src: add igmp support

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2019-01-09 16:26:19 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-01-09 16:26:19 +0100
commit: bad27ca386276e64cd7a27abf3417b8a4be20fa4 (patch)
tree: 92ee68e602f3acaad34926aa80db2657bca4907d /src
parent: 70065ab63a90787c49f714c6e39fa1b112b5c8af (diff)
5 files changed, 86 insertions, 5 deletions
diff --git a/src/datatype.c b/src/datatype.c
index 6af1c843..0e745833 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -70,6 +70,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
 	[TYPE_FIB_ADDR]         = &fib_addr_type,
 	[TYPE_BOOLEAN]		= &boolean_type,
 	[TYPE_IFNAME]		= &ifname_type,
+	[TYPE_IGMP_TYPE]	= &igmp_type_type,
 };
 
 const struct datatype *datatype_lookup(enum datatypes type)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 01f5be95..39a3ab04 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -314,6 +314,9 @@ int nft_lex(void *, void *, void *);
 %token GATEWAY			"gateway"
 %token MTU			"mtu"
 
+%token IGMP			"igmp"
+%token MRT			"mrt"
+
 %token OPTIONS			"options"
 
 %token IP6			"ip6"
@@ -691,9 +694,9 @@ int nft_lex(void *, void *, void *);
 %type <expr>			arp_hdr_expr
 %destructor { expr_free($$); }	arp_hdr_expr
 %type <val>			arp_hdr_field
-%type <expr>			ip_hdr_expr	icmp_hdr_expr		numgen_expr	hash_expr
-%destructor { expr_free($$); }	ip_hdr_expr	icmp_hdr_expr		numgen_expr	hash_expr
-%type <val>			ip_hdr_field	icmp_hdr_field
+%type <expr>			ip_hdr_expr	icmp_hdr_expr		igmp_hdr_expr numgen_expr	hash_expr
+%destructor { expr_free($$); }	ip_hdr_expr	icmp_hdr_expr		igmp_hdr_expr numgen_expr	hash_expr
+%type <val>			ip_hdr_field	icmp_hdr_field		igmp_hdr_field
 %type <expr>			ip6_hdr_expr    icmp6_hdr_expr
 %destructor { expr_free($$); }	ip6_hdr_expr	icmp6_hdr_expr
 %type <val>			ip6_hdr_field   icmp6_hdr_field
@@ -3736,6 +3739,13 @@ primary_rhs_expr	:	symbol_expr		{ $$ = $1; }
 							 BYTEORDER_HOST_ENDIAN,
 							 sizeof(data) * BITS_PER_BYTE, &data);
 			}
+			|	IGMP
+			{
+				uint8_t data = IPPROTO_IGMP;
+				$$ = constant_expr_alloc(&@$, &inet_protocol_type,
+							 BYTEORDER_HOST_ENDIAN,
+							 sizeof(data) * BITS_PER_BYTE, &data);
+			}
 			|	ICMP6
 			{
 				uint8_t data = IPPROTO_ICMPV6;
@@ -4144,6 +4154,7 @@ payload_expr		:	payload_raw_expr
 			|	arp_hdr_expr
 			|	ip_hdr_expr
 			|	icmp_hdr_expr
+			|	igmp_hdr_expr
 			|	ip6_hdr_expr
 			|	icmp6_hdr_expr
 			|	auth_hdr_expr
@@ -4241,6 +4252,18 @@ icmp_hdr_field		:	TYPE		{ $$ = ICMPHDR_TYPE; }
 			|	MTU		{ $$ = ICMPHDR_MTU; }
 			;
 
+igmp_hdr_expr		:	IGMP	igmp_hdr_field
+			{
+				$$ = payload_expr_alloc(&@$, &proto_igmp, $2);
+			}
+			;
+
+igmp_hdr_field		:	TYPE		{ $$ = IGMPHDR_TYPE; }
+			|	CHECKSUM	{ $$ = IGMPHDR_CHECKSUM; }
+			|	MRT		{ $$ = IGMPHDR_MRT; }
+			|	GROUP		{ $$ = IGMPHDR_GROUP; }
+			;
+
 ip6_hdr_expr		:	IP6	ip6_hdr_field
 			{
 				$$ = payload_expr_alloc(&@$, &proto_ip6, $2);
diff --git a/src/payload.c b/src/payload.c
index 6517686c..fab97b11 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -269,7 +269,8 @@ payload_gen_special_dependency(struct eval_ctx *ctx, const struct expr *expr)
 		return payload_get_get_ll_hdr(ctx);
 	case PROTO_BASE_TRANSPORT_HDR:
 		if (expr->payload.desc == &proto_icmp ||
-		    expr->payload.desc == &proto_icmp6) {
+		    expr->payload.desc == &proto_icmp6 ||
+		    expr->payload.desc == &proto_igmp) {
 			const struct proto_desc *desc, *desc_upper;
 			struct stmt *nstmt;
 
@@ -281,7 +282,8 @@ payload_gen_special_dependency(struct eval_ctx *ctx, const struct expr *expr)
 			}
 
 			desc_upper = &proto_ip6;
-			if (expr->payload.desc == &proto_icmp)
+			if (expr->payload.desc == &proto_icmp ||
+			    expr->payload.desc == &proto_igmp)
 				desc_upper = &proto_ip;
 
 			if (payload_add_dependency(ctx, desc, desc_upper,
diff --git a/src/proto.c b/src/proto.c
index d178bf39..f68fb684 100644
--- a/src/proto.c
+++ b/src/proto.c
@@ -357,6 +357,55 @@ const struct proto_desc proto_icmp = {
 };
 
 /*
+ * IGMP
+ */
+
+#include <netinet/igmp.h>
+
+#ifndef IGMP_V3_MEMBERSHIP_REPORT
+#define IGMP_V3_MEMBERSHIP_REPORT	0x22
+#endif
+
+static const struct symbol_table igmp_type_tbl = {
+	.base		= BASE_DECIMAL,
+	.symbols	= {
+		SYMBOL("membership-query",		IGMP_MEMBERSHIP_QUERY),
+		SYMBOL("membership-report-v1",		IGMP_V1_MEMBERSHIP_REPORT),
+		SYMBOL("membership-report-v2",		IGMP_V2_MEMBERSHIP_REPORT),
+		SYMBOL("membership-report-v3",		IGMP_V3_MEMBERSHIP_REPORT),
+		SYMBOL("leave-group",			IGMP_V2_LEAVE_GROUP),
+		SYMBOL_LIST_END
+	},
+};
+
+const struct datatype igmp_type_type = {
+	.type		= TYPE_IGMP_TYPE,
+	.name		= "igmp_type",
+	.desc		= "IGMP type",
+	.byteorder	= BYTEORDER_BIG_ENDIAN,
+	.size		= BITS_PER_BYTE,
+	.basetype	= &integer_type,
+	.sym_tbl	= &igmp_type_tbl,
+};
+
+#define IGMPHDR_FIELD(__name, __member) \
+	HDR_FIELD(__name, struct igmp, __member)
+#define IGMPHDR_TYPE(__name, __type, __member) \
+	HDR_TYPE(__name, __type, struct igmp, __member)
+
+const struct proto_desc proto_igmp = {
+	.name		= "igmp",
+	.base		= PROTO_BASE_TRANSPORT_HDR,
+	.checksum_key	= IGMPHDR_CHECKSUM,
+	.templates	= {
+		[IGMPHDR_TYPE]		= IGMPHDR_TYPE("type", &igmp_type_type, igmp_type),
+		[IGMPHDR_MRT]		= IGMPHDR_FIELD("mrt", igmp_code),
+		[IGMPHDR_CHECKSUM]	= IGMPHDR_FIELD("checksum", igmp_cksum),
+		[IGMPHDR_GROUP]		= IGMPHDR_FIELD("group", igmp_group),
+	},
+};
+
+/*
  * UDP/UDP-Lite
  */
 
@@ -591,6 +640,7 @@ const struct proto_desc proto_ip = {
 	.checksum_key	= IPHDR_CHECKSUM,
 	.protocols	= {
 		PROTO_LINK(IPPROTO_ICMP,	&proto_icmp),
+		PROTO_LINK(IPPROTO_IGMP,	&proto_igmp),
 		PROTO_LINK(IPPROTO_ICMPV6,	&proto_icmp6),
 		PROTO_LINK(IPPROTO_ESP,		&proto_esp),
 		PROTO_LINK(IPPROTO_AH,		&proto_ah),
@@ -720,6 +770,7 @@ const struct proto_desc proto_ip6 = {
 		PROTO_LINK(IPPROTO_DCCP,	&proto_dccp),
 		PROTO_LINK(IPPROTO_SCTP,	&proto_sctp),
 		PROTO_LINK(IPPROTO_ICMP,	&proto_icmp),
+		PROTO_LINK(IPPROTO_IGMP,	&proto_igmp),
 		PROTO_LINK(IPPROTO_ICMPV6,	&proto_icmp6),
 	},
 	.templates	= {
@@ -784,6 +835,7 @@ const struct proto_desc proto_inet_service = {
 		PROTO_LINK(IPPROTO_DCCP,	&proto_dccp),
 		PROTO_LINK(IPPROTO_SCTP,	&proto_sctp),
 		PROTO_LINK(IPPROTO_ICMP,	&proto_icmp),
+		PROTO_LINK(IPPROTO_IGMP,	&proto_igmp),
 		PROTO_LINK(IPPROTO_ICMPV6,	&proto_icmp6),
 	},
 	.templates	= {
diff --git a/src/scanner.l b/src/scanner.l
index f96944e9..6f83aa11 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -426,6 +426,9 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 "gateway"		{ return GATEWAY; }
 "mtu"			{ return MTU; }
 
+"igmp"			{ return IGMP; }
+"mrt"			{ return MRT; }
+
 "ip6"			{ return IP6; }
 "priority"		{ return PRIORITY; }
 "flowlabel"		{ return FLOWLABEL; }
author	Pablo Neira Ayuso <pablo@netfilter.org>	2019-01-09 16:26:19 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-01-09 16:26:19 +0100
commit	bad27ca386276e64cd7a27abf3417b8a4be20fa4 (patch)
tree	92ee68e602f3acaad34926aa80db2657bca4907d /src
parent	70065ab63a90787c49f714c6e39fa1b112b5c8af (diff)