diff options
Diffstat (limited to 'include/proto.h')
| -rw-r--r-- | include/proto.h | 113 |
1 files changed, 102 insertions, 11 deletions
diff --git a/include/proto.h b/include/proto.h index 1771ba8e..9c98a0b7 100644 --- a/include/proto.h +++ b/include/proto.h @@ -18,6 +18,7 @@ enum proto_bases { PROTO_BASE_LL_HDR, PROTO_BASE_NETWORK_HDR, PROTO_BASE_TRANSPORT_HDR, + PROTO_BASE_INNER_HDR, __PROTO_BASE_MAX }; #define PROTO_BASE_MAX (__PROTO_BASE_MAX - 1) @@ -25,6 +26,19 @@ enum proto_bases { extern const char *proto_base_names[]; extern const char *proto_base_tokens[]; +enum icmp_hdr_field_type { + PROTO_ICMP_ANY = 0, + PROTO_ICMP_ECHO, /* echo and reply */ + PROTO_ICMP_MTU, /* destination unreachable */ + PROTO_ICMP_ADDRESS, /* redirect */ + PROTO_ICMP6_MTU, + PROTO_ICMP6_PPTR, + PROTO_ICMP6_ECHO, + PROTO_ICMP6_MGMQ, + PROTO_ICMP6_ADDRESS, /* neighbor solicit/advert, redirect and MLD */ + PROTO_ICMP6_REDIRECT, +}; + /** * struct proto_hdr_template - protocol header field description * @@ -33,14 +47,16 @@ extern const char *proto_base_tokens[]; * @offset: offset of the header field from base * @len: length of header field * @meta_key: special case: meta expression key + * @icmp_dep: special case: icmp header dependency */ struct proto_hdr_template { const char *token; const struct datatype *dtype; uint16_t offset; uint16_t len; - enum byteorder byteorder; - enum nft_meta_keys meta_key; + enum byteorder byteorder:8; + enum nft_meta_keys meta_key:8; + enum icmp_hdr_field_type icmp_dep:8; }; #define PROTO_HDR_TEMPLATE(__token, __dtype, __byteorder, __offset, __len)\ @@ -82,6 +98,10 @@ enum proto_desc_id { PROTO_DESC_ARP, PROTO_DESC_VLAN, PROTO_DESC_ETHER, + PROTO_DESC_VXLAN, + PROTO_DESC_GENEVE, + PROTO_DESC_GRE, + PROTO_DESC_GRETAP, __PROTO_DESC_MAX }; #define PROTO_DESC_MAX (__PROTO_DESC_MAX - 1) @@ -101,10 +121,11 @@ enum proto_desc_id { */ struct proto_desc { const char *name; - enum proto_desc_id id; - enum proto_bases base; - unsigned int checksum_key; - unsigned int protocol_key; + enum proto_desc_id id:8; + enum proto_bases base:8; + enum nft_payload_csum_types checksum_type:8; + uint16_t checksum_key; + uint16_t protocol_key; unsigned int length; struct { unsigned int num; @@ -116,7 +137,11 @@ struct proto_desc { uint32_t filter; } format; unsigned int pseudohdr[PROTO_HDRS_MAX]; - + struct { + uint32_t hdrsize; + uint32_t flags; + enum nft_inner_type type; + } inner; }; #define PROTO_LINK(__num, __desc) { .num = (__num), .desc = (__desc), } @@ -152,6 +177,8 @@ struct dev_proto_desc { extern int proto_dev_type(const struct proto_desc *desc, uint16_t *res); extern const struct proto_desc *proto_dev_desc(uint16_t type); +#define PROTO_CTX_NUM_PROTOS 16 + /** * struct proto_ctx - protocol context * @@ -167,23 +194,41 @@ extern const struct proto_desc *proto_dev_desc(uint16_t type); */ struct proto_ctx { unsigned int debug_mask; - unsigned int family; + uint8_t family; + bool inner; + union { + struct { + uint8_t type; + } icmp; + } th_dep; struct { struct location location; const struct proto_desc *desc; - unsigned int offset; + struct { + struct location location; + const struct proto_desc *desc; + } protos[PROTO_CTX_NUM_PROTOS]; + unsigned int num_protos; } protocol[PROTO_BASE_MAX + 1]; + const struct proto_desc *stacked_ll[PROTO_CTX_NUM_PROTOS]; + uint8_t stacked_ll_count; }; extern void proto_ctx_init(struct proto_ctx *ctx, unsigned int family, - unsigned int debug_mask); + unsigned int debug_mask, bool inner); extern void proto_ctx_update(struct proto_ctx *ctx, enum proto_bases base, const struct location *loc, const struct proto_desc *desc); +bool proto_ctx_is_ambiguous(struct proto_ctx *ctx, enum proto_bases bases); +const struct proto_desc *proto_ctx_find_conflict(struct proto_ctx *ctx, + enum proto_bases base, + const struct proto_desc *desc); extern const struct proto_desc *proto_find_upper(const struct proto_desc *base, unsigned int num); extern int proto_find_num(const struct proto_desc *base, const struct proto_desc *desc); +const struct proto_desc *proto_find_inner(uint32_t type, uint32_t hdrsize, + uint32_t flags); extern const struct proto_desc *proto_find_desc(enum proto_desc_id desc_id); @@ -197,6 +242,7 @@ enum eth_hdr_fields { enum vlan_hdr_fields { VLANHDR_INVALID, VLANHDR_PCP, + VLANHDR_DEI, VLANHDR_CFI, VLANHDR_VID, VLANHDR_TYPE, @@ -210,8 +256,8 @@ enum arp_hdr_fields { ARPHDR_PLN, ARPHDR_OP, ARPHDR_SADDR_ETHER, - ARPHDR_DADDR_ETHER, ARPHDR_SADDR_IP, + ARPHDR_DADDR_ETHER, ARPHDR_DADDR_IP, }; @@ -230,6 +276,7 @@ enum ip_hdr_fields { IPHDR_SADDR, IPHDR_DADDR, }; +#define IPHDR_MAX IPHDR_DADDR enum icmp_hdr_fields { ICMPHDR_INVALID, @@ -260,6 +307,8 @@ enum icmp6_hdr_fields { ICMP6HDR_ID, ICMP6HDR_SEQ, ICMP6HDR_MAXDELAY, + ICMP6HDR_TADDR, + ICMP6HDR_DADDR, }; enum ip6_hdr_fields { @@ -343,6 +392,45 @@ enum th_hdr_fields { THDR_DPORT, }; +struct vxlanhdr { + uint32_t vx_flags; + uint32_t vx_vni; +}; + +enum vxlan_hdr_fields { + VXLANHDR_INVALID, + VXLANHDR_VNI, + VXLANHDR_FLAGS, +}; + +struct gnvhdr { + uint16_t flags; + uint16_t type; + uint32_t vni; +}; +enum geneve_hdr_fields { + GNVHDR_INVALID, + GNVHDR_VNI, + GNVHDR_TYPE, +}; + +struct grehdr { + uint16_t flags; + uint16_t protocol; +}; + +enum gre_hdr_fields { + GREHDR_INVALID, + GREHDR_VERSION, + GREHDR_FLAGS, + GREHDR_PROTOCOL, +}; + +extern const struct proto_desc proto_vxlan; +extern const struct proto_desc proto_geneve; +extern const struct proto_desc proto_gre; +extern const struct proto_desc proto_gretap; + extern const struct proto_desc proto_icmp; extern const struct proto_desc proto_igmp; extern const struct proto_desc proto_ah; @@ -380,4 +468,7 @@ extern const struct datatype icmp6_type_type; extern const struct datatype dscp_type; extern const struct datatype ecn_type; +struct eval_ctx; +struct proto_ctx *eval_proto_ctx(struct eval_ctx *ctx); + #endif /* NFTABLES_PROTO_H */ |