/* * netsniff-ng - the packet sniffing beast * Copyright 2011 Daniel Borkmann. * Subject to the GPL, version 2. */ #include #include #include #include "patricia.h" #include "locking.h" #include "trie.h" #include "ipv4.h" #include "ipv6.h" static struct patricia_node *tree = NULL; static struct rwlock tree_lock; void trie_addr_lookup(char *buff, size_t len, int ipv4, int *fd, struct sockaddr_storage *addr, size_t *alen) { void *data; size_t dlen; struct ipv4hdr *hdr4 = (void *) buff; struct ipv6hdr *hdr6 = (void *) buff; data = ipv4 ? (void *) &hdr4->h_daddr : (void *) &hdr6->daddr; dlen = ipv4 ? sizeof(hdr4->h_daddr) : sizeof(hdr6->daddr); if (unlikely((ipv4 && ((struct ipv4hdr *) buff)->h_version != 4) || (!ipv4 && ((struct ipv6hdr *) buff)->version != 6))) { memset(addr, 0, sizeof(*addr)); (*alen) = 0; (*fd) = -1; return; } rwlock_rd_lock(&tree_lock); (*fd) = ptree_search_data_exact(data, dlen, addr, alen, tree); rwlock_unlock(&tree_lock); } int trie_addr_maybe_update(char *buff, size_t len, int ipv4, int fd, struct sockaddr_storage *addr, size_t alen) { int ret; void *data; size_t dlen; struct ipv4hdr *hdr4 = (void *) buff; struct ipv6hdr *hdr6 = (void *) buff; data = ipv4 ? (void *) &hdr4->h_saddr : (void *) &hdr6->saddr; dlen = ipv4 ? sizeof(hdr4->h_saddr) : sizeof(hdr6->saddr); if (unlikely((ipv4 && ((struct ipv4hdr *) buff)->h_version != 4) || (!ipv4 && ((struct ipv6hdr *) buff)->version != 6))) return -1; rwlock_wr_lock(&tree_lock); ret = ptree_add_entry(data, dlen, fd, addr, alen, &tree); rwlock_unlock(&tree_lock); return ret; } void trie_addr_remove(int fd) { int found = 1; struct patricia_node *n = NULL; rwlock_wr_lock(&tree_lock); while (found) { ptree_get_key(fd, tree, &n); if (n) { ptree_del_entry(n->key, n->klen, &tree); n = NULL; } else found = 0; } rwlock_unlock(&tree_lock); } void trie_addr_remove_addr(struct sockaddr_storage *addr, size_t alen) { int found = 1; struct patricia_node *n = NULL; rwlock_wr_lock(&tree_lock); while (found) { ptree_get_key_addr(addr, alen, tree, &n); if (n) { ptree_del_entry(n->key, n->klen, &tree); n = NULL; } else found = 0; } rwlock_unlock(&tree_lock); } void trie_init(void) { rwlock_init(&tree_lock); } void trie_cleanup(void) { rwlock_wr_lock(&tree_lock); ptree_free(tree); rwlock_unlock(&tree_lock); rwlock_destroy(&tree_lock); }
path: root/net/bridge
AgeCommit message (Collapse)AuthorFilesLines
2017-02-03bridge: vlan dst_metadata hooks in ingress and egress pathsRoopa Prabhu6-2/+82
- ingress hook: - if port is a tunnel port, use tunnel info in attached dst_metadata to map it to a local vlan - egress hook: - if port is a tunnel port, use tunnel info attached to vlan to set dst_metadata on the skb CC: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-03bridge: per vlan dst_metadata netlink supportRoopa Prabhu7-48/+641
This patch adds support to attach per vlan tunnel info dst metadata. This enables bridge driver to map vlan to tunnel_info at ingress and egress. It uses the kernel dst_metadata infrastructure. The initial use case is vlan to vni bridging, but the api is generic to extend to any tunnel_info in the future: - Uapi to configure/unconfigure/dump per vlan tunnel data - netlink functions to configure vlan and tunnel_info mapping - Introduces bridge port flag BR_LWT_VLAN to enable attach/detach dst_metadata to bridged packets on ports. off by default. - changes to existing code is mainly refactor some existing vlan handling netlink code + hooks for new vlan tunnel code - I have kept the vlan tunnel code isolated in separate files. - most of the netlink vlan tunnel code is handling of vlan-tunid ranges (follows the vlan range handling code). To conserve space vlan-tunid by default are always dumped in ranges if applicable. Use case: example use for this is a vxlan bridging gateway or vtep which maps vlans to vn-segments (or vnis). iproute2 example (patched and pruned iproute2 output to just show relevant fdb entries): example shows same host mac learnt on two vni's and vlan 100 maps to vni 1000, vlan 101 maps to vni 1001 before (netdev per vni): $bridge fdb show | grep "00:02:00:00:00:03" 00:02:00:00:00:03 dev vxlan1001 vlan 101 master bridge 00:02:00:00:00:03 dev vxlan1001 dst 12.0.0.8 self 00:02:00:00:00:03 dev vxlan1000 vlan 100 master bridge 00:02:00:00:00:03 dev vxlan1000 dst 12.0.0.8 self after this patch with collect metdata in bridged mode (single netdev): $bridge fdb show | grep "00:02:00:00:00:03" 00:02:00:00:00:03 dev vxlan0 vlan 101 master bridge 00:02:00:00:00:03 dev vxlan0 src_vni 1001 dst 12.0.0.8 self 00:02:00:00:00:03 dev vxlan0 vlan 100 master bridge 00:02:00:00:00:03 dev vxlan0 src_vni 1000 dst 12.0.0.8 self CC: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>