static void gre_erspan_init(NetDev *n) {
Tunnel *t;
assert(n);
switch (n->kind) {
case NETDEV_KIND_GRE:
t = GRE(n);
break;
case NETDEV_KIND_ERSPAN:
t = ERSPAN(n);
break;
case NETDEV_KIND_GRETAP:
t = GRETAP(n);
break;
default:
assert_not_reached("invalid netdev kind");
}
assert(t);
t->pmtudisc = true;
t->gre_erspan_sequence = -1;
t->fou_encap_type = FOU_ENCAP_DIRECT;
}
static int netdev_tunnel_verify(NetDev *netdev, const char *filename) {
Tunnel *t = NULL;
assert(netdev);
assert(filename);
switch (netdev->kind) {
case NETDEV_KIND_IPIP:
t = IPIP(netdev);
break;
case NETDEV_KIND_SIT:
t = SIT(netdev);
break;
case NETDEV_KIND_GRE:
t = GRE(netdev);
break;
case NETDEV_KIND_GRETAP:
t = GRETAP(netdev);
break;
case NETDEV_KIND_IP6GRE:
t = IP6GRE(netdev);
break;
case NETDEV_KIND_IP6GRETAP:
t = IP6GRETAP(netdev);
break;
case NETDEV_KIND_VTI:
t = VTI(netdev);
break;
case NETDEV_KIND_IP6TNL:
t = IP6TNL(netdev);
break;
default:
assert_not_reached("Invalid tunnel kind");
}
assert(t);
if (t->remote.in.s_addr == INADDR_ANY) {
log_warning("Tunnel without remote address configured in %s. Ignoring", filename);
return -EINVAL;
}
if (t->family != AF_INET && t->family != AF_INET6) {
log_warning("Tunnel with invalid address family configured in %s. Ignoring", filename);
return -EINVAL;
}
if (netdev->kind == NETDEV_KIND_IP6TNL) {
if (t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) {
log_warning("IP6 Tunnel without mode configured in %s. Ignoring", filename);
return -EINVAL;
}
}
return 0;
}
static void gre_init(NetDev *n) {
Tunnel *t;
assert(n);
if (n->kind == NETDEV_KIND_GRE)
t = GRE(n);
else
t = GRETAP(n);
assert(t);
t->pmtudisc = true;
}
static int netdev_gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
Tunnel *t;
int r;
assert(netdev);
if (netdev->kind == NETDEV_KIND_GRE)
t = GRE(netdev);
else
t = GRETAP(netdev);
assert(t);
assert(IN_SET(t->family, AF_INET, AF_UNSPEC));
assert(m);
if (link) {
r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m");
}
r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m");
r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in);
if (r < 0)
log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m");
r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m");
r = sd_netlink_message_append_u8(m, IFLA_GRE_TOS, t->tos);
if (r < 0)
log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m");
r = sd_netlink_message_append_u8(m, IFLA_GRE_PMTUDISC, t->pmtudisc);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_PMTUDISC attribute: %m");
return r;
}
static int netdev_tunnel_verify(NetDev *netdev, const char *filename) {
Tunnel *t = NULL;
assert(netdev);
assert(filename);
switch (netdev->kind) {
case NETDEV_KIND_IPIP:
t = IPIP(netdev);
break;
case NETDEV_KIND_SIT:
t = SIT(netdev);
break;
case NETDEV_KIND_GRE:
t = GRE(netdev);
break;
case NETDEV_KIND_GRETAP:
t = GRETAP(netdev);
break;
case NETDEV_KIND_IP6GRE:
t = IP6GRE(netdev);
break;
case NETDEV_KIND_IP6GRETAP:
t = IP6GRETAP(netdev);
break;
case NETDEV_KIND_VTI:
t = VTI(netdev);
break;
case NETDEV_KIND_VTI6:
t = VTI6(netdev);
break;
case NETDEV_KIND_IP6TNL:
t = IP6TNL(netdev);
break;
default:
assert_not_reached("Invalid tunnel kind");
}
assert(t);
if (!IN_SET(t->family, AF_INET, AF_INET6, AF_UNSPEC)) {
log_netdev_error(netdev,
"Tunnel with invalid address family configured in %s. Ignoring", filename);
return -EINVAL;
}
if (netdev->kind == NETDEV_KIND_VTI &&
(t->family != AF_INET || in_addr_is_null(t->family, &t->local))) {
log_netdev_error(netdev,
"vti tunnel without a local IPv4 address configured in %s. Ignoring", filename);
return -EINVAL;
}
if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE) &&
(t->family != AF_INET6 || in_addr_is_null(t->family, &t->local))) {
log_netdev_error(netdev,
"vti6/ip6tnl/ip6gre tunnel without a local IPv6 address configured in %s. Ignoring", filename);
return -EINVAL;
}
if (netdev->kind == NETDEV_KIND_IP6TNL &&
t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) {
log_netdev_error(netdev,
"ip6tnl without mode configured in %s. Ignoring", filename);
return -EINVAL;
}
return 0;
}
static int netdev_tunnel_verify(NetDev *netdev, const char *filename) {
Tunnel *t = NULL;
assert(netdev);
assert(filename);
switch (netdev->kind) {
case NETDEV_KIND_IPIP:
t = IPIP(netdev);
break;
case NETDEV_KIND_SIT:
t = SIT(netdev);
break;
case NETDEV_KIND_GRE:
t = GRE(netdev);
break;
case NETDEV_KIND_GRETAP:
t = GRETAP(netdev);
break;
case NETDEV_KIND_IP6GRE:
t = IP6GRE(netdev);
break;
case NETDEV_KIND_IP6GRETAP:
t = IP6GRETAP(netdev);
break;
case NETDEV_KIND_VTI:
t = VTI(netdev);
break;
case NETDEV_KIND_VTI6:
t = VTI6(netdev);
break;
case NETDEV_KIND_IP6TNL:
t = IP6TNL(netdev);
break;
case NETDEV_KIND_ERSPAN:
t = ERSPAN(netdev);
break;
default:
assert_not_reached("Invalid tunnel kind");
}
assert(t);
if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE, NETDEV_KIND_GRETAP) &&
t->family != AF_INET)
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"vti/ipip/sit/gre tunnel without a local/remote IPv4 address configured in %s. Ignoring", filename);
if (IN_SET(netdev->kind, NETDEV_KIND_GRETAP, NETDEV_KIND_ERSPAN) &&
(t->family != AF_INET || in_addr_is_null(t->family, &t->remote)))
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"gretap/erspan tunnel without a remote IPv4 address configured in %s. Ignoring", filename);
if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE, NETDEV_KIND_IP6GRETAP) &&
t->family != AF_INET6)
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"vti6/ip6tnl/ip6gre tunnel without a local/remote IPv6 address configured in %s. Ignoring", filename);
if (netdev->kind == NETDEV_KIND_IP6GRETAP &&
(t->family != AF_INET6 || in_addr_is_null(t->family, &t->remote)))
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"ip6gretap tunnel without a remote IPv6 address configured in %s. Ignoring", filename);
if (netdev->kind == NETDEV_KIND_IP6TNL &&
t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID)
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"ip6tnl without mode configured in %s. Ignoring", filename);
if (t->fou_tunnel && t->fou_destination_port <= 0)
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"FooOverUDP missing port configured in %s. Ignoring", filename);
if (netdev->kind == NETDEV_KIND_ERSPAN && (t->erspan_index >= (1 << 20) || t->erspan_index == 0))
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), "Invalid erspan index %d. Ignoring", t->erspan_index);
return 0;
}
static int netdev_gre_erspan_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
uint32_t ikey = 0;
uint32_t okey = 0;
uint16_t iflags = 0;
uint16_t oflags = 0;
Tunnel *t;
int r;
assert(netdev);
assert(m);
switch (netdev->kind) {
case NETDEV_KIND_GRE:
t = GRE(netdev);
break;
case NETDEV_KIND_ERSPAN:
t = ERSPAN(netdev);
break;
case NETDEV_KIND_GRETAP:
t = GRETAP(netdev);
break;
default:
assert_not_reached("invalid netdev kind");
}
assert(t);
assert(t->family == AF_INET);
if (link) {
r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m");
}
if (netdev->kind == NETDEV_KIND_ERSPAN) {
r = sd_netlink_message_append_u32(m, IFLA_GRE_ERSPAN_INDEX, t->erspan_index);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ERSPAN_INDEX attribute: %m");
}
r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m");
r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m");
r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m");
r = sd_netlink_message_append_u8(m, IFLA_GRE_TOS, t->tos);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m");
r = sd_netlink_message_append_u8(m, IFLA_GRE_PMTUDISC, t->pmtudisc);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_PMTUDISC attribute: %m");
if (t->key != 0) {
ikey = okey = htobe32(t->key);
iflags |= GRE_KEY;
oflags |= GRE_KEY;
}
if (t->ikey != 0) {
ikey = htobe32(t->ikey);
iflags |= GRE_KEY;
}
if (t->okey != 0) {
okey = htobe32(t->okey);
oflags |= GRE_KEY;
}
if (t->gre_erspan_sequence > 0) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
} else if (t->gre_erspan_sequence == 0) {
iflags &= ~GRE_SEQ;
oflags &= ~GRE_SEQ;
}
r = sd_netlink_message_append_u32(m, IFLA_GRE_IKEY, ikey);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_IKEY attribute: %m");
r = sd_netlink_message_append_u32(m, IFLA_GRE_OKEY, okey);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_OKEY attribute: %m");
r = sd_netlink_message_append_u16(m, IFLA_GRE_IFLAGS, iflags);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_IFLAGS attribute: %m");
r = sd_netlink_message_append_u16(m, IFLA_GRE_OFLAGS, oflags);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_OFLAGS, attribute: %m");
if (t->fou_tunnel) {
r = sd_netlink_message_append_u16(m, IFLA_GRE_ENCAP_TYPE, t->fou_encap_type);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ENCAP_TYPE attribute: %m");
r = sd_netlink_message_append_u16(m, IFLA_GRE_ENCAP_SPORT, htobe16(t->encap_src_port));
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ENCAP_SPORT attribute: %m");
r = sd_netlink_message_append_u16(m, IFLA_GRE_ENCAP_DPORT, htobe16(t->fou_destination_port));
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ENCAP_DPORT attribute: %m");
}
return r;
}
