1/* 2 * ipneigh.c "ip neigh". 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 10 * 11 */ 12 13#include <stdio.h> 14#include <stdlib.h> 15#include <unistd.h> 16#include <syslog.h> 17#include <fcntl.h> 18#include <string.h> 19#include <sys/time.h> 20#include <sys/socket.h> 21#include <netinet/in.h> 22#include <netinet/ip.h> 23 24#include "rt_names.h" 25#include "utils.h" 26#include "ip_common.h" 27 28#define NUD_VALID (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE|NUD_PROBE|NUD_STALE|NUD_DELAY) 29#define MAX_ROUNDS 10 30 31static struct 32{ 33 int family; 34 int index; 35 int state; 36 int unused_only; 37 inet_prefix pfx; 38 int flushed; 39 char *flushb; 40 int flushp; 41 int flushe; 42 int master; 43} filter; 44 45static void usage(void) __attribute__((noreturn)); 46 47static void usage(void) 48{ 49 fprintf(stderr, "Usage: ip neigh { add | del | change | replace }\n" 50 " { ADDR [ lladdr LLADDR ] [ nud STATE ] | proxy ADDR } [ dev DEV ]\n"); 51 fprintf(stderr, " ip neigh { show | flush } [ proxy ] [ to PREFIX ] [ dev DEV ] [ nud STATE ]\n"); 52 fprintf(stderr, " [ vrf NAME ]\n\n"); 53 fprintf(stderr, "STATE := { permanent | noarp | stale | reachable | none |\n" 54 " incomplete | delay | probe | failed }\n"); 55 exit(-1); 56} 57 58static int nud_state_a2n(unsigned int *state, const char *arg) 59{ 60 if (matches(arg, "permanent") == 0) 61 *state = NUD_PERMANENT; 62 else if (matches(arg, "reachable") == 0) 63 *state = NUD_REACHABLE; 64 else if (strcmp(arg, "noarp") == 0) 65 *state = NUD_NOARP; 66 else if (strcmp(arg, "none") == 0) 67 *state = NUD_NONE; 68 else if (strcmp(arg, "stale") == 0) 69 *state = NUD_STALE; 70 else if (strcmp(arg, "incomplete") == 0) 71 *state = NUD_INCOMPLETE; 72 else if (strcmp(arg, "delay") == 0) 73 *state = NUD_DELAY; 74 else if (strcmp(arg, "probe") == 0) 75 *state = NUD_PROBE; 76 else if (matches(arg, "failed") == 0) 77 *state = NUD_FAILED; 78 else { 79 if (get_unsigned(state, arg, 0)) 80 return -1; 81 if (*state >= 0x100 || (*state&((*state)-1))) 82 return -1; 83 } 84 return 0; 85} 86 87static int flush_update(void) 88{ 89 if (rtnl_send_check(&rth, filter.flushb, filter.flushp) < 0) { 90 perror("Failed to send flush request"); 91 return -1; 92 } 93 filter.flushp = 0; 94 return 0; 95} 96 97 98static int ipneigh_modify(int cmd, int flags, int argc, char **argv) 99{ 100 struct { 101 struct nlmsghdr n; 102 struct ndmsg ndm; 103 char buf[256]; 104 } req = { 105 .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ndmsg)), 106 .n.nlmsg_flags = NLM_F_REQUEST | flags, 107 .n.nlmsg_type = cmd, 108 .ndm.ndm_family = preferred_family, 109 .ndm.ndm_state = NUD_PERMANENT, 110 }; 111 char *dev = NULL; 112 int dst_ok = 0; 113 int dev_ok = 0; 114 int lladdr_ok = 0; 115 char *lla = NULL; 116 inet_prefix dst; 117 118 while (argc > 0) { 119 if (matches(*argv, "lladdr") == 0) { 120 NEXT_ARG(); 121 if (lladdr_ok) 122 duparg("lladdr", *argv); 123 lla = *argv; 124 lladdr_ok = 1; 125 } else if (strcmp(*argv, "nud") == 0) { 126 unsigned int state; 127 128 NEXT_ARG(); 129 if (nud_state_a2n(&state, *argv)) 130 invarg("nud state is bad", *argv); 131 req.ndm.ndm_state = state; 132 } else if (matches(*argv, "proxy") == 0) { 133 NEXT_ARG(); 134 if (matches(*argv, "help") == 0) 135 usage(); 136 if (dst_ok) 137 duparg("address", *argv); 138 get_addr(&dst, *argv, preferred_family); 139 dst_ok = 1; 140 dev_ok = 1; 141 req.ndm.ndm_flags |= NTF_PROXY; 142 } else if (strcmp(*argv, "dev") == 0) { 143 NEXT_ARG(); 144 dev = *argv; 145 dev_ok = 1; 146 } else { 147 if (strcmp(*argv, "to") == 0) { 148 NEXT_ARG(); 149 } 150 if (matches(*argv, "help") == 0) { 151 NEXT_ARG(); 152 } 153 if (dst_ok) 154 duparg2("to", *argv); 155 get_addr(&dst, *argv, preferred_family); 156 dst_ok = 1; 157 } 158 argc--; argv++; 159 } 160 if (!dev_ok || !dst_ok || dst.family == AF_UNSPEC) { 161 fprintf(stderr, "Device and destination are required arguments.\n"); 162 exit(-1); 163 } 164 req.ndm.ndm_family = dst.family; 165 if (addattr_l(&req.n, sizeof(req), NDA_DST, &dst.data, dst.bytelen) < 0) 166 return -1; 167 168 if (lla && strcmp(lla, "null")) { 169 char llabuf[20]; 170 int l; 171 172 l = ll_addr_a2n(llabuf, sizeof(llabuf), lla); 173 if (l < 0) 174 return -1; 175 176 if (addattr_l(&req.n, sizeof(req), NDA_LLADDR, llabuf, l) < 0) 177 return -1; 178 } 179 180 ll_init_map(&rth); 181 182 if (dev && (req.ndm.ndm_ifindex = ll_name_to_index(dev)) == 0) { 183 fprintf(stderr, "Cannot find device \"%s\"\n", dev); 184 return -1; 185 } 186 187 if (rtnl_talk(&rth, &req.n, NULL, 0) < 0) 188 exit(2); 189 190 return 0; 191} 192 193 194int print_neigh(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) 195{ 196 FILE *fp = (FILE *)arg; 197 struct ndmsg *r = NLMSG_DATA(n); 198 int len = n->nlmsg_len; 199 struct rtattr *tb[NDA_MAX+1]; 200 static int logit = 1; 201 202 if (n->nlmsg_type != RTM_NEWNEIGH && n->nlmsg_type != RTM_DELNEIGH && 203 n->nlmsg_type != RTM_GETNEIGH) { 204 fprintf(stderr, "Not RTM_NEWNEIGH: %08x %08x %08x\n", 205 n->nlmsg_len, n->nlmsg_type, n->nlmsg_flags); 206 207 return 0; 208 } 209 len -= NLMSG_LENGTH(sizeof(*r)); 210 if (len < 0) { 211 fprintf(stderr, "BUG: wrong nlmsg len %d\n", len); 212 return -1; 213 } 214 215 if (filter.flushb && n->nlmsg_type != RTM_NEWNEIGH) 216 return 0; 217 218 if (filter.family && filter.family != r->ndm_family) 219 return 0; 220 if (filter.index && filter.index != r->ndm_ifindex) 221 return 0; 222 if (!(filter.state&r->ndm_state) && 223 !(r->ndm_flags & NTF_PROXY) && 224 (r->ndm_state || !(filter.state&0x100)) && 225 (r->ndm_family != AF_DECnet)) 226 return 0; 227 228 if (filter.master && !(n->nlmsg_flags & NLM_F_DUMP_FILTERED)) { 229 if (logit) { 230 logit = 0; 231 fprintf(fp, 232 "\nWARNING: Kernel does not support filtering by master device\n\n"); 233 } 234 } 235 236 parse_rtattr(tb, NDA_MAX, NDA_RTA(r), n->nlmsg_len - NLMSG_LENGTH(sizeof(*r))); 237 238 if (tb[NDA_DST]) { 239 if (filter.pfx.family) { 240 inet_prefix dst = { .family = r->ndm_family }; 241 242 memcpy(&dst.data, RTA_DATA(tb[NDA_DST]), RTA_PAYLOAD(tb[NDA_DST])); 243 if (inet_addr_match(&dst, &filter.pfx, filter.pfx.bitlen)) 244 return 0; 245 } 246 } 247 if (filter.unused_only && tb[NDA_CACHEINFO]) { 248 struct nda_cacheinfo *ci = RTA_DATA(tb[NDA_CACHEINFO]); 249 250 if (ci->ndm_refcnt) 251 return 0; 252 } 253 254 if (filter.flushb) { 255 struct nlmsghdr *fn; 256 257 if (NLMSG_ALIGN(filter.flushp) + n->nlmsg_len > filter.flushe) { 258 if (flush_update()) 259 return -1; 260 } 261 fn = (struct nlmsghdr *)(filter.flushb + NLMSG_ALIGN(filter.flushp)); 262 memcpy(fn, n, n->nlmsg_len); 263 fn->nlmsg_type = RTM_DELNEIGH; 264 fn->nlmsg_flags = NLM_F_REQUEST; 265 fn->nlmsg_seq = ++rth.seq; 266 filter.flushp = (((char *)fn) + n->nlmsg_len) - filter.flushb; 267 filter.flushed++; 268 if (show_stats < 2) 269 return 0; 270 } 271 272 if (n->nlmsg_type == RTM_DELNEIGH) 273 fprintf(fp, "Deleted "); 274 else if (n->nlmsg_type == RTM_GETNEIGH) 275 fprintf(fp, "miss "); 276 if (tb[NDA_DST]) { 277 fprintf(fp, "%s ", 278 format_host_rta(r->ndm_family, tb[NDA_DST])); 279 } 280 if (!filter.index && r->ndm_ifindex) 281 fprintf(fp, "dev %s ", ll_index_to_name(r->ndm_ifindex)); 282 if (tb[NDA_LLADDR]) { 283 SPRINT_BUF(b1); 284 fprintf(fp, "lladdr %s", ll_addr_n2a(RTA_DATA(tb[NDA_LLADDR]), 285 RTA_PAYLOAD(tb[NDA_LLADDR]), 286 ll_index_to_type(r->ndm_ifindex), 287 b1, sizeof(b1))); 288 } 289 if (r->ndm_flags & NTF_ROUTER) { 290 fprintf(fp, " router"); 291 } 292 if (r->ndm_flags & NTF_PROXY) { 293 fprintf(fp, " proxy"); 294 } 295 if (tb[NDA_CACHEINFO] && show_stats) { 296 struct nda_cacheinfo *ci = RTA_DATA(tb[NDA_CACHEINFO]); 297 int hz = get_user_hz(); 298 299 if (ci->ndm_refcnt) 300 printf(" ref %d", ci->ndm_refcnt); 301 fprintf(fp, " used %d/%d/%d", ci->ndm_used/hz, 302 ci->ndm_confirmed/hz, ci->ndm_updated/hz); 303 } 304 305 if (tb[NDA_PROBES] && show_stats) { 306 __u32 p = rta_getattr_u32(tb[NDA_PROBES]); 307 308 fprintf(fp, " probes %u", p); 309 } 310 311 if (r->ndm_state) { 312 int nud = r->ndm_state; 313 314 fprintf(fp, " "); 315 316#define PRINT_FLAG(f) if (nud & NUD_##f) { \ 317 nud &= ~NUD_##f; fprintf(fp, #f "%s", nud ? "," : ""); } 318 PRINT_FLAG(INCOMPLETE); 319 PRINT_FLAG(REACHABLE); 320 PRINT_FLAG(STALE); 321 PRINT_FLAG(DELAY); 322 PRINT_FLAG(PROBE); 323 PRINT_FLAG(FAILED); 324 PRINT_FLAG(NOARP); 325 PRINT_FLAG(PERMANENT); 326#undef PRINT_FLAG 327 } 328 fprintf(fp, "\n"); 329 330 fflush(fp); 331 return 0; 332} 333 334void ipneigh_reset_filter(int ifindex) 335{ 336 memset(&filter, 0, sizeof(filter)); 337 filter.state = ~0; 338 filter.index = ifindex; 339} 340 341static int do_show_or_flush(int argc, char **argv, int flush) 342{ 343 struct { 344 struct nlmsghdr n; 345 struct ndmsg ndm; 346 char buf[256]; 347 } req = { 348 .n.nlmsg_type = RTM_GETNEIGH, 349 .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ndmsg)), 350 }; 351 char *filter_dev = NULL; 352 int state_given = 0; 353 354 ipneigh_reset_filter(0); 355 356 if (!filter.family) 357 filter.family = preferred_family; 358 359 if (flush) { 360 if (argc <= 0) { 361 fprintf(stderr, "Flush requires arguments.\n"); 362 return -1; 363 } 364 filter.state = ~(NUD_PERMANENT|NUD_NOARP); 365 } else 366 filter.state = 0xFF & ~NUD_NOARP; 367 368 while (argc > 0) { 369 if (strcmp(*argv, "dev") == 0) { 370 NEXT_ARG(); 371 if (filter_dev) 372 duparg("dev", *argv); 373 filter_dev = *argv; 374 } else if (strcmp(*argv, "master") == 0) { 375 int ifindex; 376 377 NEXT_ARG(); 378 ifindex = ll_name_to_index(*argv); 379 if (!ifindex) 380 invarg("Device does not exist\n", *argv); 381 addattr32(&req.n, sizeof(req), NDA_MASTER, ifindex); 382 filter.master = ifindex; 383 } else if (strcmp(*argv, "vrf") == 0) { 384 int ifindex; 385 386 NEXT_ARG(); 387 ifindex = ll_name_to_index(*argv); 388 if (!ifindex) 389 invarg("Not a valid VRF name\n", *argv); 390 if (!name_is_vrf(*argv)) 391 invarg("Not a valid VRF name\n", *argv); 392 addattr32(&req.n, sizeof(req), NDA_MASTER, ifindex); 393 filter.master = ifindex; 394 } else if (strcmp(*argv, "unused") == 0) { 395 filter.unused_only = 1; 396 } else if (strcmp(*argv, "nud") == 0) { 397 unsigned int state; 398 399 NEXT_ARG(); 400 if (!state_given) { 401 state_given = 1; 402 filter.state = 0; 403 } 404 if (nud_state_a2n(&state, *argv)) { 405 if (strcmp(*argv, "all") != 0) 406 invarg("nud state is bad", *argv); 407 state = ~0; 408 if (flush) 409 state &= ~NUD_NOARP; 410 } 411 if (state == 0) 412 state = 0x100; 413 filter.state |= state; 414 } else if (strcmp(*argv, "proxy") == 0) 415 req.ndm.ndm_flags = NTF_PROXY; 416 else { 417 if (strcmp(*argv, "to") == 0) { 418 NEXT_ARG(); 419 } 420 if (matches(*argv, "help") == 0) 421 usage(); 422 get_prefix(&filter.pfx, *argv, filter.family); 423 if (filter.family == AF_UNSPEC) 424 filter.family = filter.pfx.family; 425 } 426 argc--; argv++; 427 } 428 429 ll_init_map(&rth); 430 431 if (filter_dev) { 432 if ((filter.index = ll_name_to_index(filter_dev)) == 0) { 433 fprintf(stderr, "Cannot find device \"%s\"\n", filter_dev); 434 return -1; 435 } 436 addattr32(&req.n, sizeof(req), NDA_IFINDEX, filter.index); 437 } 438 439 req.ndm.ndm_family = filter.family; 440 441 if (flush) { 442 int round = 0; 443 char flushb[4096-512]; 444 445 filter.flushb = flushb; 446 filter.flushp = 0; 447 filter.flushe = sizeof(flushb); 448 449 while (round < MAX_ROUNDS) { 450 if (rtnl_dump_request_n(&rth, &req.n) < 0) { 451 perror("Cannot send dump request"); 452 exit(1); 453 } 454 filter.flushed = 0; 455 if (rtnl_dump_filter(&rth, print_neigh, stdout) < 0) { 456 fprintf(stderr, "Flush terminated\n"); 457 exit(1); 458 } 459 if (filter.flushed == 0) { 460 if (show_stats) { 461 if (round == 0) 462 printf("Nothing to flush.\n"); 463 else 464 printf("*** Flush is complete after %d round%s ***\n", round, round > 1?"s":""); 465 } 466 fflush(stdout); 467 return 0; 468 } 469 round++; 470 if (flush_update() < 0) 471 exit(1); 472 if (show_stats) { 473 printf("\n*** Round %d, deleting %d entries ***\n", round, filter.flushed); 474 fflush(stdout); 475 } 476 filter.state &= ~NUD_FAILED; 477 } 478 printf("*** Flush not complete bailing out after %d rounds\n", 479 MAX_ROUNDS); 480 return 1; 481 } 482 483 if (rtnl_dump_request_n(&rth, &req.n) < 0) { 484 perror("Cannot send dump request"); 485 exit(1); 486 } 487 488 if (rtnl_dump_filter(&rth, print_neigh, stdout) < 0) { 489 fprintf(stderr, "Dump terminated\n"); 490 exit(1); 491 } 492 493 return 0; 494} 495 496int do_ipneigh(int argc, char **argv) 497{ 498 if (argc > 0) { 499 if (matches(*argv, "add") == 0) 500 return ipneigh_modify(RTM_NEWNEIGH, NLM_F_CREATE|NLM_F_EXCL, argc-1, argv+1); 501 if (matches(*argv, "change") == 0 || 502 strcmp(*argv, "chg") == 0) 503 return ipneigh_modify(RTM_NEWNEIGH, NLM_F_REPLACE, argc-1, argv+1); 504 if (matches(*argv, "replace") == 0) 505 return ipneigh_modify(RTM_NEWNEIGH, NLM_F_CREATE|NLM_F_REPLACE, argc-1, argv+1); 506 if (matches(*argv, "delete") == 0) 507 return ipneigh_modify(RTM_DELNEIGH, 0, argc-1, argv+1); 508 if (matches(*argv, "get") == 0) { 509 fprintf(stderr, "Sorry, \"neigh get\" is not implemented :-(\n"); 510 return -1; 511 } 512 if (matches(*argv, "show") == 0 || 513 matches(*argv, "lst") == 0 || 514 matches(*argv, "list") == 0) 515 return do_show_or_flush(argc-1, argv+1, 0); 516 if (matches(*argv, "flush") == 0) 517 return do_show_or_flush(argc-1, argv+1, 1); 518 if (matches(*argv, "help") == 0) 519 usage(); 520 } else 521 return do_show_or_flush(0, NULL, 0); 522 523 fprintf(stderr, "Command \"%s\" is unknown, try \"ip neigh help\".\n", *argv); 524 exit(-1); 525} 526