m_mirred.c revision ae665a522bd46bea44c5ea84c89c8b1731954170 
1/*
2 * m_egress.c		ingress/egress packet mirror/redir actions module
3 *
4 *		This program is free software; you can distribute it and/or
5 *		modify it under the terms of the GNU General Public License
6 *		as published by the Free Software Foundation; either version
7 *		2 of the License, or (at your option) any later version.
8 *
9 * Authors:  J Hadi Salim (hadi@cyberus.ca)
10 *
11 * TODO: Add Ingress support
12 *
13 */
14
15#include <stdio.h>
16#include <stdlib.h>
17#include <unistd.h>
18#include <syslog.h>
19#include <fcntl.h>
20#include <sys/socket.h>
21#include <netinet/in.h>
22#include <arpa/inet.h>
23#include <string.h>
24#include "utils.h"
25#include "tc_util.h"
26#include "tc_common.h"
27#include <linux/tc_act/tc_mirred.h>
28
29int mirred_d = 1;
30
31static void
32explain(void)
33{
34	fprintf(stderr, "Usage: mirred <DIRECTION> <ACTION> [index INDEX] <dev DEVICENAME> \n");
35	fprintf(stderr, "where: \n");
36	fprintf(stderr, "\tDIRECTION := <ingress | egress>\n");
37	fprintf(stderr, "\tACTION := <mirror | redirect>\n");
38	fprintf(stderr, "\tINDEX  is the specific policy instance id\n");
39	fprintf(stderr, "\tDEVICENAME is the devicename \n");
40
41}
42
43static void
44usage(void)
45{
46	explain();
47	exit(-1);
48}
49
50char *mirred_n2a(int action)
51{
52	switch (action) {
53	case TCA_EGRESS_REDIR:
54		return "Egress Redirect";
55	case TCA_INGRESS_REDIR:
56		return "Ingress Redirect";
57	case TCA_EGRESS_MIRROR:
58		return "Egress Mirror";
59	case TCA_INGRESS_MIRROR:
60		return "Ingress Mirror";
61	default:
62		return "unknown";
63	}
64}
65
66int
67parse_egress(struct action_util *a, int *argc_p, char ***argv_p, int tca_id, struct nlmsghdr *n)
68{
69
70	int argc = *argc_p;
71	char **argv = *argv_p;
72	int ok = 0, iok = 0, mirror=0,redir=0;
73	struct tc_mirred p;
74	struct rtattr *tail;
75	char d[16];
76
77	memset(d,0,sizeof(d)-1);
78	memset(&p,0,sizeof(struct tc_mirred));
79
80	while (argc > 0) {
81
82		if (matches(*argv, "action") == 0) {
83			break;
84		} else if (matches(*argv, "egress") == 0) {
85			NEXT_ARG();
86			ok++;
87			continue;
88		} else {
89
90			if (matches(*argv, "index") == 0) {
91				NEXT_ARG();
92				if (get_u32(&p.index, *argv, 10)) {
93					fprintf(stderr, "Illegal \"index\"\n");
94					return -1;
95				}
96				iok++;
97				if (!ok) {
98					argc--;
99					argv++;
100					break;
101				}
102			} else if(!ok) {
103				fprintf(stderr, "was expecting egress (%s)\n", *argv);
104				break;
105
106			} else if (!mirror && matches(*argv, "mirror") == 0) {
107				mirror=1;
108				if (redir) {
109					fprintf(stderr, "Cant have both mirror and redir\n");
110					return -1;
111				}
112				p.eaction = TCA_EGRESS_MIRROR;
113				p.action = TC_ACT_PIPE;
114				ok++;
115			} else if (!redir && matches(*argv, "redirect") == 0) {
116				redir=1;
117				if (mirror) {
118					fprintf(stderr, "Cant have both mirror and redir\n");
119					return -1;
120				}
121				p.eaction = TCA_EGRESS_REDIR;
122				p.action = TC_ACT_STOLEN;
123				ok++;
124			} else if ((redir || mirror) && matches(*argv, "dev") == 0) {
125				NEXT_ARG();
126				if (strlen(d))
127					duparg("dev", *argv);
128
129				strncpy(d, *argv, sizeof(d)-1);
130				argc--;
131				argv++;
132
133				break;
134
135			}
136		}
137
138		NEXT_ARG();
139	}
140
141	if (!ok && !iok) {
142		return -1;
143	}
144
145
146
147	if (d[0])  {
148		int idx;
149		ll_init_map(&rth);
150
151		if ((idx = ll_name_to_index(d)) == 0) {
152			fprintf(stderr, "Cannot find device \"%s\"\n", d);
153			return -1;
154		}
155
156		p.ifindex = idx;
157	}
158
159
160	if (argc && p.eaction == TCA_EGRESS_MIRROR) {
161
162		if (matches(*argv, "reclassify") == 0) {
163			p.action = TC_POLICE_RECLASSIFY;
164			NEXT_ARG();
165		} else if (matches(*argv, "pipe") == 0) {
166			p.action = TC_POLICE_PIPE;
167			NEXT_ARG();
168		} else if (matches(*argv, "drop") == 0 ||
169			   matches(*argv, "shot") == 0) {
170			p.action = TC_POLICE_SHOT;
171			NEXT_ARG();
172		} else if (matches(*argv, "continue") == 0) {
173			p.action = TC_POLICE_UNSPEC;
174			NEXT_ARG();
175		} else if (matches(*argv, "pass") == 0) {
176			p.action = TC_POLICE_OK;
177			NEXT_ARG();
178		}
179
180	}
181
182	if (argc) {
183		if (iok && matches(*argv, "index") == 0) {
184			fprintf(stderr, "mirred: Illegal double index\n");
185			return -1;
186		} else {
187			if (matches(*argv, "index") == 0) {
188				NEXT_ARG();
189				if (get_u32(&p.index, *argv, 10)) {
190					fprintf(stderr, "mirred: Illegal \"index\"\n");
191					return -1;
192				}
193				argc--;
194				argv++;
195			}
196		}
197	}
198
199	if (mirred_d)
200		fprintf(stdout, "Action %d device %s ifindex %d\n",p.action, d,p.ifindex);
201
202	tail = NLMSG_TAIL(n);
203	addattr_l(n, MAX_MSG, tca_id, NULL, 0);
204	addattr_l(n, MAX_MSG, TCA_MIRRED_PARMS, &p, sizeof (p));
205	tail->rta_len = (void *) NLMSG_TAIL(n) - (void *) tail;
206
207	*argc_p = argc;
208	*argv_p = argv;
209	return 0;
210}
211
212
213int
214parse_mirred(struct action_util *a, int *argc_p, char ***argv_p, int tca_id, struct nlmsghdr *n)
215{
216
217	int argc = *argc_p;
218	char **argv = *argv_p;
219
220	if (argc < 0) {
221		fprintf(stderr,"mirred bad arguement count %d\n", argc);
222		return -1;
223	}
224
225	if (matches(*argv, "mirred") == 0) {
226		NEXT_ARG();
227	} else {
228		fprintf(stderr,"mirred bad arguement %s\n", *argv);
229		return -1;
230	}
231
232
233	if (matches(*argv, "egress") == 0 || matches(*argv, "index") == 0) {
234		int ret = parse_egress(a, &argc, &argv, tca_id, n);
235		if (ret == 0) {
236			*argc_p = argc;
237			*argv_p = argv;
238			return 0;
239		}
240
241	} else if (matches(*argv, "ingress") == 0) {
242		fprintf(stderr,"mirred ingress not supported at the moment\n");
243	} else if (matches(*argv, "help") == 0) {
244		usage();
245	} else {
246		fprintf(stderr,"mirred option not supported %s\n", *argv);
247	}
248
249	return -1;
250
251}
252
253int
254print_mirred(struct action_util *au,FILE * f, struct rtattr *arg)
255{
256	struct tc_mirred *p;
257	struct rtattr *tb[TCA_MIRRED_MAX + 1];
258	const char *dev;
259	SPRINT_BUF(b1);
260
261	if (arg == NULL)
262		return -1;
263
264	parse_rtattr_nested(tb, TCA_MIRRED_MAX, arg);
265
266	if (tb[TCA_MIRRED_PARMS] == NULL) {
267		fprintf(f, "[NULL mirred parameters]");
268		return -1;
269	}
270	p = RTA_DATA(tb[TCA_MIRRED_PARMS]);
271
272	/*
273	ll_init_map(&rth);
274	*/
275
276
277	if ((dev = ll_index_to_name(p->ifindex)) == 0) {
278		fprintf(stderr, "Cannot find device %d\n", p->ifindex);
279		return -1;
280	}
281
282	fprintf(f, "mirred (%s to device %s) %s", mirred_n2a(p->eaction), dev,action_n2a(p->action, b1, sizeof (b1)));
283
284	fprintf(f, "\n ");
285	fprintf(f, "\tindex %d ref %d bind %d",p->index,p->refcnt,p->bindcnt);
286
287	if (show_stats) {
288		if (tb[TCA_MIRRED_TM]) {
289			struct tcf_t *tm = RTA_DATA(tb[TCA_MIRRED_TM]);
290			print_tm(f,tm);
291		}
292	}
293	fprintf(f, "\n ");
294	return 0;
295}
296
297struct action_util mirred_action_util = {
298	.id = "mirred",
299	.parse_aopt = parse_mirred,
300	.print_aopt = print_mirred,
301};
302