• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * link_ip6tnl.c	ip6tnl driver module
3  *
4  *		This program is free software; you can redistribute it and/or
5  *		modify it under the terms of the GNU General Public License
6  *		as published by the Free Software Foundation; either version
7  *		2 of the License, or (at your option) any later version.
8  *
9  * Authors:	Nicolas Dichtel <nicolas.dichtel@6wind.com>
10  *
11  */
12 
13 #include <string.h>
14 #include <net/if.h>
15 #include <sys/types.h>
16 #include <sys/socket.h>
17 #include <arpa/inet.h>
18 
19 #include <linux/ip.h>
20 #include <linux/if_tunnel.h>
21 #include <linux/ip6_tunnel.h>
22 #include "rt_names.h"
23 #include "utils.h"
24 #include "ip_common.h"
25 #include "tunnel.h"
26 
27 #define IP6_FLOWINFO_TCLASS	htonl(0x0FF00000)
28 #define IP6_FLOWINFO_FLOWLABEL	htonl(0x000FFFFF)
29 
30 #define DEFAULT_TNL_HOP_LIMIT	(64)
31 
print_usage(FILE * f)32 static void print_usage(FILE *f)
33 {
34 	fprintf(f, "Usage: ip link { add | set | change | replace | del } NAME\n");
35 	fprintf(f, "          [ mode { ip6ip6 | ipip6 | any } ]\n");
36 	fprintf(f, "          type ip6tnl [ remote ADDR ] [ local ADDR ]\n");
37 	fprintf(f, "          [ dev PHYS_DEV ] [ encaplimit ELIM ]\n");
38 	fprintf(f ,"          [ hoplimit HLIM ] [ tclass TCLASS ] [ flowlabel FLOWLABEL ]\n");
39 	fprintf(f, "          [ dscp inherit ] [ fwmark inherit ]\n");
40 	fprintf(f, "\n");
41 	fprintf(f, "Where: NAME      := STRING\n");
42 	fprintf(f, "       ADDR      := IPV6_ADDRESS\n");
43 	fprintf(f, "       ELIM      := { none | 0..255 }(default=%d)\n",
44 		IPV6_DEFAULT_TNL_ENCAP_LIMIT);
45 	fprintf(f, "       HLIM      := 0..255 (default=%d)\n",
46 		DEFAULT_TNL_HOP_LIMIT);
47 	fprintf(f, "       TCLASS    := { 0x0..0xff | inherit }\n");
48 	fprintf(f, "       FLOWLABEL := { 0x0..0xfffff | inherit }\n");
49 }
50 
51 static void usage(void) __attribute__((noreturn));
usage(void)52 static void usage(void)
53 {
54 	print_usage(stderr);
55 	exit(-1);
56 }
57 
ip6tunnel_parse_opt(struct link_util * lu,int argc,char ** argv,struct nlmsghdr * n)58 static int ip6tunnel_parse_opt(struct link_util *lu, int argc, char **argv,
59 			       struct nlmsghdr *n)
60 {
61 	struct {
62 		struct nlmsghdr n;
63 		struct ifinfomsg i;
64 		char buf[2048];
65 	} req;
66 	struct ifinfomsg *ifi = (struct ifinfomsg *)(n + 1);
67 	struct rtattr *tb[IFLA_MAX + 1];
68 	struct rtattr *linkinfo[IFLA_INFO_MAX+1];
69 	struct rtattr *iptuninfo[IFLA_IPTUN_MAX + 1];
70 	int len;
71 	struct in6_addr laddr;
72 	struct in6_addr raddr;
73 	__u8 hop_limit = DEFAULT_TNL_HOP_LIMIT;
74 	__u8 encap_limit = IPV6_DEFAULT_TNL_ENCAP_LIMIT;
75 	__u32 flowinfo = 0;
76 	__u32 flags = 0;
77 	__u32 link = 0;
78 	__u8 proto = 0;
79 
80 	memset(&laddr, 0, sizeof(laddr));
81 	memset(&raddr, 0, sizeof(raddr));
82 
83 	if (!(n->nlmsg_flags & NLM_F_CREATE)) {
84 		memset(&req, 0, sizeof(req));
85 
86 		req.n.nlmsg_len = NLMSG_LENGTH(sizeof(*ifi));
87 		req.n.nlmsg_flags = NLM_F_REQUEST;
88 		req.n.nlmsg_type = RTM_GETLINK;
89 		req.i.ifi_family = preferred_family;
90 		req.i.ifi_index = ifi->ifi_index;
91 
92 		if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) {
93 get_failed:
94 			fprintf(stderr,
95 				"Failed to get existing tunnel info.\n");
96 			return -1;
97 		}
98 
99 		len = req.n.nlmsg_len;
100 		len -= NLMSG_LENGTH(sizeof(*ifi));
101 		if (len < 0)
102 			goto get_failed;
103 
104 		parse_rtattr(tb, IFLA_MAX, IFLA_RTA(&req.i), len);
105 
106 		if (!tb[IFLA_LINKINFO])
107 			goto get_failed;
108 
109 		parse_rtattr_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO]);
110 
111 		if (!linkinfo[IFLA_INFO_DATA])
112 			goto get_failed;
113 
114 		parse_rtattr_nested(iptuninfo, IFLA_IPTUN_MAX,
115 				    linkinfo[IFLA_INFO_DATA]);
116 
117 		if (iptuninfo[IFLA_IPTUN_LOCAL])
118 			memcpy(&laddr, RTA_DATA(iptuninfo[IFLA_IPTUN_LOCAL]),
119 			       sizeof(laddr));
120 
121 		if (iptuninfo[IFLA_IPTUN_REMOTE])
122 			memcpy(&raddr, RTA_DATA(iptuninfo[IFLA_IPTUN_REMOTE]),
123 			       sizeof(raddr));
124 
125 		if (iptuninfo[IFLA_IPTUN_TTL])
126 			hop_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_TTL]);
127 
128 		if (iptuninfo[IFLA_IPTUN_ENCAP_LIMIT])
129 			encap_limit = rta_getattr_u8(iptuninfo[IFLA_IPTUN_ENCAP_LIMIT]);
130 
131 		if (iptuninfo[IFLA_IPTUN_FLOWINFO])
132 			flowinfo = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLOWINFO]);
133 
134 		if (iptuninfo[IFLA_IPTUN_FLAGS])
135 			flags = rta_getattr_u32(iptuninfo[IFLA_IPTUN_FLAGS]);
136 
137 		if (iptuninfo[IFLA_IPTUN_LINK])
138 			link = rta_getattr_u32(iptuninfo[IFLA_IPTUN_LINK]);
139 
140 		if (iptuninfo[IFLA_IPTUN_PROTO])
141 			proto = rta_getattr_u8(iptuninfo[IFLA_IPTUN_PROTO]);
142 	}
143 
144 	while (argc > 0) {
145 		if (matches(*argv, "mode") == 0) {
146 			NEXT_ARG();
147 			if (strcmp(*argv, "ipv6/ipv6") == 0 ||
148 			    strcmp(*argv, "ip6ip6") == 0)
149 				proto = IPPROTO_IPV6;
150 			else if (strcmp(*argv, "ip/ipv6") == 0 ||
151 				 strcmp(*argv, "ipv4/ipv6") == 0 ||
152 				 strcmp(*argv, "ipip6") == 0 ||
153 				 strcmp(*argv, "ip4ip6") == 0)
154 				proto = IPPROTO_IPIP;
155 			else if (strcmp(*argv, "any/ipv6") == 0 ||
156 				 strcmp(*argv, "any") == 0)
157 				proto = 0;
158 			else
159 				invarg("Cannot guess tunnel mode.", *argv);
160 		} else if (strcmp(*argv, "remote") == 0) {
161 			inet_prefix addr;
162 			NEXT_ARG();
163 			get_prefix(&addr, *argv, preferred_family);
164 			if (addr.family == AF_UNSPEC)
165 				invarg("\"remote\" address family is AF_UNSPEC", *argv);
166 			memcpy(&raddr, addr.data, addr.bytelen);
167 		} else if (strcmp(*argv, "local") == 0) {
168 			inet_prefix addr;
169 			NEXT_ARG();
170 			get_prefix(&addr, *argv, preferred_family);
171 			if (addr.family == AF_UNSPEC)
172 				invarg("\"local\" address family is AF_UNSPEC", *argv);
173 			memcpy(&laddr, addr.data, addr.bytelen);
174 		} else if (matches(*argv, "dev") == 0) {
175 			NEXT_ARG();
176 			link = if_nametoindex(*argv);
177 			if (link == 0)
178 				invarg("\"dev\" is invalid", *argv);
179 		} else if (strcmp(*argv, "hoplimit") == 0 ||
180 			   strcmp(*argv, "ttl") == 0 ||
181 			   strcmp(*argv, "hlim") == 0) {
182 			__u8 uval;
183 			NEXT_ARG();
184 			if (get_u8(&uval, *argv, 0))
185 				invarg("invalid HLIM", *argv);
186 			hop_limit = uval;
187 		} else if (matches(*argv, "encaplimit") == 0) {
188 			NEXT_ARG();
189 			if (strcmp(*argv, "none") == 0) {
190 				flags |= IP6_TNL_F_IGN_ENCAP_LIMIT;
191 			} else {
192 				__u8 uval;
193 				if (get_u8(&uval, *argv, 0) < -1)
194 					invarg("invalid ELIM", *argv);
195 				encap_limit = uval;
196 				flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT;
197 			}
198 		} else if (strcmp(*argv, "tclass") == 0 ||
199 			   strcmp(*argv, "tc") == 0 ||
200 			   strcmp(*argv, "tos") == 0 ||
201 			   matches(*argv, "dsfield") == 0) {
202 			__u8 uval;
203 			NEXT_ARG();
204 			flowinfo &= ~IP6_FLOWINFO_TCLASS;
205 			if (strcmp(*argv, "inherit") == 0)
206 				flags |= IP6_TNL_F_USE_ORIG_TCLASS;
207 			else {
208 				if (get_u8(&uval, *argv, 16))
209 					invarg("invalid TClass", *argv);
210 				flowinfo |= htonl((__u32)uval << 20) & IP6_FLOWINFO_TCLASS;
211 				flags &= ~IP6_TNL_F_USE_ORIG_TCLASS;
212 			}
213 		} else if (strcmp(*argv, "flowlabel") == 0 ||
214 			   strcmp(*argv, "fl") == 0) {
215 			__u32 uval;
216 			NEXT_ARG();
217 			flowinfo &= ~IP6_FLOWINFO_FLOWLABEL;
218 			if (strcmp(*argv, "inherit") == 0)
219 				flags |= IP6_TNL_F_USE_ORIG_FLOWLABEL;
220 			else {
221 				if (get_u32(&uval, *argv, 16))
222 					invarg("invalid Flowlabel", *argv);
223 				if (uval > 0xFFFFF)
224 					invarg("invalid Flowlabel", *argv);
225 				flowinfo |= htonl(uval) & IP6_FLOWINFO_FLOWLABEL;
226 				flags &= ~IP6_TNL_F_USE_ORIG_FLOWLABEL;
227 			}
228 		} else if (strcmp(*argv, "dscp") == 0) {
229 			NEXT_ARG();
230 			if (strcmp(*argv, "inherit") != 0)
231 				invarg("not inherit", *argv);
232 			flags |= IP6_TNL_F_RCV_DSCP_COPY;
233 		} else if (strcmp(*argv, "fwmark") == 0) {
234 			NEXT_ARG();
235 			if (strcmp(*argv, "inherit") != 0)
236 				invarg("not inherit", *argv);
237 			flags |= IP6_TNL_F_USE_ORIG_FWMARK;
238 		} else
239 			usage();
240 		argc--, argv++;
241 	}
242 
243 	addattr8(n, 1024, IFLA_IPTUN_PROTO, proto);
244 	addattr_l(n, 1024, IFLA_IPTUN_LOCAL, &laddr, sizeof(laddr));
245 	addattr_l(n, 1024, IFLA_IPTUN_REMOTE, &raddr, sizeof(raddr));
246 	addattr8(n, 1024, IFLA_IPTUN_TTL, hop_limit);
247 	addattr8(n, 1024, IFLA_IPTUN_ENCAP_LIMIT, encap_limit);
248 	addattr32(n, 1024, IFLA_IPTUN_FLOWINFO, flowinfo);
249 	addattr32(n, 1024, IFLA_IPTUN_FLAGS, flags);
250 	addattr32(n, 1024, IFLA_IPTUN_LINK, link);
251 
252 	return 0;
253 }
254 
ip6tunnel_print_opt(struct link_util * lu,FILE * f,struct rtattr * tb[])255 static void ip6tunnel_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
256 {
257 	char s1[256];
258 	char s2[64];
259 	int flags = 0;
260 	__u32 flowinfo = 0;
261 
262 	if (!tb)
263 		return;
264 
265 	if (tb[IFLA_IPTUN_FLAGS])
266 		flags = rta_getattr_u32(tb[IFLA_IPTUN_FLAGS]);
267 
268 	if (tb[IFLA_IPTUN_FLOWINFO])
269 		flowinfo = rta_getattr_u32(tb[IFLA_IPTUN_FLOWINFO]);
270 
271 	if (tb[IFLA_IPTUN_PROTO]) {
272 		switch (rta_getattr_u8(tb[IFLA_IPTUN_PROTO])) {
273 		case IPPROTO_IPIP:
274 			fprintf(f, "ipip6 ");
275 			break;
276 		case IPPROTO_IPV6:
277 			fprintf(f, "ip6ip6 ");
278 			break;
279 		case 0:
280 			fprintf(f, "any ");
281 			break;
282 		}
283 	}
284 
285 	if (tb[IFLA_IPTUN_REMOTE]) {
286 		fprintf(f, "remote %s ",
287 			rt_addr_n2a(AF_INET6,
288 				    RTA_PAYLOAD(tb[IFLA_IPTUN_REMOTE]),
289 				    RTA_DATA(tb[IFLA_IPTUN_REMOTE]),
290 				    s1, sizeof(s1)));
291 	}
292 
293 	if (tb[IFLA_IPTUN_LOCAL]) {
294 		fprintf(f, "local %s ",
295 			rt_addr_n2a(AF_INET6,
296 				    RTA_PAYLOAD(tb[IFLA_IPTUN_LOCAL]),
297 				    RTA_DATA(tb[IFLA_IPTUN_LOCAL]),
298 				    s1, sizeof(s1)));
299 	}
300 
301 	if (tb[IFLA_IPTUN_LINK] && rta_getattr_u32(tb[IFLA_IPTUN_LINK])) {
302 		unsigned link = rta_getattr_u32(tb[IFLA_IPTUN_LINK]);
303 		const char *n = if_indextoname(link, s2);
304 
305 		if (n)
306 			fprintf(f, "dev %s ", n);
307 		else
308 			fprintf(f, "dev %u ", link);
309 	}
310 
311 	if (flags & IP6_TNL_F_IGN_ENCAP_LIMIT)
312 		printf("encaplimit none ");
313 	else if (tb[IFLA_IPTUN_ENCAP_LIMIT])
314 		fprintf(f, "encaplimit %u ",
315 			rta_getattr_u8(tb[IFLA_IPTUN_ENCAP_LIMIT]));
316 
317 	if (tb[IFLA_IPTUN_TTL])
318 		fprintf(f, "hoplimit %u ", rta_getattr_u8(tb[IFLA_IPTUN_TTL]));
319 
320 	if (flags & IP6_TNL_F_USE_ORIG_TCLASS)
321 		printf("tclass inherit ");
322 	else if (tb[IFLA_IPTUN_FLOWINFO]) {
323 		__u32 val = ntohl(flowinfo & IP6_FLOWINFO_TCLASS);
324 
325 		printf("tclass 0x%02x ", (__u8)(val >> 20));
326 	}
327 
328 	if (flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
329 		printf("flowlabel inherit ");
330 	else
331 		printf("flowlabel 0x%05x ", ntohl(flowinfo & IP6_FLOWINFO_FLOWLABEL));
332 
333 	printf("(flowinfo 0x%08x) ", ntohl(flowinfo));
334 
335 	if (flags & IP6_TNL_F_RCV_DSCP_COPY)
336 		printf("dscp inherit ");
337 
338 	if (flags & IP6_TNL_F_MIP6_DEV)
339 		fprintf(f, "mip6 ");
340 
341 	if (flags & IP6_TNL_F_USE_ORIG_FWMARK)
342 		fprintf(f, "fwmark inherit ");
343 }
344 
ip6tunnel_print_help(struct link_util * lu,int argc,char ** argv,FILE * f)345 static void ip6tunnel_print_help(struct link_util *lu, int argc, char **argv,
346 	FILE *f)
347 {
348 	print_usage(f);
349 }
350 
351 struct link_util ip6tnl_link_util = {
352 	.id = "ip6tnl",
353 	.maxattr = IFLA_IPTUN_MAX,
354 	.parse_opt = ip6tunnel_parse_opt,
355 	.print_opt = ip6tunnel_print_opt,
356 	.print_help = ip6tunnel_print_help,
357 };
358