1 /*
2 * m_tunnel_key.c ip tunnel manipulation module
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Amir Vadai <amir@vadai.me>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <string.h>
16 #include <linux/if_ether.h>
17 #include "utils.h"
18 #include "rt_names.h"
19 #include "tc_util.h"
20 #include <linux/tc_act/tc_tunnel_key.h>
21
explain(void)22 static void explain(void)
23 {
24 fprintf(stderr, "Usage: tunnel_key unset\n");
25 fprintf(stderr, " tunnel_key set <TUNNEL_KEY>\n");
26 fprintf(stderr,
27 "Where TUNNEL_KEY is a combination of:\n"
28 "id <TUNNELID> (mandatory)\n"
29 "src_ip <IP> (mandatory)\n"
30 "dst_ip <IP> (mandatory)\n"
31 "dst_port <UDP_PORT>\n"
32 "csum | nocsum (default is \"csum\")\n");
33 }
34
usage(void)35 static void usage(void)
36 {
37 explain();
38 exit(-1);
39 }
40
tunnel_key_parse_ip_addr(const char * str,int addr4_type,int addr6_type,struct nlmsghdr * n)41 static int tunnel_key_parse_ip_addr(const char *str, int addr4_type,
42 int addr6_type, struct nlmsghdr *n)
43 {
44 inet_prefix addr;
45 int ret;
46
47 ret = get_addr(&addr, str, AF_UNSPEC);
48 if (ret)
49 return ret;
50
51 addattr_l(n, MAX_MSG, addr.family == AF_INET ? addr4_type : addr6_type,
52 addr.data, addr.bytelen);
53
54 return 0;
55 }
56
tunnel_key_parse_key_id(const char * str,int type,struct nlmsghdr * n)57 static int tunnel_key_parse_key_id(const char *str, int type,
58 struct nlmsghdr *n)
59 {
60 __be32 key_id;
61 int ret;
62
63 ret = get_be32(&key_id, str, 10);
64 if (!ret)
65 addattr32(n, MAX_MSG, type, key_id);
66
67 return ret;
68 }
69
tunnel_key_parse_dst_port(char * str,int type,struct nlmsghdr * n)70 static int tunnel_key_parse_dst_port(char *str, int type, struct nlmsghdr *n)
71 {
72 int ret;
73 __be16 dst_port;
74
75 ret = get_be16(&dst_port, str, 10);
76 if (ret)
77 return -1;
78
79 addattr16(n, MAX_MSG, type, dst_port);
80
81 return 0;
82 }
83
parse_tunnel_key(struct action_util * a,int * argc_p,char *** argv_p,int tca_id,struct nlmsghdr * n)84 static int parse_tunnel_key(struct action_util *a, int *argc_p, char ***argv_p,
85 int tca_id, struct nlmsghdr *n)
86 {
87 struct tc_tunnel_key parm = {};
88 char **argv = *argv_p;
89 int argc = *argc_p;
90 struct rtattr *tail;
91 int action = 0;
92 int ret;
93 int has_src_ip = 0;
94 int has_dst_ip = 0;
95 int has_key_id = 0;
96 int csum = 1;
97
98 if (matches(*argv, "tunnel_key") != 0)
99 return -1;
100
101 tail = NLMSG_TAIL(n);
102 addattr_l(n, MAX_MSG, tca_id, NULL, 0);
103
104 NEXT_ARG();
105
106 while (argc > 0) {
107 if (matches(*argv, "unset") == 0) {
108 if (action) {
109 fprintf(stderr, "unexpected \"%s\" - action already specified\n",
110 *argv);
111 explain();
112 return -1;
113 }
114 action = TCA_TUNNEL_KEY_ACT_RELEASE;
115 } else if (matches(*argv, "set") == 0) {
116 if (action) {
117 fprintf(stderr, "unexpected \"%s\" - action already specified\n",
118 *argv);
119 explain();
120 return -1;
121 }
122 action = TCA_TUNNEL_KEY_ACT_SET;
123 } else if (matches(*argv, "src_ip") == 0) {
124 NEXT_ARG();
125 ret = tunnel_key_parse_ip_addr(*argv,
126 TCA_TUNNEL_KEY_ENC_IPV4_SRC,
127 TCA_TUNNEL_KEY_ENC_IPV6_SRC,
128 n);
129 if (ret < 0) {
130 fprintf(stderr, "Illegal \"src_ip\"\n");
131 return -1;
132 }
133 has_src_ip = 1;
134 } else if (matches(*argv, "dst_ip") == 0) {
135 NEXT_ARG();
136 ret = tunnel_key_parse_ip_addr(*argv,
137 TCA_TUNNEL_KEY_ENC_IPV4_DST,
138 TCA_TUNNEL_KEY_ENC_IPV6_DST,
139 n);
140 if (ret < 0) {
141 fprintf(stderr, "Illegal \"dst_ip\"\n");
142 return -1;
143 }
144 has_dst_ip = 1;
145 } else if (matches(*argv, "id") == 0) {
146 NEXT_ARG();
147 ret = tunnel_key_parse_key_id(*argv, TCA_TUNNEL_KEY_ENC_KEY_ID, n);
148 if (ret < 0) {
149 fprintf(stderr, "Illegal \"id\"\n");
150 return -1;
151 }
152 has_key_id = 1;
153 } else if (matches(*argv, "dst_port") == 0) {
154 NEXT_ARG();
155 ret = tunnel_key_parse_dst_port(*argv,
156 TCA_TUNNEL_KEY_ENC_DST_PORT, n);
157 if (ret < 0) {
158 fprintf(stderr, "Illegal \"dst port\"\n");
159 return -1;
160 }
161 } else if (matches(*argv, "csum") == 0) {
162 csum = 1;
163 } else if (matches(*argv, "nocsum") == 0) {
164 csum = 0;
165 } else if (matches(*argv, "help") == 0) {
166 usage();
167 } else {
168 break;
169 }
170 NEXT_ARG_FWD();
171 }
172
173 addattr8(n, MAX_MSG, TCA_TUNNEL_KEY_NO_CSUM, !csum);
174
175 parse_action_control_dflt(&argc, &argv, &parm.action,
176 false, TC_ACT_PIPE);
177
178 if (argc) {
179 if (matches(*argv, "index") == 0) {
180 NEXT_ARG();
181 if (get_u32(&parm.index, *argv, 10)) {
182 fprintf(stderr, "tunnel_key: Illegal \"index\"\n");
183 return -1;
184 }
185
186 NEXT_ARG_FWD();
187 }
188 }
189
190 if (action == TCA_TUNNEL_KEY_ACT_SET &&
191 (!has_src_ip || !has_dst_ip || !has_key_id)) {
192 fprintf(stderr, "set needs tunnel_key parameters\n");
193 explain();
194 return -1;
195 }
196
197 parm.t_action = action;
198 addattr_l(n, MAX_MSG, TCA_TUNNEL_KEY_PARMS, &parm, sizeof(parm));
199 tail->rta_len = (char *)NLMSG_TAIL(n) - (char *)tail;
200
201 *argc_p = argc;
202 *argv_p = argv;
203
204 return 0;
205 }
206
tunnel_key_print_ip_addr(FILE * f,const char * name,struct rtattr * attr)207 static void tunnel_key_print_ip_addr(FILE *f, const char *name,
208 struct rtattr *attr)
209 {
210 int family;
211 size_t len;
212
213 if (!attr)
214 return;
215
216 len = RTA_PAYLOAD(attr);
217
218 if (len == 4)
219 family = AF_INET;
220 else if (len == 16)
221 family = AF_INET6;
222 else
223 return;
224
225 fprintf(f, "\n\t%s %s", name, rt_addr_n2a_rta(family, attr));
226 }
227
tunnel_key_print_key_id(FILE * f,const char * name,struct rtattr * attr)228 static void tunnel_key_print_key_id(FILE *f, const char *name,
229 struct rtattr *attr)
230 {
231 if (!attr)
232 return;
233 fprintf(f, "\n\t%s %d", name, rta_getattr_be32(attr));
234 }
235
tunnel_key_print_dst_port(FILE * f,char * name,struct rtattr * attr)236 static void tunnel_key_print_dst_port(FILE *f, char *name,
237 struct rtattr *attr)
238 {
239 if (!attr)
240 return;
241 fprintf(f, "\n\t%s %d", name, rta_getattr_be16(attr));
242 }
243
tunnel_key_print_flag(FILE * f,const char * name_on,const char * name_off,struct rtattr * attr)244 static void tunnel_key_print_flag(FILE *f, const char *name_on,
245 const char *name_off,
246 struct rtattr *attr)
247 {
248 if (!attr)
249 return;
250 fprintf(f, "\n\t%s", rta_getattr_u8(attr) ? name_on : name_off);
251 }
252
print_tunnel_key(struct action_util * au,FILE * f,struct rtattr * arg)253 static int print_tunnel_key(struct action_util *au, FILE *f, struct rtattr *arg)
254 {
255 struct rtattr *tb[TCA_TUNNEL_KEY_MAX + 1];
256 struct tc_tunnel_key *parm;
257
258 if (!arg)
259 return -1;
260
261 parse_rtattr_nested(tb, TCA_TUNNEL_KEY_MAX, arg);
262
263 if (!tb[TCA_TUNNEL_KEY_PARMS]) {
264 fprintf(f, "[NULL tunnel_key parameters]");
265 return -1;
266 }
267 parm = RTA_DATA(tb[TCA_TUNNEL_KEY_PARMS]);
268
269 fprintf(f, "tunnel_key");
270
271 switch (parm->t_action) {
272 case TCA_TUNNEL_KEY_ACT_RELEASE:
273 fprintf(f, " unset");
274 break;
275 case TCA_TUNNEL_KEY_ACT_SET:
276 fprintf(f, " set");
277 tunnel_key_print_ip_addr(f, "src_ip",
278 tb[TCA_TUNNEL_KEY_ENC_IPV4_SRC]);
279 tunnel_key_print_ip_addr(f, "dst_ip",
280 tb[TCA_TUNNEL_KEY_ENC_IPV4_DST]);
281 tunnel_key_print_ip_addr(f, "src_ip",
282 tb[TCA_TUNNEL_KEY_ENC_IPV6_SRC]);
283 tunnel_key_print_ip_addr(f, "dst_ip",
284 tb[TCA_TUNNEL_KEY_ENC_IPV6_DST]);
285 tunnel_key_print_key_id(f, "key_id",
286 tb[TCA_TUNNEL_KEY_ENC_KEY_ID]);
287 tunnel_key_print_dst_port(f, "dst_port",
288 tb[TCA_TUNNEL_KEY_ENC_DST_PORT]);
289 tunnel_key_print_flag(f, "nocsum", "csum",
290 tb[TCA_TUNNEL_KEY_NO_CSUM]);
291 break;
292 }
293 print_action_control(f, " ", parm->action, "");
294
295 fprintf(f, "\n\tindex %d ref %d bind %d", parm->index, parm->refcnt,
296 parm->bindcnt);
297
298 if (show_stats) {
299 if (tb[TCA_TUNNEL_KEY_TM]) {
300 struct tcf_t *tm = RTA_DATA(tb[TCA_TUNNEL_KEY_TM]);
301
302 print_tm(f, tm);
303 }
304 }
305
306 fprintf(f, "\n ");
307
308 return 0;
309 }
310
311 struct action_util tunnel_key_action_util = {
312 .id = "tunnel_key",
313 .parse_aopt = parse_tunnel_key,
314 .print_aopt = print_tunnel_key,
315 };
316