1/*
2 * link_ip6tnl.c	ip6tnl driver module
3 *
4 *		This program is free software; you can redistribute it and/or
5 *		modify it under the terms of the GNU General Public License
6 *		as published by the Free Software Foundation; either version
7 *		2 of the License, or (at your option) any later version.
8 *
9 * Authors:	Nicolas Dichtel <nicolas.dichtel@6wind.com>
10 *
11 */
12
13#include <string.h>
14#include <net/if.h>
15#include <sys/types.h>
16#include <sys/socket.h>
17#include <arpa/inet.h>
18
19#include <linux/ip.h>
20#include <linux/if_tunnel.h>
21#include <linux/ip6_tunnel.h>
22#include "rt_names.h"
23#include "utils.h"
24#include "ip_common.h"
25#include "tunnel.h"
26
27#define IP6_FLOWINFO_TCLASS	htonl(0x0FF00000)
28#define IP6_FLOWINFO_FLOWLABEL	htonl(0x000FFFFF)
29
30#define DEFAULT_TNL_HOP_LIMIT	(64)
31
32static void print_usage(FILE *f)
33{
34	fprintf(f, "Usage: ip link { add | set | change | replace | del } NAME\n");
35	fprintf(f, "          [ mode { ip6ip6 | ipip6 | any } ]\n");
36	fprintf(f, "          type ip6tnl [ remote ADDR ] [ local ADDR ]\n");
37	fprintf(f, "          [ dev PHYS_DEV ] [ encaplimit ELIM ]\n");
38	fprintf(f ,"          [ hoplimit HLIM ] [ tclass TCLASS ] [ flowlabel FLOWLABEL ]\n");
39	fprintf(f, "          [ dscp inherit ] [ fwmark inherit ]\n");
40	fprintf(f, "\n");
41	fprintf(f, "Where: NAME      := STRING\n");
42	fprintf(f, "       ADDR      := IPV6_ADDRESS\n");
43	fprintf(f, "       ELIM      := { none | 0..255 }(default=%d)\n",
44		IPV6_DEFAULT_TNL_ENCAP_LIMIT);
45	fprintf(f, "       HLIM      := 0..255 (default=%d)\n",
46		DEFAULT_TNL_HOP_LIMIT);
47	fprintf(f, "       TCLASS    := { 0x0..0xff | inherit }\n");
48	fprintf(f, "       FLOWLABEL := { 0x0..0xfffff | inherit }\n");
49}
50
51static void usage(void) __attribute__((noreturn));
52static void usage(void)
53{
54	print_usage(stderr);
55	exit(-1);
56}
57
58static int ip6tunnel_parse_opt(struct link_util *lu, int argc, char **argv,
59			       struct nlmsghdr *n)
60{
61	struct {
62		struct nlmsghdr n;
63		struct ifinfomsg i;
64		char buf[2048];
65	} req;
66	struct ifinfomsg *ifi = (struct ifinfomsg *)(n + 1);
67	struct rtattr *tb[IFLA_MAX + 1];
68	struct rtattr *linkinfo[IFLA_INFO_MAX+1];
69	struct rtattr *iptuninfo[IFLA_IPTUN_MAX + 1];
70	int len;
71	struct in6_addr laddr;
72	struct in6_addr raddr;
73	__u8 hop_limit = DEFAULT_TNL_HOP_LIMIT;
74	__u8 encap_limit = IPV6_DEFAULT_TNL_ENCAP_LIMIT;
75	__u32 flowinfo = 0;
76	__u32 flags = 0;
77	__u32 link = 0;
78	__u8 proto = 0;
79
80	memset(&laddr, 0, sizeof(laddr));
81	memset(&raddr, 0, sizeof(raddr));
82
83	if (!(n->nlmsg_flags & NLM_F_CREATE)) {
84		memset(&req, 0, sizeof(req));
85
86		req.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi));
87		req.n.nlmsg_flags = NLM_F_REQUEST;
88		req.n.nlmsg_type = RTM_GETLINK;
89		req.i.ifi_family = preferred_family;
90		req.i.ifi_index = ifi->ifi_index;
91
92		if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
93get_failed:
94			fprintf(stderr,
95				"Failed to get existing tunnel info.\n");
96			return -1;
97		}
98
99		len = req.n.nlmsg_len;
100		len -= NLMSG_LENGTH(sizeof(*ifi));
101		if (len < 0)
102			goto get_failed;
103
104		parse_rtattr(tb, IFLA_MAX, IFLA_RTA(&req.i), len);
105
106		if (!tb[IFLA_LINKINFO])
107			goto get_failed;
108
109		parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);
110
111		if (!linkinfo[IFLA_INFO_DATA])
112			goto get_failed;
113
114		parse_rtattr_nested(iptuninfo, IFLA_IPTUN_MAX,
115				    linkinfo[IFLA_INFO_DATA]);
116
117		if (iptuninfo[IFLA_IPTUN_LOCAL])
118			memcpy(&laddr, RTA_DATA(iptuninfo[IFLA_IPTUN_LOCAL]),
119			       sizeof(laddr));
120
121		if (iptuninfo[IFLA_IPTUN_REMOTE])
122			memcpy(&raddr, RTA_DATA(iptuninfo[IFLA_IPTUN_REMOTE]),
123			       sizeof(raddr));
124
125		if (iptuninfo[IFLA_IPTUN_TTL])
126			hop_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_TTL]);
127
128		if (iptuninfo[IFLA_IPTUN_ENCAP_LIMIT])
129			encap_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_ENCAP_LIMIT]);
130
131		if (iptuninfo[IFLA_IPTUN_FLOWINFO])
132			flowinfo = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLOWINFO]);
133
134		if (iptuninfo[IFLA_IPTUN_FLAGS])
135			flags = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLAGS]);
136
137		if (iptuninfo[IFLA_IPTUN_LINK])
138			link = rta_getattr_u32(iptuninfo[IFLA_IPTUN_LINK]);
139
140		if (iptuninfo[IFLA_IPTUN_PROTO])
141			proto = rta_getattr_u8(iptuninfo[IFLA_IPTUN_PROTO]);
142	}
143
144	while (argc > 0) {
145		if (matches(*argv, "mode") == 0) {
146			NEXT_ARG();
147			if (strcmp(*argv, "ipv6/ipv6") == 0 ||
148			    strcmp(*argv, "ip6ip6") == 0)
149				proto = IPPROTO_IPV6;
150			else if (strcmp(*argv, "ip/ipv6") == 0 ||
151				 strcmp(*argv, "ipv4/ipv6") == 0 ||
152				 strcmp(*argv, "ipip6") == 0 ||
153				 strcmp(*argv, "ip4ip6") == 0)
154				proto = IPPROTO_IPIP;
155			else if (strcmp(*argv, "any/ipv6") == 0 ||
156				 strcmp(*argv, "any") == 0)
157				proto = 0;
158			else
159				invarg("Cannot guess tunnel mode.", *argv);
160		} else if (strcmp(*argv, "remote") == 0) {
161			inet_prefix addr;
162			NEXT_ARG();
163			get_prefix(&addr, *argv, preferred_family);
164			if (addr.family == AF_UNSPEC)
165				invarg("\"remote\" address family is AF_UNSPEC", *argv);
166			memcpy(&raddr, addr.data, addr.bytelen);
167		} else if (strcmp(*argv, "local") == 0) {
168			inet_prefix addr;
169			NEXT_ARG();
170			get_prefix(&addr, *argv, preferred_family);
171			if (addr.family == AF_UNSPEC)
172				invarg("\"local\" address family is AF_UNSPEC", *argv);
173			memcpy(&laddr, addr.data, addr.bytelen);
174		} else if (matches(*argv, "dev") == 0) {
175			NEXT_ARG();
176			link = if_nametoindex(*argv);
177			if (link == 0)
178				invarg("\"dev\" is invalid", *argv);
179		} else if (strcmp(*argv, "hoplimit") == 0 ||
180			   strcmp(*argv, "ttl") == 0 ||
181			   strcmp(*argv, "hlim") == 0) {
182			__u8 uval;
183			NEXT_ARG();
184			if (get_u8(&uval, *argv, 0))
185				invarg("invalid HLIM", *argv);
186			hop_limit = uval;
187		} else if (matches(*argv, "encaplimit") == 0) {
188			NEXT_ARG();
189			if (strcmp(*argv, "none") == 0) {
190				flags |= IP6_TNL_F_IGN_ENCAP_LIMIT;
191			} else {
192				__u8 uval;
193				if (get_u8(&uval, *argv, 0) < -1)
194					invarg("invalid ELIM", *argv);
195				encap_limit = uval;
196				flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT;
197			}
198		} else if (strcmp(*argv, "tclass") == 0 ||
199			   strcmp(*argv, "tc") == 0 ||
200			   strcmp(*argv, "tos") == 0 ||
201			   matches(*argv, "dsfield") == 0) {
202			__u8 uval;
203			NEXT_ARG();
204			flowinfo &= ~IP6_FLOWINFO_TCLASS;
205			if (strcmp(*argv, "inherit") == 0)
206				flags |= IP6_TNL_F_USE_ORIG_TCLASS;
207			else {
208				if (get_u8(&uval, *argv, 16))
209					invarg("invalid TClass", *argv);
210				flowinfo |= htonl((__u32)uval << 20) & IP6_FLOWINFO_TCLASS;
211				flags &= ~IP6_TNL_F_USE_ORIG_TCLASS;
212			}
213		} else if (strcmp(*argv, "flowlabel") == 0 ||
214			   strcmp(*argv, "fl") == 0) {
215			__u32 uval;
216			NEXT_ARG();
217			flowinfo &= ~IP6_FLOWINFO_FLOWLABEL;
218			if (strcmp(*argv, "inherit") == 0)
219				flags |= IP6_TNL_F_USE_ORIG_FLOWLABEL;
220			else {
221				if (get_u32(&uval, *argv, 16))
222					invarg("invalid Flowlabel", *argv);
223				if (uval > 0xFFFFF)
224					invarg("invalid Flowlabel", *argv);
225				flowinfo |= htonl(uval) & IP6_FLOWINFO_FLOWLABEL;
226				flags &= ~IP6_TNL_F_USE_ORIG_FLOWLABEL;
227			}
228		} else if (strcmp(*argv, "dscp") == 0) {
229			NEXT_ARG();
230			if (strcmp(*argv, "inherit") != 0)
231				invarg("not inherit", *argv);
232			flags |= IP6_TNL_F_RCV_DSCP_COPY;
233		} else if (strcmp(*argv, "fwmark") == 0) {
234			NEXT_ARG();
235			if (strcmp(*argv, "inherit") != 0)
236				invarg("not inherit", *argv);
237			flags |= IP6_TNL_F_USE_ORIG_FWMARK;
238		} else
239			usage();
240		argc--, argv++;
241	}
242
243	addattr8(n, 1024, IFLA_IPTUN_PROTO, proto);
244	addattr_l(n, 1024, IFLA_IPTUN_LOCAL, &laddr, sizeof(laddr));
245	addattr_l(n, 1024, IFLA_IPTUN_REMOTE, &raddr, sizeof(raddr));
246	addattr8(n, 1024, IFLA_IPTUN_TTL, hop_limit);
247	addattr8(n, 1024, IFLA_IPTUN_ENCAP_LIMIT, encap_limit);
248	addattr32(n, 1024, IFLA_IPTUN_FLOWINFO, flowinfo);
249	addattr32(n, 1024, IFLA_IPTUN_FLAGS, flags);
250	addattr32(n, 1024, IFLA_IPTUN_LINK, link);
251
252	return 0;
253}
254
255static void ip6tunnel_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
256{
257	char s1[256];
258	char s2[64];
259	int flags = 0;
260	__u32 flowinfo = 0;
261
262	if (!tb)
263		return;
264
265	if (tb[IFLA_IPTUN_FLAGS])
266		flags = rta_getattr_u32(tb[IFLA_IPTUN_FLAGS]);
267
268	if (tb[IFLA_IPTUN_FLOWINFO])
269		flowinfo = rta_getattr_u32(tb[IFLA_IPTUN_FLOWINFO]);
270
271	if (tb[IFLA_IPTUN_PROTO]) {
272		switch (rta_getattr_u8(tb[IFLA_IPTUN_PROTO])) {
273		case IPPROTO_IPIP:
274			fprintf(f, "ipip6 ");
275			break;
276		case IPPROTO_IPV6:
277			fprintf(f, "ip6ip6 ");
278			break;
279		case 0:
280			fprintf(f, "any ");
281			break;
282		}
283	}
284
285	if (tb[IFLA_IPTUN_REMOTE]) {
286		fprintf(f, "remote %s ",
287			rt_addr_n2a(AF_INET6,
288				    RTA_PAYLOAD(tb[IFLA_IPTUN_REMOTE]),
289				    RTA_DATA(tb[IFLA_IPTUN_REMOTE]),
290				    s1, sizeof(s1)));
291	}
292
293	if (tb[IFLA_IPTUN_LOCAL]) {
294		fprintf(f, "local %s ",
295			rt_addr_n2a(AF_INET6,
296				    RTA_PAYLOAD(tb[IFLA_IPTUN_LOCAL]),
297				    RTA_DATA(tb[IFLA_IPTUN_LOCAL]),
298				    s1, sizeof(s1)));
299	}
300
301	if (tb[IFLA_IPTUN_LINK] && rta_getattr_u32(tb[IFLA_IPTUN_LINK])) {
302		unsigned link = rta_getattr_u32(tb[IFLA_IPTUN_LINK]);
303		const char *n = if_indextoname(link, s2);
304
305		if (n)
306			fprintf(f, "dev %s ", n);
307		else
308			fprintf(f, "dev %u ", link);
309	}
310
311	if (flags & IP6_TNL_F_IGN_ENCAP_LIMIT)
312		printf("encaplimit none ");
313	else if (tb[IFLA_IPTUN_ENCAP_LIMIT])
314		fprintf(f, "encaplimit %u ",
315			rta_getattr_u8(tb[IFLA_IPTUN_ENCAP_LIMIT]));
316
317	if (tb[IFLA_IPTUN_TTL])
318		fprintf(f, "hoplimit %u ", rta_getattr_u8(tb[IFLA_IPTUN_TTL]));
319
320	if (flags & IP6_TNL_F_USE_ORIG_TCLASS)
321		printf("tclass inherit ");
322	else if (tb[IFLA_IPTUN_FLOWINFO]) {
323		__u32 val = ntohl(flowinfo & IP6_FLOWINFO_TCLASS);
324
325		printf("tclass 0x%02x ", (__u8)(val >> 20));
326	}
327
328	if (flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
329		printf("flowlabel inherit ");
330	else
331		printf("flowlabel 0x%05x ", ntohl(flowinfo & IP6_FLOWINFO_FLOWLABEL));
332
333	printf("(flowinfo 0x%08x) ", ntohl(flowinfo));
334
335	if (flags & IP6_TNL_F_RCV_DSCP_COPY)
336		printf("dscp inherit ");
337
338	if (flags & IP6_TNL_F_MIP6_DEV)
339		fprintf(f, "mip6 ");
340
341	if (flags & IP6_TNL_F_USE_ORIG_FWMARK)
342		fprintf(f, "fwmark inherit ");
343}
344
345static void ip6tunnel_print_help(struct link_util *lu, int argc, char **argv,
346	FILE *f)
347{
348	print_usage(f);
349}
350
351struct link_util ip6tnl_link_util = {
352	.id = "ip6tnl",
353	.maxattr = IFLA_IPTUN_MAX,
354	.parse_opt = ip6tunnel_parse_opt,
355	.print_opt = ip6tunnel_print_opt,
356	.print_help = ip6tunnel_print_help,
357};
358