From 4ad875944fc50532cceafa4ac586bb8ec15c2f47 Mon Sep 17 00:00:00 2001 From: David Ahern Date: Sat, 27 May 2017 17:34:47 -0600 Subject: [PATCH 1/4] ip address: Export ip_linkaddr_list ipaddr_list_flush_or_save generates a list of nlmsg's for links and optionally for addresses. Move the code into ip_linkaddr_list and export it along with the supporting infrastructure. API to use this function is: struct nlmsg_chain linfo = { NULL, NULL}; struct nlmsg_chain ainfo = { NULL, NULL}; ip_linkaddr_list(family, filter_req, &linfo, &ainfo); ... error checking and code looping over linfo/ainfo ... free_nlmsg_chain(&linfo); free_nlmsg_chain(&ainfo); Signed-off-by: David Ahern --- include/libnetlink.h | 10 +++++ ip/ip_common.h | 4 ++ ip/ipaddress.c | 89 +++++++++++++++++++++++++------------------- 3 files changed, 64 insertions(+), 39 deletions(-) diff --git a/include/libnetlink.h b/include/libnetlink.h index c43ab0a2..643c3bc5 100644 --- a/include/libnetlink.h +++ b/include/libnetlink.h @@ -25,6 +25,16 @@ struct rtnl_handle { int flags; }; +struct nlmsg_list { + struct nlmsg_list *next; + struct nlmsghdr h; +}; + +struct nlmsg_chain { + struct nlmsg_list *head; + struct nlmsg_list *tail; +}; + extern int rcvbuf; int rtnl_open(struct rtnl_handle *rth, unsigned int subscriptions) diff --git a/ip/ip_common.h b/ip/ip_common.h index 202fc399..450b45ac 100644 --- a/ip/ip_common.h +++ b/ip/ip_common.h @@ -65,6 +65,10 @@ int do_seg6(int argc, char **argv); int iplink_get(unsigned int flags, char *name, __u32 filt_mask); int iplink_ifla_xstats(int argc, char **argv); +int ip_linkaddr_list(int family, req_filter_fn_t filter_fn, + struct nlmsg_chain *linfo, struct nlmsg_chain *ainfo); +void free_nlmsg_chain(struct nlmsg_chain *info); + static inline int rtm_get_table(struct rtmsg *r, struct rtattr **tb) { __u32 table = r->rtm_table; diff --git a/ip/ipaddress.c b/ip/ipaddress.c index b8d9c7d9..c805b929 100644 --- a/ip/ipaddress.c +++ b/ip/ipaddress.c @@ -1211,16 +1211,6 @@ brief_exit: return 0; } -struct nlmsg_list { - struct nlmsg_list *next; - struct nlmsghdr h; -}; - -struct nlmsg_chain { - struct nlmsg_list *head; - struct nlmsg_list *tail; -}; - static int print_selected_addrinfo(struct ifinfomsg *ifi, struct nlmsg_list *ainfo, FILE *fp) { @@ -1371,7 +1361,7 @@ static int ipaddr_restore(void) exit(rtnl_from_file(stdin, &restore_handler, NULL)); } -static void free_nlmsg_chain(struct nlmsg_chain *info) +void free_nlmsg_chain(struct nlmsg_chain *info) { struct nlmsg_list *l, *n; @@ -1534,10 +1524,43 @@ static int iplink_filter_req(struct nlmsghdr *nlh, int reqlen) return 0; } +/* fills in linfo with link data and optionally ainfo with address info + * caller can walk lists as desired and must call free_nlmsg_chain for + * both when done + */ +int ip_linkaddr_list(int family, req_filter_fn_t filter_fn, + struct nlmsg_chain *linfo, struct nlmsg_chain *ainfo) +{ + if (rtnl_wilddump_req_filter_fn(&rth, preferred_family, RTM_GETLINK, + filter_fn) < 0) { + perror("Cannot send dump request"); + return 1; + } + + if (rtnl_dump_filter(&rth, store_nlmsg, linfo) < 0) { + fprintf(stderr, "Dump terminated\n"); + return 1; + } + + if (ainfo) { + if (rtnl_wilddump_request(&rth, family, RTM_GETADDR) < 0) { + perror("Cannot send dump request"); + return 1; + } + + if (rtnl_dump_filter(&rth, store_nlmsg, ainfo) < 0) { + fprintf(stderr, "Dump terminated\n"); + return 1; + } + } + + return 0; +} + static int ipaddr_list_flush_or_save(int argc, char **argv, int action) { struct nlmsg_chain linfo = { NULL, NULL}; - struct nlmsg_chain ainfo = { NULL, NULL}; + struct nlmsg_chain _ainfo = { NULL, NULL}, *ainfo = NULL; struct nlmsg_list *l; char *filter_dev = NULL; int no_link = 0; @@ -1714,34 +1737,20 @@ static int ipaddr_list_flush_or_save(int argc, char **argv, int action) exit(0); } - if (rtnl_wilddump_req_filter_fn(&rth, preferred_family, RTM_GETLINK, - iplink_filter_req) < 0) { - perror("Cannot send dump request"); - exit(1); - } - - if (rtnl_dump_filter(&rth, store_nlmsg, &linfo) < 0) { - fprintf(stderr, "Dump terminated\n"); - exit(1); - } - if (filter.family != AF_PACKET) { + ainfo = &_ainfo; + if (filter.oneline) no_link = 1; - - if (rtnl_wilddump_request(&rth, filter.family, RTM_GETADDR) < 0) { - perror("Cannot send dump request"); - exit(1); - } - - if (rtnl_dump_filter(&rth, store_nlmsg, &ainfo) < 0) { - fprintf(stderr, "Dump terminated\n"); - exit(1); - } - - ipaddr_filter(&linfo, &ainfo); } + if (ip_linkaddr_list(filter.family, iplink_filter_req, + &linfo, ainfo) != 0) + goto out; + + if (filter.family != AF_PACKET) + ipaddr_filter(&linfo, ainfo); + for (l = linfo.head; l; l = l->next) { int res = 0; struct ifinfomsg *ifi = NLMSG_DATA(&l->h); @@ -1750,20 +1759,22 @@ static int ipaddr_list_flush_or_save(int argc, char **argv, int action) if (print_linkinfo_brief(NULL, &l->h, stdout) == 0) if (filter.family != AF_PACKET) print_selected_addrinfo(ifi, - ainfo.head, + ainfo->head, stdout); } else if (no_link || - (res = print_linkinfo(NULL, &l->h, stdout)) >= 0) { + (res = print_linkinfo(NULL, &l->h, stdout)) >= 0) { if (filter.family != AF_PACKET) print_selected_addrinfo(ifi, - ainfo.head, stdout); + ainfo->head, stdout); if (res > 0 && !do_link && show_stats) print_link_stats(stdout, &l->h); } } fflush(stdout); - free_nlmsg_chain(&ainfo); +out: + if (ainfo) + free_nlmsg_chain(ainfo); free_nlmsg_chain(&linfo); return 0; From 741dd5cd9c8d499e41bfef0741bc8b8b869abaac Mon Sep 17 00:00:00 2001 From: David Ahern Date: Sat, 27 May 2017 17:34:48 -0600 Subject: [PATCH 2/4] ip address: Move filter struct to ip_common.h Move filter struct to ip_common.h as struct link_filter. Signed-off-by: David Ahern --- ip/ip_common.h | 20 ++++++++++++++++++++ ip/ipaddress.c | 22 +--------------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/ip/ip_common.h b/ip/ip_common.h index 450b45ac..2b3cf704 100644 --- a/ip/ip_common.h +++ b/ip/ip_common.h @@ -1,3 +1,23 @@ +struct link_filter { + int ifindex; + int family; + int oneline; + int showqueue; + inet_prefix pfx; + int scope, scopemask; + int flags, flagmask; + int up; + char *label; + int flushed; + char *flushb; + int flushp; + int flushe; + int group; + int master; + char *kind; + char *slave_kind; +}; + int get_operstate(const char *name); int print_linkinfo(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); diff --git a/ip/ipaddress.c b/ip/ipaddress.c index c805b929..3e2c38a8 100644 --- a/ip/ipaddress.c +++ b/ip/ipaddress.c @@ -44,27 +44,7 @@ enum { IPADD_SAVE, }; -static struct -{ - int ifindex; - int family; - int oneline; - int showqueue; - inet_prefix pfx; - int scope, scopemask; - int flags, flagmask; - int up; - char *label; - int flushed; - char *flushb; - int flushp; - int flushe; - int group; - int master; - char *kind; - char *slave_kind; -} filter; - +static struct link_filter filter; static int do_link; static void usage(void) __attribute__((noreturn)); From 63891c70137f200105c539c92eb73abade2c05d5 Mon Sep 17 00:00:00 2001 From: David Ahern Date: Sat, 27 May 2017 17:34:49 -0600 Subject: [PATCH 3/4] ip address: Change print_linkinfo_brief to take filter as an input Change print_linkinfo_brief to take the filter as an input arg. If the arg is NULL, use the global filter in ipaddress.c. Signed-off-by: David Ahern --- ip/ip_common.h | 3 ++- ip/ipaddress.c | 35 ++++++++++++++++++++--------------- ip/iplink.c | 2 +- 3 files changed, 23 insertions(+), 17 deletions(-) diff --git a/ip/ip_common.h b/ip/ip_common.h index 2b3cf704..77e9dd06 100644 --- a/ip/ip_common.h +++ b/ip/ip_common.h @@ -22,7 +22,8 @@ int get_operstate(const char *name); int print_linkinfo(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); int print_linkinfo_brief(const struct sockaddr_nl *who, - struct nlmsghdr *n, void *arg); + struct nlmsghdr *n, void *arg, + struct link_filter *filter); int print_addrinfo(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); int print_addrlabel(const struct sockaddr_nl *who, diff --git a/ip/ipaddress.c b/ip/ipaddress.c index 3e2c38a8..4900dce0 100644 --- a/ip/ipaddress.c +++ b/ip/ipaddress.c @@ -634,7 +634,8 @@ static void print_link_stats(FILE *fp, struct nlmsghdr *n) } int print_linkinfo_brief(const struct sockaddr_nl *who, - struct nlmsghdr *n, void *arg) + struct nlmsghdr *n, void *arg, + struct link_filter *pfilter) { FILE *fp = (FILE *)arg; struct ifinfomsg *ifi = NLMSG_DATA(n); @@ -651,9 +652,12 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, if (len < 0) return -1; - if (filter.ifindex && ifi->ifi_index != filter.ifindex) + if (!pfilter) + pfilter = &filter; + + if (pfilter->ifindex && ifi->ifi_index != pfilter->ifindex) return -1; - if (filter.up && !(ifi->ifi_flags&IFF_UP)) + if (pfilter->up && !(ifi->ifi_flags&IFF_UP)) return -1; parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); @@ -664,30 +668,30 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, name = rta_getattr_str(tb[IFLA_IFNAME]); } - if (filter.label && - (!filter.family || filter.family == AF_PACKET) && - fnmatch(filter.label, RTA_DATA(tb[IFLA_IFNAME]), 0)) + if (pfilter->label && + (!pfilter->family || pfilter->family == AF_PACKET) && + fnmatch(pfilter->label, RTA_DATA(tb[IFLA_IFNAME]), 0)) return -1; if (tb[IFLA_GROUP]) { int group = rta_getattr_u32(tb[IFLA_GROUP]); - if (filter.group != -1 && group != filter.group) + if (pfilter->group != -1 && group != pfilter->group) return -1; } if (tb[IFLA_MASTER]) { int master = rta_getattr_u32(tb[IFLA_MASTER]); - if (filter.master > 0 && master != filter.master) + if (pfilter->master > 0 && master != pfilter->master) return -1; - } else if (filter.master > 0) + } else if (pfilter->master > 0) return -1; - if (filter.kind && match_link_kind(tb, filter.kind, 0)) + if (pfilter->kind && match_link_kind(tb, pfilter->kind, 0)) return -1; - if (filter.slave_kind && match_link_kind(tb, filter.slave_kind, 1)) + if (pfilter->slave_kind && match_link_kind(tb, pfilter->slave_kind, 1)) return -1; if (n->nlmsg_type == RTM_DELLINK) @@ -713,7 +717,7 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, if (tb[IFLA_OPERSTATE]) print_operstate(fp, rta_getattr_u8(tb[IFLA_OPERSTATE])); - if (filter.family == AF_PACKET) { + if (pfilter->family == AF_PACKET) { SPRINT_BUF(b1); if (tb[IFLA_ADDRESS]) { color_fprintf(fp, COLOR_MAC, "%s ", @@ -724,10 +728,10 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, } } - if (filter.family == AF_PACKET) + if (pfilter->family == AF_PACKET) print_link_flags(fp, ifi->ifi_flags, m_flag); - if (filter.family == AF_PACKET) + if (pfilter->family == AF_PACKET) fprintf(fp, "\n"); fflush(fp); return 0; @@ -1736,7 +1740,8 @@ static int ipaddr_list_flush_or_save(int argc, char **argv, int action) struct ifinfomsg *ifi = NLMSG_DATA(&l->h); if (brief) { - if (print_linkinfo_brief(NULL, &l->h, stdout) == 0) + if (print_linkinfo_brief(NULL, &l->h, + stdout, NULL) == 0) if (filter.family != AF_PACKET) print_selected_addrinfo(ifi, ainfo->head, diff --git a/ip/iplink.c b/ip/iplink.c index ae1c70eb..58af402c 100644 --- a/ip/iplink.c +++ b/ip/iplink.c @@ -1036,7 +1036,7 @@ int iplink_get(unsigned int flags, char *name, __u32 filt_mask) return -2; if (brief) - print_linkinfo_brief(NULL, &answer.n, stdout); + print_linkinfo_brief(NULL, &answer.n, stdout, NULL); else print_linkinfo(NULL, &answer.n, stdout); From 1dddb60503fd79fc65f2692287965801677dcf20 Mon Sep 17 00:00:00 2001 From: David Ahern Date: Sat, 27 May 2017 17:34:50 -0600 Subject: [PATCH 4/4] ip vrf: Add show command Add show command to list all configured VRF and their table ids. Signed-off-by: David Ahern --- ip/ipvrf.c | 153 ++++++++++++++++++++++++++++++++++++++++++++-- man/man8/ip-vrf.8 | 11 ++++ 2 files changed, 159 insertions(+), 5 deletions(-) diff --git a/ip/ipvrf.c b/ip/ipvrf.c index 0f611b44..0094cf85 100644 --- a/ip/ipvrf.c +++ b/ip/ipvrf.c @@ -32,9 +32,12 @@ #define CGRP_PROC_FILE "/cgroup.procs" +static struct link_filter vrf_filter; + static void usage(void) { - fprintf(stderr, "Usage: ip vrf exec [NAME] cmd ...\n"); + fprintf(stderr, "Usage: ip vrf show [NAME] ...\n"); + fprintf(stderr, " ip vrf exec [NAME] cmd ...\n"); fprintf(stderr, " ip vrf identify [PID]\n"); fprintf(stderr, " ip vrf pids [NAME]\n"); @@ -467,12 +470,147 @@ void vrf_reset(void) vrf_switch("default"); } +static int ipvrf_filter_req(struct nlmsghdr *nlh, int reqlen) +{ + struct rtattr *linkinfo; + int err; + + if (vrf_filter.kind) { + linkinfo = addattr_nest(nlh, reqlen, IFLA_LINKINFO); + + err = addattr_l(nlh, reqlen, IFLA_INFO_KIND, vrf_filter.kind, + strlen(vrf_filter.kind)); + if (err) + return err; + + addattr_nest_end(nlh, linkinfo); + } + + return 0; +} + +/* input arg is linkinfo */ +static __u32 vrf_table_linkinfo(struct rtattr *li[]) +{ + struct rtattr *attr[IFLA_VRF_MAX + 1]; + + if (li[IFLA_INFO_DATA]) { + parse_rtattr_nested(attr, IFLA_VRF_MAX, li[IFLA_INFO_DATA]); + + if (attr[IFLA_VRF_TABLE]) + return rta_getattr_u32(attr[IFLA_VRF_TABLE]); + } + + return 0; +} + +static int ipvrf_print(struct nlmsghdr *n) +{ + struct ifinfomsg *ifi = NLMSG_DATA(n); + struct rtattr *tb[IFLA_MAX+1]; + struct rtattr *li[IFLA_INFO_MAX+1]; + int len = n->nlmsg_len; + const char *name; + __u32 tb_id; + + len -= NLMSG_LENGTH(sizeof(*ifi)); + if (len < 0) + return 0; + + if (vrf_filter.ifindex && vrf_filter.ifindex != ifi->ifi_index) + return 0; + + parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); + + /* kernel does not support filter by master device */ + if (tb[IFLA_MASTER]) { + int master = *(int *)RTA_DATA(tb[IFLA_MASTER]); + + if (vrf_filter.master && master != vrf_filter.master) + return 0; + } + + if (!tb[IFLA_IFNAME]) { + fprintf(stderr, + "BUG: device with ifindex %d has nil ifname\n", + ifi->ifi_index); + return 0; + } + name = rta_getattr_str(tb[IFLA_IFNAME]); + + /* missing LINKINFO means not VRF. e.g., kernel does not + * support filtering on kind, so userspace needs to handle + */ + if (!tb[IFLA_LINKINFO]) + return 0; + + parse_rtattr_nested(li, IFLA_INFO_MAX, tb[IFLA_LINKINFO]); + + if (!li[IFLA_INFO_KIND]) + return 0; + + if (strcmp(RTA_DATA(li[IFLA_INFO_KIND]), "vrf")) + return 0; + + tb_id = vrf_table_linkinfo(li); + if (!tb_id) { + fprintf(stderr, + "BUG: VRF %s is missing table id\n", name); + return 0; + } + + printf("%-16s %5u", name, tb_id); + + printf("\n"); + return 1; +} + +static int ipvrf_show(int argc, char **argv) +{ + struct nlmsg_chain linfo = { NULL, NULL}; + int rc = 0; + + vrf_filter.kind = "vrf"; + + if (argc > 1) + usage(); + + if (argc == 1) { + __u32 tb_id; + + tb_id = ipvrf_get_table(argv[0]); + if (!tb_id) { + fprintf(stderr, "Invalid VRF\n"); + return 1; + } + printf("%s %u\n", argv[0], tb_id); + return 0; + } + + if (ip_linkaddr_list(0, ipvrf_filter_req, &linfo, NULL) == 0) { + struct nlmsg_list *l; + unsigned nvrf = 0; + int n; + + n = printf("%-16s %5s\n", "Name", "Table"); + printf("%.*s\n", n-1, "-----------------------"); + for (l = linfo.head; l; l = l->next) + nvrf += ipvrf_print(&l->h); + + if (!nvrf) + printf("No VRF has been configured\n"); + } else + rc = 1; + + free_nlmsg_chain(&linfo); + + return rc; +} + int do_ipvrf(int argc, char **argv) { - if (argc == 0) { - fprintf(stderr, "No command given. Try \"ip vrf help\".\n"); - exit(-1); - } + if (argc == 0) + return ipvrf_show(0, NULL); if (matches(*argv, "identify") == 0) return ipvrf_identify(argc-1, argv+1); @@ -483,6 +621,11 @@ int do_ipvrf(int argc, char **argv) if (matches(*argv, "exec") == 0) return ipvrf_exec(argc-1, argv+1); + if (matches(*argv, "show") == 0 || + matches(*argv, "lst") == 0 || + matches(*argv, "list") == 0) + return ipvrf_show(argc-1, argv+1); + if (matches(*argv, "help") == 0) usage(); diff --git a/man/man8/ip-vrf.8 b/man/man8/ip-vrf.8 index 57a7c769..18789339 100644 --- a/man/man8/ip-vrf.8 +++ b/man/man8/ip-vrf.8 @@ -12,6 +12,10 @@ ip-vrf \- run a command against a vrf .BR help " }" .sp +.ti -8 +.BR "ip vrf show" +.RI "[ " NAME " ]" + .ti -8 .BR "ip vrf identify" .RI "[ " PID " ]" @@ -44,6 +48,13 @@ sockets (AF_INET and AF_INET6) when the socket is created. This ip-vrf command is a helper to run a command against a specific VRF with the VRF association inherited parent to child. +.TP +.B ip vrf show [ NAME ] - Show all configured VRF +.sp +This command lists all VRF and their corresponding table ids. If NAME is +given, then only that VRF and table id is shown. The latter command is +useful for scripting where the table id for a VRF is needed. + .TP .B ip vrf exec [ NAME ] cmd ... - Run cmd against the named VRF .sp