iproute2/tc/f_fw.c

*de1e4e89SAndroid Build Coastguard Worker/*
*de1e4e89SAndroid Build Coastguard Worker * f_fw.c		FW filter.
*de1e4e89SAndroid Build Coastguard Worker *
*de1e4e89SAndroid Build Coastguard Worker *		This program is free software; you can redistribute it and/or
*de1e4e89SAndroid Build Coastguard Worker *		modify it under the terms of the GNU General Public License
*de1e4e89SAndroid Build Coastguard Worker *		as published by the Free Software Foundation; either version
*de1e4e89SAndroid Build Coastguard Worker *		2 of the License, or (at your option) any later version.
*de1e4e89SAndroid Build Coastguard Worker *
*de1e4e89SAndroid Build Coastguard Worker * Authors:	Alexey Kuznetsov, <[email protected]>
*de1e4e89SAndroid Build Coastguard Worker *
*de1e4e89SAndroid Build Coastguard Worker */
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker#include <stdio.h>
*de1e4e89SAndroid Build Coastguard Worker#include <stdlib.h>
*de1e4e89SAndroid Build Coastguard Worker#include <unistd.h>
*de1e4e89SAndroid Build Coastguard Worker#include <syslog.h>
*de1e4e89SAndroid Build Coastguard Worker#include <fcntl.h>
*de1e4e89SAndroid Build Coastguard Worker#include <sys/socket.h>
*de1e4e89SAndroid Build Coastguard Worker#include <netinet/in.h>
*de1e4e89SAndroid Build Coastguard Worker#include <arpa/inet.h>
*de1e4e89SAndroid Build Coastguard Worker#include <string.h>
*de1e4e89SAndroid Build Coastguard Worker#include <linux/if.h> /* IFNAMSIZ */
*de1e4e89SAndroid Build Coastguard Worker#include "utils.h"
*de1e4e89SAndroid Build Coastguard Worker#include "tc_util.h"
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Workerstatic void explain(void)
*de1e4e89SAndroid Build Coastguard Worker{
*de1e4e89SAndroid Build Coastguard Worker	fprintf(stderr,
*de1e4e89SAndroid Build Coastguard Worker		"Usage: ... fw [ classid CLASSID ] [ indev DEV ] [ action ACTION_SPEC ]\n");
*de1e4e89SAndroid Build Coastguard Worker	fprintf(stderr,
*de1e4e89SAndroid Build Coastguard Worker		"       CLASSID := Push matching packets to the class identified by CLASSID with format X:Y\n");
*de1e4e89SAndroid Build Coastguard Worker	fprintf(stderr,
*de1e4e89SAndroid Build Coastguard Worker		"                  CLASSID is parsed as hexadecimal input.\n");
*de1e4e89SAndroid Build Coastguard Worker	fprintf(stderr,
*de1e4e89SAndroid Build Coastguard Worker		"       DEV := specify device for incoming device classification.\n");
*de1e4e89SAndroid Build Coastguard Worker	fprintf(stderr,
*de1e4e89SAndroid Build Coastguard Worker		"       ACTION_SPEC := Apply an action on matching packets.\n");
*de1e4e89SAndroid Build Coastguard Worker	fprintf(stderr,
*de1e4e89SAndroid Build Coastguard Worker		"       NOTE: handle is represented as HANDLE[/FWMASK].\n");
*de1e4e89SAndroid Build Coastguard Worker	fprintf(stderr, "             FWMASK is 0xffffffff by default.\n");
*de1e4e89SAndroid Build Coastguard Worker}
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Workerstatic int fw_parse_opt(struct filter_util *qu, char *handle, int argc, char **argv, struct nlmsghdr *n)
*de1e4e89SAndroid Build Coastguard Worker{
*de1e4e89SAndroid Build Coastguard Worker	struct tcmsg *t = NLMSG_DATA(n);
*de1e4e89SAndroid Build Coastguard Worker	struct rtattr *tail;
*de1e4e89SAndroid Build Coastguard Worker	__u32 mask = 0;
*de1e4e89SAndroid Build Coastguard Worker	int mask_set = 0;
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (handle) {
*de1e4e89SAndroid Build Coastguard Worker		char *slash;
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker		if ((slash = strchr(handle, '/')) != NULL)
*de1e4e89SAndroid Build Coastguard Worker			*slash = '\0';
*de1e4e89SAndroid Build Coastguard Worker		if (get_u32(&t->tcm_handle, handle, 0)) {
*de1e4e89SAndroid Build Coastguard Worker			fprintf(stderr, "Illegal \"handle\"\n");
*de1e4e89SAndroid Build Coastguard Worker			return -1;
*de1e4e89SAndroid Build Coastguard Worker		}
*de1e4e89SAndroid Build Coastguard Worker		if (slash) {
*de1e4e89SAndroid Build Coastguard Worker			if (get_u32(&mask, slash+1, 0)) {
*de1e4e89SAndroid Build Coastguard Worker				fprintf(stderr, "Illegal \"handle\" mask\n");
*de1e4e89SAndroid Build Coastguard Worker				return -1;
*de1e4e89SAndroid Build Coastguard Worker			}
*de1e4e89SAndroid Build Coastguard Worker			mask_set = 1;
*de1e4e89SAndroid Build Coastguard Worker		}
*de1e4e89SAndroid Build Coastguard Worker	}
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (argc == 0)
*de1e4e89SAndroid Build Coastguard Worker		return 0;
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	tail = NLMSG_TAIL(n);
*de1e4e89SAndroid Build Coastguard Worker	addattr_l(n, 4096, TCA_OPTIONS, NULL, 0);
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (mask_set)
*de1e4e89SAndroid Build Coastguard Worker		addattr32(n, MAX_MSG, TCA_FW_MASK, mask);
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	while (argc > 0) {
*de1e4e89SAndroid Build Coastguard Worker		if (matches(*argv, "classid") == 0 ||
*de1e4e89SAndroid Build Coastguard Worker		    matches(*argv, "flowid") == 0) {
*de1e4e89SAndroid Build Coastguard Worker			unsigned int handle;
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker			NEXT_ARG();
*de1e4e89SAndroid Build Coastguard Worker			if (get_tc_classid(&handle, *argv)) {
*de1e4e89SAndroid Build Coastguard Worker				fprintf(stderr, "Illegal \"classid\"\n");
*de1e4e89SAndroid Build Coastguard Worker				return -1;
*de1e4e89SAndroid Build Coastguard Worker			}
*de1e4e89SAndroid Build Coastguard Worker			addattr_l(n, 4096, TCA_FW_CLASSID, &handle, 4);
*de1e4e89SAndroid Build Coastguard Worker		} else if (matches(*argv, "police") == 0) {
*de1e4e89SAndroid Build Coastguard Worker			NEXT_ARG();
*de1e4e89SAndroid Build Coastguard Worker			if (parse_police(&argc, &argv, TCA_FW_POLICE, n)) {
*de1e4e89SAndroid Build Coastguard Worker				fprintf(stderr, "Illegal \"police\"\n");
*de1e4e89SAndroid Build Coastguard Worker				return -1;
*de1e4e89SAndroid Build Coastguard Worker			}
*de1e4e89SAndroid Build Coastguard Worker			continue;
*de1e4e89SAndroid Build Coastguard Worker		} else if (matches(*argv, "action") == 0) {
*de1e4e89SAndroid Build Coastguard Worker			NEXT_ARG();
*de1e4e89SAndroid Build Coastguard Worker			if (parse_action(&argc, &argv, TCA_FW_ACT, n)) {
*de1e4e89SAndroid Build Coastguard Worker				fprintf(stderr, "Illegal fw \"action\"\n");
*de1e4e89SAndroid Build Coastguard Worker				return -1;
*de1e4e89SAndroid Build Coastguard Worker			}
*de1e4e89SAndroid Build Coastguard Worker			continue;
*de1e4e89SAndroid Build Coastguard Worker		} else if (strcmp(*argv, "indev") == 0) {
*de1e4e89SAndroid Build Coastguard Worker			char d[IFNAMSIZ+1] = {};
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker			argc--;
*de1e4e89SAndroid Build Coastguard Worker			argv++;
*de1e4e89SAndroid Build Coastguard Worker			if (argc < 1) {
*de1e4e89SAndroid Build Coastguard Worker				fprintf(stderr, "Illegal indev\n");
*de1e4e89SAndroid Build Coastguard Worker				return -1;
*de1e4e89SAndroid Build Coastguard Worker			}
*de1e4e89SAndroid Build Coastguard Worker			strncpy(d, *argv, sizeof(d) - 1);
*de1e4e89SAndroid Build Coastguard Worker			addattr_l(n, MAX_MSG, TCA_FW_INDEV, d, strlen(d) + 1);
*de1e4e89SAndroid Build Coastguard Worker		} else if (strcmp(*argv, "help") == 0) {
*de1e4e89SAndroid Build Coastguard Worker			explain();
*de1e4e89SAndroid Build Coastguard Worker			return -1;
*de1e4e89SAndroid Build Coastguard Worker		} else {
*de1e4e89SAndroid Build Coastguard Worker			fprintf(stderr, "What is \"%s\"?\n", *argv);
*de1e4e89SAndroid Build Coastguard Worker			explain();
*de1e4e89SAndroid Build Coastguard Worker			return -1;
*de1e4e89SAndroid Build Coastguard Worker		}
*de1e4e89SAndroid Build Coastguard Worker		argc--; argv++;
*de1e4e89SAndroid Build Coastguard Worker	}
*de1e4e89SAndroid Build Coastguard Worker	tail->rta_len = (void *) NLMSG_TAIL(n) - (void *) tail;
*de1e4e89SAndroid Build Coastguard Worker	return 0;
*de1e4e89SAndroid Build Coastguard Worker}
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Workerstatic int fw_print_opt(struct filter_util *qu, FILE *f, struct rtattr *opt, __u32 handle)
*de1e4e89SAndroid Build Coastguard Worker{
*de1e4e89SAndroid Build Coastguard Worker	struct rtattr *tb[TCA_FW_MAX+1];
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (opt == NULL)
*de1e4e89SAndroid Build Coastguard Worker		return 0;
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	parse_rtattr_nested(tb, TCA_FW_MAX, opt);
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (handle || tb[TCA_FW_MASK]) {
*de1e4e89SAndroid Build Coastguard Worker		__u32 mark = 0, mask = 0;
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker		if (handle)
*de1e4e89SAndroid Build Coastguard Worker			mark = handle;
*de1e4e89SAndroid Build Coastguard Worker		if (tb[TCA_FW_MASK] &&
*de1e4e89SAndroid Build Coastguard Worker		    (mask = rta_getattr_u32(tb[TCA_FW_MASK])) != 0xFFFFFFFF)
*de1e4e89SAndroid Build Coastguard Worker			fprintf(f, "handle 0x%x/0x%x ", mark, mask);
*de1e4e89SAndroid Build Coastguard Worker		else
*de1e4e89SAndroid Build Coastguard Worker			fprintf(f, "handle 0x%x ", handle);
*de1e4e89SAndroid Build Coastguard Worker	}
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (tb[TCA_FW_CLASSID]) {
*de1e4e89SAndroid Build Coastguard Worker		SPRINT_BUF(b1);
*de1e4e89SAndroid Build Coastguard Worker		fprintf(f, "classid %s ", sprint_tc_classid(rta_getattr_u32(tb[TCA_FW_CLASSID]), b1));
*de1e4e89SAndroid Build Coastguard Worker	}
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (tb[TCA_FW_POLICE])
*de1e4e89SAndroid Build Coastguard Worker		tc_print_police(f, tb[TCA_FW_POLICE]);
*de1e4e89SAndroid Build Coastguard Worker	if (tb[TCA_FW_INDEV]) {
*de1e4e89SAndroid Build Coastguard Worker		struct rtattr *idev = tb[TCA_FW_INDEV];
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker		fprintf(f, "input dev %s ", rta_getattr_str(idev));
*de1e4e89SAndroid Build Coastguard Worker	}
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Worker	if (tb[TCA_FW_ACT]) {
*de1e4e89SAndroid Build Coastguard Worker		fprintf(f, "\n");
*de1e4e89SAndroid Build Coastguard Worker		tc_print_action(f, tb[TCA_FW_ACT], 0);
*de1e4e89SAndroid Build Coastguard Worker	}
*de1e4e89SAndroid Build Coastguard Worker	return 0;
*de1e4e89SAndroid Build Coastguard Worker}
*de1e4e89SAndroid Build Coastguard Worker
*de1e4e89SAndroid Build Coastguard Workerstruct filter_util fw_filter_util = {
*de1e4e89SAndroid Build Coastguard Worker	.id = "fw",
*de1e4e89SAndroid Build Coastguard Worker	.parse_fopt = fw_parse_opt,
*de1e4e89SAndroid Build Coastguard Worker	.print_fopt = fw_print_opt,
*de1e4e89SAndroid Build Coastguard Worker};