static void gre_erspan_init(NetDev *n) { Tunnel *t; assert(n); switch (n->kind) { case NETDEV_KIND_GRE: t = GRE(n); break; case NETDEV_KIND_ERSPAN: t = ERSPAN(n); break; case NETDEV_KIND_GRETAP: t = GRETAP(n); break; default: assert_not_reached("invalid netdev kind"); } assert(t); t->pmtudisc = true; t->gre_erspan_sequence = -1; t->fou_encap_type = FOU_ENCAP_DIRECT; }
static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { Tunnel *t = NULL; assert(netdev); assert(filename); switch (netdev->kind) { case NETDEV_KIND_IPIP: t = IPIP(netdev); break; case NETDEV_KIND_SIT: t = SIT(netdev); break; case NETDEV_KIND_GRE: t = GRE(netdev); break; case NETDEV_KIND_GRETAP: t = GRETAP(netdev); break; case NETDEV_KIND_IP6GRE: t = IP6GRE(netdev); break; case NETDEV_KIND_IP6GRETAP: t = IP6GRETAP(netdev); break; case NETDEV_KIND_VTI: t = VTI(netdev); break; case NETDEV_KIND_IP6TNL: t = IP6TNL(netdev); break; default: assert_not_reached("Invalid tunnel kind"); } assert(t); if (t->remote.in.s_addr == INADDR_ANY) { log_warning("Tunnel without remote address configured in %s. Ignoring", filename); return -EINVAL; } if (t->family != AF_INET && t->family != AF_INET6) { log_warning("Tunnel with invalid address family configured in %s. Ignoring", filename); return -EINVAL; } if (netdev->kind == NETDEV_KIND_IP6TNL) { if (t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) { log_warning("IP6 Tunnel without mode configured in %s. Ignoring", filename); return -EINVAL; } } return 0; }
static void gre_init(NetDev *n) { Tunnel *t; assert(n); if (n->kind == NETDEV_KIND_GRE) t = GRE(n); else t = GRETAP(n); assert(t); t->pmtudisc = true; }
static int netdev_gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) { Tunnel *t; int r; assert(netdev); if (netdev->kind == NETDEV_KIND_GRE) t = GRE(netdev); else t = GRETAP(netdev); assert(t); assert(IN_SET(t->family, AF_INET, AF_UNSPEC)); assert(m); if (link) { r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m"); } r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m"); r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in); if (r < 0) log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_TOS, t->tos); if (r < 0) log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_PMTUDISC, t->pmtudisc); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_PMTUDISC attribute: %m"); return r; }
static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { Tunnel *t = NULL; assert(netdev); assert(filename); switch (netdev->kind) { case NETDEV_KIND_IPIP: t = IPIP(netdev); break; case NETDEV_KIND_SIT: t = SIT(netdev); break; case NETDEV_KIND_GRE: t = GRE(netdev); break; case NETDEV_KIND_GRETAP: t = GRETAP(netdev); break; case NETDEV_KIND_IP6GRE: t = IP6GRE(netdev); break; case NETDEV_KIND_IP6GRETAP: t = IP6GRETAP(netdev); break; case NETDEV_KIND_VTI: t = VTI(netdev); break; case NETDEV_KIND_VTI6: t = VTI6(netdev); break; case NETDEV_KIND_IP6TNL: t = IP6TNL(netdev); break; default: assert_not_reached("Invalid tunnel kind"); } assert(t); if (!IN_SET(t->family, AF_INET, AF_INET6, AF_UNSPEC)) { log_netdev_error(netdev, "Tunnel with invalid address family configured in %s. Ignoring", filename); return -EINVAL; } if (netdev->kind == NETDEV_KIND_VTI && (t->family != AF_INET || in_addr_is_null(t->family, &t->local))) { log_netdev_error(netdev, "vti tunnel without a local IPv4 address configured in %s. Ignoring", filename); return -EINVAL; } if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE) && (t->family != AF_INET6 || in_addr_is_null(t->family, &t->local))) { log_netdev_error(netdev, "vti6/ip6tnl/ip6gre tunnel without a local IPv6 address configured in %s. Ignoring", filename); return -EINVAL; } if (netdev->kind == NETDEV_KIND_IP6TNL && t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) { log_netdev_error(netdev, "ip6tnl without mode configured in %s. Ignoring", filename); return -EINVAL; } return 0; }
static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { Tunnel *t = NULL; assert(netdev); assert(filename); switch (netdev->kind) { case NETDEV_KIND_IPIP: t = IPIP(netdev); break; case NETDEV_KIND_SIT: t = SIT(netdev); break; case NETDEV_KIND_GRE: t = GRE(netdev); break; case NETDEV_KIND_GRETAP: t = GRETAP(netdev); break; case NETDEV_KIND_IP6GRE: t = IP6GRE(netdev); break; case NETDEV_KIND_IP6GRETAP: t = IP6GRETAP(netdev); break; case NETDEV_KIND_VTI: t = VTI(netdev); break; case NETDEV_KIND_VTI6: t = VTI6(netdev); break; case NETDEV_KIND_IP6TNL: t = IP6TNL(netdev); break; case NETDEV_KIND_ERSPAN: t = ERSPAN(netdev); break; default: assert_not_reached("Invalid tunnel kind"); } assert(t); if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE, NETDEV_KIND_GRETAP) && t->family != AF_INET) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "vti/ipip/sit/gre tunnel without a local/remote IPv4 address configured in %s. Ignoring", filename); if (IN_SET(netdev->kind, NETDEV_KIND_GRETAP, NETDEV_KIND_ERSPAN) && (t->family != AF_INET || in_addr_is_null(t->family, &t->remote))) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "gretap/erspan tunnel without a remote IPv4 address configured in %s. Ignoring", filename); if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE, NETDEV_KIND_IP6GRETAP) && t->family != AF_INET6) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "vti6/ip6tnl/ip6gre tunnel without a local/remote IPv6 address configured in %s. Ignoring", filename); if (netdev->kind == NETDEV_KIND_IP6GRETAP && (t->family != AF_INET6 || in_addr_is_null(t->family, &t->remote))) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "ip6gretap tunnel without a remote IPv6 address configured in %s. Ignoring", filename); if (netdev->kind == NETDEV_KIND_IP6TNL && t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "ip6tnl without mode configured in %s. Ignoring", filename); if (t->fou_tunnel && t->fou_destination_port <= 0) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "FooOverUDP missing port configured in %s. Ignoring", filename); if (netdev->kind == NETDEV_KIND_ERSPAN && (t->erspan_index >= (1 << 20) || t->erspan_index == 0)) return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "Invalid erspan index %d. Ignoring", t->erspan_index); return 0; }
static int netdev_gre_erspan_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) { uint32_t ikey = 0; uint32_t okey = 0; uint16_t iflags = 0; uint16_t oflags = 0; Tunnel *t; int r; assert(netdev); assert(m); switch (netdev->kind) { case NETDEV_KIND_GRE: t = GRE(netdev); break; case NETDEV_KIND_ERSPAN: t = ERSPAN(netdev); break; case NETDEV_KIND_GRETAP: t = GRETAP(netdev); break; default: assert_not_reached("invalid netdev kind"); } assert(t); assert(t->family == AF_INET); if (link) { r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m"); } if (netdev->kind == NETDEV_KIND_ERSPAN) { r = sd_netlink_message_append_u32(m, IFLA_GRE_ERSPAN_INDEX, t->erspan_index); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ERSPAN_INDEX attribute: %m"); } r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m"); r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_TOS, t->tos); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_PMTUDISC, t->pmtudisc); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_PMTUDISC attribute: %m"); if (t->key != 0) { ikey = okey = htobe32(t->key); iflags |= GRE_KEY; oflags |= GRE_KEY; } if (t->ikey != 0) { ikey = htobe32(t->ikey); iflags |= GRE_KEY; } if (t->okey != 0) { okey = htobe32(t->okey); oflags |= GRE_KEY; } if (t->gre_erspan_sequence > 0) { iflags |= GRE_SEQ; oflags |= GRE_SEQ; } else if (t->gre_erspan_sequence == 0) { iflags &= ~GRE_SEQ; oflags &= ~GRE_SEQ; } r = sd_netlink_message_append_u32(m, IFLA_GRE_IKEY, ikey); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_IKEY attribute: %m"); r = sd_netlink_message_append_u32(m, IFLA_GRE_OKEY, okey); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_OKEY attribute: %m"); r = sd_netlink_message_append_u16(m, IFLA_GRE_IFLAGS, iflags); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_IFLAGS attribute: %m"); r = sd_netlink_message_append_u16(m, IFLA_GRE_OFLAGS, oflags); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_OFLAGS, attribute: %m"); if (t->fou_tunnel) { r = sd_netlink_message_append_u16(m, IFLA_GRE_ENCAP_TYPE, t->fou_encap_type); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ENCAP_TYPE attribute: %m"); r = sd_netlink_message_append_u16(m, IFLA_GRE_ENCAP_SPORT, htobe16(t->encap_src_port)); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ENCAP_SPORT attribute: %m"); r = sd_netlink_message_append_u16(m, IFLA_GRE_ENCAP_DPORT, htobe16(t->fou_destination_port)); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ENCAP_DPORT attribute: %m"); } return r; }