* [PATCH iproute2/net-next v3 1/3] tc: flower: document SCTP ip_proto
2016-12-03 8:52 [PATCH iproute2/net-next v3 0/3] tc: flower: SCTP and other port fixes Simon Horman
@ 2016-12-03 8:52 ` Simon Horman
2016-12-03 8:52 ` [PATCH iproute2/net-next v3 2/3] tc: flower: correct name of ip_proto parameter to flower_parse_port() Simon Horman
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Simon Horman @ 2016-12-03 8:52 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev, Simon Horman
Add SCTP ip_proto to help text and man page.
Signed-off-by: Simon Horman <simon.horman@netronome.com>
---
man/man8/tc-flower.8 | 14 +++++++-------
tc/f_flower.c | 2 +-
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/man/man8/tc-flower.8 b/man/man8/tc-flower.8
index 11cf774dd7de..744c450b4531 100644
--- a/man/man8/tc-flower.8
+++ b/man/man8/tc-flower.8
@@ -29,7 +29,7 @@ flower \- flow based traffic control filter
.IR PRIORITY " | "
.BR vlan_eth_type " { " ipv4 " | " ipv6 " | "
.IR ETH_TYPE " } | "
-.BR ip_proto " { " tcp " | " udp " | "
+.BR ip_proto " { " tcp " | " udp " | " sctp " | "
.IR IP_PROTO " } | { "
.BR dst_ip " | " src_ip " } { "
.IR ipv4_address " | " ipv6_address " } | { "
@@ -97,8 +97,8 @@ or an unsigned 16bit value in hexadecimal format.
.BI ip_proto " IP_PROTO"
Match on layer four protocol.
.I IP_PROTO
-may be either
-.BR tcp , udp
+may be
+.BR tcp ", " udp ", " sctp
or an unsigned 8bit value in hexadecimal format.
.TP
.BI dst_ip " ADDRESS"
@@ -114,8 +114,8 @@ option of tc filter.
.TQ
.BI src_port " NUMBER"
Match on layer 4 protocol source or destination port number. Only available for
-.BR ip_proto " values " udp " and " tcp ,
-which has to be specified in beforehand.
+.BR ip_proto " values " udp ", " tcp " and " sctp
+which have to be specified in beforehand.
.TP
.BI enc_key_id " NUMBER"
.TQ
@@ -140,8 +140,8 @@ and finally layer four matches
(\fBdst_port\fR and \fBsrc_port\fR)
depend on
.B ip_proto
-being set to either
-.BR tcp " or " udp .
+being set to
+.BR tcp ", " udp " or " sctp.
.P
There can be only used one mask per one prio. If user needs to specify different
mask, he has to use different prio.
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 7e7f4c92a947..f04c594d06ae 100644
--- a/tc/f_flower.c
+++ b/tc/f_flower.c
@@ -37,7 +37,7 @@ static void explain(void)
" vlan_ethtype [ ipv4 | ipv6 | ETH-TYPE ] |\n"
" dst_mac MAC-ADDR |\n"
" src_mac MAC-ADDR |\n"
- " ip_proto [tcp | udp | IP-PROTO ] |\n"
+ " ip_proto [tcp | udp | sctp | IP-PROTO ] |\n"
" dst_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
" src_ip [ IPV4-ADDR | IPV6-ADDR ] |\n"
" dst_port PORT-NUMBER |\n"
--
2.7.0.rc3.207.g0ac5344
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH iproute2/net-next v3 2/3] tc: flower: correct name of ip_proto parameter to flower_parse_port()
2016-12-03 8:52 [PATCH iproute2/net-next v3 0/3] tc: flower: SCTP and other port fixes Simon Horman
2016-12-03 8:52 ` [PATCH iproute2/net-next v3 1/3] tc: flower: document SCTP ip_proto Simon Horman
@ 2016-12-03 8:52 ` Simon Horman
2016-12-03 8:52 ` [PATCH iproute2/net-next v3 3/3] tc: flower: make use of flower_port_attr_type() safe and silent Simon Horman
2016-12-05 18:14 ` [PATCH iproute2/net-next v3 0/3] tc: flower: SCTP and other port fixes Stephen Hemminger
3 siblings, 0 replies; 5+ messages in thread
From: Simon Horman @ 2016-12-03 8:52 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev, Simon Horman
This corrects a typo.
Fixes: a1fb0d484237 ("tc: flower: Support matching on SCTP ports")
Signed-off-by: Simon Horman <simon.horman@netronome.com>
---
tc/f_flower.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index f04c594d06ae..d2e8d0462dde 100644
--- a/tc/f_flower.c
+++ b/tc/f_flower.c
@@ -166,15 +166,15 @@ static int flower_parse_ip_addr(char *str, __be16 eth_type,
return 0;
}
-static int flower_port_attr_type(__u8 ip_port, bool is_src)
+static int flower_port_attr_type(__u8 ip_proto, bool is_src)
{
- if (ip_port == IPPROTO_TCP) {
+ if (ip_proto == IPPROTO_TCP) {
return is_src ? TCA_FLOWER_KEY_TCP_SRC :
TCA_FLOWER_KEY_TCP_DST;
- } else if (ip_port == IPPROTO_UDP) {
+ } else if (ip_proto == IPPROTO_UDP) {
return is_src ? TCA_FLOWER_KEY_UDP_SRC :
TCA_FLOWER_KEY_UDP_DST;
- } else if (ip_port == IPPROTO_SCTP) {
+ } else if (ip_proto == IPPROTO_SCTP) {
return is_src ? TCA_FLOWER_KEY_SCTP_SRC :
TCA_FLOWER_KEY_SCTP_DST;
} else {
@@ -183,14 +183,14 @@ static int flower_port_attr_type(__u8 ip_port, bool is_src)
}
}
-static int flower_parse_port(char *str, __u8 ip_port, bool is_src,
+static int flower_parse_port(char *str, __u8 ip_proto, bool is_src,
struct nlmsghdr *n)
{
int ret;
int type;
__be16 port;
- type = flower_port_attr_type(ip_port, is_src);
+ type = flower_port_attr_type(ip_proto, is_src);
if (type < 0)
return -1;
--
2.7.0.rc3.207.g0ac5344
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH iproute2/net-next v3 3/3] tc: flower: make use of flower_port_attr_type() safe and silent
2016-12-03 8:52 [PATCH iproute2/net-next v3 0/3] tc: flower: SCTP and other port fixes Simon Horman
2016-12-03 8:52 ` [PATCH iproute2/net-next v3 1/3] tc: flower: document SCTP ip_proto Simon Horman
2016-12-03 8:52 ` [PATCH iproute2/net-next v3 2/3] tc: flower: correct name of ip_proto parameter to flower_parse_port() Simon Horman
@ 2016-12-03 8:52 ` Simon Horman
2016-12-05 18:14 ` [PATCH iproute2/net-next v3 0/3] tc: flower: SCTP and other port fixes Stephen Hemminger
3 siblings, 0 replies; 5+ messages in thread
From: Simon Horman @ 2016-12-03 8:52 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev, Simon Horman
Make use of flower_port_attr_type() safe:
* flower_port_attr_type() may return a valid index into tb[] or -1.
Only access tb[] in the case of the former.
* Do not access null entries in tb[]
Also make usage silent - it is valid for ip_proto to be invalid,
for example if it is not specified as part of the filter.
Fixes: a1fb0d484237 ("tc: flower: Support matching on SCTP ports")
Signed-off-by: Simon Horman <simon.horman@netronome.com>
---
tc/f_flower.c | 24 +++++++++++++-----------
1 file changed, 13 insertions(+), 11 deletions(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index d2e8d0462dde..ff61c8e7f19a 100644
--- a/tc/f_flower.c
+++ b/tc/f_flower.c
@@ -168,19 +168,17 @@ static int flower_parse_ip_addr(char *str, __be16 eth_type,
static int flower_port_attr_type(__u8 ip_proto, bool is_src)
{
- if (ip_proto == IPPROTO_TCP) {
+ if (ip_proto == IPPROTO_TCP)
return is_src ? TCA_FLOWER_KEY_TCP_SRC :
TCA_FLOWER_KEY_TCP_DST;
- } else if (ip_proto == IPPROTO_UDP) {
+ else if (ip_proto == IPPROTO_UDP)
return is_src ? TCA_FLOWER_KEY_UDP_SRC :
TCA_FLOWER_KEY_UDP_DST;
- } else if (ip_proto == IPPROTO_SCTP) {
+ else if (ip_proto == IPPROTO_SCTP)
return is_src ? TCA_FLOWER_KEY_SCTP_SRC :
TCA_FLOWER_KEY_SCTP_DST;
- } else {
- fprintf(stderr, "Illegal \"ip_proto\" for port\n");
+ else
return -1;
- }
}
static int flower_parse_port(char *str, __u8 ip_proto, bool is_src,
@@ -561,7 +559,8 @@ static void flower_print_ip_addr(FILE *f, char *name, __be16 eth_type,
static void flower_print_port(FILE *f, char *name, struct rtattr *attr)
{
- fprintf(f, "\n %s %d", name, rta_getattr_be16(attr));
+ if (attr)
+ fprintf(f, "\n %s %d", name, rta_getattr_be16(attr));
}
static void flower_print_key_id(FILE *f, const char *name,
@@ -577,6 +576,7 @@ static int flower_print_opt(struct filter_util *qu, FILE *f,
struct rtattr *tb[TCA_FLOWER_MAX + 1];
__be16 eth_type = 0;
__u8 ip_proto = 0xff;
+ int nl_type;
if (!opt)
return 0;
@@ -631,10 +631,12 @@ static int flower_print_opt(struct filter_util *qu, FILE *f,
tb[TCA_FLOWER_KEY_IPV6_SRC],
tb[TCA_FLOWER_KEY_IPV6_SRC_MASK]);
- flower_print_port(f, "dst_port",
- tb[flower_port_attr_type(ip_proto, false)]);
- flower_print_port(f, "src_port",
- tb[flower_port_attr_type(ip_proto, true)]);
+ nl_type = flower_port_attr_type(ip_proto, false);
+ if (nl_type >= 0)
+ flower_print_port(f, "dst_port", tb[nl_type]);
+ nl_type = flower_port_attr_type(ip_proto, true);
+ if (nl_type >= 0)
+ flower_print_port(f, "src_port", tb[nl_type]);
flower_print_ip_addr(f, "enc_dst_ip",
tb[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] ?
--
2.7.0.rc3.207.g0ac5344
^ permalink raw reply related [flat|nested] 5+ messages in thread* Re: [PATCH iproute2/net-next v3 0/3] tc: flower: SCTP and other port fixes
2016-12-03 8:52 [PATCH iproute2/net-next v3 0/3] tc: flower: SCTP and other port fixes Simon Horman
` (2 preceding siblings ...)
2016-12-03 8:52 ` [PATCH iproute2/net-next v3 3/3] tc: flower: make use of flower_port_attr_type() safe and silent Simon Horman
@ 2016-12-05 18:14 ` Stephen Hemminger
3 siblings, 0 replies; 5+ messages in thread
From: Stephen Hemminger @ 2016-12-05 18:14 UTC (permalink / raw)
To: Simon Horman; +Cc: netdev
On Sat, 3 Dec 2016 09:52:37 +0100
Simon Horman <simon.horman@netronome.com> wrote:
> Hi Stephen,
>
> this short series:
>
> * Makes some improvements to the documentation of flower;
> A follow-up to recent work by Paul Blakey and myself.
> * Corrects some errors introduced when SCTP port matching support was
> recently added.
>
> Changes v2->v3:
> * Rebase
> * Dropped merged patch
>
> Changes v1->v2:
> * Rebase
>
> Simon Horman (3):
> tc: flower: document SCTP ip_proto
> tc: flower: correct name of ip_proto parameter to flower_parse_port()
> tc: flower: make use of flower_port_attr_type() safe and silent
>
> man/man8/tc-flower.8 | 14 +++++++-------
> tc/f_flower.c | 32 +++++++++++++++++---------------
> 2 files changed, 24 insertions(+), 22 deletions(-)
>
Applied to net-next
^ permalink raw reply [flat|nested] 5+ messages in thread