1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-20 18:04:03 +03:00

Merge pull request #34117 from yuwata/network-routing-policy-rule

network: introduce generic conf parser for [RoutingPolicyRule] section
This commit is contained in:
Luca Boccassi 2024-08-26 12:08:26 +01:00 committed by GitHub
commit 2e8e32e6d5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 286 additions and 570 deletions

View File

@ -714,22 +714,6 @@ int parse_ip_port_range(const char *s, uint16_t *low, uint16_t *high, bool allow
return 0;
}
int parse_ip_prefix_length(const char *s, int32_t *ret) {
unsigned l;
int r;
r = safe_atou(s, &l);
if (r < 0)
return r;
if (l > 128)
return -ERANGE;
*ret = (int32_t) l;
return 0;
}
int parse_oom_score_adjust(const char *s, int *ret) {
int r, v;

View File

@ -141,8 +141,6 @@ int parse_nice(const char *p, int *ret);
int parse_ip_port(const char *s, uint16_t *ret);
int parse_ip_port_range(const char *s, uint16_t *low, uint16_t *high, bool allow_zero);
int parse_ip_prefix_length(const char *s, int32_t *ret);
int parse_oom_score_adjust(const char *s, int *ret);
/* Implement floating point using fixed integers, to improve performance when

View File

@ -142,47 +142,6 @@ static int netdev_fou_tunnel_create(NetDev *netdev) {
return 0;
}
int config_parse_ip_protocol(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
uint8_t *proto = ASSERT_PTR(data);
int r;
r = parse_ip_protocol_full(rvalue, /* relaxed= */ true);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse '%s=%s', ignoring: %m",
lvalue, rvalue);
return 0;
}
if (r > UINT8_MAX) {
/* linux/fou.h defines the netlink field as one byte, so we need to reject
* protocols numbers that don't fit in one byte. */
log_syntax(unit, LOG_WARNING, filename, line, r,
"Invalid '%s=%s', allowed range is 0..255, ignoring.",
lvalue, rvalue);
return 0;
}
*proto = r;
return 0;
}
int config_parse_fou_tunnel_address(
const char *unit,
const char *filename,

View File

@ -38,5 +38,4 @@ const char* fou_encap_type_to_string(FooOverUDPEncapType d) _const_;
FooOverUDPEncapType fou_encap_type_from_string(const char *d) _pure_;
CONFIG_PARSER_PROTOTYPE(config_parse_fou_encap_type);
CONFIG_PARSER_PROTOTYPE(config_parse_ip_protocol);
CONFIG_PARSER_PROTOTYPE(config_parse_fou_tunnel_address);

View File

@ -99,7 +99,7 @@ Tunnel.ERSPANHardwareId, config_parse_erspan_hwid,
Tunnel.SerializeTunneledPackets, config_parse_tristate, 0, offsetof(Tunnel, gre_erspan_sequence)
Tunnel.ISATAP, config_parse_tristate, 0, offsetof(Tunnel, isatap)
Tunnel.External, config_parse_bool, 0, offsetof(Tunnel, external)
FooOverUDP.Protocol, config_parse_ip_protocol, 0, offsetof(FouTunnel, fou_protocol)
FooOverUDP.Protocol, config_parse_ip_protocol, /* relax = */ true, offsetof(FouTunnel, fou_protocol)
FooOverUDP.Encapsulation, config_parse_fou_encap_type, 0, offsetof(FouTunnel, fou_encap_type)
FooOverUDP.Port, config_parse_ip_port, 0, offsetof(FouTunnel, port)
FooOverUDP.PeerPort, config_parse_ip_port, 0, offsetof(FouTunnel, peer_port)

View File

@ -176,25 +176,25 @@ IPv6AddressLabel.Label, config_parse_address_label,
Neighbor.Address, config_parse_neighbor_address, 0, 0
Neighbor.LinkLayerAddress, config_parse_neighbor_lladdr, 0, 0
Neighbor.MACAddress, config_parse_neighbor_lladdr, 0, 0 /* deprecated */
RoutingPolicyRule.TypeOfService, config_parse_routing_policy_rule_tos, 0, 0
RoutingPolicyRule.Priority, config_parse_routing_policy_rule_priority, 0, 0
RoutingPolicyRule.GoTo, config_parse_routing_policy_rule_goto, 0, 0
RoutingPolicyRule.Table, config_parse_routing_policy_rule_table, 0, 0
RoutingPolicyRule.FirewallMark, config_parse_routing_policy_rule_fwmark_mask, 0, 0
RoutingPolicyRule.From, config_parse_routing_policy_rule_prefix, 0, 0
RoutingPolicyRule.To, config_parse_routing_policy_rule_prefix, 0, 0
RoutingPolicyRule.IncomingInterface, config_parse_routing_policy_rule_device, 0, 0
RoutingPolicyRule.OutgoingInterface, config_parse_routing_policy_rule_device, 0, 0
RoutingPolicyRule.IPProtocol, config_parse_routing_policy_rule_ip_protocol, 0, 0
RoutingPolicyRule.SourcePort, config_parse_routing_policy_rule_port_range, 0, 0
RoutingPolicyRule.DestinationPort, config_parse_routing_policy_rule_port_range, 0, 0
RoutingPolicyRule.InvertRule, config_parse_routing_policy_rule_invert, 0, 0
RoutingPolicyRule.L3MasterDevice, config_parse_routing_policy_rule_l3mdev, 0, 0
RoutingPolicyRule.Family, config_parse_routing_policy_rule_family, 0, 0
RoutingPolicyRule.User, config_parse_routing_policy_rule_uid_range, 0, 0
RoutingPolicyRule.SuppressInterfaceGroup, config_parse_routing_policy_rule_suppress_ifgroup, 0, 0
RoutingPolicyRule.SuppressPrefixLength, config_parse_routing_policy_rule_suppress_prefixlen, 0, 0
RoutingPolicyRule.Type, config_parse_routing_policy_rule_type, 0, 0
RoutingPolicyRule.TypeOfService, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_TOS, 0
RoutingPolicyRule.Priority, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_PRIORITY, 0
RoutingPolicyRule.GoTo, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_GOTO, 0
RoutingPolicyRule.Table, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_TABLE, 0
RoutingPolicyRule.FirewallMark, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_FWMARK, 0
RoutingPolicyRule.From, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_PREFIX, 0
RoutingPolicyRule.To, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_PREFIX, 0
RoutingPolicyRule.IncomingInterface, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_IIF, 0
RoutingPolicyRule.OutgoingInterface, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_OIF, 0
RoutingPolicyRule.IPProtocol, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_IP_PROTOCOL, 0
RoutingPolicyRule.SourcePort, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_SPORT, 0
RoutingPolicyRule.DestinationPort, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_DPORT, 0
RoutingPolicyRule.InvertRule, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_INVERT, 0
RoutingPolicyRule.L3MasterDevice, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_L3MDEV, 0
RoutingPolicyRule.Family, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_FAMILY, 0
RoutingPolicyRule.User, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_UID_RANGE, 0
RoutingPolicyRule.SuppressInterfaceGroup, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_SUPPRESS_IFGROUP, 0
RoutingPolicyRule.SuppressPrefixLength, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_SUPPRESS_PREFIXLEN, 0
RoutingPolicyRule.Type, config_parse_routing_policy_rule, ROUTING_POLICY_RULE_TYPE, 0
Route.Gateway, config_parse_gateway, 0, 0
Route.Destination, config_parse_destination, 0, 0
Route.Source, config_parse_destination, 0, 0

View File

@ -1349,7 +1349,7 @@ static int parse_fwmark_fwmask(const char *s, uint32_t *ret_fwmark, uint32_t *re
return 0;
}
int config_parse_routing_policy_rule_tos(
static int config_parse_routing_policy_rule_priority(
const char *unit,
const char *filename,
unsigned line,
@ -1361,75 +1361,26 @@ int config_parse_routing_policy_rule_tos(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
RoutingPolicyRule *rule = ASSERT_PTR(userdata);
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = safe_atou8(rvalue, &n->tos);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse RPDB rule TOS, ignoring: %s", rvalue);
return 0;
}
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_priority(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
if (isempty(rvalue)) {
n->priority = 0;
n->priority_set = false;
TAKE_PTR(n);
return 0;
rule->priority = 0;
rule->priority_set = false;
return 1;
}
r = safe_atou32(rvalue, &n->priority);
r = safe_atou32(rvalue, &rule->priority);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse RPDB rule priority, ignoring: %s", rvalue);
return 0;
}
n->priority_set = true;
TAKE_PTR(n);
return 0;
rule->priority_set = true;
return 1;
}
int config_parse_routing_policy_rule_goto(
static int config_parse_routing_policy_rule_goto(
const char *unit,
const char *filename,
unsigned line,
@ -1441,19 +1392,13 @@ int config_parse_routing_policy_rule_goto(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = ASSERT_PTR(userdata);
RoutingPolicyRule *rule = ASSERT_PTR(userdata);
uint32_t priority;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = safe_atou32(rvalue, &priority);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s=%s, ignoring assignment: %m", lvalue, rvalue);
@ -1464,14 +1409,12 @@ int config_parse_routing_policy_rule_goto(
return 0;
}
n->type = FR_ACT_GOTO;
n->priority_goto = priority;
TAKE_PTR(n);
return 0;
rule->type = FR_ACT_GOTO;
rule->priority_goto = priority;
return 1;
}
int config_parse_routing_policy_rule_table(
static int config_parse_routing_policy_rule_table(
const char *unit,
const char *filename,
unsigned line,
@ -1483,32 +1426,24 @@ int config_parse_routing_policy_rule_table(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
RoutingPolicyRule *rule = ASSERT_PTR(userdata);
Manager *manager = ASSERT_PTR(ASSERT_PTR(rule->network)->manager);
uint32_t *table = ASSERT_PTR(data);
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = manager_get_route_table_from_string(network->manager, rvalue, &n->table);
r = manager_get_route_table_from_string(manager, rvalue, table);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Could not parse RPDB rule route table \"%s\", ignoring assignment: %m", rvalue);
return 0;
}
TAKE_PTR(n);
return 0;
return 1;
}
int config_parse_routing_policy_rule_fwmark_mask(
static int config_parse_routing_policy_rule_fwmark(
const char *unit,
const char *filename,
unsigned line,
@ -1520,31 +1455,21 @@ int config_parse_routing_policy_rule_fwmark_mask(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
RoutingPolicyRule *rule = ASSERT_PTR(userdata);
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = parse_fwmark_fwmask(rvalue, &n->fwmark, &n->fwmask);
r = parse_fwmark_fwmask(rvalue, &rule->fwmark, &rule->fwmask);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse RPDB rule firewall mark or mask, ignoring: %s", rvalue);
return 0;
}
TAKE_PTR(n);
return 0;
return 1;
}
int config_parse_routing_policy_rule_prefix(
static int config_parse_routing_policy_rule_prefix(
const char *unit,
const char *filename,
unsigned line,
@ -1556,44 +1481,35 @@ int config_parse_routing_policy_rule_prefix(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
RoutingPolicyRule *rule = ASSERT_PTR(userdata);
union in_addr_union *buffer;
uint8_t *prefixlen;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
if (streq_ptr(lvalue, "To")) {
buffer = &rule->to;
prefixlen = &rule->to_prefixlen;
} else if (streq_ptr(lvalue, "From")) {
buffer = &rule->from;
prefixlen = &rule->from_prefixlen;
} else
assert_not_reached();
if (streq(lvalue, "To")) {
buffer = &n->to;
prefixlen = &n->to_prefixlen;
} else {
buffer = &n->from;
prefixlen = &n->from_prefixlen;
}
if (n->family == AF_UNSPEC)
r = in_addr_prefix_from_string_auto(rvalue, &n->family, buffer, prefixlen);
if (rule->family == AF_UNSPEC)
r = in_addr_prefix_from_string_auto(rvalue, &rule->family, buffer, prefixlen);
else
r = in_addr_prefix_from_string(rvalue, n->family, buffer, prefixlen);
r = in_addr_prefix_from_string(rvalue, rule->family, buffer, prefixlen);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "RPDB rule prefix is invalid, ignoring assignment: %s", rvalue);
return 0;
}
TAKE_PTR(n);
return 0;
return 1;
}
int config_parse_routing_policy_rule_device(
static int config_parse_routing_policy_rule_port_range(
const char *unit,
const char *filename,
unsigned line,
@ -1605,80 +1521,21 @@ int config_parse_routing_policy_rule_device(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
struct fib_rule_port_range *p = ASSERT_PTR(data);
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
if (!ifname_valid(rvalue)) {
log_syntax(unit, LOG_WARNING, filename, line, 0,
"Invalid interface name '%s' in %s=, ignoring assignment.", rvalue, lvalue);
return 0;
}
r = free_and_strdup(streq(lvalue, "IncomingInterface") ? &n->iif : &n->oif, rvalue);
if (r < 0)
return log_oom();
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_port_range(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
uint16_t low, high;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = parse_ip_port_range(rvalue, &low, &high, /* allow_zero = */ false);
r = parse_ip_port_range(rvalue, &p->start, &p->end, /* allow_zero = */ false);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse routing policy rule port range '%s'", rvalue);
return 0;
}
if (streq(lvalue, "SourcePort")) {
n->sport.start = low;
n->sport.end = high;
} else {
n->dport.start = low;
n->dport.end = high;
}
TAKE_PTR(n);
return 0;
return 1;
}
int config_parse_routing_policy_rule_ip_protocol(
static int config_parse_routing_policy_rule_uid_range(
const char *unit,
const char *filename,
unsigned line,
@ -1690,283 +1547,27 @@ int config_parse_routing_policy_rule_ip_protocol(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
struct fib_rule_uid_range *p = ASSERT_PTR(data);
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = parse_ip_protocol(rvalue);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse IP protocol '%s' for routing policy rule, ignoring: %m", rvalue);
return 0;
if (get_user_creds(&rvalue, &p->start, NULL, NULL, NULL, 0) >= 0) {
p->end = p->start;
return 1;
}
n->ipproto = r;
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_invert(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = parse_boolean(rvalue);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse RPDB rule invert, ignoring: %s", rvalue);
return 0;
}
SET_FLAG(n->flags, FIB_RULE_INVERT, r);
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_l3mdev(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = parse_boolean(rvalue);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse RPDB rule l3mdev, ignoring: %s", rvalue);
return 0;
}
n->l3mdev = r;
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_family(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
AddressFamily a;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
a = routing_policy_rule_address_family_from_string(rvalue);
if (a < 0) {
log_syntax(unit, LOG_WARNING, filename, line, a,
"Invalid address family '%s', ignoring.", rvalue);
return 0;
}
n->address_family = a;
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_uid_range(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
uid_t start, end;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = get_user_creds(&rvalue, &start, NULL, NULL, NULL, 0);
if (r >= 0)
end = start;
else {
r = parse_uid_range(rvalue, &start, &end);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Invalid uid or uid range '%s', ignoring: %m", rvalue);
return 0;
}
}
n->uid_range.start = start;
n->uid_range.end = end;
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_suppress_prefixlen(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
r = parse_ip_prefix_length(rvalue, &n->suppress_prefixlen);
if (r == -ERANGE) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Prefix length outside of valid range 0-128, ignoring: %s", rvalue);
return 0;
}
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse RPDB rule suppress_prefixlen, ignoring: %s", rvalue);
return 0;
}
TAKE_PTR(n);
return 0;
}
int config_parse_routing_policy_rule_suppress_ifgroup(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
int32_t suppress_ifgroup;
int r;
assert(filename);
assert(section);
assert(lvalue);
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
if (isempty(rvalue)) {
n->suppress_ifgroup = -1;
return 0;
}
r = safe_atoi32(rvalue, &suppress_ifgroup);
r = parse_uid_range(rvalue, &p->start, &p->end);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse SuppressInterfaceGroup=, ignoring assignment: %s", rvalue);
"Invalid uid or uid range '%s', ignoring: %m", rvalue);
return 0;
}
if (suppress_ifgroup < 0) {
log_syntax(unit, LOG_WARNING, filename, line, 0,
"Value of SuppressInterfaceGroup= must be in the range 0…2147483647, ignoring assignment: %s", rvalue);
return 0;
}
n->suppress_ifgroup = suppress_ifgroup;
TAKE_PTR(n);
return 0;
return 1;
}
int config_parse_routing_policy_rule_type(
static int config_parse_routing_policy_rule_suppress(
const char *unit,
const char *filename,
unsigned line,
@ -1978,30 +1579,128 @@ int config_parse_routing_policy_rule_type(
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *n = NULL;
Network *network = userdata;
int r, t;
int32_t val, *p = ASSERT_PTR(data);
int r;
assert(filename);
assert(section);
assert(lvalue);
if (isempty(rvalue)) {
*p = -1;
return 1;
}
r = safe_atoi32(rvalue, &val);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse %s=%s, ignoring assignment: %m", lvalue, rvalue);
return 0;
}
if (val < 0 || val > ltype) {
log_syntax(unit, LOG_WARNING, filename, line, 0,
"Invalid value specified to %s=, ignoring assignment: %s", lvalue, rvalue);
return 0;
}
*p = val;
return 1;
}
static int config_parse_routing_policy_rule_type(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
uint8_t *p = ASSERT_PTR(data);
int r;
assert(rvalue);
assert(data);
r = routing_policy_rule_new_static(network, filename, section_line, &n);
if (r < 0)
return log_oom();
t = fr_act_type_from_string(rvalue);
if (t < 0) {
log_syntax(unit, LOG_WARNING, filename, line, t,
r = fr_act_type_from_string(rvalue);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Could not parse FIB rule type \"%s\", ignoring assignment: %m", rvalue);
return 0;
}
n->type = (uint8_t) t;
*p = (uint8_t) r;
return 1;
}
TAKE_PTR(n);
static DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(
config_parse_routing_policy_rule_family,
routing_policy_rule_address_family,
AddressFamily,
ADDRESS_FAMILY_NO,
"Invalid family");
typedef struct RoutingPolicyRuleConfParser {
ConfigParserCallback parser;
int ltype;
size_t offset;
} RoutingPolicyRuleConfParser;
static RoutingPolicyRuleConfParser routing_policy_rule_conf_parser_table[_ROUTING_POLICY_RULE_CONF_PARSER_MAX] = {
[ROUTING_POLICY_RULE_IIF] = { .parser = config_parse_ifname, .ltype = 0, .offset = offsetof(RoutingPolicyRule, iif), },
[ROUTING_POLICY_RULE_OIF] = { .parser = config_parse_ifname, .ltype = 0, .offset = offsetof(RoutingPolicyRule, oif), },
[ROUTING_POLICY_RULE_FAMILY] = { .parser = config_parse_routing_policy_rule_family, .ltype = 0, .offset = offsetof(RoutingPolicyRule, address_family), },
[ROUTING_POLICY_RULE_FWMARK] = { .parser = config_parse_routing_policy_rule_fwmark, .ltype = 0, .offset = 0, },
[ROUTING_POLICY_RULE_GOTO] = { .parser = config_parse_routing_policy_rule_goto, .ltype = 0, .offset = 0, },
[ROUTING_POLICY_RULE_INVERT] = { .parser = config_parse_uint32_flag, .ltype = FIB_RULE_INVERT, .offset = offsetof(RoutingPolicyRule, flags), },
[ROUTING_POLICY_RULE_IP_PROTOCOL] = { .parser = config_parse_ip_protocol, .ltype = 0, .offset = offsetof(RoutingPolicyRule, ipproto), },
[ROUTING_POLICY_RULE_L3MDEV] = { .parser = config_parse_bool, .ltype = 0, .offset = offsetof(RoutingPolicyRule, l3mdev), },
[ROUTING_POLICY_RULE_SPORT] = { .parser = config_parse_routing_policy_rule_port_range, .ltype = 0, .offset = offsetof(RoutingPolicyRule, sport), },
[ROUTING_POLICY_RULE_DPORT] = { .parser = config_parse_routing_policy_rule_port_range, .ltype = 0, .offset = offsetof(RoutingPolicyRule, dport), },
[ROUTING_POLICY_RULE_PREFIX] = { .parser = config_parse_routing_policy_rule_prefix, .ltype = 0, .offset = 0, },
[ROUTING_POLICY_RULE_PRIORITY] = { .parser = config_parse_routing_policy_rule_priority, .ltype = 0, .offset = 0, },
[ROUTING_POLICY_RULE_SUPPRESS_IFGROUP] = { .parser = config_parse_routing_policy_rule_suppress, .ltype = INT32_MAX, .offset = offsetof(RoutingPolicyRule, suppress_ifgroup), },
[ROUTING_POLICY_RULE_SUPPRESS_PREFIXLEN] = { .parser = config_parse_routing_policy_rule_suppress, .ltype = 128, .offset = offsetof(RoutingPolicyRule, suppress_prefixlen), },
[ROUTING_POLICY_RULE_TABLE] = { .parser = config_parse_routing_policy_rule_table, .ltype = 0, .offset = offsetof(RoutingPolicyRule, table), },
[ROUTING_POLICY_RULE_TOS] = { .parser = config_parse_uint8, .ltype = 0, .offset = offsetof(RoutingPolicyRule, tos), },
[ROUTING_POLICY_RULE_TYPE] = { .parser = config_parse_routing_policy_rule_type, .ltype = 0, .offset = offsetof(RoutingPolicyRule, type), },
[ROUTING_POLICY_RULE_UID_RANGE] = { .parser = config_parse_routing_policy_rule_uid_range, .ltype = 0, .offset = offsetof(RoutingPolicyRule, uid_range), },
};
int config_parse_routing_policy_rule(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_(routing_policy_rule_unref_or_set_invalidp) RoutingPolicyRule *rule = NULL;
Network *network = ASSERT_PTR(userdata);
int r;
assert(filename);
assert(ltype >= 0);
assert(ltype < _ROUTING_POLICY_RULE_CONF_PARSER_MAX);
r = routing_policy_rule_new_static(network, filename, section_line, &rule);
if (r < 0)
return log_oom();
RoutingPolicyRuleConfParser *e = routing_policy_rule_conf_parser_table + ltype;
assert(e->parser);
assert(e->offset < sizeof(RoutingPolicyRule));
r = e->parser(unit, filename, line, section, section_line, lvalue, e->ltype, rvalue,
(uint8_t*) rule + e->offset, rule);
if (r <= 0) /* 0 means non-critical error, but the section will be ignored. */
return r;
TAKE_PTR(rule);
return 0;
}

View File

@ -77,19 +77,27 @@ void link_foreignize_routing_policy_rules(Link *link);
DEFINE_NETWORK_CONFIG_STATE_FUNCTIONS(RoutingPolicyRule, routing_policy_rule);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_device);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_family);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_fwmark_mask);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_goto);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_invert);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_ip_protocol);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_l3mdev);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_port_range);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_prefix);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_priority);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_suppress_ifgroup);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_suppress_prefixlen);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_table);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_tos);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_type);
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule_uid_range);
typedef enum RoutingPolicyRuleConfParserType {
ROUTING_POLICY_RULE_IIF,
ROUTING_POLICY_RULE_OIF,
ROUTING_POLICY_RULE_FAMILY,
ROUTING_POLICY_RULE_FWMARK,
ROUTING_POLICY_RULE_GOTO,
ROUTING_POLICY_RULE_INVERT,
ROUTING_POLICY_RULE_IP_PROTOCOL,
ROUTING_POLICY_RULE_L3MDEV,
ROUTING_POLICY_RULE_SPORT,
ROUTING_POLICY_RULE_DPORT,
ROUTING_POLICY_RULE_PREFIX,
ROUTING_POLICY_RULE_PRIORITY,
ROUTING_POLICY_RULE_SUPPRESS_IFGROUP,
ROUTING_POLICY_RULE_SUPPRESS_PREFIXLEN,
ROUTING_POLICY_RULE_TABLE,
ROUTING_POLICY_RULE_TOS,
ROUTING_POLICY_RULE_TYPE,
ROUTING_POLICY_RULE_UID_RANGE,
_ROUTING_POLICY_RULE_CONF_PARSER_MAX,
_ROUTING_POLICY_RULE_CONF_PARSER_INVALID = -EINVAL,
} RoutingPolicyRuleConfParserType;
CONFIG_PARSER_PROTOTYPE(config_parse_routing_policy_rule);

View File

@ -24,6 +24,7 @@
#include "hostname-util.h"
#include "id128-util.h"
#include "in-addr-util.h"
#include "ip-protocol-list.h"
#include "log.h"
#include "macro.h"
#include "missing_network.h"
@ -1005,7 +1006,36 @@ int config_parse_bool(
}
*b = k;
return 0;
return 1; /* set */
}
int config_parse_uint32_flag(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
uint32_t *flags = ASSERT_PTR(data);
int r;
assert(ltype != 0);
r = isempty(rvalue) ? 0 : parse_boolean(rvalue);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse %s=%s. Ignoring assignment: %m",
lvalue, rvalue);
return 0;
}
SET_FLAG(*flags, ltype, r);
return 1;
}
int config_parse_id128(
@ -1453,7 +1483,7 @@ int config_parse_ifname(
if (isempty(rvalue)) {
*s = mfree(*s);
return 0;
return 1;
}
if (!ifname_valid(rvalue)) {
@ -1465,7 +1495,7 @@ int config_parse_ifname(
if (r < 0)
return log_oom();
return 0;
return 1;
}
int config_parse_ifnames(
@ -2053,3 +2083,39 @@ int config_parse_timezone(
return free_and_strdup_warn(tz, rvalue);
}
int config_parse_ip_protocol(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
uint8_t *proto = ASSERT_PTR(data);
int r;
r = isempty(rvalue) ? 0 : parse_ip_protocol_full(rvalue, /* relaxed= */ ltype);
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse '%s=%s', ignoring: %m",
lvalue, rvalue);
return 0;
}
if (r > UINT8_MAX) {
/* linux/fib_rules.h and linux/fou.h define the netlink field as one byte, so we need to
* reject protocols numbers that don't fit in one byte. */
log_syntax(unit, LOG_WARNING, filename, line, r,
"Invalid '%s=%s', allowed range is 0..255, ignoring.",
lvalue, rvalue);
return 0;
}
*proto = r;
return 1; /* done. */
}

View File

@ -254,6 +254,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_si_uint64);
CONFIG_PARSER_PROTOTYPE(config_parse_iec_uint64);
CONFIG_PARSER_PROTOTYPE(config_parse_iec_uint64_infinity);
CONFIG_PARSER_PROTOTYPE(config_parse_bool);
CONFIG_PARSER_PROTOTYPE(config_parse_uint32_flag);
CONFIG_PARSER_PROTOTYPE(config_parse_id128);
CONFIG_PARSER_PROTOTYPE(config_parse_tristate);
CONFIG_PARSER_PROTOTYPE(config_parse_string);
@ -289,6 +290,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_pid);
CONFIG_PARSER_PROTOTYPE(config_parse_sec_fix_0);
CONFIG_PARSER_PROTOTYPE(config_parse_timezone);
CONFIG_PARSER_PROTOTYPE(config_parse_calendar);
CONFIG_PARSER_PROTOTYPE(config_parse_ip_protocol);
typedef enum Disabled {
DISABLED_CONFIGURATION,
@ -320,7 +322,7 @@ typedef enum ConfigParseStringFlags {
} \
\
*i = r; \
return 0; \
return 1; \
}
#define DEFINE_CONFIG_PARSE_PTR(function, parser, type, msg) \
@ -337,7 +339,7 @@ typedef enum ConfigParseStringFlags {
log_syntax(unit, LOG_WARNING, filename, line, r, \
msg ", ignoring: %s", rvalue); \
\
return 0; \
return 1; \
}
#define DEFINE_CONFIG_PARSE_ENUM_FULL(function, from_string, type, msg) \
@ -357,7 +359,7 @@ typedef enum ConfigParseStringFlags {
} \
\
*i = x; \
return 0; \
return 1; \
}
#define DEFINE_CONFIG_PARSE_ENUM(function, name, type, msg) \
@ -374,7 +376,7 @@ typedef enum ConfigParseStringFlags {
\
if (isempty(rvalue)) { \
*i = default_value; \
return 0; \
return 1; \
} \
\
x = name##_from_string(rvalue); \
@ -385,7 +387,7 @@ typedef enum ConfigParseStringFlags {
} \
\
*i = x; \
return 0; \
return 1; \
}
#define DEFINE_CONFIG_PARSE_ENUMV(function, name, type, invalid, msg) \
@ -448,7 +450,8 @@ typedef enum ConfigParseStringFlags {
*(xs + i) = invalid; \
} \
\
return free_and_replace(*enums, xs); \
free_and_replace(*enums, xs); \
return 1; \
}
int config_parse_unsigned_bounded(