diff options
Diffstat (limited to 'include/proto.h')
-rw-r--r-- | include/proto.h | 138 |
1 files changed, 128 insertions, 10 deletions
diff --git a/include/proto.h b/include/proto.h index fab48c1b..9c98a0b7 100644 --- a/include/proto.h +++ b/include/proto.h @@ -18,6 +18,7 @@ enum proto_bases { PROTO_BASE_LL_HDR, PROTO_BASE_NETWORK_HDR, PROTO_BASE_TRANSPORT_HDR, + PROTO_BASE_INNER_HDR, __PROTO_BASE_MAX }; #define PROTO_BASE_MAX (__PROTO_BASE_MAX - 1) @@ -25,6 +26,19 @@ enum proto_bases { extern const char *proto_base_names[]; extern const char *proto_base_tokens[]; +enum icmp_hdr_field_type { + PROTO_ICMP_ANY = 0, + PROTO_ICMP_ECHO, /* echo and reply */ + PROTO_ICMP_MTU, /* destination unreachable */ + PROTO_ICMP_ADDRESS, /* redirect */ + PROTO_ICMP6_MTU, + PROTO_ICMP6_PPTR, + PROTO_ICMP6_ECHO, + PROTO_ICMP6_MGMQ, + PROTO_ICMP6_ADDRESS, /* neighbor solicit/advert, redirect and MLD */ + PROTO_ICMP6_REDIRECT, +}; + /** * struct proto_hdr_template - protocol header field description * @@ -33,14 +47,16 @@ extern const char *proto_base_tokens[]; * @offset: offset of the header field from base * @len: length of header field * @meta_key: special case: meta expression key + * @icmp_dep: special case: icmp header dependency */ struct proto_hdr_template { const char *token; const struct datatype *dtype; uint16_t offset; uint16_t len; - enum byteorder byteorder; - enum nft_meta_keys meta_key; + enum byteorder byteorder:8; + enum nft_meta_keys meta_key:8; + enum icmp_hdr_field_type icmp_dep:8; }; #define PROTO_HDR_TEMPLATE(__token, __dtype, __byteorder, __offset, __len)\ @@ -63,10 +79,38 @@ struct proto_hdr_template { #define PROTO_UPPER_MAX 16 #define PROTO_HDRS_MAX 20 +enum proto_desc_id { + PROTO_DESC_UNKNOWN = 0, + PROTO_DESC_AH, + PROTO_DESC_ESP, + PROTO_DESC_COMP, + PROTO_DESC_ICMP, + PROTO_DESC_IGMP, + PROTO_DESC_UDP, + PROTO_DESC_UDPLITE, + PROTO_DESC_TCP, + PROTO_DESC_DCCP, + PROTO_DESC_SCTP, + PROTO_DESC_TH, + PROTO_DESC_IP, + PROTO_DESC_IP6, + PROTO_DESC_ICMPV6, + PROTO_DESC_ARP, + PROTO_DESC_VLAN, + PROTO_DESC_ETHER, + PROTO_DESC_VXLAN, + PROTO_DESC_GENEVE, + PROTO_DESC_GRE, + PROTO_DESC_GRETAP, + __PROTO_DESC_MAX +}; +#define PROTO_DESC_MAX (__PROTO_DESC_MAX - 1) + /** * struct proto_desc - protocol header description * * @name: protocol name + * @id: protocol identifier * @base: header base * @checksum_key: key of template containing checksum * @protocol_key: key of template containing upper layer protocol description @@ -77,9 +121,11 @@ struct proto_hdr_template { */ struct proto_desc { const char *name; - enum proto_bases base; - unsigned int checksum_key; - unsigned int protocol_key; + enum proto_desc_id id:8; + enum proto_bases base:8; + enum nft_payload_csum_types checksum_type:8; + uint16_t checksum_key; + uint16_t protocol_key; unsigned int length; struct { unsigned int num; @@ -91,7 +137,11 @@ struct proto_desc { uint32_t filter; } format; unsigned int pseudohdr[PROTO_HDRS_MAX]; - + struct { + uint32_t hdrsize; + uint32_t flags; + enum nft_inner_type type; + } inner; }; #define PROTO_LINK(__num, __desc) { .num = (__num), .desc = (__desc), } @@ -127,6 +177,8 @@ struct dev_proto_desc { extern int proto_dev_type(const struct proto_desc *desc, uint16_t *res); extern const struct proto_desc *proto_dev_desc(uint16_t type); +#define PROTO_CTX_NUM_PROTOS 16 + /** * struct proto_ctx - protocol context * @@ -142,23 +194,43 @@ extern const struct proto_desc *proto_dev_desc(uint16_t type); */ struct proto_ctx { unsigned int debug_mask; - unsigned int family; + uint8_t family; + bool inner; + union { + struct { + uint8_t type; + } icmp; + } th_dep; struct { struct location location; const struct proto_desc *desc; - unsigned int offset; + struct { + struct location location; + const struct proto_desc *desc; + } protos[PROTO_CTX_NUM_PROTOS]; + unsigned int num_protos; } protocol[PROTO_BASE_MAX + 1]; + const struct proto_desc *stacked_ll[PROTO_CTX_NUM_PROTOS]; + uint8_t stacked_ll_count; }; extern void proto_ctx_init(struct proto_ctx *ctx, unsigned int family, - unsigned int debug_mask); + unsigned int debug_mask, bool inner); extern void proto_ctx_update(struct proto_ctx *ctx, enum proto_bases base, const struct location *loc, const struct proto_desc *desc); +bool proto_ctx_is_ambiguous(struct proto_ctx *ctx, enum proto_bases bases); +const struct proto_desc *proto_ctx_find_conflict(struct proto_ctx *ctx, + enum proto_bases base, + const struct proto_desc *desc); extern const struct proto_desc *proto_find_upper(const struct proto_desc *base, unsigned int num); extern int proto_find_num(const struct proto_desc *base, const struct proto_desc *desc); +const struct proto_desc *proto_find_inner(uint32_t type, uint32_t hdrsize, + uint32_t flags); + +extern const struct proto_desc *proto_find_desc(enum proto_desc_id desc_id); enum eth_hdr_fields { ETHHDR_INVALID, @@ -170,6 +242,7 @@ enum eth_hdr_fields { enum vlan_hdr_fields { VLANHDR_INVALID, VLANHDR_PCP, + VLANHDR_DEI, VLANHDR_CFI, VLANHDR_VID, VLANHDR_TYPE, @@ -183,8 +256,8 @@ enum arp_hdr_fields { ARPHDR_PLN, ARPHDR_OP, ARPHDR_SADDR_ETHER, - ARPHDR_DADDR_ETHER, ARPHDR_SADDR_IP, + ARPHDR_DADDR_ETHER, ARPHDR_DADDR_IP, }; @@ -203,6 +276,7 @@ enum ip_hdr_fields { IPHDR_SADDR, IPHDR_DADDR, }; +#define IPHDR_MAX IPHDR_DADDR enum icmp_hdr_fields { ICMPHDR_INVALID, @@ -233,6 +307,8 @@ enum icmp6_hdr_fields { ICMP6HDR_ID, ICMP6HDR_SEQ, ICMP6HDR_MAXDELAY, + ICMP6HDR_TADDR, + ICMP6HDR_DADDR, }; enum ip6_hdr_fields { @@ -316,6 +392,45 @@ enum th_hdr_fields { THDR_DPORT, }; +struct vxlanhdr { + uint32_t vx_flags; + uint32_t vx_vni; +}; + +enum vxlan_hdr_fields { + VXLANHDR_INVALID, + VXLANHDR_VNI, + VXLANHDR_FLAGS, +}; + +struct gnvhdr { + uint16_t flags; + uint16_t type; + uint32_t vni; +}; +enum geneve_hdr_fields { + GNVHDR_INVALID, + GNVHDR_VNI, + GNVHDR_TYPE, +}; + +struct grehdr { + uint16_t flags; + uint16_t protocol; +}; + +enum gre_hdr_fields { + GREHDR_INVALID, + GREHDR_VERSION, + GREHDR_FLAGS, + GREHDR_PROTOCOL, +}; + +extern const struct proto_desc proto_vxlan; +extern const struct proto_desc proto_geneve; +extern const struct proto_desc proto_gre; +extern const struct proto_desc proto_gretap; + extern const struct proto_desc proto_icmp; extern const struct proto_desc proto_igmp; extern const struct proto_desc proto_ah; @@ -353,4 +468,7 @@ extern const struct datatype icmp6_type_type; extern const struct datatype dscp_type; extern const struct datatype ecn_type; +struct eval_ctx; +struct proto_ctx *eval_proto_ctx(struct eval_ctx *ctx); + #endif /* NFTABLES_PROTO_H */ |