#include <errno.h>
#include <stdlib.h>
+#include "autopath.h"
+#include "bundle.h"
#include "byte-order.h"
#include "dynamic-string.h"
#include "netdev.h"
char *tail;
uint32_t value;
- if (!str) {
+ if (!str[0]) {
ovs_fatal(0, "missing required numeric argument");
}
char *tail;
uint64_t value;
+ if (!str[0]) {
+ ovs_fatal(0, "missing required numeric argument");
+ }
+
errno = 0;
value = strtoull(str, &tail, 0);
if (errno == EINVAL || errno == ERANGE || *tail) {
}
}
+static void
+str_to_eth_dst(const char *str,
+ uint8_t mac[ETH_ADDR_LEN], uint8_t mask[ETH_ADDR_LEN])
+{
+ if (sscanf(str, ETH_ADDR_SCAN_FMT"/"ETH_ADDR_SCAN_FMT,
+ ETH_ADDR_SCAN_ARGS(mac), ETH_ADDR_SCAN_ARGS(mask))
+ == ETH_ADDR_SCAN_COUNT * 2) {
+ if (!flow_wildcards_is_dl_dst_mask_valid(mask)) {
+ ovs_fatal(0, "%s: invalid Ethernet destination mask (only "
+ "00:00:00:00:00:00, 01:00:00:00:00:00, "
+ "fe:ff:ff:ff:ff:ff, and ff:ff:ff:ff:ff:ff are allowed)",
+ str);
+ }
+ } else if (sscanf(str, ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))
+ == ETH_ADDR_SCAN_COUNT) {
+ memset(mask, 0xff, ETH_ADDR_LEN);
+ } else {
+ ovs_fatal(0, "invalid mac address %s", str);
+ }
+}
+
static void
str_to_ip(const char *str_, ovs_be32 *ip, ovs_be32 *maskp)
{
ovs_fatal(0, "%s: bad syntax for tunnel id", str);
}
+static void
+str_to_vlan_tci(const char *str, ovs_be16 *vlan_tcip, ovs_be16 *maskp)
+{
+ uint16_t vlan_tci, mask;
+ char *tail;
+
+ errno = 0;
+ vlan_tci = strtol(str, &tail, 0);
+ if (errno || (*tail != '\0' && *tail != '/')) {
+ goto error;
+ }
+
+ if (*tail == '/') {
+ mask = strtol(tail + 1, &tail, 0);
+ if (errno || *tail != '\0') {
+ goto error;
+ }
+ } else {
+ mask = UINT16_MAX;
+ }
+
+ *vlan_tcip = htons(vlan_tci);
+ *maskp = htons(mask);
+ return;
+
+error:
+ ovs_fatal(0, "%s: bad syntax for vlan_tci", str);
+}
+
+static void
+str_to_ipv6(const char *str_, struct in6_addr *addrp, struct in6_addr *maskp)
+{
+ char *str = xstrdup(str_);
+ char *save_ptr = NULL;
+ const char *name, *netmask;
+ struct in6_addr addr, mask;
+ int retval;
+
+ name = strtok_r(str, "/", &save_ptr);
+ retval = name ? lookup_ipv6(name, &addr) : EINVAL;
+ if (retval) {
+ ovs_fatal(0, "%s: could not convert to IPv6 address", str);
+ }
+
+ netmask = strtok_r(NULL, "/", &save_ptr);
+ if (netmask) {
+ int prefix = atoi(netmask);
+ if (prefix <= 0 || prefix > 128) {
+ ovs_fatal(0, "%s: network prefix bits not between 1 and 128",
+ str);
+ } else {
+ mask = ipv6_create_mask(prefix);
+ }
+ } else {
+ mask = in6addr_exact;
+ }
+ *addrp = ipv6_addr_bitand(&addr, &mask);
+
+ if (maskp) {
+ *maskp = mask;
+ } else {
+ if (!ipv6_mask_is_exact(&mask)) {
+ ovs_fatal(0, "%s: netmask not allowed here", str_);
+ }
+ }
+
+ free(str);
+}
+
static void *
put_action(struct ofpbuf *b, size_t size, uint16_t type)
{
str_to_mac(addr, oada->dl_addr);
}
-
static bool
parse_port_name(const char *name, uint16_t *port)
{
return false;
}
+static void
+parse_resubmit(struct nx_action_resubmit *nar, char *arg)
+{
+ char *in_port_s, *table_s;
+ uint16_t in_port;
+ uint8_t table;
+
+ in_port_s = strsep(&arg, ",");
+ if (in_port_s && in_port_s[0]) {
+ if (!parse_port_name(in_port_s, &in_port)) {
+ in_port = str_to_u32(in_port_s);
+ }
+ } else {
+ in_port = OFPP_IN_PORT;
+ }
+
+ table_s = strsep(&arg, ",");
+ table = table_s && table_s[0] ? str_to_u32(table_s) : 255;
+
+ if (in_port == OFPP_IN_PORT && table == 255) {
+ ovs_fatal(0, "at least one \"in_port\" or \"table\" must be specified "
+ " on resubmit");
+ }
+
+ nar->vendor = htonl(NX_VENDOR_ID);
+ nar->in_port = htons(in_port);
+ if (in_port != OFPP_IN_PORT && table == 255) {
+ nar->subtype = htons(NXAST_RESUBMIT);
+ } else {
+ nar->subtype = htons(NXAST_RESUBMIT_TABLE);
+ nar->table = table;
+ }
+}
+
static void
str_to_action(char *str, struct ofpbuf *b)
{
pos = str;
n_actions = 0;
for (;;) {
+ char empty_string[] = "";
char *act, *arg;
size_t actlen;
uint16_t port;
pos = arg + arglen;
} else {
/* There might be no argument at all. */
- arg = NULL;
+ arg = empty_string;
pos = act + actlen + (act[actlen] != '\0');
}
act[actlen] = '\0';
} else if (!strcasecmp(act, "resubmit")) {
struct nx_action_resubmit *nar;
nar = put_action(b, sizeof *nar, OFPAT_VENDOR);
- nar->vendor = htonl(NX_VENDOR_ID);
- nar->subtype = htons(NXAST_RESUBMIT);
- nar->in_port = htons(str_to_u32(arg));
+ parse_resubmit(nar, arg);
} else if (!strcasecmp(act, "set_tunnel")
|| !strcasecmp(act, "set_tunnel64")) {
uint64_t tun_id = str_to_u64(arg);
nast->subtype = htons(NXAST_SET_TUNNEL);
nast->tun_id = htonl(tun_id);
}
- } else if (!strcasecmp(act, "drop_spoofed_arp")) {
- struct nx_action_header *nah;
- nah = put_action(b, sizeof *nah, OFPAT_VENDOR);
- nah->vendor = htonl(NX_VENDOR_ID);
- nah->subtype = htons(NXAST_DROP_SPOOFED_ARP);
} else if (!strcasecmp(act, "set_queue")) {
struct nx_action_set_queue *nasq;
nasq = put_action(b, sizeof *nasq, OFPAT_VENDOR);
nan->subtype = htons(NXAST_NOTE);
b->size -= sizeof nan->note;
- while (arg && *arg != '\0') {
+ while (*arg != '\0') {
uint8_t byte;
bool ok;
if (remainder) {
ofpbuf_put_zeros(b, OFP_ACTION_ALIGN - remainder);
}
+ nan = (struct nx_action_note *)((char *)b->data + start_ofs);
nan->len = htons(b->size - start_ofs);
} else if (!strcasecmp(act, "move")) {
struct nx_action_reg_move *move;
struct nx_action_multipath *nam;
nam = ofpbuf_put_uninit(b, sizeof *nam);
multipath_parse(nam, arg);
+ } else if (!strcasecmp(act, "autopath")) {
+ struct nx_action_autopath *naa;
+ naa = ofpbuf_put_uninit(b, sizeof *naa);
+ autopath_parse(naa, arg);
+ } else if (!strcasecmp(act, "bundle")) {
+ bundle_parse(b, arg);
+ } else if (!strcasecmp(act, "bundle_load")) {
+ bundle_parse_load(b, arg);
} else if (!strcasecmp(act, "output")) {
put_output_action(b, str_to_u32(arg));
} else if (!strcasecmp(act, "enqueue")) {
/* Unless a numeric argument is specified, we send the whole
* packet to the controller. */
- if (arg && (strspn(arg, "0123456789") == strlen(arg))) {
+ if (arg[0] && (strspn(arg, "0123456789") == strlen(arg))) {
oao->max_len = htons(str_to_u32(arg));
} else {
oao->max_len = htons(UINT16_MAX);
{ "icmp", ETH_TYPE_IP, IPPROTO_ICMP },
{ "tcp", ETH_TYPE_IP, IPPROTO_TCP },
{ "udp", ETH_TYPE_IP, IPPROTO_UDP },
+ { "ipv6", ETH_TYPE_IPV6, 0 },
+ { "ip6", ETH_TYPE_IPV6, 0 },
+ { "icmp6", ETH_TYPE_IPV6, IPPROTO_ICMPV6 },
+ { "tcp6", ETH_TYPE_IPV6, IPPROTO_TCP },
+ { "udp6", ETH_TYPE_IPV6, IPPROTO_UDP },
};
const struct protocol *p;
FIELD(F_IN_PORT, "in_port", FWW_IN_PORT) \
FIELD(F_DL_VLAN, "dl_vlan", 0) \
FIELD(F_DL_VLAN_PCP, "dl_vlan_pcp", 0) \
+ FIELD(F_VLAN_TCI, "vlan_tci", 0) \
FIELD(F_DL_SRC, "dl_src", FWW_DL_SRC) \
- FIELD(F_DL_DST, "dl_dst", FWW_DL_DST) \
+ FIELD(F_DL_DST, "dl_dst", FWW_DL_DST | FWW_ETH_MCAST) \
FIELD(F_DL_TYPE, "dl_type", FWW_DL_TYPE) \
FIELD(F_NW_SRC, "nw_src", 0) \
FIELD(F_NW_DST, "nw_dst", 0) \
FIELD(F_ICMP_TYPE, "icmp_type", FWW_TP_SRC) \
FIELD(F_ICMP_CODE, "icmp_code", FWW_TP_DST) \
FIELD(F_ARP_SHA, "arp_sha", FWW_ARP_SHA) \
- FIELD(F_ARP_THA, "arp_tha", FWW_ARP_THA)
+ FIELD(F_ARP_THA, "arp_tha", FWW_ARP_THA) \
+ FIELD(F_IPV6_SRC, "ipv6_src", 0) \
+ FIELD(F_IPV6_DST, "ipv6_dst", 0) \
+ FIELD(F_ND_TARGET, "nd_target", FWW_ND_TARGET) \
+ FIELD(F_ND_SLL, "nd_sll", FWW_ARP_SHA) \
+ FIELD(F_ND_TLL, "nd_tll", FWW_ARP_THA)
enum field_index {
#define FIELD(ENUM, NAME, WILDCARD) ENUM,
flow_wildcards_t wildcard; /* FWW_* bit. */
};
+static void
+ofp_fatal(const char *flow, bool verbose, const char *format, ...)
+{
+ va_list args;
+
+ if (verbose) {
+ fprintf(stderr, "%s:\n", flow);
+ }
+
+ va_start(args, format);
+ ovs_fatal_valist(0, format, args);
+}
+
static bool
parse_field_name(const char *name, const struct field **f_out)
{
parse_field_value(struct cls_rule *rule, enum field_index index,
const char *value)
{
- uint8_t mac[ETH_ADDR_LEN];
+ uint8_t mac[ETH_ADDR_LEN], mac_mask[ETH_ADDR_LEN];
ovs_be64 tun_id, tun_mask;
ovs_be32 ip, mask;
+ ovs_be16 tci, tci_mask;
+ struct in6_addr ipv6, ipv6_mask;
uint16_t port_no;
switch (index) {
if (!parse_port_name(value, &port_no)) {
port_no = atoi(value);
}
- if (port_no == OFPP_LOCAL) {
- port_no = ODPP_LOCAL;
- }
cls_rule_set_in_port(rule, port_no);
break;
cls_rule_set_dl_vlan_pcp(rule, str_to_u32(value));
break;
+ case F_VLAN_TCI:
+ str_to_vlan_tci(value, &tci, &tci_mask);
+ cls_rule_set_dl_tci_masked(rule, tci, tci_mask);
+ break;
+
case F_DL_SRC:
str_to_mac(value, mac);
cls_rule_set_dl_src(rule, mac);
break;
case F_DL_DST:
- str_to_mac(value, mac);
- cls_rule_set_dl_dst(rule, mac);
+ str_to_eth_dst(value, mac, mac_mask);
+ cls_rule_set_dl_dst_masked(rule, mac, mac_mask);
break;
case F_DL_TYPE:
cls_rule_set_arp_tha(rule, mac);
break;
+ case F_IPV6_SRC:
+ str_to_ipv6(value, &ipv6, &ipv6_mask);
+ cls_rule_set_ipv6_src_masked(rule, &ipv6, &ipv6_mask);
+ break;
+
+ case F_IPV6_DST:
+ str_to_ipv6(value, &ipv6, &ipv6_mask);
+ cls_rule_set_ipv6_dst_masked(rule, &ipv6, &ipv6_mask);
+ break;
+
+ case F_ND_TARGET:
+ str_to_ipv6(value, &ipv6, NULL);
+ cls_rule_set_nd_target(rule, ipv6);
+ break;
+
+ case F_ND_SLL:
+ str_to_mac(value, mac);
+ cls_rule_set_arp_sha(rule, mac);
+ break;
+
+ case F_ND_TLL:
+ str_to_mac(value, mac);
+ cls_rule_set_arp_tha(rule, mac);
+ break;
+
case N_FIELDS:
NOT_REACHED();
}
}
}
-/* Convert 'string' (as described in the Flow Syntax section of the ovs-ofctl
- * man page) into 'pf'. If 'actions' is specified, an action must be in
- * 'string' and may be expanded or reallocated. */
-static void
-parse_ofp_str(struct flow_mod *fm, uint8_t *table_idx,
- struct ofpbuf *actions, char *string)
+/* Convert 'str_' (as described in the Flow Syntax section of the ovs-ofctl man
+ * page) into 'fm' for sending the specified flow_mod 'command' to a switch.
+ * If 'actions' is specified, an action must be in 'string' and may be expanded
+ * or reallocated.
+ *
+ * To parse syntax for an OFPT_FLOW_MOD (or NXT_FLOW_MOD), use an OFPFC_*
+ * constant for 'command'. To parse syntax for an OFPST_FLOW or
+ * OFPST_AGGREGATE (or NXST_FLOW or NXST_AGGREGATE), use -1 for 'command'. */
+void
+parse_ofp_str(struct flow_mod *fm, int command, const char *str_, bool verbose)
{
+ enum {
+ F_OUT_PORT = 1 << 0,
+ F_ACTIONS = 1 << 1,
+ F_COOKIE = 1 << 2,
+ F_TIMEOUT = 1 << 3,
+ F_PRIORITY = 1 << 4
+ } fields;
+ char *string = xstrdup(str_);
char *save_ptr = NULL;
char *name;
- if (table_idx) {
- *table_idx = 0xff;
+ switch (command) {
+ case -1:
+ fields = F_OUT_PORT;
+ break;
+
+ case OFPFC_ADD:
+ fields = F_ACTIONS | F_COOKIE | F_TIMEOUT | F_PRIORITY;
+ break;
+
+ case OFPFC_DELETE:
+ fields = F_OUT_PORT;
+ break;
+
+ case OFPFC_DELETE_STRICT:
+ fields = F_OUT_PORT | F_PRIORITY;
+ break;
+
+ case OFPFC_MODIFY:
+ fields = F_ACTIONS | F_COOKIE;
+ break;
+
+ case OFPFC_MODIFY_STRICT:
+ fields = F_ACTIONS | F_COOKIE | F_PRIORITY;
+ break;
+
+ default:
+ NOT_REACHED();
}
+
cls_rule_init_catchall(&fm->cr, OFP_DEFAULT_PRIORITY);
fm->cookie = htonll(0);
- fm->command = UINT16_MAX;
+ fm->table_id = 0xff;
+ fm->command = command;
fm->idle_timeout = OFP_FLOW_PERMANENT;
fm->hard_timeout = OFP_FLOW_PERMANENT;
fm->buffer_id = UINT32_MAX;
fm->out_port = OFPP_NONE;
fm->flags = 0;
- if (actions) {
- char *act_str = strstr(string, "action");
+ if (fields & F_ACTIONS) {
+ struct ofpbuf actions;
+ char *act_str;
+
+ act_str = strstr(string, "action");
if (!act_str) {
- ovs_fatal(0, "must specify an action");
+ ofp_fatal(str_, verbose, "must specify an action");
}
*act_str = '\0';
act_str = strchr(act_str + 1, '=');
if (!act_str) {
- ovs_fatal(0, "must specify an action");
+ ofp_fatal(str_, verbose, "must specify an action");
}
act_str++;
- str_to_action(act_str, actions);
- fm->actions = actions->data;
- fm->n_actions = actions->size / sizeof(union ofp_action);
+ ofpbuf_init(&actions, sizeof(union ofp_action));
+ str_to_action(act_str, &actions);
+ fm->actions = ofpbuf_steal_data(&actions);
+ fm->n_actions = actions.size / sizeof(union ofp_action);
} else {
fm->actions = NULL;
fm->n_actions = 0;
value = strtok_r(NULL, ", \t\r\n", &save_ptr);
if (!value) {
- ovs_fatal(0, "field %s missing value", name);
+ ofp_fatal(str_, verbose, "field %s missing value", name);
}
- if (table_idx && !strcmp(name, "table")) {
- *table_idx = atoi(value);
+ if (!strcmp(name, "table")) {
+ fm->table_id = atoi(value);
} else if (!strcmp(name, "out_port")) {
fm->out_port = atoi(value);
- } else if (!strcmp(name, "priority")) {
+ } else if (fields & F_PRIORITY && !strcmp(name, "priority")) {
fm->cr.priority = atoi(value);
- } else if (!strcmp(name, "idle_timeout")) {
+ } else if (fields & F_TIMEOUT && !strcmp(name, "idle_timeout")) {
fm->idle_timeout = atoi(value);
- } else if (!strcmp(name, "hard_timeout")) {
+ } else if (fields & F_TIMEOUT && !strcmp(name, "hard_timeout")) {
fm->hard_timeout = atoi(value);
- } else if (!strcmp(name, "cookie")) {
+ } else if (fields & F_COOKIE && !strcmp(name, "cookie")) {
fm->cookie = htonll(str_to_u64(value));
} else if (parse_field_name(name, &f)) {
if (!strcmp(value, "*") || !strcmp(value, "ANY")) {
cls_rule_set_nw_src_masked(&fm->cr, 0, 0);
} else if (f->index == F_NW_DST) {
cls_rule_set_nw_dst_masked(&fm->cr, 0, 0);
+ } else if (f->index == F_IPV6_SRC) {
+ cls_rule_set_ipv6_src_masked(&fm->cr,
+ &in6addr_any, &in6addr_any);
+ } else if (f->index == F_IPV6_DST) {
+ cls_rule_set_ipv6_dst_masked(&fm->cr,
+ &in6addr_any, &in6addr_any);
} else if (f->index == F_DL_VLAN) {
cls_rule_set_any_vid(&fm->cr);
} else if (f->index == F_DL_VLAN_PCP) {
} else {
parse_field_value(&fm->cr, f->index, value);
}
- } else if (!strncmp(name, "reg", 3) && isdigit(name[3])) {
+ } else if (!strncmp(name, "reg", 3)
+ && isdigit((unsigned char) name[3])) {
unsigned int reg_idx = atoi(name + 3);
if (reg_idx >= FLOW_N_REGS) {
- ovs_fatal(0, "only %d registers supported", FLOW_N_REGS);
+ if (verbose) {
+ fprintf(stderr, "%s:\n", str_);
+ }
+ ofp_fatal(str_, verbose, "only %d registers supported", FLOW_N_REGS);
}
parse_reg_value(&fm->cr, reg_idx, value);
+ } else if (!strcmp(name, "duration")
+ || !strcmp(name, "n_packets")
+ || !strcmp(name, "n_bytes")) {
+ /* Ignore these, so that users can feed the output of
+ * "ovs-ofctl dump-flows" back into commands that parse
+ * flows. */
} else {
- ovs_fatal(0, "unknown keyword %s", name);
+ ofp_fatal(str_, verbose, "unknown keyword %s", name);
}
}
}
+
+ free(string);
}
/* Parses 'string' as an OFPT_FLOW_MOD or NXT_FLOW_MOD with command 'command'
* flow. */
void
parse_ofp_flow_mod_str(struct list *packets, enum nx_flow_format *cur_format,
- char *string, uint16_t command)
+ bool *flow_mod_table_id, char *string, uint16_t command,
+ bool verbose)
{
- bool is_del = command == OFPFC_DELETE || command == OFPFC_DELETE_STRICT;
enum nx_flow_format min_format, next_format;
+ struct cls_rule rule_copy;
struct ofpbuf actions;
struct ofpbuf *ofm;
struct flow_mod fm;
ofpbuf_init(&actions, 64);
- parse_ofp_str(&fm, NULL, is_del ? NULL : &actions, string);
- fm.command = command;
+ parse_ofp_str(&fm, command, string, verbose);
- min_format = ofputil_min_flow_format(&fm.cr, true, fm.cookie);
+ min_format = ofputil_min_flow_format(&fm.cr);
next_format = MAX(*cur_format, min_format);
if (next_format != *cur_format) {
struct ofpbuf *sff = ofputil_make_set_flow_format(next_format);
*cur_format = next_format;
}
- ofm = ofputil_encode_flow_mod(&fm, *cur_format);
+ /* Normalize a copy of the rule. This ensures that non-normalized flows
+ * get logged but doesn't affect what gets sent to the switch, so that the
+ * switch can do whatever it likes with the flow. */
+ rule_copy = fm.cr;
+ ofputil_normalize_rule(&rule_copy, next_format);
+
+ if (fm.table_id != 0xff && !*flow_mod_table_id) {
+ struct ofpbuf *sff = ofputil_make_flow_mod_table_id(true);
+ list_push_back(packets, &sff->list_node);
+ *flow_mod_table_id = true;
+ }
+
+ ofm = ofputil_encode_flow_mod(&fm, *cur_format, *flow_mod_table_id);
list_push_back(packets, &ofm->list_node);
ofpbuf_uninit(&actions);
* 'stream' and the command is always OFPFC_ADD. Returns false if end-of-file
* is reached before reading a flow, otherwise true. */
bool
-parse_ofp_add_flow_file(struct list *packets, enum nx_flow_format *cur,
- FILE *stream)
+parse_ofp_flow_mod_file(struct list *packets,
+ enum nx_flow_format *cur, bool *flow_mod_table_id,
+ FILE *stream, uint16_t command)
{
- struct ds s = DS_EMPTY_INITIALIZER;
- bool ok = false;
-
- while (!ds_get_line(&s, stream)) {
- char *line = ds_cstr(&s);
- char *comment;
-
- /* Delete comments. */
- comment = strchr(line, '#');
- if (comment) {
- *comment = '\0';
- }
-
- /* Drop empty lines. */
- if (line[strspn(line, " \t\n")] == '\0') {
- continue;
- }
-
- parse_ofp_flow_mod_str(packets, cur, line, OFPFC_ADD);
- ok = true;
- break;
+ struct ds s;
+ bool ok;
+
+ ds_init(&s);
+ ok = ds_get_preprocessed_line(&s, stream) == 0;
+ if (ok) {
+ parse_ofp_flow_mod_str(packets, cur, flow_mod_table_id,
+ ds_cstr(&s), command, true);
}
ds_destroy(&s);
bool aggregate, char *string)
{
struct flow_mod fm;
- uint8_t table_id;
- parse_ofp_str(&fm, &table_id, NULL, string);
+ parse_ofp_str(&fm, -1, string, false);
fsr->aggregate = aggregate;
fsr->match = fm.cr;
fsr->out_port = fm.out_port;
- fsr->table_id = table_id;
+ fsr->table_id = fm.table_id;
}
-