/*
- * Copyright (c) 2010 Nicira Networks.
+ * Copyright (c) 2010, 2011 Nicira Networks.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <errno.h>
#include <stdlib.h>
+#include "autopath.h"
#include "byte-order.h"
#include "dynamic-string.h"
#include "netdev.h"
char *tail;
uint32_t value;
- if (!str) {
+ if (!str[0]) {
ovs_fatal(0, "missing required numeric argument");
}
char *tail;
uint64_t value;
+ if (!str[0]) {
+ ovs_fatal(0, "missing required numeric argument");
+ }
+
errno = 0;
value = strtoull(str, &tail, 0);
if (errno == EINVAL || errno == ERANGE || *tail) {
}
}
+static void
+str_to_eth_dst(const char *str,
+ uint8_t mac[ETH_ADDR_LEN], uint8_t mask[ETH_ADDR_LEN])
+{
+ if (sscanf(str, ETH_ADDR_SCAN_FMT"/"ETH_ADDR_SCAN_FMT,
+ ETH_ADDR_SCAN_ARGS(mac), ETH_ADDR_SCAN_ARGS(mask))
+ == ETH_ADDR_SCAN_COUNT * 2) {
+ if (!flow_wildcards_is_dl_dst_mask_valid(mask)) {
+ ovs_fatal(0, "%s: invalid Ethernet destination mask (only "
+ "00:00:00:00:00:00, 01:00:00:00:00:00, "
+ "fe:ff:ff:ff:ff:ff, and ff:ff:ff:ff:ff:ff are allowed)",
+ str);
+ }
+ } else if (sscanf(str, ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))
+ == ETH_ADDR_SCAN_COUNT) {
+ memset(mask, 0xff, ETH_ADDR_LEN);
+ } else {
+ ovs_fatal(0, "invalid mac address %s", str);
+ }
+}
+
static void
str_to_ip(const char *str_, ovs_be32 *ip, ovs_be32 *maskp)
{
free(str);
}
+static void
+str_to_tun_id(const char *str, ovs_be64 *tun_idp, ovs_be64 *maskp)
+{
+ uint64_t tun_id, mask;
+ char *tail;
+
+ errno = 0;
+ tun_id = strtoull(str, &tail, 0);
+ if (errno || (*tail != '\0' && *tail != '/')) {
+ goto error;
+ }
+
+ if (*tail == '/') {
+ mask = strtoull(tail + 1, &tail, 0);
+ if (errno || *tail != '\0') {
+ goto error;
+ }
+ } else {
+ mask = UINT64_MAX;
+ }
+
+ *tun_idp = htonll(tun_id);
+ *maskp = htonll(mask);
+ return;
+
+error:
+ ovs_fatal(0, "%s: bad syntax for tunnel id", str);
+}
+
+static void
+str_to_ipv6(const char *str_, struct in6_addr *addrp, struct in6_addr *maskp)
+{
+ char *str = xstrdup(str_);
+ char *save_ptr = NULL;
+ const char *name, *netmask;
+ struct in6_addr addr, mask;
+ int retval;
+
+ name = strtok_r(str, "/", &save_ptr);
+ retval = name ? lookup_ipv6(name, &addr) : EINVAL;
+ if (retval) {
+ ovs_fatal(0, "%s: could not convert to IPv6 address", str);
+ }
+
+ netmask = strtok_r(NULL, "/", &save_ptr);
+ if (netmask) {
+ int prefix = atoi(netmask);
+ if (prefix <= 0 || prefix > 128) {
+ ovs_fatal(0, "%s: network prefix bits not between 1 and 128",
+ str);
+ } else {
+ mask = ipv6_create_mask(prefix);
+ }
+ } else {
+ mask = in6addr_exact;
+ }
+ *addrp = ipv6_addr_bitand(&addr, &mask);
+
+ if (maskp) {
+ *maskp = mask;
+ } else {
+ if (!ipv6_mask_is_exact(&mask)) {
+ ovs_fatal(0, "%s: netmask not allowed here", str_);
+ }
+ }
+
+ free(str);
+}
+
static void *
put_action(struct ofpbuf *b, size_t size, uint16_t type)
{
char *pos;
pos = str;
+ n_actions = 0;
for (;;) {
+ char empty_string[] = "";
char *act, *arg;
size_t actlen;
uint16_t port;
pos = arg + arglen;
} else {
/* There might be no argument at all. */
- arg = NULL;
+ arg = empty_string;
pos = act + actlen + (act[actlen] != '\0');
}
act[actlen] = '\0';
nast->subtype = htons(NXAST_SET_TUNNEL);
nast->tun_id = htonl(tun_id);
}
- } else if (!strcasecmp(act, "drop_spoofed_arp")) {
- struct nx_action_header *nah;
- nah = put_action(b, sizeof *nah, OFPAT_VENDOR);
- nah->vendor = htonl(NX_VENDOR_ID);
- nah->subtype = htons(NXAST_DROP_SPOOFED_ARP);
} else if (!strcasecmp(act, "set_queue")) {
struct nx_action_set_queue *nasq;
nasq = put_action(b, sizeof *nasq, OFPAT_VENDOR);
nan->subtype = htons(NXAST_NOTE);
b->size -= sizeof nan->note;
- while (arg && *arg != '\0') {
+ while (*arg != '\0') {
uint8_t byte;
bool ok;
struct nx_action_multipath *nam;
nam = ofpbuf_put_uninit(b, sizeof *nam);
multipath_parse(nam, arg);
+ } else if (!strcasecmp(act, "autopath")) {
+ struct nx_action_autopath *naa;
+ naa = ofpbuf_put_uninit(b, sizeof *naa);
+ autopath_parse(naa, arg);
} else if (!strcasecmp(act, "output")) {
put_output_action(b, str_to_u32(arg));
} else if (!strcasecmp(act, "enqueue")) {
/* Unless a numeric argument is specified, we send the whole
* packet to the controller. */
- if (arg && (strspn(arg, "0123456789") == strlen(arg))) {
+ if (arg[0] && (strspn(arg, "0123456789") == strlen(arg))) {
oao->max_len = htons(str_to_u32(arg));
} else {
oao->max_len = htons(UINT16_MAX);
} else {
ovs_fatal(0, "Unknown action: %s", act);
}
+ n_actions++;
}
}
static const struct protocol protocols[] = {
{ "ip", ETH_TYPE_IP, 0 },
{ "arp", ETH_TYPE_ARP, 0 },
- { "icmp", ETH_TYPE_IP, IP_TYPE_ICMP },
- { "tcp", ETH_TYPE_IP, IP_TYPE_TCP },
- { "udp", ETH_TYPE_IP, IP_TYPE_UDP },
+ { "icmp", ETH_TYPE_IP, IPPROTO_ICMP },
+ { "tcp", ETH_TYPE_IP, IPPROTO_TCP },
+ { "udp", ETH_TYPE_IP, IPPROTO_UDP },
+ { "ipv6", ETH_TYPE_IPV6, 0 },
+ { "ip6", ETH_TYPE_IPV6, 0 },
+ { "icmp6", ETH_TYPE_IPV6, IPPROTO_ICMPV6 },
+ { "tcp6", ETH_TYPE_IPV6, IPPROTO_TCP },
+ { "udp6", ETH_TYPE_IPV6, IPPROTO_UDP },
};
const struct protocol *p;
}
#define FIELDS \
- FIELD(F_TUN_ID, "tun_id", FWW_TUN_ID) \
+ FIELD(F_TUN_ID, "tun_id", 0) \
FIELD(F_IN_PORT, "in_port", FWW_IN_PORT) \
FIELD(F_DL_VLAN, "dl_vlan", 0) \
FIELD(F_DL_VLAN_PCP, "dl_vlan_pcp", 0) \
FIELD(F_DL_SRC, "dl_src", FWW_DL_SRC) \
- FIELD(F_DL_DST, "dl_dst", FWW_DL_DST) \
+ FIELD(F_DL_DST, "dl_dst", FWW_DL_DST | FWW_ETH_MCAST) \
FIELD(F_DL_TYPE, "dl_type", FWW_DL_TYPE) \
FIELD(F_NW_SRC, "nw_src", 0) \
FIELD(F_NW_DST, "nw_dst", 0) \
FIELD(F_TP_SRC, "tp_src", FWW_TP_SRC) \
FIELD(F_TP_DST, "tp_dst", FWW_TP_DST) \
FIELD(F_ICMP_TYPE, "icmp_type", FWW_TP_SRC) \
- FIELD(F_ICMP_CODE, "icmp_code", FWW_TP_DST)
+ FIELD(F_ICMP_CODE, "icmp_code", FWW_TP_DST) \
+ FIELD(F_ARP_SHA, "arp_sha", FWW_ARP_SHA) \
+ FIELD(F_ARP_THA, "arp_tha", FWW_ARP_THA) \
+ FIELD(F_IPV6_SRC, "ipv6_src", 0) \
+ FIELD(F_IPV6_DST, "ipv6_dst", 0) \
+ FIELD(F_ND_TARGET, "nd_target", FWW_ND_TARGET) \
+ FIELD(F_ND_SLL, "nd_sll", FWW_ARP_SHA) \
+ FIELD(F_ND_TLL, "nd_tll", FWW_ARP_THA)
enum field_index {
#define FIELD(ENUM, NAME, WILDCARD) ENUM,
parse_field_value(struct cls_rule *rule, enum field_index index,
const char *value)
{
- uint8_t mac[ETH_ADDR_LEN];
+ uint8_t mac[ETH_ADDR_LEN], mac_mask[ETH_ADDR_LEN];
+ ovs_be64 tun_id, tun_mask;
ovs_be32 ip, mask;
+ struct in6_addr ipv6, ipv6_mask;
uint16_t port_no;
switch (index) {
case F_TUN_ID:
- cls_rule_set_tun_id(rule, htonll(str_to_u64(value)));
+ str_to_tun_id(value, &tun_id, &tun_mask);
+ cls_rule_set_tun_id_masked(rule, tun_id, tun_mask);
break;
case F_IN_PORT:
if (!parse_port_name(value, &port_no)) {
port_no = atoi(value);
}
- if (port_no == OFPP_LOCAL) {
- port_no = ODPP_LOCAL;
- }
cls_rule_set_in_port(rule, port_no);
break;
break;
case F_DL_DST:
- str_to_mac(value, mac);
- cls_rule_set_dl_dst(rule, mac);
+ str_to_eth_dst(value, mac, mac_mask);
+ cls_rule_set_dl_dst_masked(rule, mac, mac_mask);
break;
case F_DL_TYPE:
cls_rule_set_icmp_code(rule, str_to_u32(value));
break;
+ case F_ARP_SHA:
+ str_to_mac(value, mac);
+ cls_rule_set_arp_sha(rule, mac);
+ break;
+
+ case F_ARP_THA:
+ str_to_mac(value, mac);
+ cls_rule_set_arp_tha(rule, mac);
+ break;
+
+ case F_IPV6_SRC:
+ str_to_ipv6(value, &ipv6, &ipv6_mask);
+ cls_rule_set_ipv6_src_masked(rule, &ipv6, &ipv6_mask);
+ break;
+
+ case F_IPV6_DST:
+ str_to_ipv6(value, &ipv6, &ipv6_mask);
+ cls_rule_set_ipv6_dst_masked(rule, &ipv6, &ipv6_mask);
+ break;
+
+ case F_ND_TARGET:
+ str_to_ipv6(value, &ipv6, NULL);
+ cls_rule_set_nd_target(rule, ipv6);
+ break;
+
+ case F_ND_SLL:
+ str_to_mac(value, mac);
+ cls_rule_set_arp_sha(rule, mac);
+ break;
+
+ case F_ND_TLL:
+ str_to_mac(value, mac);
+ cls_rule_set_arp_tha(rule, mac);
+ break;
+
case N_FIELDS:
NOT_REACHED();
}
/* Convert 'string' (as described in the Flow Syntax section of the ovs-ofctl
* man page) into 'pf'. If 'actions' is specified, an action must be in
* 'string' and may be expanded or reallocated. */
-static void
-parse_ofp_str(struct flow_mod *fm, uint8_t *table_idx,
- struct ofpbuf *actions, char *string)
+void
+parse_ofp_str(struct flow_mod *fm, struct ofpbuf *actions, char *string)
{
char *save_ptr = NULL;
char *name;
- if (table_idx) {
- *table_idx = 0xff;
- }
cls_rule_init_catchall(&fm->cr, OFP_DEFAULT_PRIORITY);
fm->cookie = htonll(0);
+ fm->table_id = 0xff;
fm->command = UINT16_MAX;
fm->idle_timeout = OFP_FLOW_PERMANENT;
fm->hard_timeout = OFP_FLOW_PERMANENT;
ovs_fatal(0, "field %s missing value", name);
}
- if (table_idx && !strcmp(name, "table")) {
- *table_idx = atoi(value);
+ if (!strcmp(name, "table")) {
+ fm->table_id = atoi(value);
} else if (!strcmp(name, "out_port")) {
fm->out_port = atoi(value);
} else if (!strcmp(name, "priority")) {
cls_rule_set_nw_src_masked(&fm->cr, 0, 0);
} else if (f->index == F_NW_DST) {
cls_rule_set_nw_dst_masked(&fm->cr, 0, 0);
+ } else if (f->index == F_IPV6_SRC) {
+ cls_rule_set_ipv6_src_masked(&fm->cr,
+ &in6addr_any, &in6addr_any);
+ } else if (f->index == F_IPV6_DST) {
+ cls_rule_set_ipv6_dst_masked(&fm->cr,
+ &in6addr_any, &in6addr_any);
} else if (f->index == F_DL_VLAN) {
cls_rule_set_any_vid(&fm->cr);
} else if (f->index == F_DL_VLAN_PCP) {
} else {
parse_field_value(&fm->cr, f->index, value);
}
- } else if (!strncmp(name, "reg", 3) && isdigit(name[3])) {
+ } else if (!strncmp(name, "reg", 3)
+ && isdigit((unsigned char) name[3])) {
unsigned int reg_idx = atoi(name + 3);
if (reg_idx >= FLOW_N_REGS) {
ovs_fatal(0, "only %d registers supported", FLOW_N_REGS);
* flow. */
void
parse_ofp_flow_mod_str(struct list *packets, enum nx_flow_format *cur_format,
- char *string, uint16_t command)
+ bool *flow_mod_table_id, char *string, uint16_t command)
{
bool is_del = command == OFPFC_DELETE || command == OFPFC_DELETE_STRICT;
enum nx_flow_format min_format, next_format;
+ struct cls_rule rule_copy;
struct ofpbuf actions;
struct ofpbuf *ofm;
struct flow_mod fm;
ofpbuf_init(&actions, 64);
- parse_ofp_str(&fm, NULL, is_del ? NULL : &actions, string);
+ parse_ofp_str(&fm, is_del ? NULL : &actions, string);
fm.command = command;
- min_format = ofputil_min_flow_format(&fm.cr, true, fm.cookie);
+ min_format = ofputil_min_flow_format(&fm.cr);
next_format = MAX(*cur_format, min_format);
if (next_format != *cur_format) {
struct ofpbuf *sff = ofputil_make_set_flow_format(next_format);
*cur_format = next_format;
}
- ofm = ofputil_encode_flow_mod(&fm, *cur_format);
+ /* Normalize a copy of the rule. This ensures that non-normalized flows
+ * get logged but doesn't affect what gets sent to the switch, so that the
+ * switch can do whatever it likes with the flow. */
+ rule_copy = fm.cr;
+ ofputil_normalize_rule(&rule_copy, next_format);
+
+ if (fm.table_id != 0xff && !*flow_mod_table_id) {
+ struct ofpbuf *sff = ofputil_make_flow_mod_table_id(true);
+ list_push_back(packets, &sff->list_node);
+ *flow_mod_table_id = true;
+ }
+
+ ofm = ofputil_encode_flow_mod(&fm, *cur_format, *flow_mod_table_id);
list_push_back(packets, &ofm->list_node);
ofpbuf_uninit(&actions);
* 'stream' and the command is always OFPFC_ADD. Returns false if end-of-file
* is reached before reading a flow, otherwise true. */
bool
-parse_ofp_add_flow_file(struct list *packets, enum nx_flow_format *cur,
- FILE *stream)
+parse_ofp_flow_mod_file(struct list *packets,
+ enum nx_flow_format *cur, bool *flow_mod_table_id,
+ FILE *stream, uint16_t command)
{
- struct ds s = DS_EMPTY_INITIALIZER;
- bool ok = false;
-
- while (!ds_get_line(&s, stream)) {
- char *line = ds_cstr(&s);
- char *comment;
-
- /* Delete comments. */
- comment = strchr(line, '#');
- if (comment) {
- *comment = '\0';
- }
-
- /* Drop empty lines. */
- if (line[strspn(line, " \t\n")] == '\0') {
- continue;
- }
-
- parse_ofp_flow_mod_str(packets, cur, line, OFPFC_ADD);
- ok = true;
- break;
+ struct ds s;
+ bool ok;
+
+ ds_init(&s);
+ ok = ds_get_preprocessed_line(&s, stream) == 0;
+ if (ok) {
+ parse_ofp_flow_mod_str(packets, cur, flow_mod_table_id,
+ ds_cstr(&s), command);
}
ds_destroy(&s);
bool aggregate, char *string)
{
struct flow_mod fm;
- uint8_t table_id;
- parse_ofp_str(&fm, &table_id, NULL, string);
+ parse_ofp_str(&fm, NULL, string);
fsr->aggregate = aggregate;
fsr->match = fm.cr;
fsr->out_port = fm.out_port;
- fsr->table_id = table_id;
+ fsr->table_id = fm.table_id;
}
-