]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/netdev/tunnel.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
pkgconfig: define variables relative to ${prefix}/${rootprefix}/${sysconfdir}
[thirdparty/systemd.git] / src / network / netdev / tunnel.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <arpa/inet.h>
4 #include <net/if.h>
5 #include <linux/ip.h>
6 #include <linux/if_tunnel.h>
7 #include <linux/ip6_tunnel.h>
8
9 #if HAVE_LINUX_FOU_H
10 #include <linux/fou.h>
11 #endif
12
13 #include "sd-netlink.h"
14
15 #include "conf-parser.h"
16 #include "missing.h"
17 #include "networkd-link.h"
18 #include "netdev/tunnel.h"
19 #include "parse-util.h"
20 #include "string-table.h"
21 #include "string-util.h"
22 #include "util.h"
23
24 #define DEFAULT_TNL_HOP_LIMIT 64
25 #define IP6_FLOWINFO_FLOWLABEL htobe32(0x000FFFFF)
26 #define IP6_TNL_F_ALLOW_LOCAL_REMOTE 0x40
27
28 static const char* const ip6tnl_mode_table[_NETDEV_IP6_TNL_MODE_MAX] = {
29 [NETDEV_IP6_TNL_MODE_IP6IP6] = "ip6ip6",
30 [NETDEV_IP6_TNL_MODE_IPIP6] = "ipip6",
31 [NETDEV_IP6_TNL_MODE_ANYIP6] = "any",
32 };
33
34 DEFINE_STRING_TABLE_LOOKUP(ip6tnl_mode, Ip6TnlMode);
35 DEFINE_CONFIG_PARSE_ENUM(config_parse_ip6tnl_mode, ip6tnl_mode, Ip6TnlMode, "Failed to parse ip6 tunnel Mode");
36
37 static int netdev_ipip_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
38 Tunnel *t = IPIP(netdev);
39 int r;
40
41 assert(netdev);
42 assert(m);
43 assert(t);
44 assert(IN_SET(t->family, AF_INET, AF_UNSPEC));
45
46 if (link) {
47 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
48 if (r < 0)
49 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
50 }
51
52 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_LOCAL, &t->local.in);
53 if (r < 0)
54 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
55
56 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_REMOTE, &t->remote.in);
57 if (r < 0)
58 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
59
60 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_TTL, t->ttl);
61 if (r < 0)
62 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_TTL attribute: %m");
63
64 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_PMTUDISC, t->pmtudisc);
65 if (r < 0)
66 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_PMTUDISC attribute: %m");
67
68 if (t->fou_tunnel) {
69
70 r = sd_netlink_message_append_u16(m, IFLA_IPTUN_ENCAP_TYPE, t->fou_encap_type);
71 if (r < 0)
72 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_TYPE attribute: %m");
73
74 r = sd_netlink_message_append_u16(m, IFLA_IPTUN_ENCAP_SPORT, htobe16(t->encap_src_port));
75 if (r < 0)
76 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_SPORT attribute: %m");
77
78 r = sd_netlink_message_append_u16(m, IFLA_IPTUN_ENCAP_DPORT, htobe16(t->fou_destination_port));
79 if (r < 0)
80 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_DPORT attribute: %m");
81 }
82
83 return r;
84 }
85
86 static int netdev_sit_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
87 Tunnel *t = SIT(netdev);
88 int r;
89
90 assert(netdev);
91 assert(m);
92 assert(t);
93 assert(IN_SET(t->family, AF_INET, AF_UNSPEC));
94
95 if (link) {
96 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
97 if (r < 0)
98 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
99 }
100
101 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_LOCAL, &t->local.in);
102 if (r < 0)
103 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
104
105 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_REMOTE, &t->remote.in);
106 if (r < 0)
107 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
108
109 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_TTL, t->ttl);
110 if (r < 0)
111 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_TTL attribute: %m");
112
113 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_PMTUDISC, t->pmtudisc);
114 if (r < 0)
115 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_PMTUDISC attribute: %m");
116
117 if (t->sixrd_prefixlen > 0) {
118 r = sd_netlink_message_append_in6_addr(m, IFLA_IPTUN_6RD_PREFIX, &t->sixrd_prefix);
119 if (r < 0)
120 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_6RD_PREFIX attribute: %m");
121 /* u16 is deliberate here, even though we're passing a netmask that can never be >128. The kernel is
122 * expecting to receive the prefixlen as a u16.
123 */
124 r = sd_netlink_message_append_u16(m, IFLA_IPTUN_6RD_PREFIXLEN, t->sixrd_prefixlen);
125 if (r < 0)
126 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_6RD_PREFIXLEN attribute: %m");
127 }
128
129 return r;
130 }
131
132 static int netdev_gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
133 Tunnel *t;
134 int r;
135
136 assert(netdev);
137
138 if (netdev->kind == NETDEV_KIND_GRE)
139 t = GRE(netdev);
140 else
141 t = GRETAP(netdev);
142
143 assert(t);
144 assert(IN_SET(t->family, AF_INET, AF_UNSPEC));
145 assert(m);
146
147 if (link) {
148 r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex);
149 if (r < 0)
150 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m");
151 }
152
153 r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in);
154 if (r < 0)
155 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m");
156
157 r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in);
158 if (r < 0)
159 log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m");
160
161 r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl);
162 if (r < 0)
163 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m");
164
165 r = sd_netlink_message_append_u8(m, IFLA_GRE_TOS, t->tos);
166 if (r < 0)
167 log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m");
168
169 r = sd_netlink_message_append_u8(m, IFLA_GRE_PMTUDISC, t->pmtudisc);
170 if (r < 0)
171 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_PMTUDISC attribute: %m");
172
173 return r;
174 }
175
176 static int netdev_ip6gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
177 Tunnel *t;
178 int r;
179
180 assert(netdev);
181
182 if (netdev->kind == NETDEV_KIND_IP6GRE)
183 t = IP6GRE(netdev);
184 else
185 t = IP6GRETAP(netdev);
186
187 assert(t);
188 assert(t->family == AF_INET6);
189 assert(m);
190
191 if (link) {
192 r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex);
193 if (r < 0)
194 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m");
195 }
196
197 r = sd_netlink_message_append_in6_addr(m, IFLA_GRE_LOCAL, &t->local.in6);
198 if (r < 0)
199 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m");
200
201 r = sd_netlink_message_append_in6_addr(m, IFLA_GRE_REMOTE, &t->remote.in6);
202 if (r < 0)
203 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m");
204
205 r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl);
206 if (r < 0)
207 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m");
208
209 if (t->ipv6_flowlabel != _NETDEV_IPV6_FLOWLABEL_INVALID) {
210 r = sd_netlink_message_append_u32(m, IFLA_GRE_FLOWINFO, t->ipv6_flowlabel);
211 if (r < 0)
212 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_FLOWINFO attribute: %m");
213 }
214
215 r = sd_netlink_message_append_u32(m, IFLA_GRE_FLAGS, t->flags);
216 if (r < 0)
217 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_FLAGS attribute: %m");
218
219 return r;
220 }
221
222 static int netdev_vti_fill_message_key(NetDev *netdev, Link *link, sd_netlink_message *m) {
223 uint32_t ikey, okey;
224 Tunnel *t;
225 int r;
226
227 assert(m);
228
229 if (netdev->kind == NETDEV_KIND_VTI)
230 t = VTI(netdev);
231 else
232 t = VTI6(netdev);
233
234 assert(t);
235
236 if (t->key != 0)
237 ikey = okey = htobe32(t->key);
238 else {
239 ikey = htobe32(t->ikey);
240 okey = htobe32(t->okey);
241 }
242
243 r = sd_netlink_message_append_u32(m, IFLA_VTI_IKEY, ikey);
244 if (r < 0)
245 return log_netdev_error_errno(netdev, r, "Could not append IFLA_VTI_IKEY attribute: %m");
246
247 r = sd_netlink_message_append_u32(m, IFLA_VTI_OKEY, okey);
248 if (r < 0)
249 return log_netdev_error_errno(netdev, r, "Could not append IFLA_VTI_OKEY attribute: %m");
250
251 return 0;
252 }
253
254 static int netdev_vti_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
255 Tunnel *t = VTI(netdev);
256 int r;
257
258 assert(netdev);
259 assert(m);
260 assert(t);
261 assert(t->family == AF_INET);
262
263 if (link) {
264 r = sd_netlink_message_append_u32(m, IFLA_VTI_LINK, link->ifindex);
265 if (r < 0)
266 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
267 }
268
269 r = netdev_vti_fill_message_key(netdev, link, m);
270 if (r < 0)
271 return r;
272
273 r = sd_netlink_message_append_in_addr(m, IFLA_VTI_LOCAL, &t->local.in);
274 if (r < 0)
275 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
276
277 r = sd_netlink_message_append_in_addr(m, IFLA_VTI_REMOTE, &t->remote.in);
278 if (r < 0)
279 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
280
281 return r;
282 }
283
284 static int netdev_vti6_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
285 Tunnel *t = VTI6(netdev);
286 int r;
287
288 assert(netdev);
289 assert(m);
290 assert(t);
291 assert(t->family == AF_INET6);
292
293 if (link) {
294 r = sd_netlink_message_append_u32(m, IFLA_VTI_LINK, link->ifindex);
295 if (r < 0)
296 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
297 }
298
299 r = netdev_vti_fill_message_key(netdev, link, m);
300 if (r < 0)
301 return r;
302
303 r = sd_netlink_message_append_in6_addr(m, IFLA_VTI_LOCAL, &t->local.in6);
304 if (r < 0)
305 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
306
307 r = sd_netlink_message_append_in6_addr(m, IFLA_VTI_REMOTE, &t->remote.in6);
308 if (r < 0)
309 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
310
311 return r;
312 }
313
314 static int netdev_ip6tnl_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
315 Tunnel *t = IP6TNL(netdev);
316 uint8_t proto;
317 int r;
318
319 assert(netdev);
320 assert(m);
321 assert(t);
322 assert(t->family == AF_INET6);
323
324 if (link) {
325 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
326 if (r < 0)
327 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
328 }
329
330 r = sd_netlink_message_append_in6_addr(m, IFLA_IPTUN_LOCAL, &t->local.in6);
331 if (r < 0)
332 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
333
334 r = sd_netlink_message_append_in6_addr(m, IFLA_IPTUN_REMOTE, &t->remote.in6);
335 if (r < 0)
336 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
337
338 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_TTL, t->ttl);
339 if (r < 0)
340 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_TTL attribute: %m");
341
342 if (t->ipv6_flowlabel != _NETDEV_IPV6_FLOWLABEL_INVALID) {
343 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_FLOWINFO, t->ipv6_flowlabel);
344 if (r < 0)
345 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_FLOWINFO attribute: %m");
346 }
347
348 if (t->copy_dscp)
349 t->flags |= IP6_TNL_F_RCV_DSCP_COPY;
350
351 if (t->allow_localremote != -1)
352 SET_FLAG(t->flags, IP6_TNL_F_ALLOW_LOCAL_REMOTE, t->allow_localremote);
353
354 if (t->encap_limit != IPV6_DEFAULT_TNL_ENCAP_LIMIT) {
355 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_ENCAP_LIMIT, t->encap_limit);
356 if (r < 0)
357 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_LIMIT attribute: %m");
358 }
359
360 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_FLAGS, t->flags);
361 if (r < 0)
362 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_FLAGS attribute: %m");
363
364 switch (t->ip6tnl_mode) {
365 case NETDEV_IP6_TNL_MODE_IP6IP6:
366 proto = IPPROTO_IPV6;
367 break;
368 case NETDEV_IP6_TNL_MODE_IPIP6:
369 proto = IPPROTO_IPIP;
370 break;
371 case NETDEV_IP6_TNL_MODE_ANYIP6:
372 default:
373 proto = 0;
374 break;
375 }
376
377 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_PROTO, proto);
378 if (r < 0)
379 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_MODE attribute: %m");
380
381 return r;
382 }
383
384 static int netdev_tunnel_verify(NetDev *netdev, const char *filename) {
385 Tunnel *t = NULL;
386
387 assert(netdev);
388 assert(filename);
389
390 switch (netdev->kind) {
391 case NETDEV_KIND_IPIP:
392 t = IPIP(netdev);
393 break;
394 case NETDEV_KIND_SIT:
395 t = SIT(netdev);
396 break;
397 case NETDEV_KIND_GRE:
398 t = GRE(netdev);
399 break;
400 case NETDEV_KIND_GRETAP:
401 t = GRETAP(netdev);
402 break;
403 case NETDEV_KIND_IP6GRE:
404 t = IP6GRE(netdev);
405 break;
406 case NETDEV_KIND_IP6GRETAP:
407 t = IP6GRETAP(netdev);
408 break;
409 case NETDEV_KIND_VTI:
410 t = VTI(netdev);
411 break;
412 case NETDEV_KIND_VTI6:
413 t = VTI6(netdev);
414 break;
415 case NETDEV_KIND_IP6TNL:
416 t = IP6TNL(netdev);
417 break;
418 default:
419 assert_not_reached("Invalid tunnel kind");
420 }
421
422 assert(t);
423
424 if (!IN_SET(t->family, AF_INET, AF_INET6, AF_UNSPEC)) {
425 log_netdev_error(netdev,
426 "Tunnel with invalid address family configured in %s. Ignoring", filename);
427 return -EINVAL;
428 }
429
430 if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE, NETDEV_KIND_GRETAP) &&
431 (t->family != AF_INET || in_addr_is_null(t->family, &t->local))) {
432 log_netdev_error(netdev,
433 "vti/ipip/sit/gre/gretap tunnel without a local IPv4 address configured in %s. Ignoring", filename);
434 return -EINVAL;
435 }
436
437 if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE, NETDEV_KIND_IP6GRETAP) &&
438 (t->family != AF_INET6 || in_addr_is_null(t->family, &t->local))) {
439 log_netdev_error(netdev,
440 "vti6/ip6tnl/ip6gre/ip6gretap tunnel without a local IPv6 address configured in %s. Ignoring", filename);
441 return -EINVAL;
442 }
443
444 if (netdev->kind == NETDEV_KIND_IP6TNL &&
445 t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) {
446 log_netdev_error(netdev,
447 "ip6tnl without mode configured in %s. Ignoring", filename);
448 return -EINVAL;
449 }
450
451 if (t->fou_tunnel && t->fou_destination_port <= 0) {
452 log_netdev_error(netdev, "FooOverUDP missing port configured in %s. Ignoring", filename);
453 return -EINVAL;
454 }
455
456 return 0;
457 }
458
459 int config_parse_tunnel_address(const char *unit,
460 const char *filename,
461 unsigned line,
462 const char *section,
463 unsigned section_line,
464 const char *lvalue,
465 int ltype,
466 const char *rvalue,
467 void *data,
468 void *userdata) {
469 Tunnel *t = userdata;
470 union in_addr_union *addr = data, buffer;
471 int r, f;
472
473 assert(filename);
474 assert(lvalue);
475 assert(rvalue);
476 assert(data);
477
478 /* This is used to parse addresses on both local and remote ends of the tunnel.
479 * Address families must match.
480 *
481 * "any" is a special value which means that the address is unspecified.
482 */
483
484 if (streq(rvalue, "any")) {
485 *addr = IN_ADDR_NULL;
486
487 /* As a special case, if both the local and remote addresses are
488 * unspecified, also clear the address family.
489 */
490 if (t->family != AF_UNSPEC &&
491 in_addr_is_null(t->family, &t->local) &&
492 in_addr_is_null(t->family, &t->remote))
493 t->family = AF_UNSPEC;
494 return 0;
495 }
496
497 r = in_addr_from_string_auto(rvalue, &f, &buffer);
498 if (r < 0) {
499 log_syntax(unit, LOG_ERR, filename, line, r,
500 "Tunnel address \"%s\" invalid, ignoring assignment: %m", rvalue);
501 return 0;
502 }
503
504 if (t->family != AF_UNSPEC && t->family != f) {
505 log_syntax(unit, LOG_ERR, filename, line, 0,
506 "Tunnel addresses incompatible, ignoring assignment: %s", rvalue);
507 return 0;
508 }
509
510 t->family = f;
511 *addr = buffer;
512 return 0;
513 }
514
515 int config_parse_tunnel_key(const char *unit,
516 const char *filename,
517 unsigned line,
518 const char *section,
519 unsigned section_line,
520 const char *lvalue,
521 int ltype,
522 const char *rvalue,
523 void *data,
524 void *userdata) {
525 union in_addr_union buffer;
526 Tunnel *t = userdata;
527 uint32_t k;
528 int r;
529
530 assert(filename);
531 assert(lvalue);
532 assert(rvalue);
533 assert(data);
534
535 r = in_addr_from_string(AF_INET, rvalue, &buffer);
536 if (r < 0) {
537 r = safe_atou32(rvalue, &k);
538 if (r < 0) {
539 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse tunnel key ignoring assignment: %s", rvalue);
540 return 0;
541 }
542 } else
543 k = be32toh(buffer.in.s_addr);
544
545 if (streq(lvalue, "Key"))
546 t->key = k;
547 else if (streq(lvalue, "InputKey"))
548 t->ikey = k;
549 else
550 t->okey = k;
551
552 return 0;
553 }
554
555 int config_parse_ipv6_flowlabel(const char* unit,
556 const char *filename,
557 unsigned line,
558 const char *section,
559 unsigned section_line,
560 const char *lvalue,
561 int ltype,
562 const char *rvalue,
563 void *data,
564 void *userdata) {
565 IPv6FlowLabel *ipv6_flowlabel = data;
566 Tunnel *t = userdata;
567 int k = 0;
568 int r;
569
570 assert(filename);
571 assert(lvalue);
572 assert(rvalue);
573 assert(ipv6_flowlabel);
574
575 if (streq(rvalue, "inherit")) {
576 *ipv6_flowlabel = IP6_FLOWINFO_FLOWLABEL;
577 t->flags |= IP6_TNL_F_USE_ORIG_FLOWLABEL;
578 } else {
579 r = config_parse_int(unit, filename, line, section, section_line, lvalue, ltype, rvalue, &k, userdata);
580 if (r < 0)
581 return r;
582
583 if (k > 0xFFFFF)
584 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IPv6 flowlabel option, ignoring: %s", rvalue);
585 else {
586 *ipv6_flowlabel = htobe32(k) & IP6_FLOWINFO_FLOWLABEL;
587 t->flags &= ~IP6_TNL_F_USE_ORIG_FLOWLABEL;
588 }
589 }
590
591 return 0;
592 }
593
594 int config_parse_encap_limit(const char* unit,
595 const char *filename,
596 unsigned line,
597 const char *section,
598 unsigned section_line,
599 const char *lvalue,
600 int ltype,
601 const char *rvalue,
602 void *data,
603 void *userdata) {
604 Tunnel *t = userdata;
605 int k = 0;
606 int r;
607
608 assert(filename);
609 assert(lvalue);
610 assert(rvalue);
611
612 if (streq(rvalue, "none"))
613 t->flags |= IP6_TNL_F_IGN_ENCAP_LIMIT;
614 else {
615 r = safe_atoi(rvalue, &k);
616 if (r < 0) {
617 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse Tunnel Encapsulation Limit option, ignoring: %s", rvalue);
618 return 0;
619 }
620
621 if (k > 255 || k < 0)
622 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid Tunnel Encapsulation value, ignoring: %d", k);
623 else {
624 t->encap_limit = k;
625 t->flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT;
626 }
627 }
628
629 return 0;
630 }
631
632 int config_parse_6rd_prefix(const char* unit,
633 const char *filename,
634 unsigned line,
635 const char *section,
636 unsigned section_line,
637 const char *lvalue,
638 int ltype,
639 const char *rvalue,
640 void *data,
641 void *userdata) {
642 Tunnel *t = userdata;
643
644 assert(filename);
645 assert(lvalue);
646 assert(rvalue);
647
648 union in_addr_union p;
649 uint8_t l;
650 int r;
651
652 r = in_addr_prefix_from_string(rvalue, AF_INET6, &p, &l);
653 if (r < 0) {
654 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse 6rd prefix \"%s\", ignoring: %m", rvalue);
655 return 0;
656 }
657 if (l == 0) {
658 log_syntax(unit, LOG_ERR, filename, line, 0, "6rd prefix length of \"%s\" must be greater than zero, ignoring", rvalue);
659 return 0;
660 }
661
662 t->sixrd_prefix = p.in6;
663 t->sixrd_prefixlen = l;
664
665 return 0;
666 }
667
668 static void ipip_init(NetDev *n) {
669 Tunnel *t = IPIP(n);
670
671 assert(n);
672 assert(t);
673
674 t->pmtudisc = true;
675 t->fou_encap_type = FOU_ENCAP_DIRECT;
676 }
677
678 static void sit_init(NetDev *n) {
679 Tunnel *t = SIT(n);
680
681 assert(n);
682 assert(t);
683
684 t->pmtudisc = true;
685 }
686
687 static void vti_init(NetDev *n) {
688 Tunnel *t;
689
690 assert(n);
691
692 if (n->kind == NETDEV_KIND_VTI)
693 t = VTI(n);
694 else
695 t = VTI6(n);
696
697 assert(t);
698
699 t->pmtudisc = true;
700 }
701
702 static void gre_init(NetDev *n) {
703 Tunnel *t;
704
705 assert(n);
706
707 if (n->kind == NETDEV_KIND_GRE)
708 t = GRE(n);
709 else
710 t = GRETAP(n);
711
712 assert(t);
713
714 t->pmtudisc = true;
715 }
716
717 static void ip6gre_init(NetDev *n) {
718 Tunnel *t;
719
720 assert(n);
721
722 if (n->kind == NETDEV_KIND_IP6GRE)
723 t = IP6GRE(n);
724 else
725 t = IP6GRETAP(n);
726
727 assert(t);
728
729 t->ttl = DEFAULT_TNL_HOP_LIMIT;
730 }
731
732 static void ip6tnl_init(NetDev *n) {
733 Tunnel *t = IP6TNL(n);
734
735 assert(n);
736 assert(t);
737
738 t->ttl = DEFAULT_TNL_HOP_LIMIT;
739 t->encap_limit = IPV6_DEFAULT_TNL_ENCAP_LIMIT;
740 t->ip6tnl_mode = _NETDEV_IP6_TNL_MODE_INVALID;
741 t->ipv6_flowlabel = _NETDEV_IPV6_FLOWLABEL_INVALID;
742 t->allow_localremote = -1;
743 }
744
745 const NetDevVTable ipip_vtable = {
746 .object_size = sizeof(Tunnel),
747 .init = ipip_init,
748 .sections = "Match\0NetDev\0Tunnel\0",
749 .fill_message_create = netdev_ipip_fill_message_create,
750 .create_type = NETDEV_CREATE_STACKED,
751 .config_verify = netdev_tunnel_verify,
752 };
753
754 const NetDevVTable sit_vtable = {
755 .object_size = sizeof(Tunnel),
756 .init = sit_init,
757 .sections = "Match\0NetDev\0Tunnel\0",
758 .fill_message_create = netdev_sit_fill_message_create,
759 .create_type = NETDEV_CREATE_STACKED,
760 .config_verify = netdev_tunnel_verify,
761 };
762
763 const NetDevVTable vti_vtable = {
764 .object_size = sizeof(Tunnel),
765 .init = vti_init,
766 .sections = "Match\0NetDev\0Tunnel\0",
767 .fill_message_create = netdev_vti_fill_message_create,
768 .create_type = NETDEV_CREATE_STACKED,
769 .config_verify = netdev_tunnel_verify,
770 };
771
772 const NetDevVTable vti6_vtable = {
773 .object_size = sizeof(Tunnel),
774 .init = vti_init,
775 .sections = "Match\0NetDev\0Tunnel\0",
776 .fill_message_create = netdev_vti6_fill_message_create,
777 .create_type = NETDEV_CREATE_STACKED,
778 .config_verify = netdev_tunnel_verify,
779 };
780
781 const NetDevVTable gre_vtable = {
782 .object_size = sizeof(Tunnel),
783 .init = gre_init,
784 .sections = "Match\0NetDev\0Tunnel\0",
785 .fill_message_create = netdev_gre_fill_message_create,
786 .create_type = NETDEV_CREATE_STACKED,
787 .config_verify = netdev_tunnel_verify,
788 };
789
790 const NetDevVTable gretap_vtable = {
791 .object_size = sizeof(Tunnel),
792 .init = gre_init,
793 .sections = "Match\0NetDev\0Tunnel\0",
794 .fill_message_create = netdev_gre_fill_message_create,
795 .create_type = NETDEV_CREATE_STACKED,
796 .config_verify = netdev_tunnel_verify,
797 };
798
799 const NetDevVTable ip6gre_vtable = {
800 .object_size = sizeof(Tunnel),
801 .init = ip6gre_init,
802 .sections = "Match\0NetDev\0Tunnel\0",
803 .fill_message_create = netdev_ip6gre_fill_message_create,
804 .create_type = NETDEV_CREATE_STACKED,
805 .config_verify = netdev_tunnel_verify,
806 };
807
808 const NetDevVTable ip6gretap_vtable = {
809 .object_size = sizeof(Tunnel),
810 .init = ip6gre_init,
811 .sections = "Match\0NetDev\0Tunnel\0",
812 .fill_message_create = netdev_ip6gre_fill_message_create,
813 .create_type = NETDEV_CREATE_STACKED,
814 .config_verify = netdev_tunnel_verify,
815 };
816
817 const NetDevVTable ip6tnl_vtable = {
818 .object_size = sizeof(Tunnel),
819 .init = ip6tnl_init,
820 .sections = "Match\0NetDev\0Tunnel\0",
821 .fill_message_create = netdev_ip6tnl_fill_message_create,
822 .create_type = NETDEV_CREATE_STACKED,
823 .config_verify = netdev_tunnel_verify,
824 };
Unnamed repository; edit this file 'description' to name the repository.