1
2
3
4
5
6
7
8
9
10#include <stdio.h>
11#include <stdlib.h>
12#include <unistd.h>
13#include <netdb.h>
14#include <time.h>
15#include <fcntl.h>
16#include <sys/socket.h>
17#include <sys/time.h>
18#include <net/if.h>
19#include <netinet/in.h>
20#include <linux/if_bridge.h>
21#include <linux/if_ether.h>
22#include <linux/neighbour.h>
23#include <string.h>
24#include <limits.h>
25#include <stdbool.h>
26
27#include "json_print.h"
28#include "libnetlink.h"
29#include "br_common.h"
30#include "rt_names.h"
31#include "utils.h"
32
33static unsigned int filter_index, filter_dynamic, filter_master,
34 filter_state, filter_vlan;
35
36static void usage(void)
37{
38 fprintf(stderr,
39 "Usage: bridge fdb { add | append | del | replace } ADDR dev DEV\n"
40 " [ self ] [ master ] [ use ] [ router ] [ extern_learn ]\n"
41 " [ sticky ] [ local | static | dynamic ] [ vlan VID ]\n"
42 " { [ dst IPADDR ] [ port PORT] [ vni VNI ] | [ nhid NHID ] }\n"
43 " [ via DEV ] [ src_vni VNI ]\n"
44 " bridge fdb [ show [ br BRDEV ] [ brport DEV ] [ vlan VID ]\n"
45 " [ state STATE ] [ dynamic ] ]\n"
46 " bridge fdb get [ to ] LLADDR [ br BRDEV ] { brport | dev } DEV\n"
47 " [ vlan VID ] [ vni VNI ] [ self ] [ master ] [ dynamic ]\n");
48 exit(-1);
49}
50
51static const char *state_n2a(unsigned int s)
52{
53 static char buf[32];
54
55 if (s & NUD_PERMANENT)
56 return "permanent";
57
58 if (s & NUD_NOARP)
59 return "static";
60
61 if (s & NUD_STALE)
62 return "stale";
63
64 if (s & NUD_REACHABLE)
65 return "";
66
67 if (is_json_context())
68 sprintf(buf, "%#x", s);
69 else
70 sprintf(buf, "state=%#x", s);
71 return buf;
72}
73
74static int state_a2n(unsigned int *s, const char *arg)
75{
76 if (matches(arg, "permanent") == 0)
77 *s = NUD_PERMANENT;
78 else if (matches(arg, "static") == 0 || matches(arg, "temp") == 0)
79 *s = NUD_NOARP;
80 else if (matches(arg, "stale") == 0)
81 *s = NUD_STALE;
82 else if (matches(arg, "reachable") == 0 || matches(arg, "dynamic") == 0)
83 *s = NUD_REACHABLE;
84 else if (strcmp(arg, "all") == 0)
85 *s = ~0;
86 else if (get_unsigned(s, arg, 0))
87 return -1;
88
89 return 0;
90}
91
92static void fdb_print_flags(FILE *fp, unsigned int flags)
93{
94 open_json_array(PRINT_JSON,
95 is_json_context() ? "flags" : "");
96
97 if (flags & NTF_SELF)
98 print_string(PRINT_ANY, NULL, "%s ", "self");
99
100 if (flags & NTF_ROUTER)
101 print_string(PRINT_ANY, NULL, "%s ", "router");
102
103 if (flags & NTF_EXT_LEARNED)
104 print_string(PRINT_ANY, NULL, "%s ", "extern_learn");
105
106 if (flags & NTF_OFFLOADED)
107 print_string(PRINT_ANY, NULL, "%s ", "offload");
108
109 if (flags & NTF_MASTER)
110 print_string(PRINT_ANY, NULL, "%s ", "master");
111
112 if (flags & NTF_STICKY)
113 print_string(PRINT_ANY, NULL, "%s ", "sticky");
114
115 close_json_array(PRINT_JSON, NULL);
116}
117
118static void fdb_print_stats(FILE *fp, const struct nda_cacheinfo *ci)
119{
120 static int hz;
121
122 if (!hz)
123 hz = get_user_hz();
124
125 if (is_json_context()) {
126 print_uint(PRINT_JSON, "used", NULL,
127 ci->ndm_used / hz);
128 print_uint(PRINT_JSON, "updated", NULL,
129 ci->ndm_updated / hz);
130 } else {
131 fprintf(fp, "used %d/%d ", ci->ndm_used / hz,
132 ci->ndm_updated / hz);
133
134 }
135}
136
137int print_fdb(struct nlmsghdr *n, void *arg)
138{
139 FILE *fp = arg;
140 struct ndmsg *r = NLMSG_DATA(n);
141 int len = n->nlmsg_len;
142 struct rtattr *tb[NDA_MAX+1];
143 __u16 vid = 0;
144
145 if (n->nlmsg_type != RTM_NEWNEIGH && n->nlmsg_type != RTM_DELNEIGH) {
146 fprintf(stderr, "Not RTM_NEWNEIGH: %08x %08x %08x\n",
147 n->nlmsg_len, n->nlmsg_type, n->nlmsg_flags);
148 return 0;
149 }
150
151 len -= NLMSG_LENGTH(sizeof(*r));
152 if (len < 0) {
153 fprintf(stderr, "BUG: wrong nlmsg len %d\n", len);
154 return -1;
155 }
156
157 if (r->ndm_family != AF_BRIDGE)
158 return 0;
159
160 if (filter_index && filter_index != r->ndm_ifindex)
161 return 0;
162
163 if (filter_state && !(r->ndm_state & filter_state))
164 return 0;
165
166 parse_rtattr(tb, NDA_MAX, NDA_RTA(r),
167 n->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
168
169 if (tb[NDA_VLAN])
170 vid = rta_getattr_u16(tb[NDA_VLAN]);
171
172 if (filter_vlan && filter_vlan != vid)
173 return 0;
174
175 if (filter_dynamic && (r->ndm_state & NUD_PERMANENT))
176 return 0;
177
178 open_json_object(NULL);
179 if (n->nlmsg_type == RTM_DELNEIGH)
180 print_bool(PRINT_ANY, "deleted", "Deleted ", true);
181
182 if (tb[NDA_LLADDR]) {
183 const char *lladdr;
184 SPRINT_BUF(b1);
185
186 lladdr = ll_addr_n2a(RTA_DATA(tb[NDA_LLADDR]),
187 RTA_PAYLOAD(tb[NDA_LLADDR]),
188 ll_index_to_type(r->ndm_ifindex),
189 b1, sizeof(b1));
190
191 print_color_string(PRINT_ANY, COLOR_MAC,
192 "mac", "%s ", lladdr);
193 }
194
195 if (!filter_index && r->ndm_ifindex) {
196 print_string(PRINT_FP, NULL, "dev ", NULL);
197
198 print_color_string(PRINT_ANY, COLOR_IFNAME,
199 "ifname", "%s ",
200 ll_index_to_name(r->ndm_ifindex));
201 }
202
203 if (tb[NDA_DST]) {
204 int family = AF_INET;
205 const char *dst;
206
207 if (RTA_PAYLOAD(tb[NDA_DST]) == sizeof(struct in6_addr))
208 family = AF_INET6;
209
210 dst = format_host(family,
211 RTA_PAYLOAD(tb[NDA_DST]),
212 RTA_DATA(tb[NDA_DST]));
213
214 print_string(PRINT_FP, NULL, "dst ", NULL);
215
216 print_color_string(PRINT_ANY,
217 ifa_family_color(family),
218 "dst", "%s ", dst);
219 }
220
221 if (vid)
222 print_uint(PRINT_ANY,
223 "vlan", "vlan %hu ", vid);
224
225 if (tb[NDA_PORT])
226 print_uint(PRINT_ANY,
227 "port", "port %u ",
228 rta_getattr_be16(tb[NDA_PORT]));
229
230 if (tb[NDA_VNI])
231 print_uint(PRINT_ANY,
232 "vni", "vni %u ",
233 rta_getattr_u32(tb[NDA_VNI]));
234
235 if (tb[NDA_SRC_VNI])
236 print_uint(PRINT_ANY,
237 "src_vni", "src_vni %u ",
238 rta_getattr_u32(tb[NDA_SRC_VNI]));
239
240 if (tb[NDA_IFINDEX]) {
241 unsigned int ifindex = rta_getattr_u32(tb[NDA_IFINDEX]);
242
243 if (tb[NDA_LINK_NETNSID])
244 print_uint(PRINT_ANY,
245 "viaIfIndex", "via ifindex %u ",
246 ifindex);
247 else
248 print_string(PRINT_ANY,
249 "viaIf", "via %s ",
250 ll_index_to_name(ifindex));
251 }
252
253 if (tb[NDA_NH_ID])
254 print_uint(PRINT_ANY, "nhid", "nhid %u ",
255 rta_getattr_u32(tb[NDA_NH_ID]));
256
257 if (tb[NDA_LINK_NETNSID])
258 print_uint(PRINT_ANY,
259 "linkNetNsId", "link-netnsid %d ",
260 rta_getattr_u32(tb[NDA_LINK_NETNSID]));
261
262 if (show_stats && tb[NDA_CACHEINFO])
263 fdb_print_stats(fp, RTA_DATA(tb[NDA_CACHEINFO]));
264
265 fdb_print_flags(fp, r->ndm_flags);
266
267
268 if (tb[NDA_MASTER])
269 print_string(PRINT_ANY, "master", "master %s ",
270 ll_index_to_name(rta_getattr_u32(tb[NDA_MASTER])));
271
272 print_string(PRINT_ANY, "state", "%s\n",
273 state_n2a(r->ndm_state));
274 close_json_object();
275 fflush(fp);
276 return 0;
277}
278
279static int fdb_linkdump_filter(struct nlmsghdr *nlh, int reqlen)
280{
281 int err;
282
283 if (filter_index) {
284 struct ifinfomsg *ifm = NLMSG_DATA(nlh);
285
286 ifm->ifi_index = filter_index;
287 }
288
289 if (filter_master) {
290 err = addattr32(nlh, reqlen, IFLA_MASTER, filter_master);
291 if (err)
292 return err;
293 }
294
295 return 0;
296}
297
298static int fdb_dump_filter(struct nlmsghdr *nlh, int reqlen)
299{
300 int err;
301
302 if (filter_index) {
303 struct ndmsg *ndm = NLMSG_DATA(nlh);
304
305 ndm->ndm_ifindex = filter_index;
306 }
307
308 if (filter_master) {
309 err = addattr32(nlh, reqlen, NDA_MASTER, filter_master);
310 if (err)
311 return err;
312 }
313
314 return 0;
315}
316
317static int fdb_show(int argc, char **argv)
318{
319 char *filter_dev = NULL;
320 char *br = NULL;
321 int rc;
322
323 while (argc > 0) {
324 if ((strcmp(*argv, "brport") == 0) || strcmp(*argv, "dev") == 0) {
325 NEXT_ARG();
326 filter_dev = *argv;
327 } else if (strcmp(*argv, "br") == 0) {
328 NEXT_ARG();
329 br = *argv;
330 } else if (strcmp(*argv, "vlan") == 0) {
331 NEXT_ARG();
332 if (filter_vlan)
333 duparg("vlan", *argv);
334 filter_vlan = atoi(*argv);
335 } else if (strcmp(*argv, "state") == 0) {
336 unsigned int state;
337
338 NEXT_ARG();
339 if (state_a2n(&state, *argv))
340 invarg("invalid state", *argv);
341 filter_state |= state;
342 } else if (strcmp(*argv, "dynamic") == 0) {
343 filter_dynamic = 1;
344 } else {
345 if (matches(*argv, "help") == 0)
346 usage();
347 }
348 argc--; argv++;
349 }
350
351 if (br) {
352 int br_ifindex = ll_name_to_index(br);
353
354 if (br_ifindex == 0) {
355 fprintf(stderr, "Cannot find bridge device \"%s\"\n", br);
356 return -1;
357 }
358 filter_master = br_ifindex;
359 }
360
361
362 if (filter_dev) {
363 filter_index = ll_name_to_index(filter_dev);
364 if (!filter_index)
365 return nodev(filter_dev);
366 }
367
368 if (rth.flags & RTNL_HANDLE_F_STRICT_CHK)
369 rc = rtnl_neighdump_req(&rth, PF_BRIDGE, fdb_dump_filter);
370 else
371 rc = rtnl_fdb_linkdump_req_filter_fn(&rth, fdb_linkdump_filter);
372 if (rc < 0) {
373 perror("Cannot send dump request");
374 exit(1);
375 }
376
377 new_json_obj(json);
378 if (rtnl_dump_filter(&rth, print_fdb, stdout) < 0) {
379 fprintf(stderr, "Dump terminated\n");
380 exit(1);
381 }
382 delete_json_obj();
383 fflush(stdout);
384
385 return 0;
386}
387
388static int fdb_modify(int cmd, int flags, int argc, char **argv)
389{
390 struct {
391 struct nlmsghdr n;
392 struct ndmsg ndm;
393 char buf[256];
394 } req = {
395 .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ndmsg)),
396 .n.nlmsg_flags = NLM_F_REQUEST | flags,
397 .n.nlmsg_type = cmd,
398 .ndm.ndm_family = PF_BRIDGE,
399 .ndm.ndm_state = NUD_NOARP,
400 };
401 char *addr = NULL;
402 char *d = NULL;
403 char abuf[ETH_ALEN];
404 int dst_ok = 0;
405 inet_prefix dst;
406 unsigned long port = 0;
407 unsigned long vni = ~0;
408 unsigned long src_vni = ~0;
409 unsigned int via = 0;
410 char *endptr;
411 short vid = -1;
412 __u32 nhid = 0;
413
414 while (argc > 0) {
415 if (strcmp(*argv, "dev") == 0) {
416 NEXT_ARG();
417 d = *argv;
418 } else if (strcmp(*argv, "dst") == 0) {
419 NEXT_ARG();
420 if (dst_ok)
421 duparg2("dst", *argv);
422 get_addr(&dst, *argv, preferred_family);
423 dst_ok = 1;
424 } else if (strcmp(*argv, "nhid") == 0) {
425 NEXT_ARG();
426 if (get_u32(&nhid, *argv, 0))
427 invarg("\"id\" value is invalid\n", *argv);
428 } else if (strcmp(*argv, "port") == 0) {
429
430 NEXT_ARG();
431 port = strtoul(*argv, &endptr, 0);
432 if (endptr && *endptr) {
433 struct servent *pse;
434
435 pse = getservbyname(*argv, "udp");
436 if (!pse)
437 invarg("invalid port\n", *argv);
438 port = ntohs(pse->s_port);
439 } else if (port > 0xffff)
440 invarg("invalid port\n", *argv);
441 } else if (strcmp(*argv, "vni") == 0) {
442 NEXT_ARG();
443 vni = strtoul(*argv, &endptr, 0);
444 if ((endptr && *endptr) ||
445 (vni >> 24) || vni == ULONG_MAX)
446 invarg("invalid VNI\n", *argv);
447 } else if (strcmp(*argv, "src_vni") == 0) {
448 NEXT_ARG();
449 src_vni = strtoul(*argv, &endptr, 0);
450 if ((endptr && *endptr) ||
451 (src_vni >> 24) || src_vni == ULONG_MAX)
452 invarg("invalid src VNI\n", *argv);
453 } else if (strcmp(*argv, "via") == 0) {
454 NEXT_ARG();
455 via = ll_name_to_index(*argv);
456 if (!via)
457 exit(nodev(*argv));
458 } else if (strcmp(*argv, "self") == 0) {
459 req.ndm.ndm_flags |= NTF_SELF;
460 } else if (matches(*argv, "master") == 0) {
461 req.ndm.ndm_flags |= NTF_MASTER;
462 } else if (matches(*argv, "router") == 0) {
463 req.ndm.ndm_flags |= NTF_ROUTER;
464 } else if (matches(*argv, "local") == 0 ||
465 matches(*argv, "permanent") == 0) {
466 req.ndm.ndm_state |= NUD_PERMANENT;
467 } else if (matches(*argv, "temp") == 0 ||
468 matches(*argv, "static") == 0) {
469 req.ndm.ndm_state |= NUD_REACHABLE;
470 } else if (matches(*argv, "dynamic") == 0) {
471 req.ndm.ndm_state |= NUD_REACHABLE;
472 req.ndm.ndm_state &= ~NUD_NOARP;
473 } else if (matches(*argv, "vlan") == 0) {
474 if (vid >= 0)
475 duparg2("vlan", *argv);
476 NEXT_ARG();
477 vid = atoi(*argv);
478 } else if (matches(*argv, "use") == 0) {
479 req.ndm.ndm_flags |= NTF_USE;
480 } else if (matches(*argv, "extern_learn") == 0) {
481 req.ndm.ndm_flags |= NTF_EXT_LEARNED;
482 } else if (matches(*argv, "sticky") == 0) {
483 req.ndm.ndm_flags |= NTF_STICKY;
484 } else {
485 if (strcmp(*argv, "to") == 0)
486 NEXT_ARG();
487
488 if (matches(*argv, "help") == 0)
489 usage();
490 if (addr)
491 duparg2("to", *argv);
492 addr = *argv;
493 }
494 argc--; argv++;
495 }
496
497 if (d == NULL || addr == NULL) {
498 fprintf(stderr, "Device and address are required arguments.\n");
499 return -1;
500 }
501
502 if (nhid && (dst_ok || port || vni != ~0)) {
503 fprintf(stderr, "dst, port, vni are mutually exclusive with nhid\n");
504 return -1;
505 }
506
507
508 if (!(req.ndm.ndm_flags&(NTF_SELF|NTF_MASTER)))
509 req.ndm.ndm_flags |= NTF_SELF;
510
511
512 if (!(req.ndm.ndm_state&(NUD_PERMANENT|NUD_REACHABLE)))
513 req.ndm.ndm_state |= NUD_PERMANENT;
514
515 if (sscanf(addr, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
516 abuf, abuf+1, abuf+2,
517 abuf+3, abuf+4, abuf+5) != 6) {
518 fprintf(stderr, "Invalid mac address %s\n", addr);
519 return -1;
520 }
521
522 addattr_l(&req.n, sizeof(req), NDA_LLADDR, abuf, ETH_ALEN);
523 if (dst_ok)
524 addattr_l(&req.n, sizeof(req), NDA_DST, &dst.data, dst.bytelen);
525
526 if (vid >= 0)
527 addattr16(&req.n, sizeof(req), NDA_VLAN, vid);
528 if (nhid > 0)
529 addattr32(&req.n, sizeof(req), NDA_NH_ID, nhid);
530
531 if (port) {
532 unsigned short dport;
533
534 dport = htons((unsigned short)port);
535 addattr16(&req.n, sizeof(req), NDA_PORT, dport);
536 }
537 if (vni != ~0)
538 addattr32(&req.n, sizeof(req), NDA_VNI, vni);
539 if (src_vni != ~0)
540 addattr32(&req.n, sizeof(req), NDA_SRC_VNI, src_vni);
541 if (via)
542 addattr32(&req.n, sizeof(req), NDA_IFINDEX, via);
543
544 req.ndm.ndm_ifindex = ll_name_to_index(d);
545 if (!req.ndm.ndm_ifindex)
546 return nodev(d);
547
548 if (rtnl_talk(&rth, &req.n, NULL) < 0)
549 return -1;
550
551 return 0;
552}
553
554static int fdb_get(int argc, char **argv)
555{
556 struct {
557 struct nlmsghdr n;
558 struct ndmsg ndm;
559 char buf[1024];
560 } req = {
561 .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ndmsg)),
562 .n.nlmsg_flags = NLM_F_REQUEST,
563 .n.nlmsg_type = RTM_GETNEIGH,
564 .ndm.ndm_family = AF_BRIDGE,
565 };
566 char *d = NULL, *br = NULL;
567 struct nlmsghdr *answer;
568 unsigned long vni = ~0;
569 char abuf[ETH_ALEN];
570 int br_ifindex = 0;
571 char *addr = NULL;
572 short vlan = -1;
573 char *endptr;
574
575 while (argc > 0) {
576 if ((strcmp(*argv, "brport") == 0) || strcmp(*argv, "dev") == 0) {
577 NEXT_ARG();
578 d = *argv;
579 } else if (strcmp(*argv, "br") == 0) {
580 NEXT_ARG();
581 br = *argv;
582 } else if (strcmp(*argv, "dev") == 0) {
583 NEXT_ARG();
584 d = *argv;
585 } else if (strcmp(*argv, "vni") == 0) {
586 NEXT_ARG();
587 vni = strtoul(*argv, &endptr, 0);
588 if ((endptr && *endptr) ||
589 (vni >> 24) || vni == ULONG_MAX)
590 invarg("invalid VNI\n", *argv);
591 } else if (strcmp(*argv, "self") == 0) {
592 req.ndm.ndm_flags |= NTF_SELF;
593 } else if (matches(*argv, "master") == 0) {
594 req.ndm.ndm_flags |= NTF_MASTER;
595 } else if (matches(*argv, "vlan") == 0) {
596 if (vlan >= 0)
597 duparg2("vlan", *argv);
598 NEXT_ARG();
599 vlan = atoi(*argv);
600 } else if (matches(*argv, "dynamic") == 0) {
601 filter_dynamic = 1;
602 } else {
603 if (strcmp(*argv, "to") == 0)
604 NEXT_ARG();
605
606 if (matches(*argv, "help") == 0)
607 usage();
608 if (addr)
609 duparg2("to", *argv);
610 addr = *argv;
611 }
612 argc--; argv++;
613 }
614
615 if ((d == NULL && br == NULL) || addr == NULL) {
616 fprintf(stderr, "Device or master and address are required arguments.\n");
617 return -1;
618 }
619
620 if (sscanf(addr, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
621 abuf, abuf+1, abuf+2,
622 abuf+3, abuf+4, abuf+5) != 6) {
623 fprintf(stderr, "Invalid mac address %s\n", addr);
624 return -1;
625 }
626
627 addattr_l(&req.n, sizeof(req), NDA_LLADDR, abuf, ETH_ALEN);
628
629 if (vlan >= 0)
630 addattr16(&req.n, sizeof(req), NDA_VLAN, vlan);
631
632 if (vni != ~0)
633 addattr32(&req.n, sizeof(req), NDA_VNI, vni);
634
635 if (d) {
636 req.ndm.ndm_ifindex = ll_name_to_index(d);
637 if (!req.ndm.ndm_ifindex) {
638 fprintf(stderr, "Cannot find device \"%s\"\n", d);
639 return -1;
640 }
641 }
642
643 if (br) {
644 br_ifindex = ll_name_to_index(br);
645 if (!br_ifindex) {
646 fprintf(stderr, "Cannot find bridge device \"%s\"\n", br);
647 return -1;
648 }
649 addattr32(&req.n, sizeof(req), NDA_MASTER, br_ifindex);
650 }
651
652 if (rtnl_talk(&rth, &req.n, &answer) < 0)
653 return -2;
654
655
656
657
658
659 new_json_obj(json);
660 if (print_fdb(answer, stdout) < 0) {
661 fprintf(stderr, "An error :-)\n");
662 return -1;
663 }
664 delete_json_obj();
665
666 return 0;
667}
668
669int do_fdb(int argc, char **argv)
670{
671 ll_init_map(&rth);
672
673 if (argc > 0) {
674 if (matches(*argv, "add") == 0)
675 return fdb_modify(RTM_NEWNEIGH, NLM_F_CREATE|NLM_F_EXCL, argc-1, argv+1);
676 if (matches(*argv, "append") == 0)
677 return fdb_modify(RTM_NEWNEIGH, NLM_F_CREATE|NLM_F_APPEND, argc-1, argv+1);
678 if (matches(*argv, "replace") == 0)
679 return fdb_modify(RTM_NEWNEIGH, NLM_F_CREATE|NLM_F_REPLACE, argc-1, argv+1);
680 if (matches(*argv, "delete") == 0)
681 return fdb_modify(RTM_DELNEIGH, 0, argc-1, argv+1);
682 if (matches(*argv, "get") == 0)
683 return fdb_get(argc-1, argv+1);
684 if (matches(*argv, "show") == 0 ||
685 matches(*argv, "lst") == 0 ||
686 matches(*argv, "list") == 0)
687 return fdb_show(argc-1, argv+1);
688 if (matches(*argv, "help") == 0)
689 usage();
690 } else
691 return fdb_show(0, NULL);
692
693 fprintf(stderr, "Command \"%s\" is unknown, try \"bridge fdb help\".\n", *argv);
694 exit(-1);
695}
696
