From: Marcelo Ricardo Leitner <mleitner@redhat.com>
To: Guy Shattah <sguy@mellanox.com>,
Marcelo Leitner <mleitner@redhat.com>,
Aaron Conole <aconole@redhat.com>,
John Hurley <john.hurley@netronome.com>,
Simon Horman <simon.horman@netronome.com>,
Justin Pettit <jpettit@ovn.org>,
Gregory Rose <gvrose8192@gmail.com>,
Eelco Chaudron <echaudro@redhat.com>,
Flavio Leitner <fbl@redhat.com>,
Florian Westphal <fwestpha@redhat.com>,
Jiri Pirko <jiri@resnulli.us>, Rashid Khan <rkhan@redhat.com>,
Sushil Kulkarni <sukulkar@redhat.com>,
Andy Gospodarek <andrew.gospodarek@broadcom.com>,
Roi Dayan <roid@mellanox.com>,
Yossi Kuperman <yossiku@mellanox.com>,
Or Gerlitz <ogerlitz@mellanox.com>,
Rony Efraim <ronye@mellanox.com>,
"davem@davemloft.net" <davem@davemloft.net>
Cc: netdev@vger.kernel.org
Subject: [RFC PATCH iproute2 2/5] act_ct: first import
Date: Fri, 25 Jan 2019 00:33:30 -0200 [thread overview]
Message-ID: <e16eb55db89c48ec883fcaf582451be05f93f384.1548287070.git.mleitner@redhat.com> (raw)
In-Reply-To: <cover.1548287070.git.mleitner@redhat.com>
Signed-off-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
---
include/uapi/linux/tc_act/tc_ct.h | 30 +++
tc/Makefile | 1 +
tc/m_ct.c | 314 ++++++++++++++++++++++++++++++
3 files changed, 345 insertions(+)
create mode 100644 include/uapi/linux/tc_act/tc_ct.h
create mode 100644 tc/m_ct.c
diff --git a/include/uapi/linux/tc_act/tc_ct.h b/include/uapi/linux/tc_act/tc_ct.h
new file mode 100644
index 0000000000000000000000000000000000000000..d08a5afdc4b453c5388ad2ae63a00fd3b48457f0
--- /dev/null
+++ b/include/uapi/linux/tc_act/tc_ct.h
@@ -0,0 +1,30 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
+#ifndef __LINUX_TC_CT_H
+#define __LINUX_TC_CT_H
+
+#include <linux/pkt_cls.h>
+#include <linux/types.h>
+
+#define TCA_ACT_CT 27
+
+enum {
+ TCA_CT_UNSPEC,
+ TCA_CT_TM,
+ TCA_CT_PARMS,
+ TCA_CT_PAD,
+ TCA_CT_ZONE,
+ TCA_CT_MARK,
+ TCA_CT_MARK_MASK,
+ TCA_CT_LABEL,
+ TCA_CT_LABEL_MASK,
+ TCA_CT_CHAIN,
+ TCA_CT_FLAGS,
+ __TCA_CT_MAX
+};
+#define TCA_CT_MAX (__TCA_CT_MAX - 1)
+
+struct tc_ct {
+ tc_gen;
+};
+
+#endif
diff --git a/tc/Makefile b/tc/Makefile
index 2edaf2c8836475c78e713e789a05203e1c598327..79e10a1a5493bbc9703b47660aa145f98e533aea 100644
--- a/tc/Makefile
+++ b/tc/Makefile
@@ -51,6 +51,7 @@ TCMODULES += m_connmark.o
TCMODULES += m_bpf.o
TCMODULES += m_tunnel_key.o
TCMODULES += m_sample.o
+TCMODULES += m_ct.o
TCMODULES += p_ip.o
TCMODULES += p_ip6.o
TCMODULES += p_icmp.o
diff --git a/tc/m_ct.c b/tc/m_ct.c
new file mode 100644
index 0000000000000000000000000000000000000000..e20837ba4f9c49d1603b14721cabca1fbeca0c74
--- /dev/null
+++ b/tc/m_ct.c
@@ -0,0 +1,314 @@
+/*
+ * m_ct.c Connection Tracking target module
+ *
+ * This program is free software; you can distribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ *
+ * Authors: Marcelo Ricardo Leitner <mleitner@redhat.com>
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <string.h>
+#include "utils.h"
+#include "tc_util.h"
+#include "tc_common.h"
+#include <linux/tc_act/tc_ct.h>
+
+static void
+explain(void)
+{
+ fprintf(stderr,
+ "Usage: ct [mark <mark>] [zone <zone>] [label <label>] [chain <chain>]\n"
+ "where:\n");
+}
+
+static void
+usage(void)
+{
+ explain();
+ exit(-1);
+}
+
+#if 0
+static int ct_parse_u8(char *str, int value_type, int mask_type,
+ int (*value_from_name)(const char *str,
+ __u8 *value),
+ bool (*value_validate)(__u8 value),
+ struct nlmsghdr *n)
+{
+ char *slash;
+ int ret, err = -1;
+ __u8 value, mask;
+
+ slash = strchr(str, '/');
+ if (slash)
+ *slash = '\0';
+
+ ret = value_from_name ? value_from_name(str, &value) : -1;
+ if (ret < 0) {
+ ret = get_u8(&value, str, 10);
+ if (ret)
+ goto err;
+ }
+
+ if (value_validate && !value_validate(value))
+ goto err;
+
+ if (slash) {
+ ret = get_u8(&mask, slash + 1, 10);
+ if (ret)
+ goto err;
+ }
+ else {
+ mask = UINT8_MAX;
+ }
+
+ addattr8(n, MAX_MSG, value_type, value);
+ addattr8(n, MAX_MSG, mask_type, mask);
+
+ err = 0;
+err:
+ if (slash)
+ *slash = '/';
+ return err;
+}
+#endif
+
+static int ct_parse_u16(char *str, int value_type, int mask_type,
+ int (*value_from_name)(const char *str,
+ __u16 *value),
+ bool (*value_validate)(__u16 value),
+ struct nlmsghdr *n)
+{
+ char *slash;
+ int ret, err = -1;
+ __u16 value, mask;
+
+ slash = strchr(str, '/');
+ if (slash)
+ *slash = '\0';
+
+ ret = value_from_name ? value_from_name(str, &value) : -1;
+ if (ret < 0) {
+ ret = get_u16(&value, str, 10);
+ if (ret)
+ goto err;
+ }
+
+ if (value_validate && !value_validate(value))
+ goto err;
+
+ if (slash) {
+ ret = get_u16(&mask, slash + 1, 10);
+ if (ret)
+ goto err;
+ }
+ else {
+ mask = UINT16_MAX;
+ }
+
+ print_uint(PRINT_ANY, "zone", "zone %u ", value);
+ addattr16(n, MAX_MSG, value_type, value);
+ /* FIXME: find another parse function to avoid this */
+ if (mask_type)
+ addattr16(n, MAX_MSG, mask_type, mask);
+
+ err = 0;
+err:
+ if (slash)
+ *slash = '/';
+ return err;
+}
+
+static int ct_parse_u32(char *str, int value_type, int mask_type,
+ int (*value_from_name)(const char *str,
+ __u32 *value),
+ bool (*value_validate)(__u32 value),
+ struct nlmsghdr *n)
+{
+ char *slash;
+ int ret, err = -1;
+ __u32 value, mask;
+
+ slash = strchr(str, '/');
+ if (slash)
+ *slash = '\0';
+
+ ret = value_from_name ? value_from_name(str, &value) : -1;
+ if (ret < 0) {
+ ret = get_u32(&value, str, 10);
+ if (ret)
+ goto err;
+ }
+
+ if (value_validate && !value_validate(value))
+ goto err;
+
+ if (slash) {
+ ret = get_u32(&mask, slash + 1, 10);
+ if (ret)
+ goto err;
+ }
+ else {
+ mask = UINT32_MAX;
+ }
+
+ addattr32(n, MAX_MSG, value_type, value);
+ addattr32(n, MAX_MSG, mask_type, mask);
+
+ err = 0;
+err:
+ if (slash)
+ *slash = '/';
+ return err;
+}
+
+
+static int
+parse_ct(struct action_util *a, int *argc_p, char ***argv_p,
+ int tca_id, struct nlmsghdr *n)
+{
+ int argc = *argc_p;
+ char **argv = *argv_p;
+ struct tc_ct p = {};
+ struct rtattr *tail;
+
+ if (argc <= 0) {
+ fprintf(stderr, "ct bad argument count %d\n", argc);
+ return -1;
+ }
+
+ if (!matches(*argv, "ct")) {
+ NEXT_ARG_FWD();
+ } else {
+ fprintf(stderr, "ct bad argument %s\n", *argv);
+ return -1;
+ }
+
+ tail = addattr_nest(n, MAX_MSG, tca_id);
+
+again:
+ if (argc <= 0) {
+ addattr_l(n, MAX_MSG, TCA_CT_PARMS, &p, sizeof(p));
+ addattr_nest_end(n, tail);
+
+ *argc_p = argc;
+ *argv_p = argv;
+ return 0;
+ }
+
+ if (!matches(*argv, "mark")) {
+ NEXT_ARG();
+ ct_parse_u32(*argv,
+ TCA_CT_MARK,
+ TCA_CT_MARK_MASK,
+ NULL, NULL, n);
+ NEXT_ARG_FWD();
+ goto again;
+ }
+ if (!matches(*argv, "zone")) {
+ NEXT_ARG();
+ ct_parse_u16(*argv,
+ TCA_CT_ZONE,
+ 0,
+ NULL, NULL, n);
+ NEXT_ARG_FWD();
+ goto again;
+ }
+/* if (!matches(*argv, "state")) {
+ NEXT_ARG();
+ ct_parse_u8(*argv,
+ TCA_FLOWER_KEY_CT_STATE,
+ TCA_FLOWER_KEY_CT_STATE_MASK,
+ NULL, NULL, n);
+ NEXT_ARG_FWD();
+ goto again;
+ }*/
+/* if (!matches(*argv, "label")) {
+ NEXT_ARG();
+ goto again;
+ }*/
+/* if (!matches(*argv, "chain")) {
+ NEXT_ARG();
+ goto again;
+ }*/
+
+ if (!matches(*argv, "help") == 0) {
+ usage();
+ } else {
+ fprintf(stderr, "ct option not supported %s\n", *argv);
+ }
+
+ return -1;
+}
+
+static void ct_print_mask(const char *name, __u32 key, __u32 mask)
+{
+ SPRINT_BUF(namefrm);
+ SPRINT_BUF(out);
+ size_t done;
+
+ if (!key && !mask)
+ return;
+
+ done = sprintf(out, "0x%x", key);
+ if (mask)
+ sprintf(out + done, "/%x", mask);
+
+ print_string(PRINT_FP, NULL, "%s ", _SL_);
+ sprintf(namefrm, "%s %%s", name);
+ print_string(PRINT_ANY, name, namefrm, out);
+}
+
+static int
+print_ct(struct action_util *au, FILE *f, struct rtattr *arg)
+{
+ struct tc_ct *p;
+ struct rtattr *tb[TCA_CT_MAX + 1];
+
+ if (arg == NULL)
+ return -1;
+
+ parse_rtattr_nested(tb, TCA_CT_MAX, arg);
+
+ if (tb[TCA_CT_PARMS] == NULL) {
+ print_string(PRINT_FP, NULL, "%s", "[NULL ct parameters]");
+ return -1;
+ }
+ p = RTA_DATA(tb[TCA_CT_PARMS]);
+
+ print_string(PRINT_ANY, "kind", "%s ", "ct");
+ ct_print_mask("mark", rta_getattr_u32(tb[TCA_CT_MARK]),
+ rta_getattr_u32(tb[TCA_CT_MARK_MASK]));
+ print_uint(PRINT_ANY, "zone", "zone %u ", rta_getattr_u16(tb[TCA_CT_ZONE]));
+ print_uint(PRINT_ANY, "chain", "chain %u", rta_getattr_u32(tb[TCA_CT_CHAIN]));
+
+ print_uint(PRINT_ANY, "index", "\n \tindex %u", p->index);
+ print_int(PRINT_ANY, "ref", " ref %d", p->refcnt);
+ print_int(PRINT_ANY, "bind", " bind %d", p->bindcnt);
+
+ if (show_stats) {
+ if (tb[TCA_CT_TM]) {
+ struct tcf_t *tm = RTA_DATA(tb[TCA_CT_TM]);
+
+ print_tm(f, tm);
+ }
+ }
+ print_string(PRINT_FP, NULL, "%s", "\n ");
+ return 0;
+}
+
+struct action_util ct_action_util = {
+ .id = "ct",
+ .parse_aopt = parse_ct,
+ .print_aopt = print_ct,
+};
--
2.20.1
next prev parent reply other threads:[~2019-01-25 2:34 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-23 11:29 [RFC] Connection Tracking Offload netdev RFC v1.0, part 1/2: command line + implementation Guy Shattah
2019-01-25 2:32 ` [RFC PATCH 0/6] Initial, PoC implementation of sw datapath of tc+CT Marcelo Ricardo Leitner
2019-01-25 2:32 ` [RFC PATCH 1/6] flow_dissector: add support for matching on ConnTrack Marcelo Ricardo Leitner
2019-01-25 2:32 ` [RFC PATCH 2/6] net/sched: flower: " Marcelo Ricardo Leitner
2019-01-25 13:37 ` Simon Horman
2019-01-26 15:52 ` Marcelo Ricardo Leitner
2019-01-28 9:44 ` Simon Horman
2019-01-28 12:55 ` Marcelo Ricardo Leitner
2019-01-28 13:02 ` Florian Westphal
2019-01-25 2:32 ` [RFC PATCH 3/6] net/sched: add CT action Marcelo Ricardo Leitner
2019-01-25 2:32 ` [RFC PATCH 4/6] net/sched: act_ct: add support for force flag Marcelo Ricardo Leitner
2019-01-25 2:32 ` [RFC PATCH 5/6] net/sched: act_ct: add support for clear flag Marcelo Ricardo Leitner
2019-01-25 2:32 ` [RFC PATCH 6/6] net/sched: act_ct: allow sending a packet through conntrack multiple times Marcelo Ricardo Leitner
2019-01-25 2:33 ` [RFC PATCH iproute2 0/5] Initial, PoC implementation of sw datapath of tc+CT Marcelo Ricardo Leitner
2019-01-25 2:33 ` [RFC PATCH iproute2 1/5] flower: add support for CT fields Marcelo Ricardo Leitner
2019-01-25 2:33 ` Marcelo Ricardo Leitner [this message]
2019-02-05 22:56 ` [RFC PATCH iproute2 2/5] act_ct: first import Stephen Hemminger
2019-02-06 0:09 ` Marcelo Ricardo Leitner
2019-01-25 2:33 ` [RFC PATCH iproute2 3/5] act_ct: add support for commit flag Marcelo Ricardo Leitner
2019-01-25 2:33 ` [RFC PATCH iproute2 4/5] act/ct: add support for force flag Marcelo Ricardo Leitner
2019-01-25 2:33 ` [RFC PATCH iproute2 5/5] act/ct: add support for clear flag Marcelo Ricardo Leitner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e16eb55db89c48ec883fcaf582451be05f93f384.1548287070.git.mleitner@redhat.com \
--to=mleitner@redhat.com \
--cc=aconole@redhat.com \
--cc=andrew.gospodarek@broadcom.com \
--cc=davem@davemloft.net \
--cc=echaudro@redhat.com \
--cc=fbl@redhat.com \
--cc=fwestpha@redhat.com \
--cc=gvrose8192@gmail.com \
--cc=jiri@resnulli.us \
--cc=john.hurley@netronome.com \
--cc=jpettit@ovn.org \
--cc=netdev@vger.kernel.org \
--cc=ogerlitz@mellanox.com \
--cc=rkhan@redhat.com \
--cc=roid@mellanox.com \
--cc=ronye@mellanox.com \
--cc=sguy@mellanox.com \
--cc=simon.horman@netronome.com \
--cc=sukulkar@redhat.com \
--cc=yossiku@mellanox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).