static void print_one_ipv4_rule(const struct acl4_rules *rule, int extra) { unsigned char a, b, c, d; uint32_t_to_char(rule->field[SRC_FIELD_IPV4].value.u32, &a, &b, &c, &d); printf("%hhu.%hhu.%hhu.%hhu/%u ", a, b, c, d, rule->field[SRC_FIELD_IPV4].mask_range.u32); uint32_t_to_char(rule->field[DST_FIELD_IPV4].value.u32, &a, &b, &c, &d); printf("%hhu.%hhu.%hhu.%hhu/%u ", a, b, c, d, rule->field[DST_FIELD_IPV4].mask_range.u32); printf("%hu : %hu %hu : %hu 0x%hhx/0x%hhx ", rule->field[SRCP_FIELD_IPV4].value.u16, rule->field[SRCP_FIELD_IPV4].mask_range.u16, rule->field[DSTP_FIELD_IPV4].value.u16, rule->field[DSTP_FIELD_IPV4].mask_range.u16, rule->field[PROTO_FIELD_IPV4].value.u8, rule->field[PROTO_FIELD_IPV4].mask_range.u8); if (extra) printf("0x%x-0x%x-0x%x ", rule->data.category_mask, rule->data.priority, rule->data.userdata); }
void rt_init(struct socket_ctx *ctx, int socket_id, unsigned ep) { char name[PATH_MAX]; unsigned i; int ret; struct rte_lpm *lpm; struct ipv4_route *rt; char a, b, c, d; unsigned nb_routes; struct rte_lpm_config conf = { 0 }; if (ctx == NULL) rte_exit(EXIT_FAILURE, "NULL context.\n"); if (ctx->rt_ipv4 != NULL) rte_exit(EXIT_FAILURE, "Routing Table for socket %u already " "initialized\n", socket_id); printf("Creating Routing Table (RT) context with %u max routes\n", RT_IPV4_MAX_RULES); if (ep == 0) { rt = rt_ipv4_ep0; nb_routes = RTE_DIM(rt_ipv4_ep0); } else if (ep == 1) { rt = rt_ipv4_ep1; nb_routes = RTE_DIM(rt_ipv4_ep1); } else rte_exit(EXIT_FAILURE, "Invalid EP value %u. Only 0 or 1 " "supported.\n", ep); /* create the LPM table */ snprintf(name, sizeof(name), "%s_%u", "rt_ipv4", socket_id); conf.max_rules = RT_IPV4_MAX_RULES; conf.number_tbl8s = RTE_LPM_TBL8_NUM_ENTRIES; lpm = rte_lpm_create(name, socket_id, &conf); if (lpm == NULL) rte_exit(EXIT_FAILURE, "Unable to create LPM table " "on socket %d\n", socket_id); /* populate the LPM table */ for (i = 0; i < nb_routes; i++) { ret = rte_lpm_add(lpm, rt[i].ip, rt[i].depth, rt[i].if_out); if (ret < 0) rte_exit(EXIT_FAILURE, "Unable to add entry num %u to " "LPM table on socket %d\n", i, socket_id); uint32_t_to_char(rt[i].ip, &a, &b, &c, &d); printf("LPM: Adding route %hhu.%hhu.%hhu.%hhu/%hhu (%hhu)\n", a, b, c, d, rt[i].depth, rt[i].if_out); } ctx->rt_ipv4 = (struct rt_ctx *)lpm; }
static inline void print_one_ip6_rule(const struct acl6_rules *rule, int32_t extra) { uint8_t a, b, c, d; uint32_t_to_char(rule->field[IP6_SRC0].value.u32, &a, &b, &c, &d); printf("%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[IP6_SRC1].value.u32, &a, &b, &c, &d); printf(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[IP6_SRC2].value.u32, &a, &b, &c, &d); printf(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[IP6_SRC3].value.u32, &a, &b, &c, &d); printf(":%.2x%.2x:%.2x%.2x/%u ", a, b, c, d, rule->field[IP6_SRC0].mask_range.u32 + rule->field[IP6_SRC1].mask_range.u32 + rule->field[IP6_SRC2].mask_range.u32 + rule->field[IP6_SRC3].mask_range.u32); uint32_t_to_char(rule->field[IP6_DST0].value.u32, &a, &b, &c, &d); printf("%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[IP6_DST1].value.u32, &a, &b, &c, &d); printf(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[IP6_DST2].value.u32, &a, &b, &c, &d); printf(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[IP6_DST3].value.u32, &a, &b, &c, &d); printf(":%.2x%.2x:%.2x%.2x/%u ", a, b, c, d, rule->field[IP6_DST0].mask_range.u32 + rule->field[IP6_DST1].mask_range.u32 + rule->field[IP6_DST2].mask_range.u32 + rule->field[IP6_DST3].mask_range.u32); printf("%hu : %hu %hu : %hu 0x%hhx/0x%hhx ", rule->field[IP6_SRCP].value.u16, rule->field[IP6_SRCP].mask_range.u16, rule->field[IP6_DSTP].value.u16, rule->field[IP6_DSTP].mask_range.u16, rule->field[IP6_PROTO].value.u8, rule->field[IP6_PROTO].mask_range.u8); if (extra) printf("0x%x-0x%x-0x%x ", rule->data.category_mask, rule->data.priority, rule->data.userdata); }
static inline void print_one_ipv6_rule(struct acl6_rule *rule, int extra) { unsigned char a, b, c, d; uint32_t_to_char(rule->field[SRC1_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log("%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[SRC2_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[SRC3_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[SRC4_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log(":%.2x%.2x:%.2x%.2x/%u ", a, b, c, d, rule->field[SRC1_FIELD_IPV6].mask_range.u32 + rule->field[SRC2_FIELD_IPV6].mask_range.u32 + rule->field[SRC3_FIELD_IPV6].mask_range.u32 + rule->field[SRC4_FIELD_IPV6].mask_range.u32); uint32_t_to_char(rule->field[DST1_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log("%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[DST2_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[DST3_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log(":%.2x%.2x:%.2x%.2x", a, b, c, d); uint32_t_to_char(rule->field[DST4_FIELD_IPV6].value.u32, &a, &b, &c, &d); acl_log(":%.2x%.2x:%.2x%.2x/%u ", a, b, c, d, rule->field[DST1_FIELD_IPV6].mask_range.u32 + rule->field[DST2_FIELD_IPV6].mask_range.u32 + rule->field[DST3_FIELD_IPV6].mask_range.u32 + rule->field[DST4_FIELD_IPV6].mask_range.u32); acl_log("%hu : %hu %hu : %hu 0x%hhx/0x%hhx ", rule->field[SRCP_FIELD_IPV6].value.u16, rule->field[SRCP_FIELD_IPV6].mask_range.u16, rule->field[DSTP_FIELD_IPV6].value.u16, rule->field[DSTP_FIELD_IPV6].mask_range.u16, rule->field[PROTO_FIELD_IPV6].value.u8, rule->field[PROTO_FIELD_IPV6].mask_range.u8); if (extra) acl_log("0x%x-0x%x-0x%x ", rule->data.category_mask, rule->data.priority, rule->data.userdata); }
void dump_acl4_rule(struct rte_mbuf *m, uint32_t sig) { uint32_t offset = sig & ~ACL_DENY_SIGNATURE; unsigned char a, b, c, d; struct ipv4_hdr *ipv4_hdr = (struct ipv4_hdr *)(rte_pktmbuf_mtod( m, unsigned char *)+sizeof(struct ether_hdr)); uint32_t_to_char(rte_bswap32(ipv4_hdr->src_addr), &a, &b, &c, &d); acl_log("Packet Src:%hhu.%hhu.%hhu.%hhu ", a, b, c, d); uint32_t_to_char(rte_bswap32(ipv4_hdr->dst_addr), &a, &b, &c, &d); acl_log("Dst:%hhu.%hhu.%hhu.%hhu ", a, b, c, d); acl_log("Src port:%hu,Dst port:%hu ", rte_bswap16(*(uint16_t *)(ipv4_hdr + 1)), rte_bswap16(*((uint16_t *)(ipv4_hdr + 1) + 1))); acl_log("hit ACL %d - ", offset); print_one_ipv4_rule(acl_config.rule_ipv4 + offset, 1); acl_log("\n\n"); }