m_pedit.c revision 6107d297aca301a0e2fdefce63a451131a98d66f
1/* 2 * m_pedit.c generic packet editor actions module 3 * 4 * This program is free software; you can distribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Authors: J Hadi Salim (hadi@cyberus.ca) 10 * 11 * TODO: 12 * 1) Big endian broken in some spots 13 * 2) A lot of this stuff was added on the fly; get a big double-double 14 * and clean it up at some point. 15 * 16 */ 17 18#include <stdio.h> 19#include <stdlib.h> 20#include <unistd.h> 21#include <syslog.h> 22#include <fcntl.h> 23#include <sys/socket.h> 24#include <netinet/in.h> 25#include <arpa/inet.h> 26#include <string.h> 27#include <dlfcn.h> 28#include "utils.h" 29#include "tc_util.h" 30#include "m_pedit.h" 31 32static struct m_pedit_util *pedit_list; 33int pedit_debug = 1; 34 35static void 36p_explain(void) 37{ 38 fprintf(stderr, "Usage: ... pedit <MUNGE>\n"); 39 fprintf(stderr, 40 "Where: MUNGE := <RAW>|<LAYERED>\n" 41 "<RAW>:= <OFFSETC>[ATC]<CMD>\n " 42 "OFFSETC:= offset <offval> <u8|u16|u32>\n " 43 "ATC:= at <atval> offmask <maskval> shift <shiftval>\n " 44 "NOTE: offval is byte offset, must be multiple of 4\n " 45 "NOTE: maskval is a 32 bit hex number\n " 46 "NOTE: shiftval is a is a shift value\n " 47 "CMD:= clear | invert | set <setval>| retain\n " 48 "<LAYERED>:= ip <ipdata> | ip6 <ip6data> \n " 49 " | udp <udpdata> | tcp <tcpdata> | icmp <icmpdata> \n" 50 "For Example usage look at the examples directory"); 51 52} 53 54#define usage() return(-1) 55 56static int 57pedit_parse_nopopt (int *argc_p, char ***argv_p,struct tc_pedit_sel *sel,struct tc_pedit_key *tkey) 58{ 59 int argc = *argc_p; 60 char **argv = *argv_p; 61 62 if (argc) { 63 fprintf(stderr, "Unknown action hence option \"%s\" is unparsable\n", *argv); 64 return -1; 65 } 66 67 return 0; 68 69} 70 71struct m_pedit_util 72*get_pedit_kind(char *str) 73{ 74 static void *pBODY; 75 void *dlh; 76 char buf[256]; 77 struct m_pedit_util *p; 78 79 for (p = pedit_list; p; p = p->next) { 80 if (strcmp(p->id, str) == 0) 81 return p; 82 } 83 84 snprintf(buf, sizeof(buf), "p_%s.so", str); 85 dlh = dlopen(buf, RTLD_LAZY); 86 if (dlh == NULL) { 87 dlh = pBODY; 88 if (dlh == NULL) { 89 dlh = pBODY = dlopen(NULL, RTLD_LAZY); 90 if (dlh == NULL) 91 goto noexist; 92 } 93 } 94 95 snprintf(buf, sizeof(buf), "p_pedit_%s", str); 96 p = dlsym(dlh, buf); 97 if (p == NULL) 98 goto noexist; 99 100reg: 101 p->next = pedit_list; 102 pedit_list = p; 103 return p; 104 105noexist: 106 p = malloc(sizeof(*p)); 107 if (p) { 108 memset(p, 0, sizeof(*p)); 109 strncpy(p->id, str, sizeof(p->id)-1); 110 p->parse_peopt = pedit_parse_nopopt; 111 goto reg; 112 } 113 return p; 114} 115 116int 117pack_key(struct tc_pedit_sel *sel,struct tc_pedit_key *tkey) 118{ 119 int hwm = sel->nkeys; 120 121 if (hwm >= MAX_OFFS) 122 return -1; 123 124 if (tkey->off % 4) { 125 fprintf(stderr, "offsets MUST be in 32 bit boundaries\n"); 126 return -1; 127 } 128 129 sel->keys[hwm].val = tkey->val; 130 sel->keys[hwm].mask = tkey->mask; 131 sel->keys[hwm].off = tkey->off; 132 sel->keys[hwm].at = tkey->at; 133 sel->keys[hwm].offmask = tkey->offmask; 134 sel->keys[hwm].shift = tkey->shift; 135 sel->nkeys++; 136 return 0; 137} 138 139 140int 141pack_key32(__u32 retain,struct tc_pedit_sel *sel,struct tc_pedit_key *tkey) 142{ 143 if (tkey->off > (tkey->off & ~3)) { 144 fprintf(stderr, 145 "pack_key32: 32 bit offsets must begin in 32bit boundaries\n"); 146 return -1; 147 } 148 149 tkey->val = htonl(tkey->val & retain); 150 tkey->mask = htonl(tkey->mask | ~retain); 151 /* jamal remove this - it is not necessary given the if check above */ 152 tkey->off &= ~3; 153 return pack_key(sel,tkey); 154} 155 156int 157pack_key16(__u32 retain,struct tc_pedit_sel *sel,struct tc_pedit_key *tkey) 158{ 159 int ind = 0, stride = 0; 160 __u32 m[4] = {0xFFFF0000,0xFF0000FF,0x0000FFFF}; 161 162 if (0 > tkey->off) { 163 ind = tkey->off + 1; 164 if (0 > ind) 165 ind = -1*ind; 166 } else { 167 ind = tkey->off; 168 } 169 170 if (tkey->val > 0xFFFF || tkey->mask > 0xFFFF) { 171 fprintf(stderr, "pack_key16 bad value\n"); 172 return -1; 173 } 174 175 ind = tkey->off & 3; 176 177 if (0 > ind || 2 < ind) { 178 fprintf(stderr, "pack_key16 bad index value %d\n",ind); 179 return -1; 180 } 181 182 stride = 8 * ind; 183 tkey->val = htons(tkey->val); 184 if (stride > 0) { 185 tkey->val <<= stride; 186 tkey->mask <<= stride; 187 retain <<= stride; 188 } 189 tkey->mask = retain|m[ind]; 190 191 tkey->off &= ~3; 192 193 if (pedit_debug) 194 printf("pack_key16: Final val %08x mask %08x \n",tkey->val,tkey->mask); 195 return pack_key(sel,tkey); 196 197} 198 199int 200pack_key8(__u32 retain,struct tc_pedit_sel *sel,struct tc_pedit_key *tkey) 201{ 202 int ind = 0, stride = 0; 203 __u32 m[4] = {0xFFFFFF00,0xFFFF00FF,0xFF00FFFF,0x00FFFFFF}; 204 205 if (0 > tkey->off) { 206 ind = tkey->off + 1; 207 if (0 > ind) 208 ind = -1*ind; 209 } else { 210 ind = tkey->off; 211 } 212 213 if (tkey->val > 0xFF || tkey->mask > 0xFF) { 214 fprintf(stderr, "pack_key8 bad value (val %x mask %x\n", tkey->val, tkey->mask); 215 return -1; 216 } 217 218 ind = tkey->off & 3; 219 stride = 8 * ind; 220 tkey->val <<= stride; 221 tkey->mask <<= stride; 222 retain <<= stride; 223 tkey->mask = retain|m[ind]; 224 tkey->off &= ~3; 225 226 if (pedit_debug) 227 printf("pack_key8: Final word off %d val %08x mask %08x \n",tkey->off , tkey->val,tkey->mask); 228 return pack_key(sel,tkey); 229} 230 231int 232parse_val(int *argc_p, char ***argv_p, __u32 * val, int type) 233{ 234 int argc = *argc_p; 235 char **argv = *argv_p; 236 237 if (argc <= 0) 238 return -1; 239 240 if (TINT == type) 241 return get_integer(val, *argv, 0); 242 if (TU32 == type) 243 return get_u32(val, *argv, 0); 244 if (TIPV4 == type) { 245 inet_prefix addr; 246 if (get_prefix_1(&addr, *argv, AF_INET)) { 247 return -1; 248 } 249 *val=addr.data[0]; 250 return 0; 251 } 252 if (TIPV6 == type) { 253 /* not implemented yet */ 254 return -1; 255 } 256 257 return -1; 258} 259 260int 261parse_cmd(int *argc_p, char ***argv_p, __u32 len, int type,__u32 retain,struct tc_pedit_sel *sel,struct tc_pedit_key *tkey) 262{ 263 __u32 mask = 0, val = 0; 264 __u32 o = 0xFF; 265 int res = -1; 266 int argc = *argc_p; 267 char **argv = *argv_p; 268 269 if (argc <= 0) 270 return -1; 271 272 if (pedit_debug) 273 printf("parse_cmd argc %d %s offset %d length %d\n",argc,*argv,tkey->off,len); 274 275 if (len == 2) 276 o = 0xFFFF; 277 if (len == 4) 278 o = 0xFFFFFFFF; 279 280 if (matches(*argv, "invert") == 0) { 281 retain = val = mask = o; 282 } else if (matches(*argv, "set") == 0) { 283 NEXT_ARG(); 284 if (parse_val(&argc, &argv, &val, type)) 285 return -1; 286 } else if (matches(*argv, "preserve") == 0) { 287 retain = mask = o; 288 } else { 289 if (matches(*argv, "clear") != 0) 290 return -1; 291 } 292 293 argc--; argv++; 294 295 if (argc && matches(*argv, "retain") == 0) { 296 NEXT_ARG(); 297 if (parse_val(&argc, &argv, &retain, TU32)) 298 return -1; 299 argc--; argv++; 300 } 301 302 tkey->val = val; 303 304 if (len == 1) { 305 tkey->mask = 0xFF; 306 res = pack_key8(retain,sel,tkey); 307 goto done; 308 } 309 if (len == 2) { 310 tkey->mask = mask; 311 res = pack_key16(retain,sel,tkey); 312 goto done; 313 } 314 if (len == 4) { 315 tkey->mask = mask; 316 res = pack_key32(retain,sel,tkey); 317 goto done; 318 } 319 320 return -1; 321done: 322 if (pedit_debug) 323 printf("parse_cmd done argc %d %s offset %d length %d\n",argc,*argv,tkey->off,len); 324 *argc_p = argc; 325 *argv_p = argv; 326 return res; 327 328} 329 330int 331parse_offset(int *argc_p, char ***argv_p,struct tc_pedit_sel *sel,struct tc_pedit_key *tkey) 332{ 333 int off; 334 __u32 len, retain; 335 int argc = *argc_p; 336 char **argv = *argv_p; 337 int res = -1; 338 339 if (argc <= 0) 340 return -1; 341 342 if (get_integer(&off, *argv, 0)) 343 return -1; 344 tkey->off = off; 345 346 argc--; 347 argv++; 348 349 if (argc <= 0) 350 return -1; 351 352 353 if (matches(*argv, "u32") == 0) { 354 len = 4; 355 retain = 0xFFFFFFFF; 356 goto done; 357 } 358 if (matches(*argv, "u16") == 0) { 359 len = 2; 360 retain = 0x0; 361 goto done; 362 } 363 if (matches(*argv, "u8") == 0) { 364 len = 1; 365 retain = 0x0; 366 goto done; 367 } 368 369 return -1; 370 371done: 372 373 NEXT_ARG(); 374 375 /* [at <someval> offmask <maskval> shift <shiftval>] */ 376 if (matches(*argv, "at") == 0) { 377 378 __u32 atv=0,offmask=0x0,shift=0; 379 380 NEXT_ARG(); 381 if (get_u32(&atv, *argv, 0)) 382 return -1; 383 tkey->at = atv; 384 385 NEXT_ARG(); 386 387 if (get_u32(&offmask, *argv, 16)) 388 return -1; 389 tkey->offmask = offmask; 390 391 NEXT_ARG(); 392 393 if (get_u32(&shift, *argv, 0)) 394 return -1; 395 tkey->shift = shift; 396 397 NEXT_ARG(); 398 } 399 400 res = parse_cmd(&argc, &argv, len, TU32,retain,sel,tkey); 401 402 *argc_p = argc; 403 *argv_p = argv; 404 return res; 405} 406 407int 408parse_munge(int *argc_p, char ***argv_p,struct tc_pedit_sel *sel) 409{ 410 struct tc_pedit_key tkey; 411 int argc = *argc_p; 412 char **argv = *argv_p; 413 int res = -1; 414 415 if (argc <= 0) 416 return -1; 417 418 memset(&tkey, 0, sizeof(tkey)); 419 420 if (matches(*argv, "offset") == 0) { 421 NEXT_ARG(); 422 res = parse_offset(&argc, &argv,sel,&tkey); 423 goto done; 424#if jamal 425 } else if (strcmp(*argv, "help") == 0) { 426 p_explain(); 427 return -1; 428#endif 429 } else { 430 char k[16]; 431 struct m_pedit_util *p = NULL; 432 433 strncpy(k, *argv, sizeof (k) - 1); 434 435 if (argc > 0 ) { 436 p = get_pedit_kind(k); 437 if (NULL == p) 438 goto bad_val; 439 res = p->parse_peopt(&argc, &argv, sel,&tkey); 440 if (res < 0) { 441 fprintf(stderr,"bad pedit parsing\n"); 442 goto bad_val; 443 } 444 goto done; 445 } 446 } 447 448bad_val: 449 return -1; 450 451done: 452 453 *argc_p = argc; 454 *argv_p = argv; 455 return res; 456} 457 458int 459parse_pedit(struct action_util *a, int *argc_p, char ***argv_p, int tca_id, struct nlmsghdr *n) 460{ 461 struct { 462 struct tc_pedit_sel sel; 463 struct tc_pedit_key keys[MAX_OFFS]; 464 } sel; 465 466 int argc = *argc_p; 467 char **argv = *argv_p; 468 int ok = 0, iok = 0; 469 struct rtattr *tail; 470 471 memset(&sel, 0, sizeof(sel)); 472 473 while (argc > 0) { 474 if (pedit_debug > 1) 475 fprintf(stderr, "while pedit (%d:%s)\n",argc, *argv); 476 if (matches(*argv, "pedit") == 0) { 477 NEXT_ARG(); 478 ok++; 479 continue; 480 } else if (matches(*argv, "munge") == 0) { 481 if (!ok) { 482 fprintf(stderr, "Illegal pedit construct (%s) \n", *argv); 483 p_explain(); 484 return -1; 485 } 486 NEXT_ARG(); 487 if (parse_munge(&argc, &argv,&sel.sel)) { 488 fprintf(stderr, "Illegal pedit construct (%s) \n", *argv); 489 p_explain(); 490 return -1; 491 } 492 ok++; 493 } else { 494 break; 495 } 496 497 } 498 499 if (!ok) { 500 p_explain(); 501 return -1; 502 } 503 504 if (argc) { 505 if (matches(*argv, "reclassify") == 0) { 506 sel.sel.action = TC_ACT_RECLASSIFY; 507 NEXT_ARG(); 508 } else if (matches(*argv, "pipe") == 0) { 509 sel.sel.action = TC_ACT_PIPE; 510 NEXT_ARG(); 511 } else if (matches(*argv, "drop") == 0 || 512 matches(*argv, "shot") == 0) { 513 sel.sel.action = TC_ACT_SHOT; 514 NEXT_ARG(); 515 } else if (matches(*argv, "continue") == 0) { 516 sel.sel.action = TC_ACT_UNSPEC; 517 NEXT_ARG(); 518 } else if (matches(*argv, "pass") == 0) { 519 sel.sel.action = TC_ACT_OK; 520 NEXT_ARG(); 521 } 522 } 523 524 if (argc) { 525 if (matches(*argv, "index") == 0) { 526 NEXT_ARG(); 527 if (get_u32(&sel.sel.index, *argv, 10)) { 528 fprintf(stderr, "Pedit: Illegal \"index\"\n"); 529 return -1; 530 } 531 argc--; 532 argv++; 533 iok++; 534 } 535 } 536 537 tail = (struct rtattr *) (((void *) n) + NLMSG_ALIGN(n->nlmsg_len)); 538 addattr_l(n, MAX_MSG, tca_id, NULL, 0); 539 addattr_l(n, MAX_MSG, TCA_PEDIT_PARMS,&sel, sizeof(sel.sel)+sel.sel.nkeys*sizeof(struct tc_pedit_key)); 540 tail->rta_len = 541 (((void *) n) + NLMSG_ALIGN(n->nlmsg_len)) - (void *) tail; 542 543 *argc_p = argc; 544 *argv_p = argv; 545 return 0; 546} 547 548int 549print_pedit(struct action_util *au,FILE * f, struct rtattr *arg) 550{ 551 struct tc_pedit_sel *sel; 552 struct rtattr *tb[TCA_PEDIT_MAX + 1]; 553 SPRINT_BUF(b1); 554 555 if (arg == NULL) 556 return -1; 557 558 memset(tb, 0, sizeof (tb)); 559 parse_rtattr(tb, TCA_PEDIT_MAX, RTA_DATA(arg), RTA_PAYLOAD(arg)); 560 561 if (tb[TCA_PEDIT_PARMS] == NULL) { 562 fprintf(f, "[NULL pedit parameters]"); 563 return -1; 564 } 565 sel = RTA_DATA(tb[TCA_PEDIT_PARMS]); 566 567 fprintf(f, " pedit action %s keys %d\n ", action_n2a(sel->action, b1, sizeof (b1)),sel->nkeys); 568 fprintf(f, "\t index %d ref %d bind %d", sel->index,sel->refcnt, sel->bindcnt); 569 570 if (show_stats) { 571 if (tb[TCA_PEDIT_TM]) { 572 struct tcf_t *tm = RTA_DATA(tb[TCA_PEDIT_TM]); 573 print_tm(f,tm); 574 } 575 } 576 if (sel->nkeys) { 577 int i; 578 struct tc_pedit_key *key = sel->keys; 579 580 for (i=0; i<sel->nkeys; i++, key++) { 581 fprintf(f, "\n\t key #%d",i); 582 fprintf(f, " at %d: val %08x mask %08x", 583 (unsigned int)key->off, 584 (unsigned int)ntohl(key->val), 585 (unsigned int)ntohl(key->mask)); 586 } 587 } else { 588 fprintf(f, "\npedit %x keys %d is not LEGIT", sel->index,sel->nkeys); 589 } 590 591 592 fprintf(f, "\n "); 593 return 0; 594} 595 596int 597pedit_print_xstats(struct action_util *au, FILE *f, struct rtattr *xstats) 598{ 599 return 0; 600} 601 602struct action_util pedit_action_util = { 603 .id = "pedit", 604 .parse_aopt = parse_pedit, 605 .print_aopt = print_pedit, 606}; 607