static int parse_encap_ip6(struct rtattr *rta, size_t len, int *argcp, char ***argvp)
{
int id_ok = 0, dst_ok = 0, tos_ok = 0, ttl_ok = 0;
char **argv = *argvp;
int argc = *argcp;
while (argc > 0) {
if (strcmp(*argv, "id") == 0) {
__u64 id;
NEXT_ARG();
if (id_ok++)
duparg2("id", *argv);
if (get_be64(&id, *argv, 0))
invarg("\"id\" value is invalid\n", *argv);
rta_addattr64(rta, len, LWTUNNEL_IP6_ID, id);
} else if (strcmp(*argv, "dst") == 0) {
inet_prefix addr;
NEXT_ARG();
if (dst_ok++)
duparg2("dst", *argv);
get_addr(&addr, *argv, AF_INET6);
rta_addattr_l(rta, len, LWTUNNEL_IP6_DST, &addr.data, addr.bytelen);
} else if (strcmp(*argv, "tc") == 0) {
__u32 tc;
NEXT_ARG();
if (tos_ok++)
duparg2("tc", *argv);
if (rtnl_dsfield_a2n(&tc, *argv))
invarg("\"tc\" value is invalid\n", *argv);
rta_addattr8(rta, len, LWTUNNEL_IP6_TC, tc);
} else if (strcmp(*argv, "hoplimit") == 0) {
__u8 hoplimit;
NEXT_ARG();
if (ttl_ok++)
duparg2("hoplimit", *argv);
if (get_u8(&hoplimit, *argv, 0))
invarg("\"hoplimit\" value is invalid\n", *argv);
rta_addattr8(rta, len, LWTUNNEL_IP6_HOPLIMIT, hoplimit);
} else {
break;
}
argc--; argv++;
}
/* argv is currently the first unparsed argument,
* but the lwt_parse_encap() caller will move to the next,
* so step back */
*argcp = argc + 1;
*argvp = argv - 1;
return 0;
}
static int parse_args(int argc, char **argv, int cmd, struct ip_tunnel_parm *p)
{
int count = 0;
char medium[IFNAMSIZ];
int isatap = 0;
memset(p, 0, sizeof(*p));
memset(&medium, 0, sizeof(medium));
p->iph.version = 4;
p->iph.ihl = 5;
#ifndef IP_DF
#define IP_DF 0x4000 /* Flag: "Don't Fragment" */
#endif
p->iph.frag_off = htons(IP_DF);
while (argc > 0) {
if (strcmp(*argv, "mode") == 0) {
NEXT_ARG();
if (strcmp(*argv, "ipip") == 0 ||
strcmp(*argv, "ip/ip") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPIP) {
fprintf(stderr,"You managed to ask for more than one tunnel mode.\n");
exit(-1);
}
p->iph.protocol = IPPROTO_IPIP;
} else if (strcmp(*argv, "gre") == 0 ||
strcmp(*argv, "gre/ip") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_GRE) {
fprintf(stderr,"You managed to ask for more than one tunnel mode.\n");
exit(-1);
}
p->iph.protocol = IPPROTO_GRE;
} else if (strcmp(*argv, "sit") == 0 ||
strcmp(*argv, "ipv6/ip") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPV6) {
fprintf(stderr,"You managed to ask for more than one tunnel mode.\n");
exit(-1);
}
p->iph.protocol = IPPROTO_IPV6;
} else if (strcmp(*argv, "isatap") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPV6) {
fprintf(stderr, "You managed to ask for more than one tunnel mode.\n");
exit(-1);
}
p->iph.protocol = IPPROTO_IPV6;
isatap++;
} else if (strcmp(*argv, "vti") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPIP) {
fprintf(stderr, "You managed to ask for more than one tunnel mode.\n");
exit(-1);
}
p->iph.protocol = IPPROTO_IPIP;
p->i_flags |= VTI_ISVTI;
} else {
fprintf(stderr,"Unknown tunnel mode \"%s\"\n", *argv);
exit(-1);
}
} else if (strcmp(*argv, "key") == 0) {
unsigned uval;
NEXT_ARG();
p->i_flags |= GRE_KEY;
p->o_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->i_key = p->o_key = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
fprintf(stderr, "invalid value for \"key\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
p->i_key = p->o_key = htonl(uval);
}
} else if (strcmp(*argv, "ikey") == 0) {
unsigned uval;
NEXT_ARG();
p->i_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->i_key = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
fprintf(stderr, "invalid value for \"ikey\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
p->i_key = htonl(uval);
}
} else if (strcmp(*argv, "okey") == 0) {
unsigned uval;
NEXT_ARG();
p->o_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->o_key = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
fprintf(stderr, "invalid value for \"okey\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
p->o_key = htonl(uval);
}
} else if (strcmp(*argv, "seq") == 0) {
p->i_flags |= GRE_SEQ;
p->o_flags |= GRE_SEQ;
} else if (strcmp(*argv, "iseq") == 0) {
p->i_flags |= GRE_SEQ;
} else if (strcmp(*argv, "oseq") == 0) {
p->o_flags |= GRE_SEQ;
} else if (strcmp(*argv, "csum") == 0) {
p->i_flags |= GRE_CSUM;
p->o_flags |= GRE_CSUM;
} else if (strcmp(*argv, "icsum") == 0) {
p->i_flags |= GRE_CSUM;
} else if (strcmp(*argv, "ocsum") == 0) {
p->o_flags |= GRE_CSUM;
} else if (strcmp(*argv, "nopmtudisc") == 0) {
p->iph.frag_off = 0;
} else if (strcmp(*argv, "pmtudisc") == 0) {
p->iph.frag_off = htons(IP_DF);
} else if (strcmp(*argv, "remote") == 0) {
NEXT_ARG();
if (strcmp(*argv, "any"))
p->iph.daddr = get_addr32(*argv);
} else if (strcmp(*argv, "local") == 0) {
NEXT_ARG();
if (strcmp(*argv, "any"))
p->iph.saddr = get_addr32(*argv);
} else if (strcmp(*argv, "dev") == 0) {
NEXT_ARG();
strncpy(medium, *argv, IFNAMSIZ-1);
} else if (strcmp(*argv, "ttl") == 0 ||
strcmp(*argv, "hoplimit") == 0) {
unsigned uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg("invalid TTL\n", *argv);
if (uval > 255)
invarg("TTL must be <=255\n", *argv);
p->iph.ttl = uval;
}
} else if (strcmp(*argv, "tos") == 0 ||
strcmp(*argv, "tclass") == 0 ||
matches(*argv, "dsfield") == 0) {
char *dsfield;
__u32 uval;
NEXT_ARG();
dsfield = *argv;
strsep(&dsfield, "/");
if (strcmp(*argv, "inherit") != 0) {
dsfield = *argv;
p->iph.tos = 0;
} else
p->iph.tos = 1;
if (dsfield) {
if (rtnl_dsfield_a2n(&uval, dsfield))
invarg("bad TOS value", *argv);
p->iph.tos |= uval;
}
} else {
if (strcmp(*argv, "name") == 0) {
NEXT_ARG();
} else if (matches(*argv, "help") == 0)
usage();
if (p->name[0])
duparg2("name", *argv);
strncpy(p->name, *argv, IFNAMSIZ);
if (cmd == SIOCCHGTUNNEL && count == 0) {
struct ip_tunnel_parm old_p;
memset(&old_p, 0, sizeof(old_p));
if (tnl_get_ioctl(*argv, &old_p))
return -1;
*p = old_p;
}
}
count++;
argc--; argv++;
}
if (p->iph.protocol == 0) {
if (memcmp(p->name, "gre", 3) == 0)
p->iph.protocol = IPPROTO_GRE;
else if (memcmp(p->name, "ipip", 4) == 0)
p->iph.protocol = IPPROTO_IPIP;
else if (memcmp(p->name, "sit", 3) == 0)
p->iph.protocol = IPPROTO_IPV6;
else if (memcmp(p->name, "isatap", 6) == 0) {
p->iph.protocol = IPPROTO_IPV6;
isatap++;
} else if (memcmp(p->name, "vti", 3) == 0) {
p->iph.protocol = IPPROTO_IPIP;
p->i_flags |= VTI_ISVTI;
}
}
if ((p->i_flags & GRE_KEY) || (p->o_flags & GRE_KEY)) {
if (!(p->i_flags & VTI_ISVTI) &&
(p->iph.protocol != IPPROTO_GRE)) {
fprintf(stderr, "Keys are not allowed with ipip and sit tunnels\n");
return -1;
}
}
if (medium[0]) {
p->link = if_nametoindex(medium);
if (p->link == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n",
medium);
return -1;
}
}
if (p->i_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->i_key = p->iph.daddr;
p->i_flags |= GRE_KEY;
}
if (p->o_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->o_key = p->iph.daddr;
p->o_flags |= GRE_KEY;
}
if (IN_MULTICAST(ntohl(p->iph.daddr)) && !p->iph.saddr) {
fprintf(stderr, "A broadcast tunnel requires a source address\n");
return -1;
}
if (isatap)
p->i_flags |= SIT_ISATAP;
return 0;
}
static int iprule_modify(int cmd, int argc, char **argv)
{
int table_ok = 0;
struct {
struct nlmsghdr n;
struct rtmsg r;
char buf[1024];
} req;
memset(&req, 0, sizeof(req));
req.n.nlmsg_type = cmd;
req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
req.n.nlmsg_flags = NLM_F_REQUEST;
req.r.rtm_family = preferred_family;
req.r.rtm_protocol = RTPROT_BOOT;
req.r.rtm_scope = RT_SCOPE_UNIVERSE;
req.r.rtm_table = 0;
req.r.rtm_type = RTN_UNSPEC;
req.r.rtm_flags = 0;
if (cmd == RTM_NEWRULE) {
req.n.nlmsg_flags |= NLM_F_CREATE|NLM_F_EXCL;
req.r.rtm_type = RTN_UNICAST;
}
while (argc > 0) {
if (strcmp(*argv, "not") == 0) {
req.r.rtm_flags |= FIB_RULE_INVERT;
} else if (strcmp(*argv, "from") == 0) {
inet_prefix dst;
NEXT_ARG();
get_prefix(&dst, *argv, req.r.rtm_family);
req.r.rtm_src_len = dst.bitlen;
addattr_l(&req.n, sizeof(req), FRA_SRC, &dst.data, dst.bytelen);
} else if (strcmp(*argv, "to") == 0) {
inet_prefix dst;
NEXT_ARG();
get_prefix(&dst, *argv, req.r.rtm_family);
req.r.rtm_dst_len = dst.bitlen;
addattr_l(&req.n, sizeof(req), FRA_DST, &dst.data, dst.bytelen);
} else if (matches(*argv, "preference") == 0 ||
matches(*argv, "order") == 0 ||
matches(*argv, "priority") == 0) {
__u32 pref;
NEXT_ARG();
if (get_u32(&pref, *argv, 0))
invarg("preference value is invalid\n", *argv);
addattr32(&req.n, sizeof(req), FRA_PRIORITY, pref);
} else if (strcmp(*argv, "tos") == 0) {
__u32 tos;
NEXT_ARG();
if (rtnl_dsfield_a2n(&tos, *argv))
invarg("TOS value is invalid\n", *argv);
req.r.rtm_tos = tos;
} else if (strcmp(*argv, "fwmark") == 0) {
char *slash;
__u32 fwmark, fwmask;
NEXT_ARG();
if ((slash = strchr(*argv, '/')) != NULL)
*slash = '\0';
if (get_u32(&fwmark, *argv, 0))
invarg("fwmark value is invalid\n", *argv);
addattr32(&req.n, sizeof(req), FRA_FWMARK, fwmark);
if (slash) {
if (get_u32(&fwmask, slash+1, 0))
invarg("fwmask value is invalid\n", slash+1);
addattr32(&req.n, sizeof(req), FRA_FWMASK, fwmask);
}
} else if (matches(*argv, "realms") == 0) {
__u32 realm;
NEXT_ARG();
if (get_rt_realms(&realm, *argv))
invarg("invalid realms\n", *argv);
addattr32(&req.n, sizeof(req), FRA_FLOW, realm);
} else if (matches(*argv, "table") == 0 ||
strcmp(*argv, "lookup") == 0) {
__u32 tid;
NEXT_ARG();
if (rtnl_rttable_a2n(&tid, *argv))
invarg("invalid table ID\n", *argv);
if (tid < 256)
req.r.rtm_table = tid;
else {
req.r.rtm_table = RT_TABLE_UNSPEC;
addattr32(&req.n, sizeof(req), FRA_TABLE, tid);
}
table_ok = 1;
} else if (strcmp(*argv, "dev") == 0 ||
strcmp(*argv, "iif") == 0) {
NEXT_ARG();
addattr_l(&req.n, sizeof(req), FRA_IFNAME, *argv, strlen(*argv)+1);
} else if (strcmp(*argv, "nat") == 0 ||
matches(*argv, "map-to") == 0) {
NEXT_ARG();
fprintf(stderr, "Warning: route NAT is deprecated\n");
addattr32(&req.n, sizeof(req), RTA_GATEWAY, get_addr32(*argv));
req.r.rtm_type = RTN_NAT;
} else {
int type;
if (strcmp(*argv, "type") == 0) {
NEXT_ARG();
}
if (matches(*argv, "help") == 0)
usage();
else if (matches(*argv, "goto") == 0) {
__u32 target;
type = FR_ACT_GOTO;
NEXT_ARG();
if (get_u32(&target, *argv, 0))
invarg("invalid target\n", *argv);
addattr32(&req.n, sizeof(req), FRA_GOTO, target);
} else if (matches(*argv, "nop") == 0)
type = FR_ACT_NOP;
else if (rtnl_rtntype_a2n(&type, *argv))
invarg("Failed to parse rule type", *argv);
req.r.rtm_type = type;
table_ok = 1;
}
argc--;
argv++;
}
if (req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = AF_INET;
if (!table_ok && cmd == RTM_NEWRULE)
req.r.rtm_table = RT_TABLE_MAIN;
if (rtnl_talk(&rth, &req.n, 0, 0, NULL, NULL, NULL) < 0)
return 2;
return 0;
}
static int gre_parse_opt(struct link_util *lu, int argc, char **argv,
struct nlmsghdr *n)
{
struct {
struct nlmsghdr n;
struct ifinfomsg i;
char buf[16384];
} req;
struct ifinfomsg *ifi = (struct ifinfomsg *)(n + 1);
struct rtattr *tb[IFLA_MAX + 1];
struct rtattr *linkinfo[IFLA_INFO_MAX+1];
struct rtattr *greinfo[IFLA_GRE_MAX + 1];
__u16 iflags = 0;
__u16 oflags = 0;
unsigned ikey = 0;
unsigned okey = 0;
unsigned saddr = 0;
unsigned daddr = 0;
unsigned link = 0;
__u8 pmtudisc = 1;
__u8 ttl = 0;
__u8 tos = 0;
int len;
__u16 encaptype = 0;
__u16 encapflags = 0;
__u16 encapsport = 0;
__u16 encapdport = 0;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
memset(&req, 0, sizeof(req));
req.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi));
req.n.nlmsg_flags = NLM_F_REQUEST;
req.n.nlmsg_type = RTM_GETLINK;
req.i.ifi_family = preferred_family;
req.i.ifi_index = ifi->ifi_index;
if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
get_failed:
fprintf(stderr,
"Failed to get existing tunnel info.\n");
return -1;
}
len = req.n.nlmsg_len;
len -= NLMSG_LENGTH(sizeof(*ifi));
if (len < 0)
goto get_failed;
parse_rtattr(tb, IFLA_MAX, IFLA_RTA(&req.i), len);
if (!tb[IFLA_LINKINFO])
goto get_failed;
parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);
if (!linkinfo[IFLA_INFO_DATA])
goto get_failed;
parse_rtattr_nested(greinfo, IFLA_GRE_MAX,
linkinfo[IFLA_INFO_DATA]);
if (greinfo[IFLA_GRE_IKEY])
ikey = rta_getattr_u32(greinfo[IFLA_GRE_IKEY]);
if (greinfo[IFLA_GRE_OKEY])
okey = rta_getattr_u32(greinfo[IFLA_GRE_OKEY]);
if (greinfo[IFLA_GRE_IFLAGS])
iflags = rta_getattr_u16(greinfo[IFLA_GRE_IFLAGS]);
if (greinfo[IFLA_GRE_OFLAGS])
oflags = rta_getattr_u16(greinfo[IFLA_GRE_OFLAGS]);
if (greinfo[IFLA_GRE_LOCAL])
saddr = rta_getattr_u32(greinfo[IFLA_GRE_LOCAL]);
if (greinfo[IFLA_GRE_REMOTE])
daddr = rta_getattr_u32(greinfo[IFLA_GRE_REMOTE]);
if (greinfo[IFLA_GRE_PMTUDISC])
pmtudisc = rta_getattr_u8(
greinfo[IFLA_GRE_PMTUDISC]);
if (greinfo[IFLA_GRE_TTL])
ttl = rta_getattr_u8(greinfo[IFLA_GRE_TTL]);
if (greinfo[IFLA_GRE_TOS])
tos = rta_getattr_u8(greinfo[IFLA_GRE_TOS]);
if (greinfo[IFLA_GRE_LINK])
link = rta_getattr_u8(greinfo[IFLA_GRE_LINK]);
if (greinfo[IFLA_GRE_ENCAP_TYPE])
encaptype = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_TYPE]);
if (greinfo[IFLA_GRE_ENCAP_FLAGS])
encapflags = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_FLAGS]);
if (greinfo[IFLA_GRE_ENCAP_SPORT])
encapsport = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_SPORT]);
if (greinfo[IFLA_GRE_ENCAP_DPORT])
encapdport = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_DPORT]);
}
while (argc > 0) {
if (!matches(*argv, "key")) {
unsigned uval;
NEXT_ARG();
iflags |= GRE_KEY;
oflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0) < 0) {
fprintf(stderr,
"Invalid value for \"key\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
uval = htonl(uval);
}
ikey = okey = uval;
} else if (!matches(*argv, "ikey")) {
unsigned uval;
NEXT_ARG();
iflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
fprintf(stderr, "invalid value for \"ikey\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
uval = htonl(uval);
}
ikey = uval;
} else if (!matches(*argv, "okey")) {
unsigned uval;
NEXT_ARG();
oflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
fprintf(stderr, "invalid value for \"okey\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
uval = htonl(uval);
}
okey = uval;
} else if (!matches(*argv, "seq")) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
} else if (!matches(*argv, "iseq")) {
iflags |= GRE_SEQ;
} else if (!matches(*argv, "oseq")) {
oflags |= GRE_SEQ;
} else if (!matches(*argv, "csum")) {
iflags |= GRE_CSUM;
oflags |= GRE_CSUM;
} else if (!matches(*argv, "icsum")) {
iflags |= GRE_CSUM;
} else if (!matches(*argv, "ocsum")) {
oflags |= GRE_CSUM;
} else if (!matches(*argv, "nopmtudisc")) {
pmtudisc = 0;
} else if (!matches(*argv, "pmtudisc")) {
pmtudisc = 1;
} else if (!matches(*argv, "remote")) {
NEXT_ARG();
if (strcmp(*argv, "any"))
daddr = get_addr32(*argv);
} else if (!matches(*argv, "local")) {
NEXT_ARG();
if (strcmp(*argv, "any"))
saddr = get_addr32(*argv);
} else if (!matches(*argv, "dev")) {
NEXT_ARG();
link = if_nametoindex(*argv);
if (link == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n",
*argv);
exit(-1);
}
} else if (!matches(*argv, "ttl") ||
!matches(*argv, "hoplimit")) {
unsigned uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg("invalid TTL\n", *argv);
if (uval > 255)
invarg("TTL must be <= 255\n", *argv);
ttl = uval;
}
} else if (!matches(*argv, "tos") ||
!matches(*argv, "tclass") ||
!matches(*argv, "dsfield")) {
__u32 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg("bad TOS value", *argv);
tos = uval;
} else
tos = 1;
} else if (strcmp(*argv, "noencap") == 0) {
encaptype = TUNNEL_ENCAP_NONE;
} else if (strcmp(*argv, "encap") == 0) {
NEXT_ARG();
if (strcmp(*argv, "fou") == 0)
encaptype = TUNNEL_ENCAP_FOU;
else if (strcmp(*argv, "gue") == 0)
encaptype = TUNNEL_ENCAP_GUE;
else if (strcmp(*argv, "none") == 0)
encaptype = TUNNEL_ENCAP_NONE;
else
invarg("Invalid encap type.", *argv);
} else if (strcmp(*argv, "encap-sport") == 0) {
NEXT_ARG();
if (strcmp(*argv, "auto") == 0)
encapsport = 0;
else if (get_u16(&encapsport, *argv, 0))
invarg("Invalid source port.", *argv);
} else if (strcmp(*argv, "encap-dport") == 0) {
NEXT_ARG();
if (get_u16(&encapdport, *argv, 0))
invarg("Invalid destination port.", *argv);
} else if (strcmp(*argv, "encap-csum") == 0) {
encapflags |= TUNNEL_ENCAP_FLAG_CSUM;
} else if (strcmp(*argv, "noencap-csum") == 0) {
encapflags &= ~TUNNEL_ENCAP_FLAG_CSUM;
} else if (strcmp(*argv, "encap-udp6-csum") == 0) {
encapflags |= TUNNEL_ENCAP_FLAG_CSUM6;
} else if (strcmp(*argv, "noencap-udp6-csum") == 0) {
encapflags |= ~TUNNEL_ENCAP_FLAG_CSUM6;
} else if (strcmp(*argv, "encap-remcsum") == 0) {
encapflags |= TUNNEL_ENCAP_FLAG_REMCSUM;
} else if (strcmp(*argv, "noencap-remcsum") == 0) {
encapflags |= ~TUNNEL_ENCAP_FLAG_REMCSUM;
} else
usage();
argc--; argv++;
}
if (!ikey && IN_MULTICAST(ntohl(daddr))) {
ikey = daddr;
iflags |= GRE_KEY;
}
if (!okey && IN_MULTICAST(ntohl(daddr))) {
okey = daddr;
oflags |= GRE_KEY;
}
if (IN_MULTICAST(ntohl(daddr)) && !saddr) {
fprintf(stderr, "A broadcast tunnel requires a source address.\n");
return -1;
}
addattr32(n, 1024, IFLA_GRE_IKEY, ikey);
addattr32(n, 1024, IFLA_GRE_OKEY, okey);
addattr_l(n, 1024, IFLA_GRE_IFLAGS, &iflags, 2);
addattr_l(n, 1024, IFLA_GRE_OFLAGS, &oflags, 2);
addattr_l(n, 1024, IFLA_GRE_LOCAL, &saddr, 4);
addattr_l(n, 1024, IFLA_GRE_REMOTE, &daddr, 4);
addattr_l(n, 1024, IFLA_GRE_PMTUDISC, &pmtudisc, 1);
if (link)
addattr32(n, 1024, IFLA_GRE_LINK, link);
addattr_l(n, 1024, IFLA_GRE_TTL, &ttl, 1);
addattr_l(n, 1024, IFLA_GRE_TOS, &tos, 1);
addattr16(n, 1024, IFLA_GRE_ENCAP_TYPE, encaptype);
addattr16(n, 1024, IFLA_GRE_ENCAP_FLAGS, encapflags);
addattr16(n, 1024, IFLA_GRE_ENCAP_SPORT, htons(encapsport));
addattr16(n, 1024, IFLA_GRE_ENCAP_DPORT, htons(encapdport));
return 0;
}
static int iptunnel_parse_opt(struct link_util *lu, int argc, char **argv,
struct nlmsghdr *n)
{
struct {
struct nlmsghdr n;
struct ifinfomsg i;
char buf[2048];
} req;
struct ifinfomsg *ifi = (struct ifinfomsg *)(n + 1);
struct rtattr *tb[IFLA_MAX + 1];
struct rtattr *linkinfo[IFLA_INFO_MAX+1];
struct rtattr *iptuninfo[IFLA_IPTUN_MAX + 1];
int len;
__u32 link = 0;
__u32 laddr = 0;
__u32 raddr = 0;
__u8 ttl = 0;
__u8 tos = 0;
__u8 pmtudisc = 1;
__u16 iflags = 0;
__u8 proto = 0;
struct in6_addr ip6rdprefix;
__u16 ip6rdprefixlen = 0;
__u32 ip6rdrelayprefix = 0;
__u16 ip6rdrelayprefixlen = 0;
memset(&ip6rdprefix, 0, sizeof(ip6rdprefix));
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
memset(&req, 0, sizeof(req));
req.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi));
req.n.nlmsg_flags = NLM_F_REQUEST;
req.n.nlmsg_type = RTM_GETLINK;
req.i.ifi_family = preferred_family;
req.i.ifi_index = ifi->ifi_index;
if (rtnl_talk(&rth, &req.n, 0, 0, &req.n) < 0) {
get_failed:
fprintf(stderr,
"Failed to get existing tunnel info.\n");
return -1;
}
len = req.n.nlmsg_len;
len -= NLMSG_LENGTH(sizeof(*ifi));
if (len < 0)
goto get_failed;
parse_rtattr(tb, IFLA_MAX, IFLA_RTA(&req.i), len);
if (!tb[IFLA_LINKINFO])
goto get_failed;
parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);
if (!linkinfo[IFLA_INFO_DATA])
goto get_failed;
parse_rtattr_nested(iptuninfo, IFLA_IPTUN_MAX,
linkinfo[IFLA_INFO_DATA]);
if (iptuninfo[IFLA_IPTUN_LOCAL])
laddr = rta_getattr_u32(iptuninfo[IFLA_IPTUN_LOCAL]);
if (iptuninfo[IFLA_IPTUN_REMOTE])
raddr = rta_getattr_u32(iptuninfo[IFLA_IPTUN_REMOTE]);
if (iptuninfo[IFLA_IPTUN_TTL])
ttl = rta_getattr_u8(iptuninfo[IFLA_IPTUN_TTL]);
if (iptuninfo[IFLA_IPTUN_TOS])
tos = rta_getattr_u8(iptuninfo[IFLA_IPTUN_TOS]);
if (iptuninfo[IFLA_IPTUN_PMTUDISC])
pmtudisc =
rta_getattr_u8(iptuninfo[IFLA_IPTUN_PMTUDISC]);
if (iptuninfo[IFLA_IPTUN_FLAGS])
iflags = rta_getattr_u16(iptuninfo[IFLA_IPTUN_FLAGS]);
if (iptuninfo[IFLA_IPTUN_LINK])
link = rta_getattr_u32(iptuninfo[IFLA_IPTUN_LINK]);
if (iptuninfo[IFLA_IPTUN_PROTO])
proto = rta_getattr_u8(iptuninfo[IFLA_IPTUN_PROTO]);
if (iptuninfo[IFLA_IPTUN_6RD_PREFIX])
memcpy(&ip6rdprefix,
RTA_DATA(iptuninfo[IFLA_IPTUN_6RD_PREFIX]),
sizeof(laddr));
if (iptuninfo[IFLA_IPTUN_6RD_PREFIXLEN])
ip6rdprefixlen =
rta_getattr_u16(iptuninfo[IFLA_IPTUN_6RD_PREFIXLEN]);
if (iptuninfo[IFLA_IPTUN_6RD_RELAY_PREFIX])
ip6rdrelayprefix =
rta_getattr_u32(iptuninfo[IFLA_IPTUN_6RD_RELAY_PREFIX]);
if (iptuninfo[IFLA_IPTUN_6RD_RELAY_PREFIXLEN])
ip6rdrelayprefixlen =
rta_getattr_u16(iptuninfo[IFLA_IPTUN_6RD_RELAY_PREFIXLEN]);
}
while (argc > 0) {
if (strcmp(*argv, "remote") == 0) {
NEXT_ARG();
if (strcmp(*argv, "any"))
raddr = get_addr32(*argv);
else
raddr = 0;
} else if (strcmp(*argv, "local") == 0) {
NEXT_ARG();
if (strcmp(*argv, "any"))
laddr = get_addr32(*argv);
else
laddr = 0;
} else if (matches(*argv, "dev") == 0) {
NEXT_ARG();
link = if_nametoindex(*argv);
if (link == 0)
invarg("\"dev\" is invalid", *argv);
} else if (strcmp(*argv, "ttl") == 0 ||
strcmp(*argv, "hoplimit") == 0) {
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_u8(&ttl, *argv, 0))
invarg("invalid TTL\n", *argv);
} else
ttl = 0;
} else if (strcmp(*argv, "tos") == 0 ||
strcmp(*argv, "tclass") == 0 ||
matches(*argv, "dsfield") == 0) {
__u32 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg("bad TOS value", *argv);
tos = uval;
} else
tos = 1;
} else if (strcmp(*argv, "nopmtudisc") == 0) {
pmtudisc = 0;
} else if (strcmp(*argv, "pmtudisc") == 0) {
pmtudisc = 1;
} else if (strcmp(lu->id, "sit") == 0 &&
strcmp(*argv, "isatap") == 0) {
iflags |= SIT_ISATAP;
} else if (strcmp(lu->id, "sit") == 0 &&
strcmp(*argv, "mode") == 0) {
NEXT_ARG();
if (strcmp(*argv, "ipv6/ipv4") == 0 ||
strcmp(*argv, "ip6ip") == 0)
proto = IPPROTO_IPV6;
else if (strcmp(*argv, "ipv4/ipv4") == 0 ||
strcmp(*argv, "ipip") == 0 ||
strcmp(*argv, "ip4ip4") == 0)
proto = IPPROTO_IPIP;
else if (strcmp(*argv, "any/ipv4") == 0 ||
strcmp(*argv, "any") == 0)
proto = 0;
else
invarg("Cannot guess tunnel mode.", *argv);
} else if (strcmp(*argv, "6rd-prefix") == 0) {
inet_prefix prefix;
NEXT_ARG();
if (get_prefix(&prefix, *argv, AF_INET6))
invarg("invalid 6rd_prefix\n", *argv);
memcpy(&ip6rdprefix, prefix.data, 16);
ip6rdprefixlen = prefix.bitlen;
} else if (strcmp(*argv, "6rd-relay_prefix") == 0) {
inet_prefix prefix;
NEXT_ARG();
if (get_prefix(&prefix, *argv, AF_INET))
invarg("invalid 6rd-relay_prefix\n", *argv);
memcpy(&ip6rdrelayprefix, prefix.data, 4);
ip6rdrelayprefixlen = prefix.bitlen;
} else if (strcmp(*argv, "6rd-reset") == 0) {
inet_prefix prefix;
get_prefix(&prefix, "2002::", AF_INET6);
memcpy(&ip6rdprefix, prefix.data, 16);
ip6rdprefixlen = 16;
ip6rdrelayprefix = 0;
ip6rdrelayprefixlen = 0;
} else
usage(strcmp(lu->id, "sit") == 0);
argc--, argv++;
}
if (ttl && pmtudisc == 0) {
fprintf(stderr, "ttl != 0 and nopmtudisc are incompatible\n");
exit(-1);
}
addattr32(n, 1024, IFLA_IPTUN_LINK, link);
addattr32(n, 1024, IFLA_IPTUN_LOCAL, laddr);
addattr32(n, 1024, IFLA_IPTUN_REMOTE, raddr);
addattr8(n, 1024, IFLA_IPTUN_TTL, ttl);
addattr8(n, 1024, IFLA_IPTUN_TOS, tos);
addattr8(n, 1024, IFLA_IPTUN_PMTUDISC, pmtudisc);
if (strcmp(lu->id, "sit") == 0) {
addattr16(n, 1024, IFLA_IPTUN_FLAGS, iflags);
addattr8(n, 1024, IFLA_IPTUN_PROTO, proto);
if (ip6rdprefixlen) {
addattr_l(n, 1024, IFLA_IPTUN_6RD_PREFIX,
&ip6rdprefix, sizeof(ip6rdprefix));
addattr16(n, 1024, IFLA_IPTUN_6RD_PREFIXLEN,
ip6rdprefixlen);
addattr32(n, 1024, IFLA_IPTUN_6RD_RELAY_PREFIX,
ip6rdrelayprefix);
addattr16(n, 1024, IFLA_IPTUN_6RD_RELAY_PREFIXLEN,
ip6rdrelayprefixlen);
}
}
return 0;
}
static int gre_parse_opt(struct link_util *lu, int argc, char **argv,
struct nlmsghdr *n)
{
struct {
struct nlmsghdr n;
struct ifinfomsg i;
char buf[1024];
} req;
struct ifinfomsg *ifi = (struct ifinfomsg *)(n + 1);
struct rtattr *tb[IFLA_MAX + 1];
struct rtattr *linkinfo[IFLA_INFO_MAX+1];
struct rtattr *greinfo[IFLA_GRE_MAX + 1];
__u16 iflags = 0;
__u16 oflags = 0;
unsigned ikey = 0;
unsigned okey = 0;
unsigned saddr = 0;
unsigned daddr = 0;
unsigned link = 0;
__u8 pmtudisc = 1;
__u8 ttl = 0;
__u8 tos = 0;
int len;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
memset(&req, 0, sizeof(req));
req.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi));
req.n.nlmsg_flags = NLM_F_REQUEST;
req.n.nlmsg_type = RTM_GETLINK;
req.i.ifi_family = preferred_family;
req.i.ifi_index = ifi->ifi_index;
if (rtnl_talk(&rth, &req.n, 0, 0, &req.n, NULL, NULL) < 0) {
get_failed:
fprintf(stderr,
"Failed to get existing tunnel info.\n");
return -1;
}
len = req.n.nlmsg_len;
len -= NLMSG_LENGTH(sizeof(*ifi));
if (len < 0)
goto get_failed;
parse_rtattr(tb, IFLA_MAX, IFLA_RTA(&req.i), len);
if (!tb[IFLA_LINKINFO])
goto get_failed;
parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);
if (!linkinfo[IFLA_INFO_DATA])
goto get_failed;
parse_rtattr_nested(greinfo, IFLA_GRE_MAX,
linkinfo[IFLA_INFO_DATA]);
if (greinfo[IFLA_GRE_IKEY])
ikey = *(__u32 *)RTA_DATA(greinfo[IFLA_GRE_IKEY]);
if (greinfo[IFLA_GRE_OKEY])
okey = *(__u32 *)RTA_DATA(greinfo[IFLA_GRE_OKEY]);
if (greinfo[IFLA_GRE_IFLAGS])
iflags = *(__u16 *)RTA_DATA(greinfo[IFLA_GRE_IFLAGS]);
if (greinfo[IFLA_GRE_OFLAGS])
oflags = *(__u16 *)RTA_DATA(greinfo[IFLA_GRE_OFLAGS]);
if (greinfo[IFLA_GRE_LOCAL])
saddr = *(__u32 *)RTA_DATA(greinfo[IFLA_GRE_LOCAL]);
if (greinfo[IFLA_GRE_REMOTE])
daddr = *(__u32 *)RTA_DATA(greinfo[IFLA_GRE_REMOTE]);
if (greinfo[IFLA_GRE_PMTUDISC])
pmtudisc = *(__u8 *)RTA_DATA(
greinfo[IFLA_GRE_PMTUDISC]);
if (greinfo[IFLA_GRE_TTL])
ttl = *(__u8 *)RTA_DATA(greinfo[IFLA_GRE_TTL]);
if (greinfo[IFLA_GRE_TOS])
tos = *(__u8 *)RTA_DATA(greinfo[IFLA_GRE_TOS]);
if (greinfo[IFLA_GRE_LINK])
link = *(__u8 *)RTA_DATA(greinfo[IFLA_GRE_LINK]);
}
while (argc > 0) {
if (!matches(*argv, "key")) {
unsigned uval;
NEXT_ARG();
iflags |= GRE_KEY;
oflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0) < 0) {
fprintf(stderr,
"Invalid value for \"key\"\n");
exit(-1);
}
uval = htonl(uval);
}
ikey = okey = uval;
} else if (!matches(*argv, "ikey")) {
unsigned uval;
NEXT_ARG();
iflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
fprintf(stderr, "invalid value of \"ikey\"\n");
exit(-1);
}
uval = htonl(uval);
}
ikey = uval;
} else if (!matches(*argv, "okey")) {
unsigned uval;
NEXT_ARG();
oflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
fprintf(stderr, "invalid value of \"okey\"\n");
exit(-1);
}
uval = htonl(uval);
}
okey = uval;
} else if (!matches(*argv, "seq")) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
} else if (!matches(*argv, "iseq")) {
iflags |= GRE_SEQ;
} else if (!matches(*argv, "oseq")) {
oflags |= GRE_SEQ;
} else if (!matches(*argv, "csum")) {
iflags |= GRE_CSUM;
oflags |= GRE_CSUM;
} else if (!matches(*argv, "icsum")) {
iflags |= GRE_CSUM;
} else if (!matches(*argv, "ocsum")) {
oflags |= GRE_CSUM;
} else if (!matches(*argv, "nopmtudisc")) {
pmtudisc = 0;
} else if (!matches(*argv, "pmtudisc")) {
pmtudisc = 1;
} else if (!matches(*argv, "remote")) {
NEXT_ARG();
if (strcmp(*argv, "any"))
daddr = get_addr32(*argv);
} else if (!matches(*argv, "local")) {
NEXT_ARG();
if (strcmp(*argv, "any"))
saddr = get_addr32(*argv);
} else if (!matches(*argv, "dev")) {
NEXT_ARG();
link = tnl_ioctl_get_ifindex(*argv);
if (link == 0)
exit(-1);
} else if (!matches(*argv, "ttl") ||
!matches(*argv, "hoplimit")) {
unsigned uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg("invalid TTL\n", *argv);
if (uval > 255)
invarg("TTL must be <= 255\n", *argv);
ttl = uval;
}
} else if (!matches(*argv, "tos") ||
!matches(*argv, "tclass") ||
!matches(*argv, "dsfield")) {
__u32 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg("bad TOS value", *argv);
tos = uval;
} else
tos = 1;
} else
usage();
argc--; argv++;
}
if (!ikey && IN_MULTICAST(ntohl(daddr))) {
ikey = daddr;
iflags |= GRE_KEY;
}
if (!okey && IN_MULTICAST(ntohl(daddr))) {
okey = daddr;
oflags |= GRE_KEY;
}
if (IN_MULTICAST(ntohl(daddr)) && !saddr) {
fprintf(stderr, "Broadcast tunnel requires a source address.\n");
return -1;
}
addattr32(n, 1024, IFLA_GRE_IKEY, ikey);
addattr32(n, 1024, IFLA_GRE_OKEY, okey);
addattr_l(n, 1024, IFLA_GRE_IFLAGS, &iflags, 2);
addattr_l(n, 1024, IFLA_GRE_OFLAGS, &oflags, 2);
addattr_l(n, 1024, IFLA_GRE_LOCAL, &saddr, 4);
addattr_l(n, 1024, IFLA_GRE_REMOTE, &daddr, 4);
addattr_l(n, 1024, IFLA_GRE_PMTUDISC, &pmtudisc, 1);
if (link)
addattr32(n, 1024, IFLA_GRE_LINK, link);
addattr_l(n, 1024, IFLA_GRE_TTL, &ttl, 1);
addattr_l(n, 1024, IFLA_GRE_TOS, &tos, 1);
return 0;
}
/* Dies on error */
static void parse_args(char **argv, int cmd, struct ip_tunnel_parm *p)
{
static const char keywords[] ALIGN1 =
"mode\0""ipip\0""ip/ip\0""gre\0""gre/ip\0""sit\0""ipv6/ip\0"
"key\0""ikey\0""okey\0""seq\0""iseq\0""oseq\0"
"csum\0""icsum\0""ocsum\0""nopmtudisc\0""pmtudisc\0"
"remote\0""any\0""local\0""dev\0"
"ttl\0""inherit\0""tos\0""dsfield\0"
"name\0";
enum {
ARG_mode, ARG_ipip, ARG_ip_ip, ARG_gre, ARG_gre_ip, ARG_sit, ARG_ip6_ip,
ARG_key, ARG_ikey, ARG_okey, ARG_seq, ARG_iseq, ARG_oseq,
ARG_csum, ARG_icsum, ARG_ocsum, ARG_nopmtudisc, ARG_pmtudisc,
ARG_remote, ARG_any, ARG_local, ARG_dev,
ARG_ttl, ARG_inherit, ARG_tos, ARG_dsfield,
ARG_name
};
int count = 0;
char medium[IFNAMSIZ];
int key;
memset(p, 0, sizeof(*p));
medium[0] = '\0';
p->iph.version = 4;
p->iph.ihl = 5;
#ifndef IP_DF
#define IP_DF 0x4000 /* Flag: "Don't Fragment" */
#endif
p->iph.frag_off = htons(IP_DF);
while (*argv) {
key = index_in_strings(keywords, *argv);
if (key == ARG_mode) {
NEXT_ARG();
key = index_in_strings(keywords, *argv);
if (key == ARG_ipip ||
key == ARG_ip_ip
) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPIP) {
bb_error_msg_and_die("%s tunnel mode", "you managed to ask for more than one");
}
p->iph.protocol = IPPROTO_IPIP;
} else if (key == ARG_gre ||
key == ARG_gre_ip
) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_GRE) {
bb_error_msg_and_die("%s tunnel mode", "you managed to ask for more than one");
}
p->iph.protocol = IPPROTO_GRE;
} else if (key == ARG_sit ||
key == ARG_ip6_ip
) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPV6) {
bb_error_msg_and_die("%s tunnel mode", "you managed to ask for more than one");
}
p->iph.protocol = IPPROTO_IPV6;
} else {
bb_error_msg_and_die("%s tunnel mode", "can't guess");
}
} else if (key == ARG_key) {
unsigned uval;
NEXT_ARG();
p->i_flags |= GRE_KEY;
p->o_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->i_key = p->o_key = get_addr32(*argv);
else {
uval = get_unsigned(*argv, "key");
p->i_key = p->o_key = htonl(uval);
}
} else if (key == ARG_ikey) {
unsigned uval;
NEXT_ARG();
p->i_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->o_key = get_addr32(*argv);
else {
uval = get_unsigned(*argv, "ikey");
p->i_key = htonl(uval);
}
} else if (key == ARG_okey) {
unsigned uval;
NEXT_ARG();
p->o_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->o_key = get_addr32(*argv);
else {
uval = get_unsigned(*argv, "okey");
p->o_key = htonl(uval);
}
} else if (key == ARG_seq) {
p->i_flags |= GRE_SEQ;
p->o_flags |= GRE_SEQ;
} else if (key == ARG_iseq) {
p->i_flags |= GRE_SEQ;
} else if (key == ARG_oseq) {
p->o_flags |= GRE_SEQ;
} else if (key == ARG_csum) {
p->i_flags |= GRE_CSUM;
p->o_flags |= GRE_CSUM;
} else if (key == ARG_icsum) {
p->i_flags |= GRE_CSUM;
} else if (key == ARG_ocsum) {
p->o_flags |= GRE_CSUM;
} else if (key == ARG_nopmtudisc) {
p->iph.frag_off = 0;
} else if (key == ARG_pmtudisc) {
p->iph.frag_off = htons(IP_DF);
} else if (key == ARG_remote) {
NEXT_ARG();
key = index_in_strings(keywords, *argv);
if (key != ARG_any)
p->iph.daddr = get_addr32(*argv);
} else if (key == ARG_local) {
NEXT_ARG();
key = index_in_strings(keywords, *argv);
if (key != ARG_any)
p->iph.saddr = get_addr32(*argv);
} else if (key == ARG_dev) {
NEXT_ARG();
strncpy_IFNAMSIZ(medium, *argv);
} else if (key == ARG_ttl) {
unsigned uval;
NEXT_ARG();
key = index_in_strings(keywords, *argv);
if (key != ARG_inherit) {
uval = get_unsigned(*argv, "TTL");
if (uval > 255)
invarg(*argv, "TTL must be <=255");
p->iph.ttl = uval;
}
} else if (key == ARG_tos ||
key == ARG_dsfield
) {
uint32_t uval;
NEXT_ARG();
key = index_in_strings(keywords, *argv);
if (key != ARG_inherit) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg(*argv, "TOS");
p->iph.tos = uval;
} else
p->iph.tos = 1;
} else {
if (key == ARG_name) {
NEXT_ARG();
}
if (p->name[0])
duparg2("name", *argv);
strncpy_IFNAMSIZ(p->name, *argv);
if (cmd == SIOCCHGTUNNEL && count == 0) {
struct ip_tunnel_parm old_p;
memset(&old_p, 0, sizeof(old_p));
if (do_get_ioctl(*argv, &old_p))
exit(EXIT_FAILURE);
*p = old_p;
}
}
count++;
argv++;
}
if (p->iph.protocol == 0) {
if (memcmp(p->name, "gre", 3) == 0)
p->iph.protocol = IPPROTO_GRE;
else if (memcmp(p->name, "ipip", 4) == 0)
p->iph.protocol = IPPROTO_IPIP;
else if (memcmp(p->name, "sit", 3) == 0)
p->iph.protocol = IPPROTO_IPV6;
}
if (p->iph.protocol == IPPROTO_IPIP || p->iph.protocol == IPPROTO_IPV6) {
if ((p->i_flags & GRE_KEY) || (p->o_flags & GRE_KEY)) {
bb_error_msg_and_die("keys are not allowed with ipip and sit");
}
}
if (medium[0]) {
p->link = do_ioctl_get_ifindex(medium);
}
if (p->i_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->i_key = p->iph.daddr;
p->i_flags |= GRE_KEY;
}
if (p->o_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->o_key = p->iph.daddr;
p->o_flags |= GRE_KEY;
}
if (IN_MULTICAST(ntohl(p->iph.daddr)) && !p->iph.saddr) {
bb_error_msg_and_die("broadcast tunnel requires a source address");
}
}
static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv,
struct nlmsghdr *n)
{
__u32 vni = 0;
__u32 gaddr = 0;
__u32 daddr = 0;
struct in6_addr gaddr6 = IN6ADDR_ANY_INIT;
struct in6_addr daddr6 = IN6ADDR_ANY_INIT;
__u8 learning = 1;
__u16 dstport = 0;
__u8 metadata = 0;
__u64 attrs = 0;
bool set_op = (n->nlmsg_type == RTM_NEWLINK &&
!(n->nlmsg_flags & NLM_F_CREATE));
while (argc > 0) {
if (!matches(*argv, "id") ||
!matches(*argv, "vni")) {
/* We will add ID attribute outside of the loop since we
* need to consider metadata information as well.
*/
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_ID, "id", *argv);
if (get_u32(&vni, *argv, 0) ||
vni >= 1u << 24)
invarg("invalid id", *argv);
} else if (!matches(*argv, "group")) {
if (daddr || !IN6_IS_ADDR_UNSPECIFIED(&daddr6)) {
fprintf(stderr, "vxlan: both group and remote");
fprintf(stderr, " cannot be specified\n");
return -1;
}
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_GROUP, "group", *argv);
if (!inet_get_addr(*argv, &gaddr, &gaddr6)) {
fprintf(stderr, "Invalid address \"%s\"\n", *argv);
return -1;
}
if (!IN6_IS_ADDR_MULTICAST(&gaddr6) && !IN_MULTICAST(ntohl(gaddr)))
invarg("invalid group address", *argv);
} else if (!matches(*argv, "remote")) {
if (gaddr || !IN6_IS_ADDR_UNSPECIFIED(&gaddr6)) {
fprintf(stderr, "vxlan: both group and remote");
fprintf(stderr, " cannot be specified\n");
return -1;
}
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_GROUP, "remote", *argv);
if (!inet_get_addr(*argv, &daddr, &daddr6)) {
fprintf(stderr, "Invalid address \"%s\"\n", *argv);
return -1;
}
if (IN6_IS_ADDR_MULTICAST(&daddr6) || IN_MULTICAST(ntohl(daddr)))
invarg("invalid remote address", *argv);
} else if (!matches(*argv, "local")) {
__u32 saddr = 0;
struct in6_addr saddr6 = IN6ADDR_ANY_INIT;
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_LOCAL, "local", *argv);
if (strcmp(*argv, "any")) {
if (!inet_get_addr(*argv, &saddr, &saddr6)) {
fprintf(stderr, "Invalid address \"%s\"\n", *argv);
return -1;
}
}
if (IN_MULTICAST(ntohl(saddr)) || IN6_IS_ADDR_MULTICAST(&saddr6))
invarg("invalid local address", *argv);
if (saddr)
addattr_l(n, 1024, IFLA_VXLAN_LOCAL, &saddr, 4);
else if (!IN6_IS_ADDR_UNSPECIFIED(&saddr6))
addattr_l(n, 1024, IFLA_VXLAN_LOCAL6, &saddr6,
sizeof(struct in6_addr));
} else if (!matches(*argv, "dev")) {
unsigned int link;
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_LINK, "dev", *argv);
link = if_nametoindex(*argv);
if (link == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n",
*argv);
exit(-1);
}
addattr32(n, 1024, IFLA_VXLAN_LINK, link);
} else if (!matches(*argv, "ttl") ||
!matches(*argv, "hoplimit")) {
unsigned int uval;
__u8 ttl = 0;
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_TTL, "ttl", *argv);
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg("invalid TTL", *argv);
if (uval > 255)
invarg("TTL must be <= 255", *argv);
ttl = uval;
}
addattr8(n, 1024, IFLA_VXLAN_TTL, ttl);
} else if (!matches(*argv, "tos") ||
!matches(*argv, "dsfield")) {
__u32 uval;
__u8 tos;
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_TOS, "tos", *argv);
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg("bad TOS value", *argv);
tos = uval;
} else
tos = 1;
addattr8(n, 1024, IFLA_VXLAN_TOS, tos);
} else if (!matches(*argv, "label") ||
!matches(*argv, "flowlabel")) {
__u32 uval;
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_LABEL, "flowlabel",
*argv);
if (get_u32(&uval, *argv, 0) ||
(uval & ~LABEL_MAX_MASK))
invarg("invalid flowlabel", *argv);
addattr32(n, 1024, IFLA_VXLAN_LABEL, htonl(uval));
} else if (!matches(*argv, "ageing")) {
__u32 age;
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_AGEING, "ageing",
*argv);
if (strcmp(*argv, "none") == 0)
age = 0;
else if (get_u32(&age, *argv, 0))
invarg("ageing timer", *argv);
addattr32(n, 1024, IFLA_VXLAN_AGEING, age);
} else if (!matches(*argv, "maxaddress")) {
__u32 maxaddr;
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_LIMIT,
"maxaddress", *argv);
if (strcmp(*argv, "unlimited") == 0)
maxaddr = 0;
else if (get_u32(&maxaddr, *argv, 0))
invarg("max addresses", *argv);
addattr32(n, 1024, IFLA_VXLAN_LIMIT, maxaddr);
} else if (!matches(*argv, "port") ||
!matches(*argv, "srcport")) {
struct ifla_vxlan_port_range range = { 0, 0 };
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_PORT_RANGE, "srcport",
*argv);
if (get_be16(&range.low, *argv, 0))
invarg("min port", *argv);
NEXT_ARG();
if (get_be16(&range.high, *argv, 0))
invarg("max port", *argv);
if (range.low || range.high) {
addattr_l(n, 1024, IFLA_VXLAN_PORT_RANGE,
&range, sizeof(range));
}
} else if (!matches(*argv, "dstport")) {
NEXT_ARG();
check_duparg(&attrs, IFLA_VXLAN_PORT, "dstport", *argv);
if (get_u16(&dstport, *argv, 0))
invarg("dst port", *argv);
} else if (!matches(*argv, "nolearning")) {
check_duparg(&attrs, IFLA_VXLAN_LEARNING, *argv, *argv);
learning = 0;
} else if (!matches(*argv, "learning")) {
check_duparg(&attrs, IFLA_VXLAN_LEARNING, *argv, *argv);
learning = 1;
} else if (!matches(*argv, "noproxy")) {
check_duparg(&attrs, IFLA_VXLAN_PROXY, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_PROXY, 0);
} else if (!matches(*argv, "proxy")) {
check_duparg(&attrs, IFLA_VXLAN_PROXY, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_PROXY, 1);
} else if (!matches(*argv, "norsc")) {
check_duparg(&attrs, IFLA_VXLAN_RSC, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_RSC, 0);
} else if (!matches(*argv, "rsc")) {
check_duparg(&attrs, IFLA_VXLAN_RSC, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_RSC, 1);
} else if (!matches(*argv, "nol2miss")) {
check_duparg(&attrs, IFLA_VXLAN_L2MISS, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_L2MISS, 0);
} else if (!matches(*argv, "l2miss")) {
check_duparg(&attrs, IFLA_VXLAN_L2MISS, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_L2MISS, 1);
} else if (!matches(*argv, "nol3miss")) {
check_duparg(&attrs, IFLA_VXLAN_L3MISS, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_L3MISS, 0);
} else if (!matches(*argv, "l3miss")) {
check_duparg(&attrs, IFLA_VXLAN_L3MISS, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_L3MISS, 1);
} else if (!matches(*argv, "udpcsum")) {
check_duparg(&attrs, IFLA_VXLAN_UDP_CSUM, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_UDP_CSUM, 1);
} else if (!matches(*argv, "noudpcsum")) {
check_duparg(&attrs, IFLA_VXLAN_UDP_CSUM, *argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_UDP_CSUM, 0);
} else if (!matches(*argv, "udp6zerocsumtx")) {
check_duparg(&attrs, IFLA_VXLAN_UDP_ZERO_CSUM6_TX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, 1);
} else if (!matches(*argv, "noudp6zerocsumtx")) {
check_duparg(&attrs, IFLA_VXLAN_UDP_ZERO_CSUM6_TX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, 0);
} else if (!matches(*argv, "udp6zerocsumrx")) {
check_duparg(&attrs, IFLA_VXLAN_UDP_ZERO_CSUM6_RX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, 1);
} else if (!matches(*argv, "noudp6zerocsumrx")) {
check_duparg(&attrs, IFLA_VXLAN_UDP_ZERO_CSUM6_RX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, 0);
} else if (!matches(*argv, "remcsumtx")) {
check_duparg(&attrs, IFLA_VXLAN_REMCSUM_TX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_REMCSUM_TX, 1);
} else if (!matches(*argv, "noremcsumtx")) {
check_duparg(&attrs, IFLA_VXLAN_REMCSUM_TX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_REMCSUM_TX, 0);
} else if (!matches(*argv, "remcsumrx")) {
check_duparg(&attrs, IFLA_VXLAN_REMCSUM_RX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_REMCSUM_RX, 1);
} else if (!matches(*argv, "noremcsumrx")) {
check_duparg(&attrs, IFLA_VXLAN_REMCSUM_RX,
*argv, *argv);
addattr8(n, 1024, IFLA_VXLAN_REMCSUM_RX, 0);
} else if (!matches(*argv, "external")) {
check_duparg(&attrs, IFLA_VXLAN_COLLECT_METADATA,
*argv, *argv);
metadata = 1;
learning = 0;
/* we will add LEARNING attribute outside of the loop */
addattr8(n, 1024, IFLA_VXLAN_COLLECT_METADATA,
metadata);
} else if (!matches(*argv, "noexternal")) {
check_duparg(&attrs, IFLA_VXLAN_COLLECT_METADATA,
*argv, *argv);
metadata = 0;
addattr8(n, 1024, IFLA_VXLAN_COLLECT_METADATA,
metadata);
} else if (!matches(*argv, "gbp")) {
check_duparg(&attrs, IFLA_VXLAN_GBP, *argv, *argv);
addattr_l(n, 1024, IFLA_VXLAN_GBP, NULL, 0);
} else if (!matches(*argv, "gpe")) {
check_duparg(&attrs, IFLA_VXLAN_GPE, *argv, *argv);
addattr_l(n, 1024, IFLA_VXLAN_GPE, NULL, 0);
} else if (matches(*argv, "help") == 0) {
explain();
return -1;
} else {
fprintf(stderr, "vxlan: unknown command \"%s\"?\n", *argv);
explain();
return -1;
}
argc--, argv++;
}
if (metadata && VXLAN_ATTRSET(attrs, IFLA_VXLAN_ID)) {
fprintf(stderr, "vxlan: both 'external' and vni cannot be specified\n");
return -1;
}
if (!metadata && !VXLAN_ATTRSET(attrs, IFLA_VXLAN_ID)) {
fprintf(stderr, "vxlan: missing virtual network identifier\n");
return -1;
}
if ((gaddr || !IN6_IS_ADDR_UNSPECIFIED(&gaddr6)) &&
!VXLAN_ATTRSET(attrs, IFLA_VXLAN_LINK)) {
fprintf(stderr, "vxlan: 'group' requires 'dev' to be specified\n");
return -1;
}
if (!VXLAN_ATTRSET(attrs, IFLA_VXLAN_PORT) &&
VXLAN_ATTRSET(attrs, IFLA_VXLAN_GPE)) {
dstport = 4790;
} else if (!VXLAN_ATTRSET(attrs, IFLA_VXLAN_PORT) && !set_op) {
fprintf(stderr, "vxlan: destination port not specified\n"
"Will use Linux kernel default (non-standard value)\n");
fprintf(stderr,
"Use 'dstport 4789' to get the IANA assigned value\n"
"Use 'dstport 0' to get default and quiet this message\n");
}
addattr32(n, 1024, IFLA_VXLAN_ID, vni);
if (gaddr)
addattr_l(n, 1024, IFLA_VXLAN_GROUP, &gaddr, 4);
else if (daddr)
addattr_l(n, 1024, IFLA_VXLAN_GROUP, &daddr, 4);
else if (!IN6_IS_ADDR_UNSPECIFIED(&gaddr6))
addattr_l(n, 1024, IFLA_VXLAN_GROUP6, &gaddr6, sizeof(struct in6_addr));
else if (!IN6_IS_ADDR_UNSPECIFIED(&daddr6))
addattr_l(n, 1024, IFLA_VXLAN_GROUP6, &daddr6, sizeof(struct in6_addr));
else if (preferred_family == AF_INET)
addattr_l(n, 1024, IFLA_VXLAN_GROUP, &daddr, 4);
else if (preferred_family == AF_INET6)
addattr_l(n, 1024, IFLA_VXLAN_GROUP6, &daddr6, sizeof(struct in6_addr));
if (!set_op || VXLAN_ATTRSET(attrs, IFLA_VXLAN_LEARNING))
addattr8(n, 1024, IFLA_VXLAN_LEARNING, learning);
if (dstport)
addattr16(n, 1024, IFLA_VXLAN_PORT, htons(dstport));
return 0;
}
static int parse_args(int argc, char **argv, int cmd, struct ip_tunnel_parm *p)
{
int count = 0;
const char *medium = NULL;
int isatap = 0;
memset(p, 0, sizeof(*p));
p->iph.version = 4;
p->iph.ihl = 5;
#ifndef IP_DF
#define IP_DF 0x4000 /* Flag: "Don't Fragment" */
#endif
p->iph.frag_off = htons(IP_DF);
while (argc > 0) {
if (strcmp(*argv, "mode") == 0) {
NEXT_ARG();
if (strcmp(*argv, "ipip") == 0 ||
strcmp(*argv, "ip/ip") == 0) {
set_tunnel_proto(p, IPPROTO_IPIP);
} else if (strcmp(*argv, "gre") == 0 ||
strcmp(*argv, "gre/ip") == 0) {
set_tunnel_proto(p, IPPROTO_GRE);
} else if (strcmp(*argv, "sit") == 0 ||
strcmp(*argv, "ipv6/ip") == 0) {
set_tunnel_proto(p, IPPROTO_IPV6);
} else if (strcmp(*argv, "isatap") == 0) {
set_tunnel_proto(p, IPPROTO_IPV6);
isatap++;
} else if (strcmp(*argv, "vti") == 0) {
set_tunnel_proto(p, IPPROTO_IPIP);
p->i_flags |= VTI_ISVTI;
} else {
fprintf(stderr,
"Unknown tunnel mode \"%s\"\n", *argv);
exit(-1);
}
} else if (strcmp(*argv, "key") == 0) {
NEXT_ARG();
p->i_flags |= GRE_KEY;
p->o_flags |= GRE_KEY;
p->i_key = p->o_key = tnl_parse_key("key", *argv);
} else if (strcmp(*argv, "ikey") == 0) {
NEXT_ARG();
p->i_flags |= GRE_KEY;
p->i_key = tnl_parse_key("ikey", *argv);
} else if (strcmp(*argv, "okey") == 0) {
NEXT_ARG();
p->o_flags |= GRE_KEY;
p->o_key = tnl_parse_key("okey", *argv);
} else if (strcmp(*argv, "seq") == 0) {
p->i_flags |= GRE_SEQ;
p->o_flags |= GRE_SEQ;
} else if (strcmp(*argv, "iseq") == 0) {
p->i_flags |= GRE_SEQ;
} else if (strcmp(*argv, "oseq") == 0) {
p->o_flags |= GRE_SEQ;
} else if (strcmp(*argv, "csum") == 0) {
p->i_flags |= GRE_CSUM;
p->o_flags |= GRE_CSUM;
} else if (strcmp(*argv, "icsum") == 0) {
p->i_flags |= GRE_CSUM;
} else if (strcmp(*argv, "ocsum") == 0) {
p->o_flags |= GRE_CSUM;
} else if (strcmp(*argv, "nopmtudisc") == 0) {
p->iph.frag_off = 0;
} else if (strcmp(*argv, "pmtudisc") == 0) {
p->iph.frag_off = htons(IP_DF);
} else if (strcmp(*argv, "remote") == 0) {
NEXT_ARG();
p->iph.daddr = get_addr32(*argv);
} else if (strcmp(*argv, "local") == 0) {
NEXT_ARG();
p->iph.saddr = get_addr32(*argv);
} else if (strcmp(*argv, "dev") == 0) {
NEXT_ARG();
medium = *argv;
} else if (strcmp(*argv, "ttl") == 0 ||
strcmp(*argv, "hoplimit") == 0 ||
strcmp(*argv, "hlim") == 0) {
__u8 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_u8(&uval, *argv, 0))
invarg("invalid TTL\n", *argv);
p->iph.ttl = uval;
}
} else if (strcmp(*argv, "tos") == 0 ||
strcmp(*argv, "tclass") == 0 ||
matches(*argv, "dsfield") == 0) {
char *dsfield;
__u32 uval;
NEXT_ARG();
dsfield = *argv;
strsep(&dsfield, "/");
if (strcmp(*argv, "inherit") != 0) {
dsfield = *argv;
p->iph.tos = 0;
} else
p->iph.tos = 1;
if (dsfield) {
if (rtnl_dsfield_a2n(&uval, dsfield))
invarg("bad TOS value", *argv);
p->iph.tos |= uval;
}
} else {
if (strcmp(*argv, "name") == 0)
NEXT_ARG();
else if (matches(*argv, "help") == 0)
usage();
if (p->name[0])
duparg2("name", *argv);
if (get_ifname(p->name, *argv))
invarg("\"name\" not a valid ifname", *argv);
if (cmd == SIOCCHGTUNNEL && count == 0) {
struct ip_tunnel_parm old_p = {};
if (tnl_get_ioctl(*argv, &old_p))
return -1;
*p = old_p;
}
}
count++;
argc--; argv++;
}
if (p->iph.protocol == 0) {
if (memcmp(p->name, "gre", 3) == 0)
p->iph.protocol = IPPROTO_GRE;
else if (memcmp(p->name, "ipip", 4) == 0)
p->iph.protocol = IPPROTO_IPIP;
else if (memcmp(p->name, "sit", 3) == 0)
p->iph.protocol = IPPROTO_IPV6;
else if (memcmp(p->name, "isatap", 6) == 0) {
p->iph.protocol = IPPROTO_IPV6;
isatap++;
} else if (memcmp(p->name, "vti", 3) == 0) {
p->iph.protocol = IPPROTO_IPIP;
p->i_flags |= VTI_ISVTI;
}
}
if ((p->i_flags & GRE_KEY) || (p->o_flags & GRE_KEY)) {
if (!(p->i_flags & VTI_ISVTI) &&
(p->iph.protocol != IPPROTO_GRE)) {
fprintf(stderr, "Keys are not allowed with ipip and sit tunnels\n");
return -1;
}
}
if (medium) {
p->link = ll_name_to_index(medium);
if (!p->link)
return nodev(medium);
}
if (p->i_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->i_key = p->iph.daddr;
p->i_flags |= GRE_KEY;
}
if (p->o_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->o_key = p->iph.daddr;
p->o_flags |= GRE_KEY;
}
if (IN_MULTICAST(ntohl(p->iph.daddr)) && !p->iph.saddr) {
fprintf(stderr, "A broadcast tunnel requires a source address\n");
return -1;
}
if (isatap)
p->i_flags |= SIT_ISATAP;
return 0;
}
static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv,
struct nlmsghdr *n)
{
__u32 vni = 0;
int vni_set = 0;
__u32 saddr = 0;
__u32 gaddr = 0;
__u32 daddr = 0;
struct in6_addr saddr6 = IN6ADDR_ANY_INIT;
struct in6_addr gaddr6 = IN6ADDR_ANY_INIT;
struct in6_addr daddr6 = IN6ADDR_ANY_INIT;
unsigned int link = 0;
__u8 tos = 0;
__u8 ttl = 0;
__u32 label = 0;
__u8 learning = 1;
__u8 proxy = 0;
__u8 rsc = 0;
__u8 l2miss = 0;
__u8 l3miss = 0;
__u8 noage = 0;
__u32 age = 0;
__u32 maxaddr = 0;
__u16 dstport = 0;
__u8 udpcsum = 0;
bool udpcsum_set = false;
__u8 udp6zerocsumtx = 0;
bool udp6zerocsumtx_set = false;
__u8 udp6zerocsumrx = 0;
bool udp6zerocsumrx_set = false;
__u8 remcsumtx = 0;
__u8 remcsumrx = 0;
__u8 metadata = 0;
__u8 gbp = 0;
__u8 gpe = 0;
int dst_port_set = 0;
struct ifla_vxlan_port_range range = { 0, 0 };
while (argc > 0) {
if (!matches(*argv, "id") ||
!matches(*argv, "vni")) {
NEXT_ARG();
if (get_u32(&vni, *argv, 0) ||
vni >= 1u << 24)
invarg("invalid id", *argv);
vni_set = 1;
} else if (!matches(*argv, "group")) {
NEXT_ARG();
if (!inet_get_addr(*argv, &gaddr, &gaddr6)) {
fprintf(stderr, "Invalid address \"%s\"\n", *argv);
return -1;
}
if (!IN6_IS_ADDR_MULTICAST(&gaddr6) && !IN_MULTICAST(ntohl(gaddr)))
invarg("invalid group address", *argv);
} else if (!matches(*argv, "remote")) {
NEXT_ARG();
if (!inet_get_addr(*argv, &daddr, &daddr6)) {
fprintf(stderr, "Invalid address \"%s\"\n", *argv);
return -1;
}
if (IN6_IS_ADDR_MULTICAST(&daddr6) || IN_MULTICAST(ntohl(daddr)))
invarg("invalid remote address", *argv);
} else if (!matches(*argv, "local")) {
NEXT_ARG();
if (strcmp(*argv, "any")) {
if (!inet_get_addr(*argv, &saddr, &saddr6)) {
fprintf(stderr, "Invalid address \"%s\"\n", *argv);
return -1;
}
}
if (IN_MULTICAST(ntohl(saddr)) || IN6_IS_ADDR_MULTICAST(&saddr6))
invarg("invalid local address", *argv);
} else if (!matches(*argv, "dev")) {
NEXT_ARG();
link = if_nametoindex(*argv);
if (link == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n",
*argv);
exit(-1);
}
} else if (!matches(*argv, "ttl") ||
!matches(*argv, "hoplimit")) {
unsigned int uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg("invalid TTL", *argv);
if (uval > 255)
invarg("TTL must be <= 255", *argv);
ttl = uval;
}
} else if (!matches(*argv, "tos") ||
!matches(*argv, "dsfield")) {
__u32 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg("bad TOS value", *argv);
tos = uval;
} else
tos = 1;
} else if (!matches(*argv, "label") ||
!matches(*argv, "flowlabel")) {
__u32 uval;
NEXT_ARG();
if (get_u32(&uval, *argv, 0) ||
(uval & ~LABEL_MAX_MASK))
invarg("invalid flowlabel", *argv);
label = htonl(uval);
} else if (!matches(*argv, "ageing")) {
NEXT_ARG();
if (strcmp(*argv, "none") == 0)
noage = 1;
else if (get_u32(&age, *argv, 0))
invarg("ageing timer", *argv);
} else if (!matches(*argv, "maxaddress")) {
NEXT_ARG();
if (strcmp(*argv, "unlimited") == 0)
maxaddr = 0;
else if (get_u32(&maxaddr, *argv, 0))
invarg("max addresses", *argv);
} else if (!matches(*argv, "port") ||
!matches(*argv, "srcport")) {
NEXT_ARG();
if (get_be16(&range.low, *argv, 0))
invarg("min port", *argv);
NEXT_ARG();
if (get_be16(&range.high, *argv, 0))
invarg("max port", *argv);
} else if (!matches(*argv, "dstport")) {
NEXT_ARG();
if (get_u16(&dstport, *argv, 0))
invarg("dst port", *argv);
dst_port_set = 1;
} else if (!matches(*argv, "nolearning")) {
learning = 0;
} else if (!matches(*argv, "learning")) {
learning = 1;
} else if (!matches(*argv, "noproxy")) {
proxy = 0;
} else if (!matches(*argv, "proxy")) {
proxy = 1;
} else if (!matches(*argv, "norsc")) {
rsc = 0;
} else if (!matches(*argv, "rsc")) {
rsc = 1;
} else if (!matches(*argv, "nol2miss")) {
l2miss = 0;
} else if (!matches(*argv, "l2miss")) {
l2miss = 1;
} else if (!matches(*argv, "nol3miss")) {
l3miss = 0;
} else if (!matches(*argv, "l3miss")) {
l3miss = 1;
} else if (!matches(*argv, "udpcsum")) {
udpcsum = 1;
udpcsum_set = true;
} else if (!matches(*argv, "noudpcsum")) {
udpcsum = 0;
udpcsum_set = true;
} else if (!matches(*argv, "udp6zerocsumtx")) {
udp6zerocsumtx = 1;
udp6zerocsumtx_set = true;
} else if (!matches(*argv, "noudp6zerocsumtx")) {
udp6zerocsumtx = 0;
udp6zerocsumtx_set = true;
} else if (!matches(*argv, "udp6zerocsumrx")) {
udp6zerocsumrx = 1;
udp6zerocsumrx_set = true;
} else if (!matches(*argv, "noudp6zerocsumrx")) {
udp6zerocsumrx = 0;
udp6zerocsumrx_set = true;
} else if (!matches(*argv, "remcsumtx")) {
remcsumtx = 1;
} else if (!matches(*argv, "noremcsumtx")) {
remcsumtx = 0;
} else if (!matches(*argv, "remcsumrx")) {
remcsumrx = 1;
} else if (!matches(*argv, "noremcsumrx")) {
remcsumrx = 0;
} else if (!matches(*argv, "external")) {
metadata = 1;
learning = 0;
} else if (!matches(*argv, "noexternal")) {
metadata = 0;
} else if (!matches(*argv, "gbp")) {
gbp = 1;
} else if (!matches(*argv, "gpe")) {
gpe = 1;
} else if (matches(*argv, "help") == 0) {
explain();
return -1;
} else {
fprintf(stderr, "vxlan: unknown command \"%s\"?\n", *argv);
explain();
return -1;
}
argc--, argv++;
}
if (metadata && vni_set) {
fprintf(stderr, "vxlan: both 'external' and vni cannot be specified\n");
return -1;
}
if (!metadata && !vni_set) {
fprintf(stderr, "vxlan: missing virtual network identifier\n");
return -1;
}
if ((gaddr && daddr) ||
(!IN6_IS_ADDR_UNSPECIFIED(&gaddr6) &&
!IN6_IS_ADDR_UNSPECIFIED(&daddr6))) {
fprintf(stderr, "vxlan: both group and remote cannot be specified\n");
return -1;
}
if ((gaddr || !IN6_IS_ADDR_UNSPECIFIED(&gaddr6)) && !link) {
fprintf(stderr, "vxlan: 'group' requires 'dev' to be specified\n");
return -1;
}
if (!dst_port_set && gpe) {
dstport = 4790;
} else if (!dst_port_set) {
fprintf(stderr, "vxlan: destination port not specified\n"
"Will use Linux kernel default (non-standard value)\n");
fprintf(stderr,
"Use 'dstport 4789' to get the IANA assigned value\n"
"Use 'dstport 0' to get default and quiet this message\n");
}
addattr32(n, 1024, IFLA_VXLAN_ID, vni);
if (gaddr)
addattr_l(n, 1024, IFLA_VXLAN_GROUP, &gaddr, 4);
else if (daddr)
addattr_l(n, 1024, IFLA_VXLAN_GROUP, &daddr, 4);
if (!IN6_IS_ADDR_UNSPECIFIED(&gaddr6))
addattr_l(n, 1024, IFLA_VXLAN_GROUP6, &gaddr6, sizeof(struct in6_addr));
else if (!IN6_IS_ADDR_UNSPECIFIED(&daddr6))
addattr_l(n, 1024, IFLA_VXLAN_GROUP6, &daddr6, sizeof(struct in6_addr));
if (saddr)
addattr_l(n, 1024, IFLA_VXLAN_LOCAL, &saddr, 4);
else if (!IN6_IS_ADDR_UNSPECIFIED(&saddr6))
addattr_l(n, 1024, IFLA_VXLAN_LOCAL6, &saddr6, sizeof(struct in6_addr));
if (link)
addattr32(n, 1024, IFLA_VXLAN_LINK, link);
addattr32(n, 1024, IFLA_VXLAN_LABEL, label);
addattr8(n, 1024, IFLA_VXLAN_TTL, ttl);
addattr8(n, 1024, IFLA_VXLAN_TOS, tos);
addattr8(n, 1024, IFLA_VXLAN_LEARNING, learning);
addattr8(n, 1024, IFLA_VXLAN_PROXY, proxy);
addattr8(n, 1024, IFLA_VXLAN_RSC, rsc);
addattr8(n, 1024, IFLA_VXLAN_L2MISS, l2miss);
addattr8(n, 1024, IFLA_VXLAN_L3MISS, l3miss);
addattr8(n, 1024, IFLA_VXLAN_REMCSUM_TX, remcsumtx);
addattr8(n, 1024, IFLA_VXLAN_REMCSUM_RX, remcsumrx);
addattr8(n, 1024, IFLA_VXLAN_COLLECT_METADATA, metadata);
if (udpcsum_set)
addattr8(n, 1024, IFLA_VXLAN_UDP_CSUM, udpcsum);
if (udp6zerocsumtx_set)
addattr8(n, 1024, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, udp6zerocsumtx);
if (udp6zerocsumrx_set)
addattr8(n, 1024, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, udp6zerocsumrx);
if (noage)
addattr32(n, 1024, IFLA_VXLAN_AGEING, 0);
else if (age)
addattr32(n, 1024, IFLA_VXLAN_AGEING, age);
if (maxaddr)
addattr32(n, 1024, IFLA_VXLAN_LIMIT, maxaddr);
if (range.low || range.high)
addattr_l(n, 1024, IFLA_VXLAN_PORT_RANGE,
&range, sizeof(range));
if (dstport)
addattr16(n, 1024, IFLA_VXLAN_PORT, htons(dstport));
if (gbp)
addattr_l(n, 1024, IFLA_VXLAN_GBP, NULL, 0);
if (gpe)
addattr_l(n, 1024, IFLA_VXLAN_GPE, NULL, 0);
return 0;
}
static int parse_args(int argc, char **argv, int cmd, struct ip_tunnel_parm *p)
{
int count = 0;
char medium[IFNAMSIZ];
memset(p, 0, sizeof(*p));
memset(&medium, 0, sizeof(medium));
p->iph.version = 4;
p->iph.ihl = 5;
#ifndef IP_DF
#define IP_DF 0x4000 /* Flag: "Don't Fragment" */
#endif
p->iph.frag_off = htons(IP_DF);
while (argc > 0) {
if (strcmp(*argv, "mode") == 0) {
NEXT_ARG();
if (strcmp(*argv, "ipip") == 0 ||
strcmp(*argv, "ip/ip") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPIP) {
bb_error_msg("You managed to ask for more than one tunnel mode.");
exit(-1);
}
p->iph.protocol = IPPROTO_IPIP;
} else if (strcmp(*argv, "gre") == 0 ||
strcmp(*argv, "gre/ip") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_GRE) {
bb_error_msg("You managed to ask for more than one tunnel mode.");
exit(-1);
}
p->iph.protocol = IPPROTO_GRE;
} else if (strcmp(*argv, "sit") == 0 ||
strcmp(*argv, "ipv6/ip") == 0) {
if (p->iph.protocol && p->iph.protocol != IPPROTO_IPV6) {
bb_error_msg("You managed to ask for more than one tunnel mode.");
exit(-1);
}
p->iph.protocol = IPPROTO_IPV6;
} else {
bb_error_msg("Cannot guess tunnel mode.");
exit(-1);
}
} else if (strcmp(*argv, "key") == 0) {
unsigned uval;
NEXT_ARG();
p->i_flags |= GRE_KEY;
p->o_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->i_key = p->o_key = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
bb_error_msg("invalid value of \"key\"");
exit(-1);
}
p->i_key = p->o_key = htonl(uval);
}
} else if (strcmp(*argv, "ikey") == 0) {
unsigned uval;
NEXT_ARG();
p->i_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->o_key = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
bb_error_msg("invalid value of \"ikey\"");
exit(-1);
}
p->i_key = htonl(uval);
}
} else if (strcmp(*argv, "okey") == 0) {
unsigned uval;
NEXT_ARG();
p->o_flags |= GRE_KEY;
if (strchr(*argv, '.'))
p->o_key = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0)<0) {
bb_error_msg("invalid value of \"okey\"");
exit(-1);
}
p->o_key = htonl(uval);
}
} else if (strcmp(*argv, "seq") == 0) {
p->i_flags |= GRE_SEQ;
p->o_flags |= GRE_SEQ;
} else if (strcmp(*argv, "iseq") == 0) {
p->i_flags |= GRE_SEQ;
} else if (strcmp(*argv, "oseq") == 0) {
p->o_flags |= GRE_SEQ;
} else if (strcmp(*argv, "csum") == 0) {
p->i_flags |= GRE_CSUM;
p->o_flags |= GRE_CSUM;
} else if (strcmp(*argv, "icsum") == 0) {
p->i_flags |= GRE_CSUM;
} else if (strcmp(*argv, "ocsum") == 0) {
p->o_flags |= GRE_CSUM;
} else if (strcmp(*argv, "nopmtudisc") == 0) {
p->iph.frag_off = 0;
} else if (strcmp(*argv, "pmtudisc") == 0) {
p->iph.frag_off = htons(IP_DF);
} else if (strcmp(*argv, "remote") == 0) {
NEXT_ARG();
if (strcmp(*argv, "any"))
p->iph.daddr = get_addr32(*argv);
} else if (strcmp(*argv, "local") == 0) {
NEXT_ARG();
if (strcmp(*argv, "any"))
p->iph.saddr = get_addr32(*argv);
} else if (strcmp(*argv, "dev") == 0) {
NEXT_ARG();
strncpy(medium, *argv, IFNAMSIZ-1);
} else if (strcmp(*argv, "ttl") == 0) {
unsigned uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg(*argv, "TTL");
if (uval > 255)
invarg(*argv, "TTL must be <=255");
p->iph.ttl = uval;
}
} else if (strcmp(*argv, "tos") == 0 ||
matches(*argv, "dsfield") == 0) {
__u32 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg(*argv, "TOS");
p->iph.tos = uval;
} else
p->iph.tos = 1;
} else {
if (strcmp(*argv, "name") == 0) {
NEXT_ARG();
}
if (p->name[0])
duparg2("name", *argv);
strncpy(p->name, *argv, IFNAMSIZ);
if (cmd == SIOCCHGTUNNEL && count == 0) {
struct ip_tunnel_parm old_p;
memset(&old_p, 0, sizeof(old_p));
if (do_get_ioctl(*argv, &old_p))
return -1;
*p = old_p;
}
}
count++;
argc--; argv++;
}
if (p->iph.protocol == 0) {
if (memcmp(p->name, "gre", 3) == 0)
p->iph.protocol = IPPROTO_GRE;
else if (memcmp(p->name, "ipip", 4) == 0)
p->iph.protocol = IPPROTO_IPIP;
else if (memcmp(p->name, "sit", 3) == 0)
p->iph.protocol = IPPROTO_IPV6;
}
if (p->iph.protocol == IPPROTO_IPIP || p->iph.protocol == IPPROTO_IPV6) {
if ((p->i_flags & GRE_KEY) || (p->o_flags & GRE_KEY)) {
bb_error_msg("Keys are not allowed with ipip and sit.");
return -1;
}
}
if (medium[0]) {
p->link = do_ioctl_get_ifindex(medium);
if (p->link == 0)
return -1;
}
if (p->i_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->i_key = p->iph.daddr;
p->i_flags |= GRE_KEY;
}
if (p->o_key == 0 && IN_MULTICAST(ntohl(p->iph.daddr))) {
p->o_key = p->iph.daddr;
p->o_flags |= GRE_KEY;
}
if (IN_MULTICAST(ntohl(p->iph.daddr)) && !p->iph.saddr) {
bb_error_msg("Broadcast tunnel requires a source address.");
return -1;
}
return 0;
}
static int gre_parse_opt(struct link_util *lu, int argc, char **argv,
struct nlmsghdr *n)
{
struct ifinfomsg *ifi = (struct ifinfomsg *)(n + 1);
struct {
struct nlmsghdr n;
struct ifinfomsg i;
char buf[16384];
} req = {
.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi)),
.n.nlmsg_flags = NLM_F_REQUEST,
.n.nlmsg_type = RTM_GETLINK,
.i.ifi_family = preferred_family,
.i.ifi_index = ifi->ifi_index,
};
struct rtattr *tb[IFLA_MAX + 1];
struct rtattr *linkinfo[IFLA_INFO_MAX+1];
struct rtattr *greinfo[IFLA_GRE_MAX + 1];
__u16 iflags = 0;
__u16 oflags = 0;
unsigned int ikey = 0;
unsigned int okey = 0;
unsigned int saddr = 0;
unsigned int daddr = 0;
unsigned int link = 0;
__u8 pmtudisc = 1;
__u8 ttl = 0;
__u8 tos = 0;
int len;
__u16 encaptype = 0;
__u16 encapflags = 0;
__u16 encapsport = 0;
__u16 encapdport = 0;
__u8 metadata = 0;
__u8 ignore_df = 0;
__u32 fwmark = 0;
__u32 erspan_idx = 0;
__u8 keepalive_ret = 0;
__u32 keepalive_interv = 0;
if (!(n->nlmsg_flags & NLM_F_CREATE)) {
if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
get_failed:
fprintf(stderr,
"Failed to get existing tunnel info.\n");
return -1;
}
len = req.n.nlmsg_len;
len -= NLMSG_LENGTH(sizeof(*ifi));
if (len < 0)
goto get_failed;
parse_rtattr(tb, IFLA_MAX, IFLA_RTA(&req.i), len);
if (!tb[IFLA_LINKINFO])
goto get_failed;
parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);
if (!linkinfo[IFLA_INFO_DATA])
goto get_failed;
parse_rtattr_nested(greinfo, IFLA_GRE_MAX,
linkinfo[IFLA_INFO_DATA]);
if (greinfo[IFLA_GRE_IKEY])
ikey = rta_getattr_u32(greinfo[IFLA_GRE_IKEY]);
if (greinfo[IFLA_GRE_OKEY])
okey = rta_getattr_u32(greinfo[IFLA_GRE_OKEY]);
if (greinfo[IFLA_GRE_IFLAGS])
iflags = rta_getattr_u16(greinfo[IFLA_GRE_IFLAGS]);
if (greinfo[IFLA_GRE_OFLAGS])
oflags = rta_getattr_u16(greinfo[IFLA_GRE_OFLAGS]);
if (greinfo[IFLA_GRE_LOCAL])
saddr = rta_getattr_u32(greinfo[IFLA_GRE_LOCAL]);
if (greinfo[IFLA_GRE_REMOTE])
daddr = rta_getattr_u32(greinfo[IFLA_GRE_REMOTE]);
if (greinfo[IFLA_GRE_PMTUDISC])
pmtudisc = rta_getattr_u8(
greinfo[IFLA_GRE_PMTUDISC]);
if (greinfo[IFLA_GRE_TTL])
ttl = rta_getattr_u8(greinfo[IFLA_GRE_TTL]);
if (greinfo[IFLA_GRE_TOS])
tos = rta_getattr_u8(greinfo[IFLA_GRE_TOS]);
if (greinfo[IFLA_GRE_LINK])
link = rta_getattr_u8(greinfo[IFLA_GRE_LINK]);
if (greinfo[IFLA_GRE_ENCAP_TYPE])
encaptype = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_TYPE]);
if (greinfo[IFLA_GRE_ENCAP_FLAGS])
encapflags = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_FLAGS]);
if (greinfo[IFLA_GRE_ENCAP_SPORT])
encapsport = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_SPORT]);
if (greinfo[IFLA_GRE_ENCAP_DPORT])
encapdport = rta_getattr_u16(greinfo[IFLA_GRE_ENCAP_DPORT]);
if (greinfo[IFLA_GRE_COLLECT_METADATA])
metadata = 1;
if (greinfo[IFLA_GRE_IGNORE_DF])
ignore_df =
!!rta_getattr_u8(greinfo[IFLA_GRE_IGNORE_DF]);
if (greinfo[IFLA_GRE_FWMARK])
fwmark = rta_getattr_u32(greinfo[IFLA_GRE_FWMARK]);
if (greinfo[IFLA_GRE_ERSPAN_INDEX])
erspan_idx = rta_getattr_u32(greinfo[IFLA_GRE_ERSPAN_INDEX]);
}
while (argc > 0) {
if (!matches(*argv, "key")) {
unsigned int uval;
NEXT_ARG();
iflags |= GRE_KEY;
oflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0) < 0) {
fprintf(stderr,
"Invalid value for \"key\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
uval = htonl(uval);
}
ikey = okey = uval;
} else if (!matches(*argv, "ikey")) {
unsigned int uval;
NEXT_ARG();
iflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0) < 0) {
fprintf(stderr, "invalid value for \"ikey\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
uval = htonl(uval);
}
ikey = uval;
} else if (!matches(*argv, "okey")) {
unsigned int uval;
NEXT_ARG();
oflags |= GRE_KEY;
if (strchr(*argv, '.'))
uval = get_addr32(*argv);
else {
if (get_unsigned(&uval, *argv, 0) < 0) {
fprintf(stderr, "invalid value for \"okey\": \"%s\"; it should be an unsigned integer\n", *argv);
exit(-1);
}
uval = htonl(uval);
}
okey = uval;
} else if (!matches(*argv, "seq")) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
} else if (!matches(*argv, "iseq")) {
iflags |= GRE_SEQ;
} else if (!matches(*argv, "oseq")) {
oflags |= GRE_SEQ;
} else if (!matches(*argv, "csum")) {
iflags |= GRE_CSUM;
oflags |= GRE_CSUM;
} else if (!matches(*argv, "icsum")) {
iflags |= GRE_CSUM;
} else if (!matches(*argv, "ocsum")) {
oflags |= GRE_CSUM;
} else if (!matches(*argv, "nopmtudisc")) {
pmtudisc = 0;
} else if (!matches(*argv, "pmtudisc")) {
pmtudisc = 1;
} else if (!matches(*argv, "remote")) {
NEXT_ARG();
if (strcmp(*argv, "any"))
daddr = get_addr32(*argv);
} else if (!matches(*argv, "local")) {
NEXT_ARG();
if (strcmp(*argv, "any"))
saddr = get_addr32(*argv);
} else if (!matches(*argv, "dev")) {
NEXT_ARG();
link = if_nametoindex(*argv);
if (link == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n",
*argv);
exit(-1);
}
} else if (!matches(*argv, "ttl") ||
!matches(*argv, "hoplimit")) {
unsigned int uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg("invalid TTL\n", *argv);
if (uval > 255)
invarg("TTL must be <= 255\n", *argv);
ttl = uval;
}
} else if (!matches(*argv, "tos") ||
!matches(*argv, "tclass") ||
!matches(*argv, "dsfield")) {
__u32 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg("bad TOS value", *argv);
tos = uval;
} else
tos = 1;
} else if (strcmp(*argv, "noencap") == 0) {
encaptype = TUNNEL_ENCAP_NONE;
} else if (strcmp(*argv, "encap") == 0) {
NEXT_ARG();
if (strcmp(*argv, "fou") == 0)
encaptype = TUNNEL_ENCAP_FOU;
else if (strcmp(*argv, "gue") == 0)
encaptype = TUNNEL_ENCAP_GUE;
else if (strcmp(*argv, "none") == 0)
encaptype = TUNNEL_ENCAP_NONE;
else
invarg("Invalid encap type.", *argv);
} else if (strcmp(*argv, "encap-sport") == 0) {
NEXT_ARG();
if (strcmp(*argv, "auto") == 0)
encapsport = 0;
else if (get_u16(&encapsport, *argv, 0))
invarg("Invalid source port.", *argv);
} else if (strcmp(*argv, "encap-dport") == 0) {
NEXT_ARG();
if (get_u16(&encapdport, *argv, 0))
invarg("Invalid destination port.", *argv);
} else if (strcmp(*argv, "encap-csum") == 0) {
encapflags |= TUNNEL_ENCAP_FLAG_CSUM;
} else if (strcmp(*argv, "noencap-csum") == 0) {
encapflags &= ~TUNNEL_ENCAP_FLAG_CSUM;
} else if (strcmp(*argv, "encap-udp6-csum") == 0) {
encapflags |= TUNNEL_ENCAP_FLAG_CSUM6;
} else if (strcmp(*argv, "noencap-udp6-csum") == 0) {
encapflags |= ~TUNNEL_ENCAP_FLAG_CSUM6;
} else if (strcmp(*argv, "encap-remcsum") == 0) {
encapflags |= TUNNEL_ENCAP_FLAG_REMCSUM;
} else if (strcmp(*argv, "noencap-remcsum") == 0) {
encapflags |= ~TUNNEL_ENCAP_FLAG_REMCSUM;
} else if (strcmp(*argv, "external") == 0) {
metadata = 1;
} else if (strcmp(*argv, "ignore-df") == 0) {
ignore_df = 1;
} else if (strcmp(*argv, "noignore-df") == 0) {
/*
*only the lsb is significant, use 2 for presence
*/
ignore_df = 2;
} else if (strcmp(*argv, "fwmark") == 0) {
NEXT_ARG();
if (get_u32(&fwmark, *argv, 0))
invarg("invalid fwmark\n", *argv);
} else if (strcmp(*argv, "erspan") == 0) {
NEXT_ARG();
if (get_u32(&erspan_idx, *argv, 0))
invarg("invalid erspan index\n", *argv);
if (erspan_idx & ~((1<<20) - 1) || erspan_idx == 0)
invarg("erspan index must be > 0 and <= 20-bit\n", *argv);
} else if (!matches(*argv, "keepalive")) {
__u64 interv;
__u32 ret;
NEXT_ARG();
if (strcmp(*argv, "auto") != 0) {
if (get_u32(&interv, *argv, 0))
invarg("invalid KeepAlive time interval\n", *argv);
keepalive_interv = interv;
}
NEXT_ARG();
if (strcmp(*argv, "auto") != 0) {
if (get_unsigned(&ret, *argv, 0))
invarg("invalid KeepAlive retries\n", *argv);
if (ret > 255)
invarg("KeepAlive retries must be <= 255\n", *argv);
keepalive_ret = ret;
}
} else
usage();
argc--; argv++;
}
if (!ikey && IN_MULTICAST(ntohl(daddr))) {
ikey = daddr;
iflags |= GRE_KEY;
}
if (!okey && IN_MULTICAST(ntohl(daddr))) {
okey = daddr;
oflags |= GRE_KEY;
}
if (IN_MULTICAST(ntohl(daddr)) && !saddr) {
fprintf(stderr, "A broadcast tunnel requires a source address.\n");
return -1;
}
if (!metadata) {
addattr32(n, 1024, IFLA_GRE_IKEY, ikey);
addattr32(n, 1024, IFLA_GRE_OKEY, okey);
addattr_l(n, 1024, IFLA_GRE_IFLAGS, &iflags, 2);
addattr_l(n, 1024, IFLA_GRE_OFLAGS, &oflags, 2);
addattr_l(n, 1024, IFLA_GRE_LOCAL, &saddr, 4);
addattr_l(n, 1024, IFLA_GRE_REMOTE, &daddr, 4);
addattr_l(n, 1024, IFLA_GRE_PMTUDISC, &pmtudisc, 1);
if (link)
addattr32(n, 1024, IFLA_GRE_LINK, link);
addattr_l(n, 1024, IFLA_GRE_TTL, &ttl, 1);
addattr_l(n, 1024, IFLA_GRE_TOS, &tos, 1);
addattr32(n, 1024, IFLA_GRE_FWMARK, fwmark);
if (erspan_idx != 0)
addattr32(n, 1024, IFLA_GRE_ERSPAN_INDEX, erspan_idx);
if (keepalive_interv) {
addattr32(n, 1024, IFLA_GRE_KEEPALIVE_INTERVAL,
keepalive_interv);
addattr8(n, 1024, IFLA_GRE_KEEPALIVE_RETRIES,
keepalive_ret);
}
} else {
addattr_l(n, 1024, IFLA_GRE_COLLECT_METADATA, NULL, 0);
}
addattr16(n, 1024, IFLA_GRE_ENCAP_TYPE, encaptype);
addattr16(n, 1024, IFLA_GRE_ENCAP_FLAGS, encapflags);
addattr16(n, 1024, IFLA_GRE_ENCAP_SPORT, htons(encapsport));
addattr16(n, 1024, IFLA_GRE_ENCAP_DPORT, htons(encapdport));
if (ignore_df)
addattr8(n, 1024, IFLA_GRE_IGNORE_DF, ignore_df & 1);
return 0;
}
static void gre_print_direct_opt(FILE *f, struct rtattr *tb[])
{
char s2[64];
const char *local = "any";
const char *remote = "any";
unsigned int iflags = 0;
unsigned int oflags = 0;
if (tb[IFLA_GRE_REMOTE]) {
unsigned int addr = rta_getattr_u32(tb[IFLA_GRE_REMOTE]);
if (addr)
remote = format_host(AF_INET, 4, &addr);
}
print_string(PRINT_ANY, "remote", "remote %s ", remote);
if (tb[IFLA_GRE_LOCAL]) {
unsigned int addr = rta_getattr_u32(tb[IFLA_GRE_LOCAL]);
if (addr)
local = format_host(AF_INET, 4, &addr);
}
print_string(PRINT_ANY, "local", "local %s ", local);
if (tb[IFLA_GRE_LINK] && rta_getattr_u32(tb[IFLA_GRE_LINK])) {
unsigned int link = rta_getattr_u32(tb[IFLA_GRE_LINK]);
const char *n = if_indextoname(link, s2);
if (n)
print_string(PRINT_ANY, "link", "dev %s ", n);
else
print_uint(PRINT_ANY, "link_index", "dev %u ", link);
}
if (tb[IFLA_GRE_TTL]) {
__u8 ttl = rta_getattr_u8(tb[IFLA_GRE_TTL]);
if (ttl)
print_int(PRINT_ANY, "ttl", "ttl %d ", ttl);
else
print_int(PRINT_JSON, "ttl", NULL, ttl);
} else {
print_string(PRINT_FP, NULL, "ttl %s ", "inherit");
}
if (tb[IFLA_GRE_TOS] && rta_getattr_u8(tb[IFLA_GRE_TOS])) {
int tos = rta_getattr_u8(tb[IFLA_GRE_TOS]);
if (is_json_context()) {
SPRINT_BUF(b1);
snprintf(b1, sizeof(b1), "0x%x", tos);
print_string(PRINT_JSON, "tos", NULL, b1);
} else {
fputs("tos ", f);
if (tos == 1)
fputs("inherit ", f);
else
fprintf(f, "0x%x ", tos);
}
}
if (tb[IFLA_GRE_KEEPALIVE_INTERVAL]) {
unsigned long interval;
unsigned int retries;
interval = rta_getattr_u64(tb[IFLA_GRE_KEEPALIVE_INTERVAL]);
retries = rta_getattr_u8(tb[IFLA_GRE_KEEPALIVE_RETRIES]);
if (interval) {
print_int(PRINT_ANY, "keepalive",
"keepalive interval %d ",
interval);
print_int(PRINT_ANY, "keepalive",
"retries %d ",
retries);
} else {
print_int(PRINT_JSON, "keepalive", NULL, interval);
}
} else {
print_string(PRINT_FP, NULL, "keepalive %s ", "auto");
}
if (tb[IFLA_GRE_PMTUDISC]) {
if (!rta_getattr_u8(tb[IFLA_GRE_PMTUDISC]))
print_bool(PRINT_ANY, "pmtudisc", "nopmtudisc ", false);
else
print_bool(PRINT_JSON, "pmtudisc", NULL, true);
}
if (tb[IFLA_GRE_IFLAGS])
iflags = rta_getattr_u16(tb[IFLA_GRE_IFLAGS]);
if (tb[IFLA_GRE_OFLAGS])
oflags = rta_getattr_u16(tb[IFLA_GRE_OFLAGS]);
if ((iflags & GRE_KEY) && tb[IFLA_GRE_IKEY]) {
inet_ntop(AF_INET, RTA_DATA(tb[IFLA_GRE_IKEY]), s2, sizeof(s2));
print_string(PRINT_ANY, "ikey", "ikey %s ", s2);
}
if ((oflags & GRE_KEY) && tb[IFLA_GRE_OKEY]) {
inet_ntop(AF_INET, RTA_DATA(tb[IFLA_GRE_OKEY]), s2, sizeof(s2));
print_string(PRINT_ANY, "okey", "okey %s ", s2);
}
if (iflags & GRE_SEQ)
print_bool(PRINT_ANY, "iseq", "iseq ", true);
if (oflags & GRE_SEQ)
print_bool(PRINT_ANY, "oseq", "oseq ", true);
if (iflags & GRE_CSUM)
print_bool(PRINT_ANY, "icsum", "icsum ", true);
if (oflags & GRE_CSUM)
print_bool(PRINT_ANY, "ocsum", "ocsum ", true);
if (tb[IFLA_GRE_FWMARK]) {
__u32 fwmark = rta_getattr_u32(tb[IFLA_GRE_FWMARK]);
if (fwmark) {
snprintf(s2, sizeof(s2), "0x%x", fwmark);
print_string(PRINT_ANY, "fwmark", "fwmark %s ", s2);
}
}
}
static int geneve_parse_opt(struct link_util *lu, int argc, char **argv,
struct nlmsghdr *n)
{
__u32 vni = 0;
int vni_set = 0;
__u32 daddr = 0;
struct in6_addr daddr6 = IN6ADDR_ANY_INIT;
__u32 label = 0;
__u8 ttl = 0;
__u8 tos = 0;
__u16 dstport = 0;
bool metadata = 0;
__u8 udpcsum = 0;
bool udpcsum_set = false;
__u8 udp6zerocsumtx = 0;
bool udp6zerocsumtx_set = false;
__u8 udp6zerocsumrx = 0;
bool udp6zerocsumrx_set = false;
while (argc > 0) {
if (!matches(*argv, "id") ||
!matches(*argv, "vni")) {
NEXT_ARG();
if (get_u32(&vni, *argv, 0) ||
vni >= 1u << 24)
invarg("invalid id", *argv);
vni_set = 1;
} else if (!matches(*argv, "remote")) {
NEXT_ARG();
if (!inet_get_addr(*argv, &daddr, &daddr6)) {
fprintf(stderr, "Invalid address \"%s\"\n", *argv);
return -1;
}
if (IN6_IS_ADDR_MULTICAST(&daddr6) || IN_MULTICAST(ntohl(daddr)))
invarg("invalid remote address", *argv);
} else if (!matches(*argv, "ttl") ||
!matches(*argv, "hoplimit")) {
unsigned int uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (get_unsigned(&uval, *argv, 0))
invarg("invalid TTL", *argv);
if (uval > 255)
invarg("TTL must be <= 255", *argv);
ttl = uval;
}
} else if (!matches(*argv, "tos") ||
!matches(*argv, "dsfield")) {
__u32 uval;
NEXT_ARG();
if (strcmp(*argv, "inherit") != 0) {
if (rtnl_dsfield_a2n(&uval, *argv))
invarg("bad TOS value", *argv);
tos = uval;
} else
tos = 1;
} else if (!matches(*argv, "label") ||
!matches(*argv, "flowlabel")) {
__u32 uval;
NEXT_ARG();
if (get_u32(&uval, *argv, 0) ||
(uval & ~LABEL_MAX_MASK))
invarg("invalid flowlabel", *argv);
label = htonl(uval);
} else if (!matches(*argv, "dstport")) {
NEXT_ARG();
if (get_u16(&dstport, *argv, 0))
invarg("dstport", *argv);
} else if (!matches(*argv, "external")) {
metadata = true;
} else if (!matches(*argv, "noexternal")) {
metadata = false;
} else if (!matches(*argv, "udpcsum")) {
udpcsum = 1;
udpcsum_set = true;
} else if (!matches(*argv, "noudpcsum")) {
udpcsum = 0;
udpcsum_set = true;
} else if (!matches(*argv, "udp6zerocsumtx")) {
udp6zerocsumtx = 1;
udp6zerocsumtx_set = true;
} else if (!matches(*argv, "noudp6zerocsumtx")) {
udp6zerocsumtx = 0;
udp6zerocsumtx_set = true;
} else if (!matches(*argv, "udp6zerocsumrx")) {
udp6zerocsumrx = 1;
udp6zerocsumrx_set = true;
} else if (!matches(*argv, "noudp6zerocsumrx")) {
udp6zerocsumrx = 0;
udp6zerocsumrx_set = true;
} else if (matches(*argv, "help") == 0) {
explain();
return -1;
} else {
fprintf(stderr, "geneve: unknown command \"%s\"?\n", *argv);
explain();
return -1;
}
argc--, argv++;
}
if (metadata && vni_set) {
fprintf(stderr, "geneve: both 'external' and vni cannot be specified\n");
return -1;
}
if (!metadata) {
/* parameter checking make sense only for full geneve tunnels */
if (!vni_set) {
fprintf(stderr, "geneve: missing virtual network identifier\n");
return -1;
}
if (!daddr && IN6_IS_ADDR_UNSPECIFIED(&daddr6)) {
fprintf(stderr, "geneve: remote link partner not specified\n");
return -1;
}
}
addattr32(n, 1024, IFLA_GENEVE_ID, vni);
if (daddr)
addattr_l(n, 1024, IFLA_GENEVE_REMOTE, &daddr, 4);
if (!IN6_IS_ADDR_UNSPECIFIED(&daddr6))
addattr_l(n, 1024, IFLA_GENEVE_REMOTE6, &daddr6, sizeof(struct in6_addr));
addattr32(n, 1024, IFLA_GENEVE_LABEL, label);
addattr8(n, 1024, IFLA_GENEVE_TTL, ttl);
addattr8(n, 1024, IFLA_GENEVE_TOS, tos);
if (dstport)
addattr16(n, 1024, IFLA_GENEVE_PORT, htons(dstport));
if (metadata)
addattr(n, 1024, IFLA_GENEVE_COLLECT_METADATA);
if (udpcsum_set)
addattr8(n, 1024, IFLA_GENEVE_UDP_CSUM, udpcsum);
if (udp6zerocsumtx_set)
addattr8(n, 1024, IFLA_GENEVE_UDP_ZERO_CSUM6_TX, udp6zerocsumtx);
if (udp6zerocsumrx_set)
addattr8(n, 1024, IFLA_GENEVE_UDP_ZERO_CSUM6_RX, udp6zerocsumrx);
return 0;
}
REQ iproute_get(int argc, char *argv)
{
REQ req;
char *idev = NULL;
char *odev = NULL;
int connected = 0;
int from_ok = 0;
memset(&req, 0, sizeof(req));
iproute_reset_filter();
req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
req.n.nlmsg_flags = NLM_F_REQUEST;
req.n.nlmsg_type = RTM_GETROUTE;
req.r.rtm_family = preferred_family;
req.r.rtm_table = 0;
req.r.rtm_protocol = 0;
req.r.rtm_scope = 0;
req.r.rtm_type = 0;
req.r.rtm_src_len = 0;
req.r.rtm_dst_len = 0;
req.r.rtm_tos = 0;
while (argc > 0) {
if(strcmp(argv, "tos") == 0 ||
matches(argv, "dsfield") == 0) {
__u32 tos;
NEXT_ARG();
if(rtnl_dsfield_a2n(&tos, argv))
invarg("TOS value is invalid\n", argv);
req.r.rtm_tos = tos;
} else if(matches(argv, "from") == 0) {
inet_prefix addr;
NEXT_ARG();
from_ok = 1;
get_prefix(&addr, argv, req.r.rtm_family);
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = addr.family;
if(addr.bytelen)
addattr_l(&req.n, sizeof(req), RTA_SRC, &addr.data, addr.bytelen);
req.r.rtm_src_len = addr.bitlen;
} else if(matches(argv, "iif") == 0) {
NEXT_ARG();
idev = argv;
} else if(matches(argv, "oif") == 0 ||
strcmp(argv, "dev") == 0) {
NEXT_ARG();
odev = argv;
} else if(matches(argv, "notify") == 0) {
req.r.rtm_flags |= RTM_F_NOTIFY;
} else if(matches(argv, "connected") == 0) {
connected = 1;
} else {
inet_prefix addr;
if(strcmp(argv, "to") == 0) {
NEXT_ARG();
}
get_prefix(&addr, argv, req.r.rtm_family);
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = addr.family;
if(addr.bytelen)
addattr_l(&req.n, sizeof(req), RTA_DST, &addr.data, addr.bytelen);
req.r.rtm_dst_len = addr.bitlen;
}
argc--; argv++;
}
if(req.r.rtm_dst_len == 0) {
fprintf(stderr, "need at least destination address\n");
exit(1);
}
ll_init_map(&rth);
if(idev || odev) {
int idx;
if(idev) {
if((idx = ll_name_to_index(idev)) == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n", idev);
//return -1;
exit(1);
}
addattr32(&req.n, sizeof(req), RTA_IIF, idx);
}
if(odev) {
if((idx = ll_name_to_index(odev)) == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n", odev);
//return -1;
exit(1);
}
addattr32(&req.n, sizeof(req), RTA_OIF, idx);
}
}
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = AF_INET;
if(rtnl_talk(&rth, &req.n, 0, 0, &req.n, NULL, NULL) < 0)
exit(2);
if(connected && !from_ok) {
struct rtmsg *r = NLMSG_DATA(&req.n);
int len = req.n.nlmsg_len;
struct rtattr * tb[RTA_MAX+1];
// if(print_route(NULL, &req.n, (void*)stdout) < 0) {
// fprintf(stderr, "An error :-)\n");
// exit(1);
// }
if(req.n.nlmsg_type != RTM_NEWROUTE) {
fprintf(stderr, "Not a route?\n");
//return -1;
exit(1);
}
len -= NLMSG_LENGTH(sizeof(*r));
if(len < 0) {
fprintf(stderr, "Wrong len %d\n", len);
//return -1;
exit(1);
}
parse_rtattr(tb, RTA_MAX, RTM_RTA(r), len);
if(tb[RTA_PREFSRC]) {
tb[RTA_PREFSRC]->rta_type = RTA_SRC;
r->rtm_src_len = 8*RTA_PAYLOAD(tb[RTA_PREFSRC]);
} else if(!tb[RTA_SRC]) {
fprintf(stderr, "Failed to connect the route\n");
//return -1;
exit(1);
}
if(!odev && tb[RTA_OIF])
tb[RTA_OIF]->rta_type = 0;
if(tb[RTA_GATEWAY])
tb[RTA_GATEWAY]->rta_type = 0;
if(!idev && tb[RTA_IIF])
tb[RTA_IIF]->rta_type = 0;
req.n.nlmsg_flags = NLM_F_REQUEST;
req.n.nlmsg_type = RTM_GETROUTE;
if(rtnl_talk(&rth, &req.n, 0, 0, &req.n, NULL, NULL) < 0)
exit(2);
}
// if(print_route(NULL, &req.n, (void*)stdout) < 0) {
// fprintf(stderr, "An error :-)\n");
// exit(1);
// }
// exit(0);
return req;
}
int iproute_modify(int cmd, unsigned flags, int argc, char *argv)
{
REQ req;
char mxbuf[256];
struct rtattr * mxrta = (void*)mxbuf;
unsigned mxlock = 0;
char *d = NULL;
int gw_ok = 0;
int dst_ok = 0;
int nhs_ok = 0;
int scope_ok = 0;
int table_ok = 0;
// int type_ok = 0;
memset(&req, 0, sizeof(req));
req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
req.n.nlmsg_flags = NLM_F_REQUEST|flags;
req.n.nlmsg_type = cmd;
req.r.rtm_family = preferred_family;
req.r.rtm_table = RT_TABLE_MAIN;
req.r.rtm_scope = RT_SCOPE_NOWHERE;
if(cmd != RTM_DELROUTE) {
req.r.rtm_protocol = RTPROT_BOOT;
req.r.rtm_scope = RT_SCOPE_UNIVERSE;
req.r.rtm_type = RTN_UNICAST;
}
mxrta->rta_type = RTA_METRICS;
mxrta->rta_len = RTA_LENGTH(0);
while (argc > 0) {
if(strcmp(argv, "src") == 0) {
inet_prefix addr;
NEXT_ARG();
get_addr(&addr, argv, req.r.rtm_family);
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = addr.family;
addattr_l(&req.n, sizeof(req), RTA_PREFSRC, &addr.data, addr.bytelen);
} else if(strcmp(argv, "via") == 0) {
inet_prefix addr;
gw_ok = 1;
NEXT_ARG();
get_addr(&addr, argv, req.r.rtm_family);
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = addr.family;
addattr_l(&req.n, sizeof(req), RTA_GATEWAY, &addr.data, addr.bytelen);
} else if(strcmp(argv, "from") == 0) {
inet_prefix addr;
NEXT_ARG();
get_prefix(&addr, argv, req.r.rtm_family);
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = addr.family;
if(addr.bytelen)
addattr_l(&req.n, sizeof(req), RTA_SRC, &addr.data, addr.bytelen);
req.r.rtm_src_len = addr.bitlen;
} else if(strcmp(argv, "tos") == 0 ||
matches(argv, "dsfield") == 0) {
__u32 tos;
NEXT_ARG();
if(rtnl_dsfield_a2n(&tos, argv))
invarg("\"tos\" value is invalid\n", argv);
req.r.rtm_tos = tos;
} else if(matches(argv, "metric") == 0 ||
matches(argv, "priority") == 0 ||
matches(argv, "preference") == 0) {
__u32 metric;
NEXT_ARG();
if(get_u32(&metric, argv, 0))
invarg("\"metric\" value is invalid\n", argv);
addattr32(&req.n, sizeof(req), RTA_PRIORITY, metric);
} else if(strcmp(argv, "scope") == 0) {
__u32 scope = 0;
NEXT_ARG();
if(rtnl_rtscope_a2n(&scope, argv))
invarg("invalid \"scope\" value\n", argv);
req.r.rtm_scope = scope;
scope_ok = 1;
} else if(strcmp(argv, "mtu") == 0) {
unsigned mtu;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_MTU);
NEXT_ARG();
}
if(get_unsigned(&mtu, argv, 0))
invarg("\"mtu\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_MTU, mtu);
#ifdef RTAX_ADVMSS
} else if(strcmp(argv, "advmss") == 0) {
unsigned mss;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_ADVMSS);
NEXT_ARG();
}
if(get_unsigned(&mss, argv, 0))
invarg("\"mss\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_ADVMSS, mss);
#endif
#ifdef RTAX_REORDERING
} else if(matches(argv, "reordering") == 0) {
unsigned reord;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_REORDERING);
NEXT_ARG();
}
if(get_unsigned(&reord, argv, 0))
invarg("\"reordering\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_REORDERING, reord);
#endif
} else if(strcmp(argv, "rtt") == 0) {
unsigned rtt;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_RTT);
NEXT_ARG();
}
if(get_unsigned(&rtt, argv, 0))
invarg("\"rtt\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_RTT, rtt);
} else if(matches(argv, "window") == 0) {
unsigned win;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_WINDOW);
NEXT_ARG();
}
if(get_unsigned(&win, argv, 0))
invarg("\"window\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_WINDOW, win);
} else if(matches(argv, "cwnd") == 0) {
unsigned win;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_CWND);
NEXT_ARG();
}
if(get_unsigned(&win, argv, 0))
invarg("\"cwnd\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_CWND, win);
} else if(matches(argv, "rttvar") == 0) {
unsigned win;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_RTTVAR);
NEXT_ARG();
}
if(get_unsigned(&win, argv, 0))
invarg("\"rttvar\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_RTTVAR, win);
} else if(matches(argv, "ssthresh") == 0) {
unsigned win;
NEXT_ARG();
if(strcmp(argv, "lock") == 0) {
mxlock |= (1<<RTAX_SSTHRESH);
NEXT_ARG();
}
if(get_unsigned(&win, argv, 0))
invarg("\"ssthresh\" value is invalid\n", argv);
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_SSTHRESH, win);
// } else if(matches(argv, "realms") == 0) {
// __u32 realm;
// NEXT_ARG();
// if(get_rt_realms(&realm, argv))
// invarg("\"realm\" value is invalid\n", argv);
// addattr32(&req.n, sizeof(req), RTA_FLOW, realm);
} else if(strcmp(argv, "onlink") == 0) {
req.r.rtm_flags |= RTNH_F_ONLINK;
} else if(matches(argv, "equalize") == 0 ||
strcmp(argv, "eql") == 0) {
req.r.rtm_flags |= RTM_F_EQUALIZE;
} else if(strcmp(argv, "nexthop") == 0) {
nhs_ok = 1;
break;
} else if(matches(argv, "protocol") == 0) {
__u32 prot;
NEXT_ARG();
if(rtnl_rtprot_a2n(&prot, argv))
invarg("\"protocol\" value is invalid\n", argv);
req.r.rtm_protocol = prot;
} else if(matches(argv, "table") == 0) {
__u32 tid;
NEXT_ARG();
if(rtnl_rttable_a2n(&tid, argv))
invarg("\"table\" value is invalid\n", argv);
req.r.rtm_table = tid;
table_ok = 1;
} else if(strcmp(argv, "dev") == 0 ||
strcmp(argv, "oif") == 0) {
NEXT_ARG();
d = argv;
// } else if(strcmp(argv, "mpath") == 0 ||
// strcmp(argv, "mp") == 0) {
// int i;
// __u32 mp_alg = IP_MP_ALG_NONE;
//
// NEXT_ARG();
// for (i = 1; i < ARRAY_SIZE(mp_alg_names); i++)
// if(strcmp(argv, mp_alg_names[i]) == 0)
// mp_alg = i;
// if(mp_alg == IP_MP_ALG_NONE)
// invarg("\"mpath\" value is invalid\n", argv);
// addattr_l(&req.n, sizeof(req), RTA_MP_ALGO, &mp_alg, sizeof(mp_alg));
} else {
// int type;
inet_prefix dst;
if(strcmp(argv, "to") == 0) {
NEXT_ARG();
}
// if((*argv < '0' || *argv > '9') &&
// rtnl_rtntype_a2n(&type, argv) == 0) {
// NEXT_ARG();
// req.r.rtm_type = type;
// type_ok = 1;
// }
if(dst_ok)
duparg2("to", argv);
get_prefix(&dst, argv, req.r.rtm_family);
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = dst.family;
req.r.rtm_dst_len = dst.bitlen;
dst_ok = 1;
if(dst.bytelen)
addattr_l(&req.n, sizeof(req), RTA_DST, &dst.data, dst.bytelen);
}
argc--; argv++;
}
if(d || nhs_ok) {
int idx;
ll_init_map(&rth);
if(d) {
if((idx = ll_name_to_index(d)) == 0) {
fprintf(stderr, "Cannot find device \"%s\"\n", d);
return -1;
}
addattr32(&req.n, sizeof(req), RTA_OIF, idx);
}
}
if(mxrta->rta_len > RTA_LENGTH(0)) {
if(mxlock)
rta_addattr32(mxrta, sizeof(mxbuf), RTAX_LOCK, mxlock);
addattr_l(&req.n, sizeof(req), RTA_METRICS, RTA_DATA(mxrta), RTA_PAYLOAD(mxrta));
}
if(nhs_ok)
parse_nexthops(&req.n, &req.r, argc, argv);
if(!table_ok) {
if(req.r.rtm_type == RTN_LOCAL ||
req.r.rtm_type == RTN_BROADCAST ||
req.r.rtm_type == RTN_NAT ||
req.r.rtm_type == RTN_ANYCAST)
req.r.rtm_table = RT_TABLE_LOCAL;
}
if(!scope_ok) {
if(req.r.rtm_type == RTN_LOCAL ||
req.r.rtm_type == RTN_NAT)
req.r.rtm_scope = RT_SCOPE_HOST;
else if(req.r.rtm_type == RTN_BROADCAST ||
req.r.rtm_type == RTN_MULTICAST ||
req.r.rtm_type == RTN_ANYCAST)
req.r.rtm_scope = RT_SCOPE_LINK;
else if(req.r.rtm_type == RTN_UNICAST ||
req.r.rtm_type == RTN_UNSPEC) {
if(cmd == RTM_DELROUTE)
req.r.rtm_scope = RT_SCOPE_NOWHERE;
else if(!gw_ok && !nhs_ok)
req.r.rtm_scope = RT_SCOPE_LINK;
}
}
if(req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = AF_INET;
if(rtnl_talk(&rth, &req.n, 0, 0, NULL, NULL, NULL) < 0)
exit(2);
return 0;
}
int iprule_modify(int cmd, int argc, char **argv)
{
int table_ok = 0;
struct rtnl_handle rth;
struct {
struct nlmsghdr n;
struct rtmsg r;
char buf[1024];
} req;
memset(&req, 0, sizeof(req));
req.n.nlmsg_type = cmd;
req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
req.n.nlmsg_flags = NLM_F_REQUEST;
req.r.rtm_family = preferred_family;
req.r.rtm_protocol = RTPROT_BOOT;
req.r.rtm_scope = RT_SCOPE_UNIVERSE;
req.r.rtm_table = 0;
req.r.rtm_type = RTN_UNSPEC;
if (cmd == RTM_NEWRULE) {
req.n.nlmsg_flags |= NLM_F_CREATE|NLM_F_EXCL;
req.r.rtm_type = RTN_UNICAST;
}
while (argc > 0) {
if (strcmp(*argv, "from") == 0) {
inet_prefix dst;
NEXT_ARG();
get_prefix(&dst, *argv, req.r.rtm_family);
req.r.rtm_src_len = dst.bitlen;
addattr_l(&req.n, sizeof(req), RTA_SRC, &dst.data, dst.bytelen);
} else if (strcmp(*argv, "to") == 0) {
inet_prefix dst;
NEXT_ARG();
get_prefix(&dst, *argv, req.r.rtm_family);
req.r.rtm_dst_len = dst.bitlen;
addattr_l(&req.n, sizeof(req), RTA_DST, &dst.data, dst.bytelen);
} else if (matches(*argv, "preference") == 0 ||
matches(*argv, "order") == 0 ||
matches(*argv, "priority") == 0) {
__u32 pref;
NEXT_ARG();
if (get_u32(&pref, *argv, 0))
invarg("preference value is invalid\n", *argv);
addattr32(&req.n, sizeof(req), RTA_PRIORITY, pref);
} else if (strcmp(*argv, "tos") == 0) {
__u32 tos;
NEXT_ARG();
if (rtnl_dsfield_a2n(&tos, *argv))
invarg("TOS value is invalid\n", *argv);
req.r.rtm_tos = tos;
} else if (strcmp(*argv, "fwmark") == 0) {
__u32 fwmark;
NEXT_ARG();
if (get_u32(&fwmark, *argv, 0))
invarg("fwmark value is invalid\n", *argv);
addattr32(&req.n, sizeof(req), RTA_PROTOINFO, fwmark);
} else if (matches(*argv, "realms") == 0) {
__u32 realm;
NEXT_ARG();
if (get_rt_realms(&realm, *argv))
invarg("invalid realms\n", *argv);
addattr32(&req.n, sizeof(req), RTA_FLOW, realm);
} else if (matches(*argv, "table") == 0 ||
strcmp(*argv, "lookup") == 0) {
int tid;
NEXT_ARG();
if (rtnl_rttable_a2n(&tid, *argv))
invarg("invalid table ID\n", *argv);
req.r.rtm_table = tid;
table_ok = 1;
} else if (strcmp(*argv, "dev") == 0 ||
strcmp(*argv, "iif") == 0) {
NEXT_ARG();
addattr_l(&req.n, sizeof(req), RTA_IIF, *argv, strlen(*argv)+1);
} else if (strcmp(*argv, "nat") == 0 ||
matches(*argv, "map-to") == 0) {
NEXT_ARG();
addattr32(&req.n, sizeof(req), RTA_GATEWAY, get_addr32(*argv));
req.r.rtm_type = RTN_NAT;
} else {
int type;
if (strcmp(*argv, "type") == 0) {
NEXT_ARG();
}
if (matches(*argv, "help") == 0)
usage();
if (rtnl_rtntype_a2n(&type, *argv))
invarg("Failed to parse rule type", *argv);
req.r.rtm_type = type;
}
argc--;
argv++;
}
if (req.r.rtm_family == AF_UNSPEC)
req.r.rtm_family = AF_INET;
if (!table_ok && cmd == RTM_NEWRULE)
req.r.rtm_table = RT_TABLE_MAIN;
if (rtnl_open(&rth, 0) < 0)
return 1;
if (rtnl_talk(&rth, &req.n, 0, 0, NULL, NULL, NULL) < 0)
return 2;
return 0;
}