ip6addrctl.c revision 331722 
1/*	$KAME: ip6addrctl.c,v 1.3 2003/12/16 08:14:28 suz Exp $	*/
2
3/*
4 * Copyright (C) 2001 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 *    may be used to endorse or promote products derived from this software
17 *    without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * $FreeBSD: stable/11/usr.sbin/ip6addrctl/ip6addrctl.c 331722 2018-03-29 02:50:57Z eadler $
32 */
33
34#include <sys/types.h>
35#include <sys/socket.h>
36#include <sys/queue.h>
37#include <sys/param.h>
38#include <sys/ioctl.h>
39#include <sys/sysctl.h>
40
41#include <net/if.h>
42
43#include <netinet/in.h>
44#include <netinet6/in6_var.h>
45
46#include <stdlib.h>
47#include <netdb.h>
48#include <stdio.h>
49#include <unistd.h>
50#include <limits.h>
51#include <string.h>
52#include <err.h>
53
54static char *configfile;
55
56struct policyqueue {
57	TAILQ_ENTRY(policyqueue) pc_entry;
58	struct in6_addrpolicy pc_policy;
59};
60TAILQ_HEAD(policyhead, policyqueue);
61static struct policyhead policyhead;
62
63static void usage(void);
64static void get_policy(void);
65static void dump_policy(void);
66static int mask2plen(struct sockaddr_in6 *);
67static int parse_prefix(const char *, struct in6_addrpolicy *);
68static void make_policy_fromfile(char *);
69static void plen2mask(struct sockaddr_in6 *, int);
70static void set_policy(void);
71static void add_policy(char *, char *, char *);
72static void delete_policy(char *);
73static void flush_policy(void);
74
75int
76main(int argc, char *argv[])
77{
78	TAILQ_INIT(&policyhead);
79
80	if (argc == 1 || strcasecmp(argv[1], "show") == 0) {
81		get_policy();
82		dump_policy();
83	} else if (strcasecmp(argv[1], "add") == 0) {
84		if (argc < 5)
85			usage();
86		add_policy(argv[2], argv[3], argv[4]);
87	} else if (strcasecmp(argv[1], "delete") == 0) {
88		if (argc < 3)
89			usage();
90		delete_policy(argv[2]);
91	} else if (strcasecmp(argv[1], "flush") == 0) {
92		get_policy();
93		flush_policy();
94	} else if (strcasecmp(argv[1], "install") == 0) {
95		if (argc < 3)
96			usage();
97		configfile = argv[2];
98		make_policy_fromfile(configfile);
99		set_policy();
100	} else
101		usage();
102
103	exit(0);
104}
105
106static void
107get_policy(void)
108{
109	int mib[] = { CTL_NET, PF_INET6, IPPROTO_IPV6, IPV6CTL_ADDRCTLPOLICY };
110	size_t l;
111	struct in6_addrpolicy *buf;
112	struct in6_addrpolicy *pol, *ep;
113
114	if (sysctl(mib, nitems(mib), NULL, &l, NULL, 0) < 0) {
115		err(1, "sysctl(IPV6CTL_ADDRCTLPOLICY)");
116		/* NOTREACHED */
117	}
118	if (l == 0) {
119		printf("no source-address-selection policy is installed\n");
120		return;
121	}
122	if ((buf = malloc(l)) == NULL) {
123		errx(1, "malloc failed");
124		/* NOTREACHED */
125	}
126	if (sysctl(mib, nitems(mib), buf, &l, NULL, 0) < 0) {
127		err(1, "sysctl(IPV6CTL_ADDRCTLPOLICY)");
128		/* NOTREACHED */
129	}
130
131	ep = buf + l/sizeof(*buf);
132	for (pol = buf; pol + 1 <= ep; pol++) {
133		struct policyqueue *new;
134
135		if ((new = malloc(sizeof(*new))) == NULL)
136			errx(1, "malloc failed\n");
137		new->pc_policy = *pol;
138		TAILQ_INSERT_TAIL(&policyhead, new, pc_entry);
139	}
140
141	free(buf);
142}
143
144static void
145dump_policy(void)
146{
147	size_t addrlen;
148	char addrbuf[NI_MAXHOST];
149	struct in6_addrpolicy *pol;
150	struct policyqueue *ent;
151	int plen, first = 1;
152
153	for (ent = TAILQ_FIRST(&policyhead); ent;
154	     ent = TAILQ_NEXT(ent, pc_entry)) {
155		pol = &ent->pc_policy;
156		if (first) {
157			printf("%-30s %5s %5s %8s\n",
158			       "Prefix", "Prec", "Label", "Use");
159			first = 0;
160		}
161
162		if ((getnameinfo((struct sockaddr *)&pol->addr,
163				 sizeof(pol->addr), addrbuf, sizeof(addrbuf),
164				 NULL, 0, NI_NUMERICHOST))) {
165			warnx("getnameinfo for prefix address failed");
166			continue;
167		}
168		if ((plen = mask2plen(&pol->addrmask)) < 0) {
169			warnx("invalid address mask");
170			continue;
171		}
172		addrlen = strlen(addrbuf);
173		if (addrlen + sizeof("/128") < sizeof(addrbuf)) {
174			snprintf(&addrbuf[addrlen],
175				 sizeof(addrbuf) - addrlen - 1,
176				 "/%d", plen);
177			printf("%-30s", addrbuf);
178		} else		/* XXX */
179			printf("%s/%d", addrbuf, plen);
180		printf(" %5d %5d %8llu\n", pol->preced, pol->label,
181		    (unsigned long long)pol->use);
182	}
183}
184
185#define SKIP_WHITE(p, emptyok) \
186	do { \
187		while((*(p) == ' ' || *(p) == '\t')) \
188			(p)++; \
189 		if ((*(p) == '\0' || (*(p) == '\n')) && !(emptyok)) \
190			goto bad; \
191	} while (0);
192#define SKIP_WORD(p) \
193	do { \
194		while(*(p) != ' ' && *(p) != '\t') \
195			(p)++; \
196 		if (*(p) == '\0' || *(p) == '\n') \
197			goto bad; \
198	} while (0);
199
200static void
201make_policy_fromfile(char *conf)
202{
203	char line[_POSIX2_LINE_MAX], *cp;
204	char *addrstr;
205	FILE *fp;
206	int count = 0;
207	struct in6_addrpolicy pol0;
208	struct policyqueue *new;
209
210	if ((fp = fopen(conf, "r")) == NULL)
211		err(1, "fopen: %s", conf);
212
213	while(fgets(line, sizeof(line), fp)) {
214		count++;
215		cp = line;
216
217		memset(&pol0, 0, sizeof(pol0));
218
219		/* get prefix */
220		SKIP_WHITE(cp, 1);
221		if (*cp == '\n') /* empty line */
222			continue;
223		if (*cp == '#')
224			continue;
225		addrstr = cp;
226		if (parse_prefix((const char *)addrstr, &pol0))
227			goto bad;
228
229		/* get precedence value */
230		SKIP_WORD(cp);
231		SKIP_WHITE(cp, 0);
232		pol0.preced = atoi(cp);
233
234		/* get label */
235		SKIP_WORD(cp);
236		SKIP_WHITE(cp, 0);
237		pol0.label = atoi(cp);
238
239		/* parse succeeded.  make a control buffer entry. */
240		if ((new = malloc(sizeof(*new))) == NULL)
241			errx(1, "malloc failed\n");
242		memset(new, 0, sizeof(*new));
243		new->pc_policy = pol0;
244		TAILQ_INSERT_TAIL(&policyhead, new, pc_entry);
245	}
246
247	fclose(fp);
248	return;
249
250  bad:
251	errx(1, "parse failed at line %d", count);
252	/* NOTREACHED */
253}
254
255static int
256parse_prefix(const char *prefix0, struct in6_addrpolicy *pol)
257{
258	int e = 0, plen;
259	char *prefix, *plenstr;
260	struct addrinfo hints, *res;
261
262	if ((prefix = strdup(prefix0)) == NULL)
263		errx(1, "strdup failed");
264
265	if ((plenstr = strchr(prefix, '/')) == NULL) {
266		e = -1;
267		goto end;
268	}
269	*plenstr = '\0';
270
271	memset(&hints, 0, sizeof(hints));
272	hints.ai_flags = AI_NUMERICHOST;
273	hints.ai_family = AF_INET6;
274
275	if ((e = getaddrinfo(prefix, NULL, &hints, &res)) != 0) {
276		warnx("getaddrinfo failed for %s: %s", prefix,
277		      gai_strerror(e));
278		goto end;
279	}
280	memcpy(&pol->addr, res->ai_addr, res->ai_addrlen);
281	freeaddrinfo(res);
282	plen = atoi(plenstr + 1);
283	if (plen < 0 || plen > 128) {
284		warnx("invalid prefix length: %d", plen);
285		e = -1;
286		goto end;
287	}
288	plen2mask(&pol->addrmask, plen);
289
290  end:
291	free(prefix);
292	return(e);
293}
294
295static void
296plen2mask(struct sockaddr_in6 *mask, int plen)
297{
298	u_char *cp = (unsigned char *)&mask->sin6_addr;
299
300	memset(mask, 0, sizeof(*mask));
301	mask->sin6_family = AF_INET6; /* just in case */
302	mask->sin6_len = sizeof(*mask);
303
304	for(; plen >= 8; plen -= 8)
305		*cp++ = 0xff;
306	if (plen > 0)
307		*cp = (0xff << (8 - plen));
308}
309
310static void
311set_policy(void)
312{
313	struct policyqueue *ent;
314	int s;
315
316	if ((s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0)
317		err(1, "socket(UDP)");
318
319	for (ent = TAILQ_FIRST(&policyhead); ent;
320	     ent = TAILQ_NEXT(ent, pc_entry)) {
321		if (ioctl(s, SIOCAADDRCTL_POLICY, &ent->pc_policy))
322			warn("ioctl(SIOCAADDRCTL_POLICY)");
323	}
324
325	close(s);
326}
327
328static int
329mask2plen(struct sockaddr_in6 *mask)
330{
331	int masklen, final = 0;
332	u_char *p, *lim;
333
334	masklen = 0;
335	lim = (u_char *)(mask + 1);
336	for (p = (u_char *)(&mask->sin6_addr); p < lim; p++) {
337		if (final && *p) {
338			goto bad;
339		}
340
341		switch (*p & 0xff) {
342		case 0xff:
343			masklen += 8;
344			break;
345		case 0xfe:
346			masklen += 7;
347			final++;
348			break;
349		case 0xfc:
350			masklen += 6;
351			final++;
352			break;
353		case 0xf8:
354			masklen += 5;
355			final++;
356			break;
357		case 0xf0:
358			masklen += 4;
359			final++;
360			break;
361		case 0xe0:
362			masklen += 3;
363			final++;
364			break;
365		case 0xc0:
366			masklen += 2;
367			final++;
368			break;
369		case 0x80:
370			masklen += 1;
371			final++;
372			break;
373		case 0x00:
374			final++;
375			break;
376		default:
377			goto bad;
378			break;
379		}
380	}
381	return(masklen);
382
383  bad:
384	return(-1);
385}
386
387static void
388add_policy(char *prefix, char *prec, char *label)
389{
390	struct in6_addrpolicy p;
391	int s;
392
393	memset(&p, 0, sizeof(p));
394
395	if (parse_prefix((const char *)prefix, &p))
396		errx(1, "bad prefix: %s", prefix);
397	p.preced = atoi(prec);
398	p.label = atoi(label);
399
400	if ((s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0)
401		err(1, "socket(UDP)");
402	if (ioctl(s, SIOCAADDRCTL_POLICY, &p))
403		err(1, "ioctl(SIOCAADDRCTL_POLICY)");
404
405	close(s);
406}
407
408static void
409delete_policy(char *prefix)
410{
411	struct in6_addrpolicy p;
412	int s;
413
414	memset(&p, 0, sizeof(p));
415
416	if (parse_prefix((const char *)prefix, &p))
417		errx(1, "bad prefix: %s", prefix);
418
419	if ((s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0)
420		err(1, "socket(UDP)");
421	if (ioctl(s, SIOCDADDRCTL_POLICY, &p))
422		err(1, "ioctl(SIOCDADDRCTL_POLICY)");
423
424	close(s);
425}
426
427static void
428flush_policy(void)
429{
430	struct policyqueue *ent;
431	int s;
432
433	if ((s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0)
434		err(1, "socket(UDP)");
435
436	for (ent = TAILQ_FIRST(&policyhead); ent;
437	     ent = TAILQ_NEXT(ent, pc_entry)) {
438		if (ioctl(s, SIOCDADDRCTL_POLICY, &ent->pc_policy))
439			warn("ioctl(SIOCDADDRCTL_POLICY)");
440	}
441
442	close(s);
443}
444
445static void
446usage(void)
447{
448	fprintf(stderr, "usage: ip6addrctl [show]\n");
449	fprintf(stderr, "       ip6addrctl add "
450		"<prefix> <precedence> <label>\n");
451	fprintf(stderr, "       ip6addrctl delete <prefix>\n");
452	fprintf(stderr, "       ip6addrctl flush\n");
453	fprintf(stderr, "       ip6addrctl install <configfile>\n");
454
455	exit(1);
456}
457