1 /*
2 * ipneigh.c "ip neigh".
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 *
11 */
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <unistd.h>
16 #include <syslog.h>
17 #include <fcntl.h>
18 #include <string.h>
19 #include <sys/time.h>
20 #include <sys/socket.h>
21 #include <netinet/in.h>
22 #include <netinet/ip.h>
23
24 #include "rt_names.h"
25 #include "utils.h"
26 #include "ip_common.h"
27
28 #define NUD_VALID (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE|NUD_PROBE|NUD_STALE|NUD_DELAY)
29 #define MAX_ROUNDS 10
30
31 static struct
32 {
33 int family;
34 int index;
35 int state;
36 int unused_only;
37 inet_prefix pfx;
38 int flushed;
39 char *flushb;
40 int flushp;
41 int flushe;
42 int master;
43 } filter;
44
45 static void usage(void) __attribute__((noreturn));
46
usage(void)47 static void usage(void)
48 {
49 fprintf(stderr, "Usage: ip neigh { add | del | change | replace }\n"
50 " { ADDR [ lladdr LLADDR ] [ nud STATE ] | proxy ADDR } [ dev DEV ]\n");
51 fprintf(stderr, " ip neigh { show | flush } [ proxy ] [ to PREFIX ] [ dev DEV ] [ nud STATE ]\n");
52 fprintf(stderr, " [ vrf NAME ]\n\n");
53 fprintf(stderr, "STATE := { permanent | noarp | stale | reachable | none |\n"
54 " incomplete | delay | probe | failed }\n");
55 exit(-1);
56 }
57
nud_state_a2n(unsigned int * state,const char * arg)58 static int nud_state_a2n(unsigned int *state, const char *arg)
59 {
60 if (matches(arg, "permanent") == 0)
61 *state = NUD_PERMANENT;
62 else if (matches(arg, "reachable") == 0)
63 *state = NUD_REACHABLE;
64 else if (strcmp(arg, "noarp") == 0)
65 *state = NUD_NOARP;
66 else if (strcmp(arg, "none") == 0)
67 *state = NUD_NONE;
68 else if (strcmp(arg, "stale") == 0)
69 *state = NUD_STALE;
70 else if (strcmp(arg, "incomplete") == 0)
71 *state = NUD_INCOMPLETE;
72 else if (strcmp(arg, "delay") == 0)
73 *state = NUD_DELAY;
74 else if (strcmp(arg, "probe") == 0)
75 *state = NUD_PROBE;
76 else if (matches(arg, "failed") == 0)
77 *state = NUD_FAILED;
78 else {
79 if (get_unsigned(state, arg, 0))
80 return -1;
81 if (*state >= 0x100 || (*state&((*state)-1)))
82 return -1;
83 }
84 return 0;
85 }
86
flush_update(void)87 static int flush_update(void)
88 {
89 if (rtnl_send_check(&rth, filter.flushb, filter.flushp) < 0) {
90 perror("Failed to send flush request");
91 return -1;
92 }
93 filter.flushp = 0;
94 return 0;
95 }
96
97
ipneigh_modify(int cmd,int flags,int argc,char ** argv)98 static int ipneigh_modify(int cmd, int flags, int argc, char **argv)
99 {
100 struct {
101 struct nlmsghdr n;
102 struct ndmsg ndm;
103 char buf[256];
104 } req = {
105 .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ndmsg)),
106 .n.nlmsg_flags = NLM_F_REQUEST | flags,
107 .n.nlmsg_type = cmd,
108 .ndm.ndm_family = preferred_family,
109 .ndm.ndm_state = NUD_PERMANENT,
110 };
111 char *dev = NULL;
112 int dst_ok = 0;
113 int dev_ok = 0;
114 int lladdr_ok = 0;
115 char *lla = NULL;
116 inet_prefix dst;
117
118 while (argc > 0) {
119 if (matches(*argv, "lladdr") == 0) {
120 NEXT_ARG();
121 if (lladdr_ok)
122 duparg("lladdr", *argv);
123 lla = *argv;
124 lladdr_ok = 1;
125 } else if (strcmp(*argv, "nud") == 0) {
126 unsigned int state;
127
128 NEXT_ARG();
129 if (nud_state_a2n(&state, *argv))
130 invarg("nud state is bad", *argv);
131 req.ndm.ndm_state = state;
132 } else if (matches(*argv, "proxy") == 0) {
133 NEXT_ARG();
134 if (matches(*argv, "help") == 0)
135 usage();
136 if (dst_ok)
137 duparg("address", *argv);
138 get_addr(&dst, *argv, preferred_family);
139 dst_ok = 1;
140 dev_ok = 1;
141 req.ndm.ndm_flags |= NTF_PROXY;
142 } else if (strcmp(*argv, "dev") == 0) {
143 NEXT_ARG();
144 dev = *argv;
145 dev_ok = 1;
146 } else {
147 if (strcmp(*argv, "to") == 0) {
148 NEXT_ARG();
149 }
150 if (matches(*argv, "help") == 0) {
151 NEXT_ARG();
152 }
153 if (dst_ok)
154 duparg2("to", *argv);
155 get_addr(&dst, *argv, preferred_family);
156 dst_ok = 1;
157 }
158 argc--; argv++;
159 }
160 if (!dev_ok || !dst_ok || dst.family == AF_UNSPEC) {
161 fprintf(stderr, "Device and destination are required arguments.\n");
162 exit(-1);
163 }
164 req.ndm.ndm_family = dst.family;
165 if (addattr_l(&req.n, sizeof(req), NDA_DST, &dst.data, dst.bytelen) < 0)
166 return -1;
167
168 if (lla && strcmp(lla, "null")) {
169 char llabuf[20];
170 int l;
171
172 l = ll_addr_a2n(llabuf, sizeof(llabuf), lla);
173 if (l < 0)
174 return -1;
175
176 if (addattr_l(&req.n, sizeof(req), NDA_LLADDR, llabuf, l) < 0)
177 return -1;
178 }
179
180 ll_init_map(&rth);
181
182 if (dev && (req.ndm.ndm_ifindex = ll_name_to_index(dev)) == 0) {
183 fprintf(stderr, "Cannot find device \"%s\"\n", dev);
184 return -1;
185 }
186
187 if (rtnl_talk(&rth, &req.n, NULL, 0) < 0)
188 exit(2);
189
190 return 0;
191 }
192
193
print_neigh(const struct sockaddr_nl * who,struct nlmsghdr * n,void * arg)194 int print_neigh(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
195 {
196 FILE *fp = (FILE *)arg;
197 struct ndmsg *r = NLMSG_DATA(n);
198 int len = n->nlmsg_len;
199 struct rtattr *tb[NDA_MAX+1];
200 static int logit = 1;
201
202 if (n->nlmsg_type != RTM_NEWNEIGH && n->nlmsg_type != RTM_DELNEIGH &&
203 n->nlmsg_type != RTM_GETNEIGH) {
204 fprintf(stderr, "Not RTM_NEWNEIGH: %08x %08x %08x\n",
205 n->nlmsg_len, n->nlmsg_type, n->nlmsg_flags);
206
207 return 0;
208 }
209 len -= NLMSG_LENGTH(sizeof(*r));
210 if (len < 0) {
211 fprintf(stderr, "BUG: wrong nlmsg len %d\n", len);
212 return -1;
213 }
214
215 if (filter.flushb && n->nlmsg_type != RTM_NEWNEIGH)
216 return 0;
217
218 if (filter.family && filter.family != r->ndm_family)
219 return 0;
220 if (filter.index && filter.index != r->ndm_ifindex)
221 return 0;
222 if (!(filter.state&r->ndm_state) &&
223 !(r->ndm_flags & NTF_PROXY) &&
224 (r->ndm_state || !(filter.state&0x100)) &&
225 (r->ndm_family != AF_DECnet))
226 return 0;
227
228 if (filter.master && !(n->nlmsg_flags & NLM_F_DUMP_FILTERED)) {
229 if (logit) {
230 logit = 0;
231 fprintf(fp,
232 "\nWARNING: Kernel does not support filtering by master device\n\n");
233 }
234 }
235
236 parse_rtattr(tb, NDA_MAX, NDA_RTA(r), n->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
237
238 if (tb[NDA_DST]) {
239 if (filter.pfx.family) {
240 inet_prefix dst = { .family = r->ndm_family };
241
242 memcpy(&dst.data, RTA_DATA(tb[NDA_DST]), RTA_PAYLOAD(tb[NDA_DST]));
243 if (inet_addr_match(&dst, &filter.pfx, filter.pfx.bitlen))
244 return 0;
245 }
246 }
247 if (filter.unused_only && tb[NDA_CACHEINFO]) {
248 struct nda_cacheinfo *ci = RTA_DATA(tb[NDA_CACHEINFO]);
249
250 if (ci->ndm_refcnt)
251 return 0;
252 }
253
254 if (filter.flushb) {
255 struct nlmsghdr *fn;
256
257 if (NLMSG_ALIGN(filter.flushp) + n->nlmsg_len > filter.flushe) {
258 if (flush_update())
259 return -1;
260 }
261 fn = (struct nlmsghdr *)(filter.flushb + NLMSG_ALIGN(filter.flushp));
262 memcpy(fn, n, n->nlmsg_len);
263 fn->nlmsg_type = RTM_DELNEIGH;
264 fn->nlmsg_flags = NLM_F_REQUEST;
265 fn->nlmsg_seq = ++rth.seq;
266 filter.flushp = (((char *)fn) + n->nlmsg_len) - filter.flushb;
267 filter.flushed++;
268 if (show_stats < 2)
269 return 0;
270 }
271
272 if (n->nlmsg_type == RTM_DELNEIGH)
273 fprintf(fp, "Deleted ");
274 else if (n->nlmsg_type == RTM_GETNEIGH)
275 fprintf(fp, "miss ");
276 if (tb[NDA_DST]) {
277 fprintf(fp, "%s ",
278 format_host_rta(r->ndm_family, tb[NDA_DST]));
279 }
280 if (!filter.index && r->ndm_ifindex)
281 fprintf(fp, "dev %s ", ll_index_to_name(r->ndm_ifindex));
282 if (tb[NDA_LLADDR]) {
283 SPRINT_BUF(b1);
284 fprintf(fp, "lladdr %s", ll_addr_n2a(RTA_DATA(tb[NDA_LLADDR]),
285 RTA_PAYLOAD(tb[NDA_LLADDR]),
286 ll_index_to_type(r->ndm_ifindex),
287 b1, sizeof(b1)));
288 }
289 if (r->ndm_flags & NTF_ROUTER) {
290 fprintf(fp, " router");
291 }
292 if (r->ndm_flags & NTF_PROXY) {
293 fprintf(fp, " proxy");
294 }
295 if (tb[NDA_CACHEINFO] && show_stats) {
296 struct nda_cacheinfo *ci = RTA_DATA(tb[NDA_CACHEINFO]);
297 int hz = get_user_hz();
298
299 if (ci->ndm_refcnt)
300 printf(" ref %d", ci->ndm_refcnt);
301 fprintf(fp, " used %d/%d/%d", ci->ndm_used/hz,
302 ci->ndm_confirmed/hz, ci->ndm_updated/hz);
303 }
304
305 if (tb[NDA_PROBES] && show_stats) {
306 __u32 p = rta_getattr_u32(tb[NDA_PROBES]);
307
308 fprintf(fp, " probes %u", p);
309 }
310
311 if (r->ndm_state) {
312 int nud = r->ndm_state;
313
314 fprintf(fp, " ");
315
316 #define PRINT_FLAG(f) if (nud & NUD_##f) { \
317 nud &= ~NUD_##f; fprintf(fp, #f "%s", nud ? "," : ""); }
318 PRINT_FLAG(INCOMPLETE);
319 PRINT_FLAG(REACHABLE);
320 PRINT_FLAG(STALE);
321 PRINT_FLAG(DELAY);
322 PRINT_FLAG(PROBE);
323 PRINT_FLAG(FAILED);
324 PRINT_FLAG(NOARP);
325 PRINT_FLAG(PERMANENT);
326 #undef PRINT_FLAG
327 }
328 fprintf(fp, "\n");
329
330 fflush(fp);
331 return 0;
332 }
333
ipneigh_reset_filter(int ifindex)334 void ipneigh_reset_filter(int ifindex)
335 {
336 memset(&filter, 0, sizeof(filter));
337 filter.state = ~0;
338 filter.index = ifindex;
339 }
340
do_show_or_flush(int argc,char ** argv,int flush)341 static int do_show_or_flush(int argc, char **argv, int flush)
342 {
343 struct {
344 struct nlmsghdr n;
345 struct ndmsg ndm;
346 char buf[256];
347 } req = {
348 .n.nlmsg_type = RTM_GETNEIGH,
349 .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ndmsg)),
350 };
351 char *filter_dev = NULL;
352 int state_given = 0;
353
354 ipneigh_reset_filter(0);
355
356 if (!filter.family)
357 filter.family = preferred_family;
358
359 if (flush) {
360 if (argc <= 0) {
361 fprintf(stderr, "Flush requires arguments.\n");
362 return -1;
363 }
364 filter.state = ~(NUD_PERMANENT|NUD_NOARP);
365 } else
366 filter.state = 0xFF & ~NUD_NOARP;
367
368 while (argc > 0) {
369 if (strcmp(*argv, "dev") == 0) {
370 NEXT_ARG();
371 if (filter_dev)
372 duparg("dev", *argv);
373 filter_dev = *argv;
374 } else if (strcmp(*argv, "master") == 0) {
375 int ifindex;
376
377 NEXT_ARG();
378 ifindex = ll_name_to_index(*argv);
379 if (!ifindex)
380 invarg("Device does not exist\n", *argv);
381 addattr32(&req.n, sizeof(req), NDA_MASTER, ifindex);
382 filter.master = ifindex;
383 } else if (strcmp(*argv, "vrf") == 0) {
384 int ifindex;
385
386 NEXT_ARG();
387 ifindex = ll_name_to_index(*argv);
388 if (!ifindex)
389 invarg("Not a valid VRF name\n", *argv);
390 if (!name_is_vrf(*argv))
391 invarg("Not a valid VRF name\n", *argv);
392 addattr32(&req.n, sizeof(req), NDA_MASTER, ifindex);
393 filter.master = ifindex;
394 } else if (strcmp(*argv, "unused") == 0) {
395 filter.unused_only = 1;
396 } else if (strcmp(*argv, "nud") == 0) {
397 unsigned int state;
398
399 NEXT_ARG();
400 if (!state_given) {
401 state_given = 1;
402 filter.state = 0;
403 }
404 if (nud_state_a2n(&state, *argv)) {
405 if (strcmp(*argv, "all") != 0)
406 invarg("nud state is bad", *argv);
407 state = ~0;
408 if (flush)
409 state &= ~NUD_NOARP;
410 }
411 if (state == 0)
412 state = 0x100;
413 filter.state |= state;
414 } else if (strcmp(*argv, "proxy") == 0)
415 req.ndm.ndm_flags = NTF_PROXY;
416 else {
417 if (strcmp(*argv, "to") == 0) {
418 NEXT_ARG();
419 }
420 if (matches(*argv, "help") == 0)
421 usage();
422 get_prefix(&filter.pfx, *argv, filter.family);
423 if (filter.family == AF_UNSPEC)
424 filter.family = filter.pfx.family;
425 }
426 argc--; argv++;
427 }
428
429 ll_init_map(&rth);
430
431 if (filter_dev) {
432 if ((filter.index = ll_name_to_index(filter_dev)) == 0) {
433 fprintf(stderr, "Cannot find device \"%s\"\n", filter_dev);
434 return -1;
435 }
436 addattr32(&req.n, sizeof(req), NDA_IFINDEX, filter.index);
437 }
438
439 req.ndm.ndm_family = filter.family;
440
441 if (flush) {
442 int round = 0;
443 char flushb[4096-512];
444
445 filter.flushb = flushb;
446 filter.flushp = 0;
447 filter.flushe = sizeof(flushb);
448
449 while (round < MAX_ROUNDS) {
450 if (rtnl_dump_request_n(&rth, &req.n) < 0) {
451 perror("Cannot send dump request");
452 exit(1);
453 }
454 filter.flushed = 0;
455 if (rtnl_dump_filter(&rth, print_neigh, stdout) < 0) {
456 fprintf(stderr, "Flush terminated\n");
457 exit(1);
458 }
459 if (filter.flushed == 0) {
460 if (show_stats) {
461 if (round == 0)
462 printf("Nothing to flush.\n");
463 else
464 printf("*** Flush is complete after %d round%s ***\n", round, round > 1?"s":"");
465 }
466 fflush(stdout);
467 return 0;
468 }
469 round++;
470 if (flush_update() < 0)
471 exit(1);
472 if (show_stats) {
473 printf("\n*** Round %d, deleting %d entries ***\n", round, filter.flushed);
474 fflush(stdout);
475 }
476 filter.state &= ~NUD_FAILED;
477 }
478 printf("*** Flush not complete bailing out after %d rounds\n",
479 MAX_ROUNDS);
480 return 1;
481 }
482
483 if (rtnl_dump_request_n(&rth, &req.n) < 0) {
484 perror("Cannot send dump request");
485 exit(1);
486 }
487
488 if (rtnl_dump_filter(&rth, print_neigh, stdout) < 0) {
489 fprintf(stderr, "Dump terminated\n");
490 exit(1);
491 }
492
493 return 0;
494 }
495
do_ipneigh(int argc,char ** argv)496 int do_ipneigh(int argc, char **argv)
497 {
498 if (argc > 0) {
499 if (matches(*argv, "add") == 0)
500 return ipneigh_modify(RTM_NEWNEIGH, NLM_F_CREATE|NLM_F_EXCL, argc-1, argv+1);
501 if (matches(*argv, "change") == 0 ||
502 strcmp(*argv, "chg") == 0)
503 return ipneigh_modify(RTM_NEWNEIGH, NLM_F_REPLACE, argc-1, argv+1);
504 if (matches(*argv, "replace") == 0)
505 return ipneigh_modify(RTM_NEWNEIGH, NLM_F_CREATE|NLM_F_REPLACE, argc-1, argv+1);
506 if (matches(*argv, "delete") == 0)
507 return ipneigh_modify(RTM_DELNEIGH, 0, argc-1, argv+1);
508 if (matches(*argv, "get") == 0) {
509 fprintf(stderr, "Sorry, \"neigh get\" is not implemented :-(\n");
510 return -1;
511 }
512 if (matches(*argv, "show") == 0 ||
513 matches(*argv, "lst") == 0 ||
514 matches(*argv, "list") == 0)
515 return do_show_or_flush(argc-1, argv+1, 0);
516 if (matches(*argv, "flush") == 0)
517 return do_show_or_flush(argc-1, argv+1, 1);
518 if (matches(*argv, "help") == 0)
519 usage();
520 } else
521 return do_show_or_flush(0, NULL, 0);
522
523 fprintf(stderr, "Command \"%s\" is unknown, try \"ip neigh help\".\n", *argv);
524 exit(-1);
525 }
526