diff options
| author | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2016-12-07 15:36:15 +0100 |
|---|---|---|
| committer | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2016-12-07 15:54:19 +0100 |
| commit | 77234bbbde6bc328871af695e4450e6773adbafa (patch) | |
| tree | 0ed60508b521eba6af6c4b852df09fdf8c659154 /lib/net.c | |
| parent | b94e5e58dbd33f4d2b9d721c51a9c8c4d8f77bea (diff) | |
Basic flow specification support (RFC 5575)
Add flow4/flow6 network and rt-table type and operations, config grammar
and static protocol support.
Squashed flowspec branch from Pavel Tvrdik.
Diffstat (limited to 'lib/net.c')
| -rw-r--r-- | lib/net.c | 77 |
1 files changed, 53 insertions, 24 deletions
@@ -2,42 +2,51 @@ #include "nest/bird.h" #include "lib/ip.h" #include "lib/net.h" +#include "lib/flowspec.h" const char * const net_label[] = { - [NET_IP4] = "ipv4", - [NET_IP6] = "ipv6", - [NET_VPN4] = "vpn4", - [NET_VPN6] = "vpn6", - [NET_ROA4] = "roa4", - [NET_ROA6] = "roa6", + [NET_IP4] = "ipv4", + [NET_IP6] = "ipv6", + [NET_VPN4] = "vpn4", + [NET_VPN6] = "vpn6", + [NET_ROA4] = "roa4", + [NET_ROA6] = "roa6", + [NET_FLOW4] = "flow4", + [NET_FLOW6] = "flow6" }; const u16 net_addr_length[] = { - [NET_IP4] = sizeof(net_addr_ip4), - [NET_IP6] = sizeof(net_addr_ip6), - [NET_VPN4] = sizeof(net_addr_vpn4), - [NET_VPN6] = sizeof(net_addr_vpn6), - [NET_ROA4] = sizeof(net_addr_roa4), - [NET_ROA6] = sizeof(net_addr_roa6) + [NET_IP4] = sizeof(net_addr_ip4), + [NET_IP6] = sizeof(net_addr_ip6), + [NET_VPN4] = sizeof(net_addr_vpn4), + [NET_VPN6] = sizeof(net_addr_vpn6), + [NET_ROA4] = sizeof(net_addr_roa4), + [NET_ROA6] = sizeof(net_addr_roa6), + [NET_FLOW4] = 0, + [NET_FLOW6] = 0 }; const u8 net_max_prefix_length[] = { - [NET_IP4] = IP4_MAX_PREFIX_LENGTH, - [NET_IP6] = IP6_MAX_PREFIX_LENGTH, - [NET_VPN4] = IP4_MAX_PREFIX_LENGTH, - [NET_VPN6] = IP6_MAX_PREFIX_LENGTH, - [NET_ROA4] = IP4_MAX_PREFIX_LENGTH, - [NET_ROA6] = IP6_MAX_PREFIX_LENGTH + [NET_IP4] = IP4_MAX_PREFIX_LENGTH, + [NET_IP6] = IP6_MAX_PREFIX_LENGTH, + [NET_VPN4] = IP4_MAX_PREFIX_LENGTH, + [NET_VPN6] = IP6_MAX_PREFIX_LENGTH, + [NET_ROA4] = IP4_MAX_PREFIX_LENGTH, + [NET_ROA6] = IP6_MAX_PREFIX_LENGTH, + [NET_FLOW4] = IP4_MAX_PREFIX_LENGTH, + [NET_FLOW6] = IP6_MAX_PREFIX_LENGTH }; const u16 net_max_text_length[] = { - [NET_IP4] = 18, /* "255.255.255.255/32" */ - [NET_IP6] = 43, /* "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128" */ - [NET_VPN4] = 40, /* "4294967296:4294967296 255.255.255.255/32" */ - [NET_VPN6] = 65, /* "4294967296:4294967296 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128" */ - [NET_ROA4] = 34, /* "255.255.255.255/32-32 AS4294967295" */ - [NET_ROA6] = 60, /* "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128-128 AS4294967295" */ + [NET_IP4] = 18, /* "255.255.255.255/32" */ + [NET_IP6] = 43, /* "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128" */ + [NET_VPN4] = 40, /* "4294967296:4294967296 255.255.255.255/32" */ + [NET_VPN6] = 65, /* "4294967296:4294967296 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128" */ + [NET_ROA4] = 34, /* "255.255.255.255/32-32 AS4294967295" */ + [NET_ROA6] = 60, /* "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128-128 AS4294967295" */ + [NET_FLOW4] = 0, /* "flow4 { ... }" */ + [NET_FLOW6] = 0 /* "flow6 { ... }" */ }; @@ -60,6 +69,10 @@ net_format(const net_addr *N, char *buf, int buflen) return bsnprintf(buf, buflen, "%I4/%u-%u AS%u", n->roa4.prefix, n->roa4.pxlen, n->roa4.max_pxlen, n->roa4.asn); case NET_ROA6: return bsnprintf(buf, buflen, "%I6/%u-%u AS%u", n->roa6.prefix, n->roa6.pxlen, n->roa6.max_pxlen, n->roa6.asn); + case NET_FLOW4: + return flow4_net_format(buf, buflen, &n->flow4); + case NET_FLOW6: + return flow6_net_format(buf, buflen, &n->flow6); } return 0; @@ -73,11 +86,13 @@ net_pxmask(const net_addr *a) case NET_IP4: case NET_VPN4: case NET_ROA4: + case NET_FLOW4: return ipa_from_ip4(ip4_mkmask(net4_pxlen(a))); case NET_IP6: case NET_VPN6: case NET_ROA6: + case NET_FLOW6: return ipa_from_ip6(ip6_mkmask(net6_pxlen(a))); default: @@ -105,6 +120,10 @@ net_compare(const net_addr *a, const net_addr *b) return net_compare_roa4((const net_addr_roa4 *) a, (const net_addr_roa4 *) b); case NET_ROA6: return net_compare_roa6((const net_addr_roa6 *) a, (const net_addr_roa6 *) b); + case NET_FLOW4: + return net_compare_flow4((const net_addr_flow4 *) a, (const net_addr_flow4 *) b); + case NET_FLOW6: + return net_compare_flow6((const net_addr_flow6 *) a, (const net_addr_flow6 *) b); } return 0; } @@ -122,6 +141,8 @@ net_hash(const net_addr *n) case NET_VPN6: return NET_HASH(n, vpn6); case NET_ROA4: return NET_HASH(n, roa4); case NET_ROA6: return NET_HASH(n, roa6); + case NET_FLOW4: return NET_HASH(n, flow4); + case NET_FLOW6: return NET_HASH(n, flow6); default: bug("invalid type"); } } @@ -135,11 +156,13 @@ net_validate(const net_addr *N) case NET_IP4: case NET_VPN4: case NET_ROA4: + case NET_FLOW4: return net_validate_ip4((net_addr_ip4 *) N); case NET_IP6: case NET_VPN6: case NET_ROA6: + case NET_FLOW6: return net_validate_ip6((net_addr_ip6 *) N); default: @@ -157,11 +180,13 @@ net_normalize(net_addr *N) case NET_IP4: case NET_VPN4: case NET_ROA4: + case NET_FLOW4: return net_normalize_ip4(&n->ip4); case NET_IP6: case NET_VPN6: case NET_ROA6: + case NET_FLOW6: return net_normalize_ip6(&n->ip6); } } @@ -176,11 +201,13 @@ net_classify(const net_addr *N) case NET_IP4: case NET_VPN4: case NET_ROA4: + case NET_FLOW4: return ip4_zero(n->ip4.prefix) ? (IADDR_HOST | SCOPE_UNIVERSE) : ip4_classify(n->ip4.prefix); case NET_IP6: case NET_VPN6: case NET_ROA6: + case NET_FLOW6: return ip6_zero(n->ip6.prefix) ? (IADDR_HOST | SCOPE_UNIVERSE) : ip6_classify(&n->ip6.prefix); } @@ -195,6 +222,7 @@ ipa_in_netX(const ip_addr a, const net_addr *n) case NET_IP4: case NET_VPN4: case NET_ROA4: + case NET_FLOW4: if (!ipa_is_ip4(a)) return 0; return ip4_zero(ip4_and(ip4_xor(ipa_to_ip4(a), net4_prefix(n)), ip4_mkmask(net4_pxlen(n)))); @@ -202,6 +230,7 @@ ipa_in_netX(const ip_addr a, const net_addr *n) case NET_IP6: case NET_VPN6: case NET_ROA6: + case NET_FLOW6: if (ipa_is_ip4(a)) return 0; return ip6_zero(ip6_and(ip6_xor(ipa_to_ip6(a), net6_prefix(n)), ip6_mkmask(net6_pxlen(n)))); |