Lines Matching refs:rule
45 RoutingPolicyRule *routing_policy_rule_free(RoutingPolicyRule *rule) { in routing_policy_rule_free() argument
46 if (!rule) in routing_policy_rule_free()
49 if (rule->network) { in routing_policy_rule_free()
50 assert(rule->section); in routing_policy_rule_free()
51 hashmap_remove(rule->network->rules_by_section, rule->section); in routing_policy_rule_free()
54 if (rule->manager) in routing_policy_rule_free()
55 set_remove(rule->manager->rules, rule); in routing_policy_rule_free()
57 config_section_free(rule->section); in routing_policy_rule_free()
58 free(rule->iif); in routing_policy_rule_free()
59 free(rule->oif); in routing_policy_rule_free()
61 return mfree(rule); in routing_policy_rule_free()
67 RoutingPolicyRule *rule; in routing_policy_rule_new() local
69 rule = new(RoutingPolicyRule, 1); in routing_policy_rule_new()
70 if (!rule) in routing_policy_rule_new()
73 *rule = (RoutingPolicyRule) { in routing_policy_rule_new()
83 *ret = rule; in routing_policy_rule_new()
88 _cleanup_(routing_policy_rule_freep) RoutingPolicyRule *rule = NULL; in routing_policy_rule_new_static()
101 rule = hashmap_get(network->rules_by_section, n); in routing_policy_rule_new_static()
102 if (rule) { in routing_policy_rule_new_static()
103 *ret = TAKE_PTR(rule); in routing_policy_rule_new_static()
107 r = routing_policy_rule_new(&rule); in routing_policy_rule_new_static()
111 rule->network = network; in routing_policy_rule_new_static()
112 rule->section = TAKE_PTR(n); in routing_policy_rule_new_static()
113 rule->source = NETWORK_CONFIG_SOURCE_STATIC; in routing_policy_rule_new_static()
114 rule->protocol = RTPROT_STATIC; in routing_policy_rule_new_static()
116 … r = hashmap_ensure_put(&network->rules_by_section, &config_section_hash_ops, rule->section, rule); in routing_policy_rule_new_static()
120 *ret = TAKE_PTR(rule); in routing_policy_rule_new_static()
156 static void routing_policy_rule_hash_func(const RoutingPolicyRule *rule, struct siphash *state) { in routing_policy_rule_hash_func() argument
157 assert(rule); in routing_policy_rule_hash_func()
159 siphash24_compress(&rule->family, sizeof(rule->family), state); in routing_policy_rule_hash_func()
161 switch (rule->family) { in routing_policy_rule_hash_func()
164 siphash24_compress(&rule->from, FAMILY_ADDRESS_SIZE(rule->family), state); in routing_policy_rule_hash_func()
165 siphash24_compress(&rule->from_prefixlen, sizeof(rule->from_prefixlen), state); in routing_policy_rule_hash_func()
167 siphash24_compress(&rule->to, FAMILY_ADDRESS_SIZE(rule->family), state); in routing_policy_rule_hash_func()
168 siphash24_compress(&rule->to_prefixlen, sizeof(rule->to_prefixlen), state); in routing_policy_rule_hash_func()
170 siphash24_compress_boolean(rule->invert_rule, state); in routing_policy_rule_hash_func()
172 siphash24_compress(&rule->tos, sizeof(rule->tos), state); in routing_policy_rule_hash_func()
173 siphash24_compress(&rule->type, sizeof(rule->type), state); in routing_policy_rule_hash_func()
174 siphash24_compress(&rule->fwmark, sizeof(rule->fwmark), state); in routing_policy_rule_hash_func()
175 siphash24_compress(&rule->fwmask, sizeof(rule->fwmask), state); in routing_policy_rule_hash_func()
176 siphash24_compress(&rule->priority, sizeof(rule->priority), state); in routing_policy_rule_hash_func()
177 siphash24_compress(&rule->table, sizeof(rule->table), state); in routing_policy_rule_hash_func()
178 … siphash24_compress(&rule->suppress_prefixlen, sizeof(rule->suppress_prefixlen), state); in routing_policy_rule_hash_func()
179 siphash24_compress(&rule->suppress_ifgroup, sizeof(rule->suppress_ifgroup), state); in routing_policy_rule_hash_func()
181 siphash24_compress(&rule->ipproto, sizeof(rule->ipproto), state); in routing_policy_rule_hash_func()
182 siphash24_compress(&rule->protocol, sizeof(rule->protocol), state); in routing_policy_rule_hash_func()
183 siphash24_compress(&rule->sport, sizeof(rule->sport), state); in routing_policy_rule_hash_func()
184 siphash24_compress(&rule->dport, sizeof(rule->dport), state); in routing_policy_rule_hash_func()
185 siphash24_compress(&rule->uid_range, sizeof(rule->uid_range), state); in routing_policy_rule_hash_func()
187 siphash24_compress_string(rule->iif, state); in routing_policy_rule_hash_func()
188 siphash24_compress_string(rule->oif, state); in routing_policy_rule_hash_func()
312 RoutingPolicyRule *rule; in routing_policy_rule_get() local
317 rule = set_get(m->rules, in); in routing_policy_rule_get()
318 if (rule) { in routing_policy_rule_get()
320 *ret = rule; in routing_policy_rule_get()
328 SET_FOREACH(rule, m->rules) { in routing_policy_rule_get()
332 if (rule->priority_set) in routing_policy_rule_get()
336 priority = rule->priority; in routing_policy_rule_get()
337 rule->priority = 0; in routing_policy_rule_get()
338 found = routing_policy_rule_equal(rule, in); in routing_policy_rule_get()
339 rule->priority = priority; in routing_policy_rule_get()
343 *ret = rule; in routing_policy_rule_get()
351 static int routing_policy_rule_add(Manager *m, RoutingPolicyRule *rule) { in routing_policy_rule_add() argument
355 assert(rule); in routing_policy_rule_add()
356 assert(IN_SET(rule->family, AF_INET, AF_INET6)); in routing_policy_rule_add()
358 r = set_ensure_put(&m->rules, &routing_policy_rule_hash_ops, rule); in routing_policy_rule_add()
364 rule->manager = m; in routing_policy_rule_add()
368 static int routing_policy_rule_acquire_priority(Manager *manager, RoutingPolicyRule *rule) { in routing_policy_rule_acquire_priority() argument
376 assert(rule); in routing_policy_rule_acquire_priority()
377 assert(IN_SET(rule->family, AF_INET, AF_INET6)); in routing_policy_rule_acquire_priority()
379 if (rule->priority_set) in routing_policy_rule_acquire_priority()
386 if (tmp->family != rule->family) in routing_policy_rule_acquire_priority()
397 if (tmp->family != AF_UNSPEC && tmp->family != rule->family) in routing_policy_rule_acquire_priority()
412 rule->priority = priority; in routing_policy_rule_acquire_priority()
416 static void log_routing_policy_rule_debug(const RoutingPolicyRule *rule, const char *str, const Lin… in log_routing_policy_rule_debug() argument
419 assert(rule); in log_routing_policy_rule_debug()
420 assert(IN_SET(rule->family, AF_INET, AF_INET6)); in log_routing_policy_rule_debug()
429 (void) network_config_state_to_string_alloc(rule->state, &state); in log_routing_policy_rule_debug()
430 (void) in_addr_prefix_to_string(rule->family, &rule->from, rule->from_prefixlen, &from); in log_routing_policy_rule_debug()
431 (void) in_addr_prefix_to_string(rule->family, &rule->to, rule->to_prefixlen, &to); in log_routing_policy_rule_debug()
432 (void) manager_get_route_table_to_string(m, rule->table, &table); in log_routing_policy_rule_debug()
436 str, strna(network_config_source_to_string(rule->source)), strna(state), in log_routing_policy_rule_debug()
437 rule->priority, strna(from), strna(to), in log_routing_policy_rule_debug()
438 strna(rule->iif), strna(rule->oif), strna(table)); in log_routing_policy_rule_debug()
441 static int routing_policy_rule_set_netlink_message(const RoutingPolicyRule *rule, sd_netlink_messag… in routing_policy_rule_set_netlink_message() argument
444 assert(rule); in routing_policy_rule_set_netlink_message()
449 if (rule->from_prefixlen > 0) { in routing_policy_rule_set_netlink_message()
450 r = netlink_message_append_in_addr_union(m, FRA_SRC, rule->family, &rule->from); in routing_policy_rule_set_netlink_message()
454 … r = sd_rtnl_message_routing_policy_rule_set_fib_src_prefixlen(m, rule->from_prefixlen); in routing_policy_rule_set_netlink_message()
459 if (rule->to_prefixlen > 0) { in routing_policy_rule_set_netlink_message()
460 r = netlink_message_append_in_addr_union(m, FRA_DST, rule->family, &rule->to); in routing_policy_rule_set_netlink_message()
464 … r = sd_rtnl_message_routing_policy_rule_set_fib_dst_prefixlen(m, rule->to_prefixlen); in routing_policy_rule_set_netlink_message()
469 r = sd_netlink_message_append_u32(m, FRA_PRIORITY, rule->priority); in routing_policy_rule_set_netlink_message()
473 if (rule->tos > 0) { in routing_policy_rule_set_netlink_message()
474 r = sd_rtnl_message_routing_policy_rule_set_tos(m, rule->tos); in routing_policy_rule_set_netlink_message()
479 if (rule->table < 256) { in routing_policy_rule_set_netlink_message()
480 r = sd_rtnl_message_routing_policy_rule_set_table(m, rule->table); in routing_policy_rule_set_netlink_message()
488 r = sd_netlink_message_append_u32(m, FRA_TABLE, rule->table); in routing_policy_rule_set_netlink_message()
493 if (rule->fwmark > 0) { in routing_policy_rule_set_netlink_message()
494 r = sd_netlink_message_append_u32(m, FRA_FWMARK, rule->fwmark); in routing_policy_rule_set_netlink_message()
498 r = sd_netlink_message_append_u32(m, FRA_FWMASK, rule->fwmask); in routing_policy_rule_set_netlink_message()
503 if (rule->iif) { in routing_policy_rule_set_netlink_message()
504 r = sd_netlink_message_append_string(m, FRA_IIFNAME, rule->iif); in routing_policy_rule_set_netlink_message()
509 if (rule->oif) { in routing_policy_rule_set_netlink_message()
510 r = sd_netlink_message_append_string(m, FRA_OIFNAME, rule->oif); in routing_policy_rule_set_netlink_message()
515 r = sd_netlink_message_append_u8(m, FRA_IP_PROTO, rule->ipproto); in routing_policy_rule_set_netlink_message()
519 r = sd_netlink_message_append_u8(m, FRA_PROTOCOL, rule->protocol); in routing_policy_rule_set_netlink_message()
523 if (rule->sport.start != 0 || rule->sport.end != 0) { in routing_policy_rule_set_netlink_message()
524 … r = sd_netlink_message_append_data(m, FRA_SPORT_RANGE, &rule->sport, sizeof(rule->sport)); in routing_policy_rule_set_netlink_message()
529 if (rule->dport.start != 0 || rule->dport.end != 0) { in routing_policy_rule_set_netlink_message()
530 … r = sd_netlink_message_append_data(m, FRA_DPORT_RANGE, &rule->dport, sizeof(rule->dport)); in routing_policy_rule_set_netlink_message()
535 if (rule->uid_range.start != UID_INVALID && rule->uid_range.end != UID_INVALID) { in routing_policy_rule_set_netlink_message()
536 … r = sd_netlink_message_append_data(m, FRA_UID_RANGE, &rule->uid_range, sizeof(rule->uid_range)); in routing_policy_rule_set_netlink_message()
541 if (rule->invert_rule) { in routing_policy_rule_set_netlink_message()
547 if (rule->suppress_prefixlen >= 0) { in routing_policy_rule_set_netlink_message()
548 … r = sd_netlink_message_append_u32(m, FRA_SUPPRESS_PREFIXLEN, (uint32_t) rule->suppress_prefixlen); in routing_policy_rule_set_netlink_message()
553 if (rule->suppress_ifgroup >= 0) { in routing_policy_rule_set_netlink_message()
554 … r = sd_netlink_message_append_u32(m, FRA_SUPPRESS_IFGROUP, (uint32_t) rule->suppress_ifgroup); in routing_policy_rule_set_netlink_message()
559 r = sd_rtnl_message_routing_policy_rule_set_fib_type(m, rule->type); in routing_policy_rule_set_netlink_message()
578 static int routing_policy_rule_remove(RoutingPolicyRule *rule) { in routing_policy_rule_remove() argument
582 assert(rule); in routing_policy_rule_remove()
583 assert(rule->manager); in routing_policy_rule_remove()
584 assert(rule->manager->rtnl); in routing_policy_rule_remove()
585 assert(IN_SET(rule->family, AF_INET, AF_INET6)); in routing_policy_rule_remove()
587 log_routing_policy_rule_debug(rule, "Removing", NULL, rule->manager); in routing_policy_rule_remove()
589 … r = sd_rtnl_message_new_routing_policy_rule(rule->manager->rtnl, &m, RTM_DELRULE, rule->family); in routing_policy_rule_remove()
593 r = routing_policy_rule_set_netlink_message(rule, m, NULL); in routing_policy_rule_remove()
597 r = netlink_call_async(rule->manager->rtnl, NULL, m, in routing_policy_rule_remove()
603 routing_policy_rule_enter_removing(rule); in routing_policy_rule_remove()
607 static int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, Request *req) { in routing_policy_rule_configure() argument
611 assert(rule); in routing_policy_rule_configure()
612 assert(IN_SET(rule->family, AF_INET, AF_INET6)); in routing_policy_rule_configure()
619 log_routing_policy_rule_debug(rule, "Configuring", link, link->manager); in routing_policy_rule_configure()
621 … r = sd_rtnl_message_new_routing_policy_rule(link->manager->rtnl, &m, RTM_NEWRULE, rule->family); in routing_policy_rule_configure()
625 r = routing_policy_rule_set_netlink_message(rule, m, link); in routing_policy_rule_configure()
633 RoutingPolicyRule *rule; in manager_mark_routing_policy_rules() local
639 SET_FOREACH(rule, m->rules) { in manager_mark_routing_policy_rules()
641 if (rule->protocol == RTPROT_KERNEL) in manager_mark_routing_policy_rules()
645 if (foreign != (rule->source == NETWORK_CONFIG_SOURCE_FOREIGN)) in manager_mark_routing_policy_rules()
649 if (!routing_policy_rule_exists(rule)) in manager_mark_routing_policy_rules()
652 routing_policy_rule_mark(rule); in manager_mark_routing_policy_rules()
663 HASHMAP_FOREACH(rule, link->network->rules_by_section) { in manager_mark_routing_policy_rules()
666 if (IN_SET(rule->family, AF_INET, AF_INET6)) { in manager_mark_routing_policy_rules()
667 if (routing_policy_rule_get(m, rule, &existing) >= 0) in manager_mark_routing_policy_rules()
671 rule->family = AF_INET; in manager_mark_routing_policy_rules()
672 if (routing_policy_rule_get(m, rule, &existing) >= 0) in manager_mark_routing_policy_rules()
675 rule->family = AF_INET6; in manager_mark_routing_policy_rules()
676 if (routing_policy_rule_get(m, rule, &existing) >= 0) in manager_mark_routing_policy_rules()
679 rule->family = AF_UNSPEC; in manager_mark_routing_policy_rules()
686 RoutingPolicyRule *rule; in manager_drop_routing_policy_rules_internal() local
693 SET_FOREACH(rule, m->rules) { in manager_drop_routing_policy_rules_internal()
694 if (!routing_policy_rule_is_marked(rule)) in manager_drop_routing_policy_rules_internal()
697 k = routing_policy_rule_remove(rule); in manager_drop_routing_policy_rules_internal()
706 RoutingPolicyRule *rule; in link_foreignize_routing_policy_rules() local
713 SET_FOREACH(rule, link->manager->rules) { in link_foreignize_routing_policy_rules()
714 if (!routing_policy_rule_is_marked(rule)) in link_foreignize_routing_policy_rules()
717 rule->source = NETWORK_CONFIG_SOURCE_FOREIGN; in link_foreignize_routing_policy_rules()
721 static int routing_policy_rule_process_request(Request *req, Link *link, RoutingPolicyRule *rule) { in routing_policy_rule_process_request() argument
726 assert(rule); in routing_policy_rule_process_request()
731 r = routing_policy_rule_configure(rule, link, req); in routing_policy_rule_process_request()
735 routing_policy_rule_enter_configuring(rule); in routing_policy_rule_process_request()
744 RoutingPolicyRule *rule) { in static_routing_policy_rule_configure_handler() argument
767 static int link_request_routing_policy_rule(Link *link, RoutingPolicyRule *rule) { in link_request_routing_policy_rule() argument
773 assert(rule); in link_request_routing_policy_rule()
774 assert(rule->source != NETWORK_CONFIG_SOURCE_FOREIGN); in link_request_routing_policy_rule()
776 if (routing_policy_rule_get(link->manager, rule, &existing) < 0) { in link_request_routing_policy_rule()
779 r = routing_policy_rule_dup(rule, &tmp); in link_request_routing_policy_rule()
793 existing->source = rule->source; in link_request_routing_policy_rule()
811 static int link_request_static_routing_policy_rule(Link *link, RoutingPolicyRule *rule) { in link_request_static_routing_policy_rule() argument
814 if (IN_SET(rule->family, AF_INET, AF_INET6)) in link_request_static_routing_policy_rule()
815 return link_request_routing_policy_rule(link, rule); in link_request_static_routing_policy_rule()
817 rule->family = AF_INET; in link_request_static_routing_policy_rule()
818 r = link_request_routing_policy_rule(link, rule); in link_request_static_routing_policy_rule()
820 rule->family = AF_UNSPEC; in link_request_static_routing_policy_rule()
824 rule->family = AF_INET6; in link_request_static_routing_policy_rule()
825 r = link_request_routing_policy_rule(link, rule); in link_request_static_routing_policy_rule()
826 rule->family = AF_UNSPEC; in link_request_static_routing_policy_rule()
831 RoutingPolicyRule *rule; in link_request_static_routing_policy_rules() local
839 HASHMAP_FOREACH(rule, link->network->rules_by_section) { in link_request_static_routing_policy_rules()
840 r = link_request_static_routing_policy_rule(link, rule); in link_request_static_routing_policy_rules()
864 static bool routing_policy_rule_is_created_by_kernel(const RoutingPolicyRule *rule) { in routing_policy_rule_is_created_by_kernel() argument
865 assert(rule); in routing_policy_rule_is_created_by_kernel()
867 if (rule->l3mdev > 0) in routing_policy_rule_is_created_by_kernel()
873 if (routing_policy_rule_equal(rule, &kernel_rules[i])) in routing_policy_rule_is_created_by_kernel()
881 RoutingPolicyRule *rule = NULL; in manager_rtnl_process_rule() local
1068 (void) routing_policy_rule_get(m, tmp, &rule); in manager_rtnl_process_rule()
1072 if (rule) { in manager_rtnl_process_rule()
1073 routing_policy_rule_enter_configured(rule); in manager_rtnl_process_rule()
1074 log_routing_policy_rule_debug(rule, "Received remembered", NULL, m); in manager_rtnl_process_rule()
1090 if (rule) { in manager_rtnl_process_rule()
1091 routing_policy_rule_enter_removed(rule); in manager_rtnl_process_rule()
1092 if (rule->state == 0) { in manager_rtnl_process_rule()
1093 log_routing_policy_rule_debug(rule, "Forgetting", NULL, m); in manager_rtnl_process_rule()
1094 routing_policy_rule_free(rule); in manager_rtnl_process_rule()
1096 log_routing_policy_rule_debug(rule, "Removed", NULL, m); in manager_rtnl_process_rule()
1720 static int routing_policy_rule_section_verify(RoutingPolicyRule *rule) { in routing_policy_rule_section_verify() argument
1721 if (section_is_invalid(rule->section)) in routing_policy_rule_section_verify()
1724 if ((rule->family == AF_INET && FLAGS_SET(rule->address_family, ADDRESS_FAMILY_IPV6)) || in routing_policy_rule_section_verify()
1725 (rule->family == AF_INET6 && FLAGS_SET(rule->address_family, ADDRESS_FAMILY_IPV4))) in routing_policy_rule_section_verify()
1729 rule->section->filename, rule->section->line); in routing_policy_rule_section_verify()
1731 if (rule->family == AF_UNSPEC) { in routing_policy_rule_section_verify()
1732 if (IN_SET(rule->address_family, ADDRESS_FAMILY_IPV4, ADDRESS_FAMILY_NO)) in routing_policy_rule_section_verify()
1733 rule->family = AF_INET; in routing_policy_rule_section_verify()
1734 else if (rule->address_family == ADDRESS_FAMILY_IPV6) in routing_policy_rule_section_verify()
1735 rule->family = AF_INET6; in routing_policy_rule_section_verify()
1742 if (rule->l3mdev > 0) in routing_policy_rule_section_verify()
1749 RoutingPolicyRule *rule; in network_drop_invalid_routing_policy_rules() local
1753 HASHMAP_FOREACH(rule, network->rules_by_section) in network_drop_invalid_routing_policy_rules()
1754 if (routing_policy_rule_section_verify(rule) < 0) in network_drop_invalid_routing_policy_rules()
1755 routing_policy_rule_free(rule); in network_drop_invalid_routing_policy_rules()