#include <linux/module.h>
#include <linux/in.h>
#include <linux/rcupdate.h>
+#include <linux/if_arp.h>
#include <linux/if_ether.h>
#include <linux/ip.h>
#include <linux/tcp.h>
struct kmem_cache *flow_cache;
+struct arp_eth_header
+{
+ __be16 ar_hrd; /* format of hardware address */
+ __be16 ar_pro; /* format of protocol address */
+ unsigned char ar_hln; /* length of hardware address */
+ unsigned char ar_pln; /* length of protocol address */
+ __be16 ar_op; /* ARP opcode (command) */
+
+ /* Ethernet+IPv4 specific members. */
+ unsigned char ar_sha[ETH_ALEN]; /* sender hardware address */
+ unsigned char ar_sip[4]; /* sender IP address */
+ unsigned char ar_tha[ETH_ALEN]; /* target hardware address */
+ unsigned char ar_tip[4]; /* target IP address */
+} __attribute__((packed));
+
+static inline int arphdr_ok(struct sk_buff *skb)
+{
+ int nh_ofs = skb_network_offset(skb);
+ return pskb_may_pull(skb, nh_ofs + sizeof(struct arp_eth_header));
+}
+
static inline int iphdr_ok(struct sk_buff *skb)
{
int nh_ofs = skb_network_offset(skb);
} else {
retval = 1;
}
+ } else if (key->dl_type == htons(ETH_P_ARP) && arphdr_ok(skb)) {
+ struct arp_eth_header *arp;
+
+ arp = (struct arp_eth_header *)skb_network_header(skb);
+
+ if (arp->ar_hrd == htons(1)
+ && arp->ar_pro == htons(ETH_P_IP)
+ && arp->ar_hln == ETH_ALEN
+ && arp->ar_pln == 4) {
+
+ /* We only match on the lower 8 bits of the opcode. */
+ if (ntohs(arp->ar_op) <= 0xff) {
+ key->nw_proto = ntohs(arp->ar_op);
+ }
+
+ if (key->nw_proto == ARPOP_REQUEST
+ || key->nw_proto == ARPOP_REPLY) {
+ memcpy(&key->nw_src, arp->ar_sip, sizeof(key->nw_src));
+ memcpy(&key->nw_dst, arp->ar_tip, sizeof(key->nw_dst));
+ }
+ }
} else {
skb_reset_transport_header(skb);
}
__be16 tp_dst; /* TCP/UDP destination port. */
__u8 dl_src[ETH_ALEN]; /* Ethernet source address. */
__u8 dl_dst[ETH_ALEN]; /* Ethernet destination address. */
- __u8 nw_proto; /* IP protocol. */
+ __u8 nw_proto; /* IP protocol or lower 8 bits of
+ ARP opcode. */
__u8 reserved; /* Pad to 64 bits. */
};
#include "vlog.h"
#define THIS_MODULE VLM_flow
+static struct arp_eth_header *
+pull_arp(struct ofpbuf *packet)
+{
+ return ofpbuf_try_pull(packet, ARP_ETH_HEADER_LEN);
+}
+
static struct ip_header *
pull_ip(struct ofpbuf *packet)
{
retval = 1;
}
}
+ } else if (flow->dl_type == htons(ETH_TYPE_ARP)) {
+ const struct arp_eth_header *arp = pull_arp(&b);
+ if (arp && arp->ar_hrd == htons(1)
+ && arp->ar_pro == htons(ETH_TYPE_IP)
+ && arp->ar_hln == ETH_ADDR_LEN
+ && arp->ar_pln == 4) {
+ /* We only match on the lower 8 bits of the opcode. */
+ if (ntohs(arp->ar_op) <= 0xff) {
+ flow->nw_proto = ntohs(arp->ar_op);
+ }
+
+ if ((flow->nw_proto == ARP_OP_REQUEST)
+ || (flow->nw_proto == ARP_OP_REPLY)) {
+ flow->nw_src = arp->ar_spa;
+ flow->nw_dst = arp->ar_tpa;
+ }
+ }
}
}
return retval;
stats->n_packets = 1;
}
+/* The Open vSwitch datapath supports matching on ARP payloads, which
+ * OpenFlow does not. This function is identical to 'flow_to_match',
+ * but does not hide the datapath's ability to match on ARP. */
void
-flow_to_match(const flow_t *flow, uint32_t wildcards, struct ofp_match *match)
+flow_to_ovs_match(const flow_t *flow, uint32_t wildcards,
+ struct ofp_match *match)
{
match->wildcards = htonl(wildcards);
match->in_port = htons(flow->in_port == ODPP_LOCAL ? OFPP_LOCAL
match->pad = 0;
}
+/* Extract 'flow' with 'wildcards' into the OpenFlow match structure
+ * 'match'. */
+void
+flow_to_match(const flow_t *flow, uint32_t wildcards, struct ofp_match *match)
+{
+ flow_to_ovs_match(flow, wildcards, match);
+
+ /* The datapath supports matching on an ARP's opcode and IP addresses,
+ * but OpenFlow does not. We wildcard and zero out the appropriate
+ * fields so that OpenFlow is unaware of our trickery. */
+ if (flow->dl_type == htons(ETH_TYPE_ARP)) {
+ wildcards |= (OFPFW_NW_PROTO | OFPFW_NW_SRC_ALL | OFPFW_NW_DST_ALL);
+ match->nw_src = 0;
+ match->nw_dst = 0;
+ match->nw_proto = 0;
+ }
+ match->wildcards = htonl(wildcards);
+}
+
+
void
flow_from_match(flow_t *flow, uint32_t *wildcards,
const struct ofp_match *match)
if (wildcards) {
*wildcards = ntohl(match->wildcards);
}
+ /* The datapath supports matching on an ARP's opcode and IP addresses,
+ * but OpenFlow does not. In case the controller hasn't, we need to
+ * set the appropriate wildcard bits so that we're externally
+ * OpenFlow-compliant. */
+ if (match->dl_type == htons(ETH_TYPE_ARP)) {
+ *wildcards |= (OFPFW_NW_PROTO | OFPFW_NW_SRC_ALL | OFPFW_NW_DST_ALL);
+ }
+
flow->nw_src = match->nw_src;
flow->nw_dst = match->nw_dst;
flow->in_port = (match->in_port == htons(OFPP_LOCAL) ? ODPP_LOCAL
void flow_extract_stats(const flow_t *flow, struct ofpbuf *packet,
struct odp_flow_stats *stats);
void flow_to_match(const flow_t *, uint32_t wildcards, struct ofp_match *);
+void flow_to_ovs_match(const flow_t *, uint32_t wildcards, struct ofp_match *);
void flow_from_match(flow_t *, uint32_t *wildcards, const struct ofp_match *);
char *flow_to_string(const flow_t *);
void flow_format(struct ds *, const flow_t *);
}
query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
- flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards, &match);
+ flow_to_ovs_match(&rule->cr.flow, rule->cr.wc.wildcards, &match);
ds_put_format(results, "duration=%llds, ",
(time_msec() - rule->created) / 1000);
projects / openvswitch / commitdiff