1*de1e4e89SAndroid Build Coastguard Worker /*
2*de1e4e89SAndroid Build Coastguard Worker * m_simple.c simple action
3*de1e4e89SAndroid Build Coastguard Worker *
4*de1e4e89SAndroid Build Coastguard Worker * This program is free software; you can distribute it and/or
5*de1e4e89SAndroid Build Coastguard Worker * modify it under the terms of the GNU General Public License
6*de1e4e89SAndroid Build Coastguard Worker * as published by the Free Software Foundation; either version
7*de1e4e89SAndroid Build Coastguard Worker * 2 of the License, or (at your option) any later version.
8*de1e4e89SAndroid Build Coastguard Worker *
9*de1e4e89SAndroid Build Coastguard Worker * Authors: J Hadi Salim <[email protected]>
10*de1e4e89SAndroid Build Coastguard Worker *
11*de1e4e89SAndroid Build Coastguard Worker * Pedagogical example. Adds a string that will be printed every time
12*de1e4e89SAndroid Build Coastguard Worker * the simple instance is hit.
13*de1e4e89SAndroid Build Coastguard Worker * Use this as a skeleton action and keep modifying it to meet your needs.
14*de1e4e89SAndroid Build Coastguard Worker * Look at linux/tc_act/tc_defact.h for the different components ids and
15*de1e4e89SAndroid Build Coastguard Worker * definitions used in this actions
16*de1e4e89SAndroid Build Coastguard Worker *
17*de1e4e89SAndroid Build Coastguard Worker * example use, yell "Incoming ICMP!" every time you see an incoming ICMP on
18*de1e4e89SAndroid Build Coastguard Worker * eth0. Steps are:
19*de1e4e89SAndroid Build Coastguard Worker * 1) Add an ingress qdisc point to eth0
20*de1e4e89SAndroid Build Coastguard Worker * 2) Start a chain on ingress of eth0 that first matches ICMP then invokes
21*de1e4e89SAndroid Build Coastguard Worker * the simple action to shout.
22*de1e4e89SAndroid Build Coastguard Worker * 3) display stats and show that no packet has been seen by the action
23*de1e4e89SAndroid Build Coastguard Worker * 4) Send one ping packet to google (expect to receive a response back)
24*de1e4e89SAndroid Build Coastguard Worker * 5) grep the logs to see the logged message
25*de1e4e89SAndroid Build Coastguard Worker * 6) display stats again and observe increment by 1
26*de1e4e89SAndroid Build Coastguard Worker *
27*de1e4e89SAndroid Build Coastguard Worker hadi@noma1:$ tc qdisc add dev eth0 ingress
28*de1e4e89SAndroid Build Coastguard Worker hadi@noma1:$tc filter add dev eth0 parent ffff: protocol ip prio 5 \
29*de1e4e89SAndroid Build Coastguard Worker u32 match ip protocol 1 0xff flowid 1:1 action simple "Incoming ICMP"
30*de1e4e89SAndroid Build Coastguard Worker
31*de1e4e89SAndroid Build Coastguard Worker hadi@noma1:$ sudo tc -s filter ls dev eth0 parent ffff:
32*de1e4e89SAndroid Build Coastguard Worker filter protocol ip pref 5 u32
33*de1e4e89SAndroid Build Coastguard Worker filter protocol ip pref 5 u32 fh 800: ht divisor 1
34*de1e4e89SAndroid Build Coastguard Worker filter protocol ip pref 5 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:1
35*de1e4e89SAndroid Build Coastguard Worker match 00010000/00ff0000 at 8
36*de1e4e89SAndroid Build Coastguard Worker action order 1: Simple <Incoming ICMP>
37*de1e4e89SAndroid Build Coastguard Worker index 4 ref 1 bind 1 installed 29 sec used 29 sec
38*de1e4e89SAndroid Build Coastguard Worker Action statistics:
39*de1e4e89SAndroid Build Coastguard Worker Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
40*de1e4e89SAndroid Build Coastguard Worker backlog 0b 0p requeues 0
41*de1e4e89SAndroid Build Coastguard Worker
42*de1e4e89SAndroid Build Coastguard Worker
43*de1e4e89SAndroid Build Coastguard Worker hadi@noma1$ ping -c 1 www.google.ca
44*de1e4e89SAndroid Build Coastguard Worker PING www.google.ca (74.125.225.120) 56(84) bytes of data.
45*de1e4e89SAndroid Build Coastguard Worker 64 bytes from ord08s08-in-f24.1e100.net (74.125.225.120): icmp_req=1 ttl=53 time=31.3 ms
46*de1e4e89SAndroid Build Coastguard Worker
47*de1e4e89SAndroid Build Coastguard Worker --- www.google.ca ping statistics ---
48*de1e4e89SAndroid Build Coastguard Worker 1 packets transmitted, 1 received, 0% packet loss, time 0ms
49*de1e4e89SAndroid Build Coastguard Worker rtt min/avg/max/mdev = 31.316/31.316/31.316/0.000 ms
50*de1e4e89SAndroid Build Coastguard Worker
51*de1e4e89SAndroid Build Coastguard Worker hadi@noma1$ dmesg | grep simple
52*de1e4e89SAndroid Build Coastguard Worker [135354.473951] simple: Incoming ICMP_1
53*de1e4e89SAndroid Build Coastguard Worker
54*de1e4e89SAndroid Build Coastguard Worker hadi@noma1$ sudo tc/tc -s filter ls dev eth0 parent ffff:
55*de1e4e89SAndroid Build Coastguard Worker filter protocol ip pref 5 u32
56*de1e4e89SAndroid Build Coastguard Worker filter protocol ip pref 5 u32 fh 800: ht divisor 1
57*de1e4e89SAndroid Build Coastguard Worker filter protocol ip pref 5 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:1
58*de1e4e89SAndroid Build Coastguard Worker match 00010000/00ff0000 at 8
59*de1e4e89SAndroid Build Coastguard Worker action order 1: Simple <Incoming ICMP>
60*de1e4e89SAndroid Build Coastguard Worker index 4 ref 1 bind 1 installed 206 sec used 67 sec
61*de1e4e89SAndroid Build Coastguard Worker Action statistics:
62*de1e4e89SAndroid Build Coastguard Worker Sent 84 bytes 1 pkt (dropped 0, overlimits 0 requeues 0)
63*de1e4e89SAndroid Build Coastguard Worker backlog 0b 0p requeues 0
64*de1e4e89SAndroid Build Coastguard Worker */
65*de1e4e89SAndroid Build Coastguard Worker
66*de1e4e89SAndroid Build Coastguard Worker #include <stdio.h>
67*de1e4e89SAndroid Build Coastguard Worker #include <stdlib.h>
68*de1e4e89SAndroid Build Coastguard Worker #include <unistd.h>
69*de1e4e89SAndroid Build Coastguard Worker #include <syslog.h>
70*de1e4e89SAndroid Build Coastguard Worker #include <fcntl.h>
71*de1e4e89SAndroid Build Coastguard Worker #include <sys/socket.h>
72*de1e4e89SAndroid Build Coastguard Worker #include <netinet/in.h>
73*de1e4e89SAndroid Build Coastguard Worker #include <arpa/inet.h>
74*de1e4e89SAndroid Build Coastguard Worker #include <string.h>
75*de1e4e89SAndroid Build Coastguard Worker #include "utils.h"
76*de1e4e89SAndroid Build Coastguard Worker #include "tc_util.h"
77*de1e4e89SAndroid Build Coastguard Worker #include <linux/tc_act/tc_defact.h>
78*de1e4e89SAndroid Build Coastguard Worker
79*de1e4e89SAndroid Build Coastguard Worker #ifndef SIMP_MAX_DATA
80*de1e4e89SAndroid Build Coastguard Worker #define SIMP_MAX_DATA 32
81*de1e4e89SAndroid Build Coastguard Worker #endif
explain(void)82*de1e4e89SAndroid Build Coastguard Worker static void explain(void)
83*de1e4e89SAndroid Build Coastguard Worker {
84*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "Usage:... simple [sdata STRING] [index INDEX] [CONTROL]\n");
85*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "\tSTRING being an arbitrary string\n"
86*de1e4e89SAndroid Build Coastguard Worker "\tINDEX := optional index value used\n"
87*de1e4e89SAndroid Build Coastguard Worker "\tCONTROL := reclassify|pipe|drop|continue|ok\n");
88*de1e4e89SAndroid Build Coastguard Worker }
89*de1e4e89SAndroid Build Coastguard Worker
usage(void)90*de1e4e89SAndroid Build Coastguard Worker static void usage(void)
91*de1e4e89SAndroid Build Coastguard Worker {
92*de1e4e89SAndroid Build Coastguard Worker explain();
93*de1e4e89SAndroid Build Coastguard Worker exit(-1);
94*de1e4e89SAndroid Build Coastguard Worker }
95*de1e4e89SAndroid Build Coastguard Worker
96*de1e4e89SAndroid Build Coastguard Worker static int
parse_simple(struct action_util * a,int * argc_p,char *** argv_p,int tca_id,struct nlmsghdr * n)97*de1e4e89SAndroid Build Coastguard Worker parse_simple(struct action_util *a, int *argc_p, char ***argv_p, int tca_id,
98*de1e4e89SAndroid Build Coastguard Worker struct nlmsghdr *n)
99*de1e4e89SAndroid Build Coastguard Worker {
100*de1e4e89SAndroid Build Coastguard Worker struct tc_defact sel = {};
101*de1e4e89SAndroid Build Coastguard Worker int argc = *argc_p;
102*de1e4e89SAndroid Build Coastguard Worker char **argv = *argv_p;
103*de1e4e89SAndroid Build Coastguard Worker int ok = 0;
104*de1e4e89SAndroid Build Coastguard Worker struct rtattr *tail;
105*de1e4e89SAndroid Build Coastguard Worker char *simpdata = NULL;
106*de1e4e89SAndroid Build Coastguard Worker
107*de1e4e89SAndroid Build Coastguard Worker while (argc > 0) {
108*de1e4e89SAndroid Build Coastguard Worker if (matches(*argv, "simple") == 0) {
109*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG();
110*de1e4e89SAndroid Build Coastguard Worker } else if (matches(*argv, "sdata") == 0) {
111*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG();
112*de1e4e89SAndroid Build Coastguard Worker ok += 1;
113*de1e4e89SAndroid Build Coastguard Worker simpdata = *argv;
114*de1e4e89SAndroid Build Coastguard Worker argc--;
115*de1e4e89SAndroid Build Coastguard Worker argv++;
116*de1e4e89SAndroid Build Coastguard Worker } else if (matches(*argv, "help") == 0) {
117*de1e4e89SAndroid Build Coastguard Worker usage();
118*de1e4e89SAndroid Build Coastguard Worker } else {
119*de1e4e89SAndroid Build Coastguard Worker break;
120*de1e4e89SAndroid Build Coastguard Worker }
121*de1e4e89SAndroid Build Coastguard Worker }
122*de1e4e89SAndroid Build Coastguard Worker
123*de1e4e89SAndroid Build Coastguard Worker if (argc) {
124*de1e4e89SAndroid Build Coastguard Worker if (matches(*argv, "index") == 0) {
125*de1e4e89SAndroid Build Coastguard Worker NEXT_ARG();
126*de1e4e89SAndroid Build Coastguard Worker if (get_u32(&sel.index, *argv, 10)) {
127*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "simple: Illegal \"index\" (%s)\n",
128*de1e4e89SAndroid Build Coastguard Worker *argv);
129*de1e4e89SAndroid Build Coastguard Worker return -1;
130*de1e4e89SAndroid Build Coastguard Worker }
131*de1e4e89SAndroid Build Coastguard Worker ok += 1;
132*de1e4e89SAndroid Build Coastguard Worker argc--;
133*de1e4e89SAndroid Build Coastguard Worker argv++;
134*de1e4e89SAndroid Build Coastguard Worker }
135*de1e4e89SAndroid Build Coastguard Worker }
136*de1e4e89SAndroid Build Coastguard Worker
137*de1e4e89SAndroid Build Coastguard Worker if (!ok) {
138*de1e4e89SAndroid Build Coastguard Worker explain();
139*de1e4e89SAndroid Build Coastguard Worker return -1;
140*de1e4e89SAndroid Build Coastguard Worker }
141*de1e4e89SAndroid Build Coastguard Worker
142*de1e4e89SAndroid Build Coastguard Worker if (simpdata && (strlen(simpdata) > (SIMP_MAX_DATA - 1))) {
143*de1e4e89SAndroid Build Coastguard Worker fprintf(stderr, "simple: Illegal string len %zu <%s>\n",
144*de1e4e89SAndroid Build Coastguard Worker strlen(simpdata), simpdata);
145*de1e4e89SAndroid Build Coastguard Worker return -1;
146*de1e4e89SAndroid Build Coastguard Worker }
147*de1e4e89SAndroid Build Coastguard Worker
148*de1e4e89SAndroid Build Coastguard Worker sel.action = TC_ACT_PIPE;
149*de1e4e89SAndroid Build Coastguard Worker
150*de1e4e89SAndroid Build Coastguard Worker tail = NLMSG_TAIL(n);
151*de1e4e89SAndroid Build Coastguard Worker addattr_l(n, MAX_MSG, tca_id, NULL, 0);
152*de1e4e89SAndroid Build Coastguard Worker addattr_l(n, MAX_MSG, TCA_DEF_PARMS, &sel, sizeof(sel));
153*de1e4e89SAndroid Build Coastguard Worker if (simpdata)
154*de1e4e89SAndroid Build Coastguard Worker addattr_l(n, MAX_MSG, TCA_DEF_DATA, simpdata, SIMP_MAX_DATA);
155*de1e4e89SAndroid Build Coastguard Worker tail->rta_len = (char *)NLMSG_TAIL(n) - (char *)tail;
156*de1e4e89SAndroid Build Coastguard Worker
157*de1e4e89SAndroid Build Coastguard Worker *argc_p = argc;
158*de1e4e89SAndroid Build Coastguard Worker *argv_p = argv;
159*de1e4e89SAndroid Build Coastguard Worker return 0;
160*de1e4e89SAndroid Build Coastguard Worker }
161*de1e4e89SAndroid Build Coastguard Worker
print_simple(struct action_util * au,FILE * f,struct rtattr * arg)162*de1e4e89SAndroid Build Coastguard Worker static int print_simple(struct action_util *au, FILE *f, struct rtattr *arg)
163*de1e4e89SAndroid Build Coastguard Worker {
164*de1e4e89SAndroid Build Coastguard Worker struct tc_defact *sel;
165*de1e4e89SAndroid Build Coastguard Worker struct rtattr *tb[TCA_DEF_MAX + 1];
166*de1e4e89SAndroid Build Coastguard Worker char *simpdata;
167*de1e4e89SAndroid Build Coastguard Worker
168*de1e4e89SAndroid Build Coastguard Worker if (arg == NULL)
169*de1e4e89SAndroid Build Coastguard Worker return -1;
170*de1e4e89SAndroid Build Coastguard Worker
171*de1e4e89SAndroid Build Coastguard Worker parse_rtattr_nested(tb, TCA_DEF_MAX, arg);
172*de1e4e89SAndroid Build Coastguard Worker
173*de1e4e89SAndroid Build Coastguard Worker if (tb[TCA_DEF_PARMS] == NULL) {
174*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "[NULL simple parameters]");
175*de1e4e89SAndroid Build Coastguard Worker return -1;
176*de1e4e89SAndroid Build Coastguard Worker }
177*de1e4e89SAndroid Build Coastguard Worker sel = RTA_DATA(tb[TCA_DEF_PARMS]);
178*de1e4e89SAndroid Build Coastguard Worker
179*de1e4e89SAndroid Build Coastguard Worker if (tb[TCA_DEF_DATA] == NULL) {
180*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "[missing simple string]");
181*de1e4e89SAndroid Build Coastguard Worker return -1;
182*de1e4e89SAndroid Build Coastguard Worker }
183*de1e4e89SAndroid Build Coastguard Worker
184*de1e4e89SAndroid Build Coastguard Worker simpdata = RTA_DATA(tb[TCA_DEF_DATA]);
185*de1e4e89SAndroid Build Coastguard Worker
186*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "Simple <%s>\n", simpdata);
187*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "\t index %u ref %d bind %d", sel->index,
188*de1e4e89SAndroid Build Coastguard Worker sel->refcnt, sel->bindcnt);
189*de1e4e89SAndroid Build Coastguard Worker
190*de1e4e89SAndroid Build Coastguard Worker if (show_stats) {
191*de1e4e89SAndroid Build Coastguard Worker if (tb[TCA_DEF_TM]) {
192*de1e4e89SAndroid Build Coastguard Worker struct tcf_t *tm = RTA_DATA(tb[TCA_DEF_TM]);
193*de1e4e89SAndroid Build Coastguard Worker
194*de1e4e89SAndroid Build Coastguard Worker print_tm(f, tm);
195*de1e4e89SAndroid Build Coastguard Worker }
196*de1e4e89SAndroid Build Coastguard Worker }
197*de1e4e89SAndroid Build Coastguard Worker fprintf(f, "\n");
198*de1e4e89SAndroid Build Coastguard Worker
199*de1e4e89SAndroid Build Coastguard Worker return 0;
200*de1e4e89SAndroid Build Coastguard Worker }
201*de1e4e89SAndroid Build Coastguard Worker
202*de1e4e89SAndroid Build Coastguard Worker struct action_util simple_action_util = {
203*de1e4e89SAndroid Build Coastguard Worker .id = "simple",
204*de1e4e89SAndroid Build Coastguard Worker .parse_aopt = parse_simple,
205*de1e4e89SAndroid Build Coastguard Worker .print_aopt = print_simple,
206*de1e4e89SAndroid Build Coastguard Worker };
207