#include <netinet/icmp6.h>
#include <netpacket/packet.h>
-#include <linux/rtnetlink.h>
#include <linux/filter.h>
-
-#include <netlink/msg.h>
-#include <netlink/socket.h>
-#include <netlink/attr.h>
+#include <linux/neighbour.h>
#include "dhcpv6.h"
#include "odhcpd.h"
-struct event_socket {
- struct odhcpd_event ev;
- struct nl_sock *sock;
- int sock_bufsize;
-};
+static void ndp_netevent_cb(unsigned long event, struct netevent_handler_info *info);
+static void setup_route(struct in6_addr *addr, struct interface *iface, bool add);
+static void setup_addr_for_relaying(struct in6_addr *addr, struct interface *iface, bool add);
static void handle_solicit(void *addr, void *data, size_t len,
struct interface *iface, void *dest);
-static void handle_rtnl_event(struct odhcpd_event *ev);
-static int cb_rtnl_valid(struct nl_msg *msg, void *arg);
-static void catch_rtnl_err(struct odhcpd_event *e, int error);
static int ping_socket = -1;
-static struct event_socket rtnl_event = {
- .ev = {
- .uloop = {.fd = - 1, },
- .handle_dgram = NULL,
- .handle_error = catch_rtnl_err,
- .recv_msgs = handle_rtnl_event,
- },
- .sock = NULL,
- .sock_bufsize = 133120,
-};
// Filter ICMPv6 messages of type neighbor soliciation
static struct sock_filter bpf[] = {
BPF_STMT(BPF_RET | BPF_K, 0),
};
static const struct sock_fprog bpf_prog = {sizeof(bpf) / sizeof(*bpf), bpf};
-
+static struct netevent_handler ndp_netevent_handler = { .cb = ndp_netevent_cb, };
// Initialize NDP-proxy
-int init_ndp(void)
+int ndp_init(void)
{
int val = 2;
- rtnl_event.sock = odhcpd_create_nl_socket(NETLINK_ROUTE);
- if (!rtnl_event.sock)
- goto err;
-
- rtnl_event.ev.uloop.fd = nl_socket_get_fd(rtnl_event.sock);
-
- if (nl_socket_set_buffer_size(rtnl_event.sock, rtnl_event.sock_bufsize, 0))
- goto err;
-
- nl_socket_disable_seq_check(rtnl_event.sock);
-
- nl_socket_modify_cb(rtnl_event.sock, NL_CB_VALID, NL_CB_CUSTOM,
- cb_rtnl_valid, NULL);
-
- // Receive IPv6 address, IPv6 routes and neighbor events
- if (nl_socket_add_memberships(rtnl_event.sock, RTNLGRP_IPV6_IFADDR,
- RTNLGRP_IPV6_ROUTE, RTNLGRP_NEIGH, 0))
- goto err;
-
- odhcpd_register(&rtnl_event.ev);
-
// Open ICMPv6 socket
ping_socket = socket(AF_INET6, SOCK_RAW | SOCK_CLOEXEC, IPPROTO_ICMPV6);
if (ping_socket < 0) {
- syslog(LOG_ERR, "Unable to open raw socket: %s", strerror(errno));
+ syslog(LOG_ERR, "Unable to open raw socket: %m");
return -1;
}
ICMP6_FILTER_SETBLOCKALL(&filt);
setsockopt(ping_socket, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, sizeof(filt));
- return 0;
-
-err:
- if (rtnl_event.sock) {
- nl_socket_free(rtnl_event.sock);
- rtnl_event.sock = NULL;
- rtnl_event.ev.uloop.fd = -1;
- }
-
- return -1;
-}
+ netlink_add_netevent_handler(&ndp_netevent_handler);
-static void dump_neigh_table(const bool proxy)
-{
- struct nl_msg *msg;
- struct ndmsg ndm = {
- .ndm_family = AF_INET6,
- .ndm_flags = proxy ? NTF_PROXY : 0,
- };
-
- msg = nlmsg_alloc_simple(RTM_GETNEIGH, NLM_F_REQUEST | NLM_F_DUMP);
- if (!msg)
- return;
-
- nlmsg_append(msg, &ndm, sizeof(ndm), 0);
-
- nl_send_auto_complete(rtnl_event.sock, msg);
-
- nlmsg_free(msg);
-}
-
-static void dump_addr_table(bool v6)
-{
- struct nl_msg *msg;
- struct ifaddrmsg ifa = {
- .ifa_family = v6 ? AF_INET6 : AF_INET,
- };
-
- msg = nlmsg_alloc_simple(RTM_GETADDR, NLM_F_REQUEST | NLM_F_DUMP);
- if (!msg)
- return;
-
- nlmsg_append(msg, &ifa, sizeof(ifa), 0);
-
- nl_send_auto_complete(rtnl_event.sock, msg);
-
- nlmsg_free(msg);
+ return 0;
}
-int setup_ndp_interface(struct interface *iface, bool enable)
+int ndp_setup_interface(struct interface *iface, bool enable)
{
int ret = 0, procfd;
bool dump_neigh = false;
close(iface->ndp_event.uloop.fd);
iface->ndp_event.uloop.fd = -1;
- if (!enable || iface->ndp != RELAYD_RELAY)
+ if (!enable || iface->ndp != MODE_RELAY)
if (write(procfd, "0\n", 2) < 0) {}
dump_neigh = true;
}
- if (enable && iface->ndp == RELAYD_RELAY) {
+ if (enable && iface->ndp == MODE_RELAY) {
if (write(procfd, "1\n", 2) < 0) {}
int sock = socket(AF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC, htons(ETH_P_IPV6));
if (sock < 0) {
- syslog(LOG_ERR, "Unable to open packet socket: %s",
- strerror(errno));
+ syslog(LOG_ERR, "Unable to open packet socket: %m");
ret = -1;
goto out;
}
if (setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER,
&bpf_prog, sizeof(bpf_prog))) {
- syslog(LOG_ERR, "Failed to set BPF: %s", strerror(errno));
+ syslog(LOG_ERR, "Failed to set BPF: %m");
ret = -1;
goto out;
}
// If we already were enabled dump is unnecessary, if not do dump
if (!dump_neigh)
- dump_neigh_table(false);
+ netlink_dump_neigh_table(false);
else
dump_neigh = false;
}
if (dump_neigh)
- dump_neigh_table(true);
+ netlink_dump_neigh_table(true);
out:
if (procfd >= 0)
return ret;
}
+static void ndp_netevent_cb(unsigned long event, struct netevent_handler_info *info)
+{
+ struct interface *iface = info->iface;
+ bool add = true;
+
+ if (!iface || iface->ndp == MODE_DISABLED)
+ return;
+
+ switch (event) {
+ case NETEV_ADDR6_DEL:
+ add = false;
+ netlink_dump_neigh_table(false);
+ /* fall through */
+ case NETEV_ADDR6_ADD:
+ setup_addr_for_relaying(&info->addr.in6, iface, add);
+ break;
+ case NETEV_NEIGH6_DEL:
+ add = false;
+ /* fall through */
+ case NETEV_NEIGH6_ADD:
+ if (info->neigh.flags & NTF_PROXY) {
+ if (add) {
+ netlink_setup_proxy_neigh(&info->neigh.dst.in6, iface->ifindex, false);
+ setup_route(&info->neigh.dst.in6, iface, false);
+ netlink_dump_neigh_table(false);
+ }
+ break;
+ }
+
+ if (add &&
+ !(info->neigh.state &
+ (NUD_REACHABLE|NUD_STALE|NUD_DELAY|NUD_PROBE|NUD_PERMANENT|NUD_NOARP)))
+ break;
+
+ setup_addr_for_relaying(&info->neigh.dst.in6, iface, add);
+ setup_route(&info->neigh.dst.in6, iface, add);
+
+ if (!add)
+ netlink_dump_neigh_table(false);
+ break;
+ default:
+ break;
+ }
+}
// Send an ICMP-ECHO. This is less for actually pinging but for the
// neighbor cache to be kept up-to-date.
inet_ntop(AF_INET6, addr, ipbuf, sizeof(ipbuf));
syslog(LOG_NOTICE, "Pinging for %s%%%s", ipbuf, iface->ifname);
- odhcpd_setup_route(addr, 128, iface, NULL, 128, true);
+ netlink_setup_route(addr, 128, iface->ifindex, NULL, 128, true);
odhcpd_send(ping_socket, &dest, &iov, 1, iface);
- odhcpd_setup_route(addr, 128, iface, NULL, 128, false);
+ netlink_setup_route(addr, 128, iface->ifindex, NULL, 128, false);
}
// Handle solicitations
// Don't process solicit messages on non relay interfaces
// Don't forward any non-DAD solicitation for external ifaces
// TODO: check if we should even forward DADs for them
- if (iface->ndp != RELAYD_RELAY || (iface->external && !ns_is_dad))
+ if (iface->ndp != MODE_RELAY || (iface->external && !ns_is_dad))
return;
if (len < sizeof(*ip6) + sizeof(*req))
struct interface *c;
list_for_each_entry(c, &interfaces, head)
- if (iface != c && c->ndp == RELAYD_RELAY &&
+ if (iface != c && c->ndp == MODE_RELAY &&
(ns_is_dad || !c->external))
ping6(&req->nd_ns_target, c);
}
char ipbuf[INET6_ADDRSTRLEN];
inet_ntop(AF_INET6, addr, ipbuf, sizeof(ipbuf));
- syslog(LOG_NOTICE, "%s about %s%%%s",
- (add) ? "Learned" : "Forgot", ipbuf, iface->ifname);
+ syslog(LOG_NOTICE, "%s about %s%s%%%s",
+ (add) ? "Learning" : "Forgetting",
+ iface->learn_routes ? "proxy routing for " : "",
+ ipbuf, iface->ifname);
if (iface->learn_routes)
- odhcpd_setup_route(addr, 128, iface, NULL, 1024, add);
-}
-
-// Check address update
-static void check_addr6_updates(struct interface *iface)
-{
- struct odhcpd_ipaddr *addr = NULL;
- ssize_t len = odhcpd_get_interface_addresses(iface->ifindex, true, &addr);
-
- if (len < 0)
- return;
-
- bool change = len != (ssize_t)iface->ia_addr_len;
- for (ssize_t i = 0; !change && i < len; ++i)
- if (!IN6_ARE_ADDR_EQUAL(&addr[i].addr.in6, &iface->ia_addr[i].addr.in6) ||
- (addr[i].preferred > 0) != (iface->ia_addr[i].preferred > 0) ||
- addr[i].valid < iface->ia_addr[i].valid ||
- addr[i].preferred < iface->ia_addr[i].preferred)
- change = true;
-
- if (change)
- dhcpv6_ia_preupdate(iface);
-
- free(iface->ia_addr);
- iface->ia_addr = addr;
- iface->ia_addr_len = len;
-
- if (change)
- dhcpv6_ia_postupdate(iface);
-
- if (change) {
- syslog(LOG_INFO, "Raising SIGUSR1 due to address change on %s", iface->ifname);
- raise(SIGUSR1);
- }
+ netlink_setup_route(addr, 128, iface->ifindex, NULL, 1024, add);
}
static void setup_addr_for_relaying(struct in6_addr *addr, struct interface *iface, bool add)
inet_ntop(AF_INET6, addr, ipbuf, sizeof(ipbuf));
list_for_each_entry(c, &interfaces, head) {
- if (iface == c || (c->ndp != RELAYD_RELAY && !add))
+ if (iface == c || (c->ndp != MODE_RELAY && !add))
continue;
- bool neigh_add = (c->ndp == RELAYD_RELAY ? add : false);
+ bool neigh_add = (c->ndp == MODE_RELAY ? add : false);
- if (odhcpd_setup_proxy_neigh(addr, c, neigh_add))
+ if (netlink_setup_proxy_neigh(addr, c->ifindex, neigh_add))
syslog(LOG_DEBUG, "Failed to %s proxy neighbour entry %s%%%s",
neigh_add ? "add" : "delete", ipbuf, c->ifname);
else
neigh_add ? "Added" : "Deleted", ipbuf, c->ifname);
}
}
-
-static void handle_rtnl_event(struct odhcpd_event *e)
-{
- struct event_socket *ev_sock = container_of(e, struct event_socket, ev);
-
- nl_recvmsgs_default(ev_sock->sock);
-}
-
-
-// Handler for neighbor cache entries from the kernel. This is our source
-// to learn and unlearn hosts on interfaces.
-static int cb_rtnl_valid(struct nl_msg *msg, _unused void *arg)
-{
- struct nlmsghdr *hdr = nlmsg_hdr(msg);
- struct in6_addr *addr = NULL;
- struct interface *iface = NULL;
- bool add = false;
- char ipbuf[INET6_ADDRSTRLEN];
-
- switch (hdr->nlmsg_type) {
- case RTM_NEWROUTE:
- case RTM_DELROUTE: {
- struct rtmsg *rtm = nlmsg_data(hdr);
-
- if (!nlmsg_valid_hdr(hdr, sizeof(*rtm)) ||
- rtm->rtm_family != AF_INET6)
- return NL_SKIP;
-
- if (rtm->rtm_dst_len == 0) {
- syslog(LOG_INFO, "Raising SIGUSR1 due to default route change");
- raise(SIGUSR1);
- }
- return NL_OK;
- }
-
- case RTM_NEWADDR:
- add = true;
- /* fall through */
- case RTM_DELADDR: {
- struct ifaddrmsg *ifa = nlmsg_data(hdr);
- struct nlattr *nla[__IFA_MAX];
-
- if (!nlmsg_valid_hdr(hdr, sizeof(*ifa)) ||
- ifa->ifa_family != AF_INET6)
- return NL_SKIP;
-
- iface = odhcpd_get_interface_by_index(ifa->ifa_index);
- if (!iface)
- return NL_SKIP;
-
- nlmsg_parse(hdr, sizeof(*ifa), nla, __IFA_MAX - 1, NULL);
- if (!nla[IFA_ADDRESS])
- return NL_SKIP;
-
- addr = nla_data(nla[IFA_ADDRESS]);
- if (!addr || IN6_IS_ADDR_LINKLOCAL(addr) ||
- IN6_IS_ADDR_MULTICAST(addr))
- return NL_SKIP;
-
- inet_ntop(AF_INET6, addr, ipbuf, sizeof(ipbuf));
- syslog(LOG_DEBUG, "Netlink %s %s%%%s", add ? "newaddr" : "deladdr",
- ipbuf, iface->ifname);
-
- check_addr6_updates(iface);
-
- if (iface->ndp != RELAYD_RELAY)
- break;
-
- /* handle the relay logic below */
- setup_addr_for_relaying(addr, iface, add);
-
- if (!add)
- dump_neigh_table(false);
- break;
- }
-
- case RTM_NEWNEIGH:
- add = true;
- /* fall through */
- case RTM_DELNEIGH: {
- struct ndmsg *ndm = nlmsg_data(hdr);
- struct nlattr *nla[__NDA_MAX];
-
- if (!nlmsg_valid_hdr(hdr, sizeof(*ndm)) ||
- ndm->ndm_family != AF_INET6)
- return NL_SKIP;
-
- iface = odhcpd_get_interface_by_index(ndm->ndm_ifindex);
- if (!iface || iface->ndp != RELAYD_RELAY)
- return (iface ? NL_OK : NL_SKIP);
-
- nlmsg_parse(hdr, sizeof(*ndm), nla, __NDA_MAX - 1, NULL);
- if (!nla[NDA_DST])
- return NL_SKIP;
-
- addr = nla_data(nla[NDA_DST]);
- if (!addr || IN6_IS_ADDR_LINKLOCAL(addr) ||
- IN6_IS_ADDR_MULTICAST(addr))
- return NL_SKIP;
-
- inet_ntop(AF_INET6, addr, ipbuf, sizeof(ipbuf));
- syslog(LOG_DEBUG, "Netlink %s %s%%%s", add ? "newneigh" : "delneigh",
- ipbuf, iface->ifname);
-
- if (ndm->ndm_flags & NTF_PROXY) {
- /* Dump and flush proxy entries */
- if (hdr->nlmsg_type == RTM_NEWNEIGH) {
- odhcpd_setup_proxy_neigh(addr, iface, false);
- setup_route(addr, iface, false);
- dump_neigh_table(false);
- }
-
- return NL_OK;
- }
-
- if (add && !(ndm->ndm_state &
- (NUD_REACHABLE | NUD_STALE | NUD_DELAY | NUD_PROBE |
- NUD_PERMANENT | NUD_NOARP)))
- return NL_OK;
-
- setup_addr_for_relaying(addr, iface, add);
- setup_route(addr, iface, add);
-
- if (!add)
- dump_neigh_table(false);
- break;
- }
-
- default:
- return NL_SKIP;
- }
-
- return NL_OK;
-}
-
-static void catch_rtnl_err(struct odhcpd_event *e, int error)
-{
- struct event_socket *ev_sock = container_of(e, struct event_socket, ev);
-
- if (error != ENOBUFS)
- goto err;
-
- /* Double netlink event buffer size */
- ev_sock->sock_bufsize *= 2;
-
- if (nl_socket_set_buffer_size(ev_sock->sock, ev_sock->sock_bufsize, 0))
- goto err;
-
- dump_addr_table(true);
- return;
-
-err:
- odhcpd_deregister(e);
-}
projects / project / odhcpd.git / blobdiff