1/* 2 * tc_filter.c "tc filter". 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 10 * 11 */ 12 13#include <stdio.h> 14#include <stdlib.h> 15#include <unistd.h> 16#include <syslog.h> 17#include <fcntl.h> 18#include <sys/socket.h> 19#include <netinet/in.h> 20#include <arpa/inet.h> 21#include <string.h> 22#include <linux/if_ether.h> 23 24#include "rt_names.h" 25#include "utils.h" 26#include "tc_util.h" 27#include "tc_common.h" 28 29static void usage(void); 30 31static void usage(void) 32{ 33 fprintf(stderr, "Usage: tc filter [ add | del | change | replace | show ] dev STRING\n"); 34 fprintf(stderr, " [ pref PRIO ] protocol PROTO\n"); 35 fprintf(stderr, " [ estimator INTERVAL TIME_CONSTANT ]\n"); 36 fprintf(stderr, " [ root | classid CLASSID ] [ handle FILTERID ]\n"); 37 fprintf(stderr, " [ [ FILTER_TYPE ] [ help | OPTIONS ] ]\n"); 38 fprintf(stderr, "\n"); 39 fprintf(stderr, " tc filter show [ dev STRING ] [ root | parent CLASSID ]\n"); 40 fprintf(stderr, "Where:\n"); 41 fprintf(stderr, "FILTER_TYPE := { rsvp | u32 | fw | route | etc. }\n"); 42 fprintf(stderr, "FILTERID := ... format depends on classifier, see there\n"); 43 fprintf(stderr, "OPTIONS := ... try tc filter add <desired FILTER_KIND> help\n"); 44 return; 45} 46 47 48int tc_filter_modify(int cmd, unsigned flags, int argc, char **argv) 49{ 50 struct { 51 struct nlmsghdr n; 52 struct tcmsg t; 53 char buf[MAX_MSG]; 54 } req; 55 struct filter_util *q = NULL; 56 __u32 prio = 0; 57 __u32 protocol = 0; 58 int protocol_set = 0; 59 char *fhandle = NULL; 60 char d[16]; 61 char k[16]; 62 struct tc_estimator est; 63 64 memset(&req, 0, sizeof(req)); 65 memset(&est, 0, sizeof(est)); 66 memset(d, 0, sizeof(d)); 67 memset(k, 0, sizeof(k)); 68 memset(&req, 0, sizeof(req)); 69 70 req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tcmsg)); 71 req.n.nlmsg_flags = NLM_F_REQUEST|flags; 72 req.n.nlmsg_type = cmd; 73 req.t.tcm_family = AF_UNSPEC; 74 75 if (cmd == RTM_NEWTFILTER && flags & NLM_F_CREATE) 76 protocol = htons(ETH_P_ALL); 77 78 while (argc > 0) { 79 if (strcmp(*argv, "dev") == 0) { 80 NEXT_ARG(); 81 if (d[0]) 82 duparg("dev", *argv); 83 strncpy(d, *argv, sizeof(d)-1); 84 } else if (strcmp(*argv, "root") == 0) { 85 if (req.t.tcm_parent) { 86 fprintf(stderr, "Error: \"root\" is duplicate parent ID\n"); 87 return -1; 88 } 89 req.t.tcm_parent = TC_H_ROOT; 90 } else if (strcmp(*argv, "parent") == 0) { 91 __u32 handle; 92 NEXT_ARG(); 93 if (req.t.tcm_parent) 94 duparg("parent", *argv); 95 if (get_tc_classid(&handle, *argv)) 96 invarg(*argv, "Invalid parent ID"); 97 req.t.tcm_parent = handle; 98 } else if (strcmp(*argv, "handle") == 0) { 99 NEXT_ARG(); 100 if (fhandle) 101 duparg("handle", *argv); 102 fhandle = *argv; 103 } else if (matches(*argv, "preference") == 0 || 104 matches(*argv, "priority") == 0) { 105 NEXT_ARG(); 106 if (prio) 107 duparg("priority", *argv); 108 if (get_u32(&prio, *argv, 0)) 109 invarg(*argv, "invalid priority value"); 110 } else if (matches(*argv, "protocol") == 0) { 111 __u16 id; 112 NEXT_ARG(); 113 if (protocol_set) 114 duparg("protocol", *argv); 115 if (ll_proto_a2n(&id, *argv)) 116 invarg(*argv, "invalid protocol"); 117 protocol = id; 118 protocol_set = 1; 119 } else if (matches(*argv, "estimator") == 0) { 120 if (parse_estimator(&argc, &argv, &est) < 0) 121 return -1; 122 } else if (matches(*argv, "help") == 0) { 123 usage(); 124 return 0; 125 } else { 126 strncpy(k, *argv, sizeof(k)-1); 127 128 q = get_filter_kind(k); 129 argc--; argv++; 130 break; 131 } 132 133 argc--; argv++; 134 } 135 136 req.t.tcm_info = TC_H_MAKE(prio<<16, protocol); 137 138 if (k[0]) 139 addattr_l(&req.n, sizeof(req), TCA_KIND, k, strlen(k)+1); 140 141 if (q) { 142 if (q->parse_fopt(q, fhandle, argc, argv, &req.n)) 143 return 1; 144 } else { 145 if (fhandle) { 146 fprintf(stderr, "Must specify filter type when using " 147 "\"handle\"\n"); 148 return -1; 149 } 150 if (argc) { 151 if (matches(*argv, "help") == 0) 152 usage(); 153 fprintf(stderr, "Garbage instead of arguments \"%s ...\". Try \"tc filter help\".\n", *argv); 154 return -1; 155 } 156 } 157 if (est.ewma_log) 158 addattr_l(&req.n, sizeof(req), TCA_RATE, &est, sizeof(est)); 159 160 161 if (d[0]) { 162 ll_init_map(&rth); 163 164 if ((req.t.tcm_ifindex = ll_name_to_index(d)) == 0) { 165 fprintf(stderr, "Cannot find device \"%s\"\n", d); 166 return 1; 167 } 168 } 169 170 if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0) { 171 fprintf(stderr, "We have an error talking to the kernel\n"); 172 return 2; 173 } 174 175 return 0; 176} 177 178static __u32 filter_parent; 179static int filter_ifindex; 180static __u32 filter_prio; 181static __u32 filter_protocol; 182__u16 f_proto = 0; 183 184int print_filter(const struct sockaddr_nl *who, 185 struct nlmsghdr *n, 186 void *arg) 187{ 188 FILE *fp = (FILE*)arg; 189 struct tcmsg *t = NLMSG_DATA(n); 190 int len = n->nlmsg_len; 191 struct rtattr * tb[TCA_MAX+1]; 192 struct filter_util *q; 193 char abuf[256]; 194 195 if (n->nlmsg_type != RTM_NEWTFILTER && n->nlmsg_type != RTM_DELTFILTER) { 196 fprintf(stderr, "Not a filter\n"); 197 return 0; 198 } 199 len -= NLMSG_LENGTH(sizeof(*t)); 200 if (len < 0) { 201 fprintf(stderr, "Wrong len %d\n", len); 202 return -1; 203 } 204 205 memset(tb, 0, sizeof(tb)); 206 parse_rtattr(tb, TCA_MAX, TCA_RTA(t), len); 207 208 if (tb[TCA_KIND] == NULL) { 209 fprintf(stderr, "print_filter: NULL kind\n"); 210 return -1; 211 } 212 213 if (n->nlmsg_type == RTM_DELTFILTER) 214 fprintf(fp, "deleted "); 215 216 fprintf(fp, "filter "); 217 if (!filter_ifindex || filter_ifindex != t->tcm_ifindex) 218 fprintf(fp, "dev %s ", ll_index_to_name(t->tcm_ifindex)); 219 220 if (!filter_parent || filter_parent != t->tcm_parent) { 221 if (t->tcm_parent == TC_H_ROOT) 222 fprintf(fp, "root "); 223 else { 224 print_tc_classid(abuf, sizeof(abuf), t->tcm_parent); 225 fprintf(fp, "parent %s ", abuf); 226 } 227 } 228 if (t->tcm_info) { 229 f_proto = TC_H_MIN(t->tcm_info); 230 __u32 prio = TC_H_MAJ(t->tcm_info)>>16; 231 if (!filter_protocol || filter_protocol != f_proto) { 232 if (f_proto) { 233 SPRINT_BUF(b1); 234 fprintf(fp, "protocol %s ", 235 ll_proto_n2a(f_proto, b1, sizeof(b1))); 236 } 237 } 238 if (!filter_prio || filter_prio != prio) { 239 if (prio) 240 fprintf(fp, "pref %u ", prio); 241 } 242 } 243 fprintf(fp, "%s ", rta_getattr_str(tb[TCA_KIND])); 244 q = get_filter_kind(RTA_DATA(tb[TCA_KIND])); 245 if (tb[TCA_OPTIONS]) { 246 if (q) 247 q->print_fopt(q, fp, tb[TCA_OPTIONS], t->tcm_handle); 248 else 249 fprintf(fp, "[cannot parse parameters]"); 250 } 251 fprintf(fp, "\n"); 252 253 if (show_stats && (tb[TCA_STATS] || tb[TCA_STATS2])) { 254 print_tcstats_attr(fp, tb, " ", NULL); 255 fprintf(fp, "\n"); 256 } 257 258 fflush(fp); 259 return 0; 260} 261 262 263int tc_filter_list(int argc, char **argv) 264{ 265 struct tcmsg t; 266 char d[16]; 267 __u32 prio = 0; 268 __u32 protocol = 0; 269 char *fhandle = NULL; 270 271 memset(&t, 0, sizeof(t)); 272 t.tcm_family = AF_UNSPEC; 273 memset(d, 0, sizeof(d)); 274 275 while (argc > 0) { 276 if (strcmp(*argv, "dev") == 0) { 277 NEXT_ARG(); 278 if (d[0]) 279 duparg("dev", *argv); 280 strncpy(d, *argv, sizeof(d)-1); 281 } else if (strcmp(*argv, "root") == 0) { 282 if (t.tcm_parent) { 283 fprintf(stderr, "Error: \"root\" is duplicate parent ID\n"); 284 return -1; 285 } 286 filter_parent = t.tcm_parent = TC_H_ROOT; 287 } else if (strcmp(*argv, "parent") == 0) { 288 __u32 handle; 289 NEXT_ARG(); 290 if (t.tcm_parent) 291 duparg("parent", *argv); 292 if (get_tc_classid(&handle, *argv)) 293 invarg(*argv, "invalid parent ID"); 294 filter_parent = t.tcm_parent = handle; 295 } else if (strcmp(*argv, "handle") == 0) { 296 NEXT_ARG(); 297 if (fhandle) 298 duparg("handle", *argv); 299 fhandle = *argv; 300 } else if (matches(*argv, "preference") == 0 || 301 matches(*argv, "priority") == 0) { 302 NEXT_ARG(); 303 if (prio) 304 duparg("priority", *argv); 305 if (get_u32(&prio, *argv, 0)) 306 invarg(*argv, "invalid preference"); 307 filter_prio = prio; 308 } else if (matches(*argv, "protocol") == 0) { 309 __u16 res; 310 NEXT_ARG(); 311 if (protocol) 312 duparg("protocol", *argv); 313 if (ll_proto_a2n(&res, *argv)) 314 invarg(*argv, "invalid protocol"); 315 protocol = res; 316 filter_protocol = protocol; 317 } else if (matches(*argv, "help") == 0) { 318 usage(); 319 } else { 320 fprintf(stderr, " What is \"%s\"? Try \"tc filter help\"\n", *argv); 321 return -1; 322 } 323 324 argc--; argv++; 325 } 326 327 t.tcm_info = TC_H_MAKE(prio<<16, protocol); 328 329 ll_init_map(&rth); 330 331 if (d[0]) { 332 if ((t.tcm_ifindex = ll_name_to_index(d)) == 0) { 333 fprintf(stderr, "Cannot find device \"%s\"\n", d); 334 return 1; 335 } 336 filter_ifindex = t.tcm_ifindex; 337 } 338 339 if (rtnl_dump_request(&rth, RTM_GETTFILTER, &t, sizeof(t)) < 0) { 340 perror("Cannot send dump request"); 341 return 1; 342 } 343 344 if (rtnl_dump_filter(&rth, print_filter, stdout) < 0) { 345 fprintf(stderr, "Dump terminated\n"); 346 return 1; 347 } 348 349 return 0; 350} 351 352int do_filter(int argc, char **argv) 353{ 354 if (argc < 1) 355 return tc_filter_list(0, NULL); 356 if (matches(*argv, "add") == 0) 357 return tc_filter_modify(RTM_NEWTFILTER, NLM_F_EXCL|NLM_F_CREATE, argc-1, argv+1); 358 if (matches(*argv, "change") == 0) 359 return tc_filter_modify(RTM_NEWTFILTER, 0, argc-1, argv+1); 360 if (matches(*argv, "replace") == 0) 361 return tc_filter_modify(RTM_NEWTFILTER, NLM_F_CREATE, argc-1, argv+1); 362 if (matches(*argv, "delete") == 0) 363 return tc_filter_modify(RTM_DELTFILTER, 0, argc-1, argv+1); 364#if 0 365 if (matches(*argv, "get") == 0) 366 return tc_filter_get(RTM_GETTFILTER, 0, argc-1, argv+1); 367#endif 368 if (matches(*argv, "list") == 0 || matches(*argv, "show") == 0 369 || matches(*argv, "lst") == 0) 370 return tc_filter_list(argc-1, argv+1); 371 if (matches(*argv, "help") == 0) { 372 usage(); 373 return 0; 374 } 375 fprintf(stderr, "Command \"%s\" is unknown, try \"tc filter help\".\n", *argv); 376 return -1; 377} 378 379