2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * IPv4 Forwarding Information Base: policy rules.
8 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
9 * Thomas Graf <tgraf@suug.ch>
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version
14 * 2 of the License, or (at your option) any later version.
17 * Rani Assaf : local_rule cannot be deleted
18 * Marc Boucher : routing by fwmark
21 #include <linux/types.h>
22 #include <linux/kernel.h>
23 #include <linux/netdevice.h>
24 #include <linux/netlink.h>
25 #include <linux/inetdevice.h>
26 #include <linux/init.h>
27 #include <linux/list.h>
28 #include <linux/rcupdate.h>
30 #include <net/route.h>
32 #include <net/ip_fib.h>
33 #include <net/fib_rules.h>
35 static struct fib_rules_ops fib4_rules_ops;
39 struct fib_rule common;
47 #ifdef CONFIG_NET_CLS_ROUTE
52 #ifdef CONFIG_NET_CLS_ROUTE
53 u32 fib_rules_tclass(struct fib_result *res)
55 return res->r ? ((struct fib4_rule *) res->r)->tclassid : 0;
59 int fib_lookup(struct flowi *flp, struct fib_result *res)
61 struct fib_lookup_arg arg = {
66 err = fib_rules_lookup(&fib4_rules_ops, flp, 0, &arg);
72 static int fib4_rule_action(struct fib_rule *rule, struct flowi *flp,
73 int flags, struct fib_lookup_arg *arg)
76 struct fib_table *tbl;
78 switch (rule->action) {
82 case FR_ACT_UNREACHABLE:
90 case FR_ACT_BLACKHOLE:
96 if ((tbl = fib_get_table(rule->table)) == NULL)
99 err = tbl->tb_lookup(tbl, flp, (struct fib_result *) arg->result);
107 void fib_select_default(const struct flowi *flp, struct fib_result *res)
109 if (res->r && res->r->action == FR_ACT_TO_TBL &&
110 FIB_RES_GW(*res) && FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK) {
111 struct fib_table *tb;
112 if ((tb = fib_get_table(res->r->table)) != NULL)
113 tb->tb_select_default(tb, flp, res);
117 static int fib4_rule_match(struct fib_rule *rule, struct flowi *fl, int flags)
119 struct fib4_rule *r = (struct fib4_rule *) rule;
120 __be32 daddr = fl->fl4_dst;
121 __be32 saddr = fl->fl4_src;
123 if (((saddr ^ r->src) & r->srcmask) ||
124 ((daddr ^ r->dst) & r->dstmask))
127 if (r->tos && (r->tos != fl->fl4_tos))
133 static struct fib_table *fib_empty_table(void)
137 for (id = 1; id <= RT_TABLE_MAX; id++)
138 if (fib_get_table(id) == NULL)
139 return fib_new_table(id);
143 static const struct nla_policy fib4_rule_policy[FRA_MAX+1] = {
145 [FRA_FLOW] = { .type = NLA_U32 },
148 static int fib4_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
149 struct nlmsghdr *nlh, struct fib_rule_hdr *frh,
153 struct fib4_rule *rule4 = (struct fib4_rule *) rule;
155 if (frh->tos & ~IPTOS_TOS_MASK)
158 if (rule->table == RT_TABLE_UNSPEC) {
159 if (rule->action == FR_ACT_TO_TBL) {
160 struct fib_table *table;
162 table = fib_empty_table();
168 rule->table = table->tb_id;
173 rule4->src = nla_get_be32(tb[FRA_SRC]);
176 rule4->dst = nla_get_be32(tb[FRA_DST]);
178 #ifdef CONFIG_NET_CLS_ROUTE
180 rule4->tclassid = nla_get_u32(tb[FRA_FLOW]);
183 rule4->src_len = frh->src_len;
184 rule4->srcmask = inet_make_mask(rule4->src_len);
185 rule4->dst_len = frh->dst_len;
186 rule4->dstmask = inet_make_mask(rule4->dst_len);
187 rule4->tos = frh->tos;
194 static int fib4_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh,
197 struct fib4_rule *rule4 = (struct fib4_rule *) rule;
199 if (frh->src_len && (rule4->src_len != frh->src_len))
202 if (frh->dst_len && (rule4->dst_len != frh->dst_len))
205 if (frh->tos && (rule4->tos != frh->tos))
208 #ifdef CONFIG_NET_CLS_ROUTE
209 if (tb[FRA_FLOW] && (rule4->tclassid != nla_get_u32(tb[FRA_FLOW])))
213 if (frh->src_len && (rule4->src != nla_get_be32(tb[FRA_SRC])))
216 if (frh->dst_len && (rule4->dst != nla_get_be32(tb[FRA_DST])))
222 static int fib4_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
223 struct nlmsghdr *nlh, struct fib_rule_hdr *frh)
225 struct fib4_rule *rule4 = (struct fib4_rule *) rule;
227 frh->family = AF_INET;
228 frh->dst_len = rule4->dst_len;
229 frh->src_len = rule4->src_len;
230 frh->tos = rule4->tos;
233 NLA_PUT_BE32(skb, FRA_DST, rule4->dst);
236 NLA_PUT_BE32(skb, FRA_SRC, rule4->src);
238 #ifdef CONFIG_NET_CLS_ROUTE
240 NLA_PUT_U32(skb, FRA_FLOW, rule4->tclassid);
248 static u32 fib4_rule_default_pref(struct fib_rules_ops *ops)
250 struct list_head *pos;
251 struct fib_rule *rule;
253 if (!list_empty(&fib4_rules_ops.rules_list)) {
254 pos = fib4_rules_ops.rules_list.next;
255 if (pos->next != &fib4_rules_ops.rules_list) {
256 rule = list_entry(pos->next, struct fib_rule, list);
258 return rule->pref - 1;
265 static size_t fib4_rule_nlmsg_payload(struct fib_rule *rule)
267 return nla_total_size(4) /* dst */
268 + nla_total_size(4) /* src */
269 + nla_total_size(4); /* flow */
272 static void fib4_rule_flush_cache(void)
277 static struct fib_rules_ops fib4_rules_ops = {
279 .rule_size = sizeof(struct fib4_rule),
280 .addr_size = sizeof(u32),
281 .action = fib4_rule_action,
282 .match = fib4_rule_match,
283 .configure = fib4_rule_configure,
284 .compare = fib4_rule_compare,
285 .fill = fib4_rule_fill,
286 .default_pref = fib4_rule_default_pref,
287 .nlmsg_payload = fib4_rule_nlmsg_payload,
288 .flush_cache = fib4_rule_flush_cache,
289 .nlgroup = RTNLGRP_IPV4_RULE,
290 .policy = fib4_rule_policy,
291 .rules_list = LIST_HEAD_INIT(fib4_rules_ops.rules_list),
292 .owner = THIS_MODULE,
295 static int __init fib_default_rules_init(void)
299 err = fib_default_rule_add(&fib4_rules_ops, 0,
300 RT_TABLE_LOCAL, FIB_RULE_PERMANENT);
303 err = fib_default_rule_add(&fib4_rules_ops, 0x7FFE,
307 err = fib_default_rule_add(&fib4_rules_ops, 0x7FFF,
308 RT_TABLE_DEFAULT, 0);
314 void __init fib4_rules_init(void)
316 BUG_ON(fib_default_rules_init());
317 fib_rules_register(&init_net, &fib4_rules_ops);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob