
Packit Service |
3880ab |
argc - 1, argv + 1);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "get") == 0) {
|
|
Packit Service |
3880ab |
return tc_filter_get(RTM_GETCHAIN, 0,
|
|
Packit Service |
3880ab |
argc - 1, argv + 1);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "list") == 0 || matches(*argv, "show") == 0 ||
|
|
Packit Service |
3880ab |
matches(*argv, "lst") == 0) {
|
|
Packit Service |
3880ab |
return tc_filter_list(RTM_GETCHAIN, argc - 1, argv + 1);
|
|
Packit Service |
3880ab |
} else if (matches(*argv, "help") == 0) {
|
|
Packit Service |
3880ab |
chain_usage();
|
|
Packit Service |
3880ab |
return 0;
|
|
Packit Service |
3880ab |
}
|
|
Packit Service |
3880ab |
fprintf(stderr, "Command \"%s\" is unknown, try \"tc chain help\".\n",
|
|
Packit Service |
3880ab |
*argv);
|
|
Packit Service |
3880ab |
return -1;
|
|
Packit Service |
3880ab |
}
|