diff options
author | Matus Fabian <matfabia@cisco.com> | 2018-11-19 04:25:32 -0800 |
---|---|---|
committer | Ole Trøan <otroan@employees.org> | 2018-11-22 06:31:53 +0000 |
commit | b4515b4be4ead1ea5d0af205989cf313272e8770 (patch) | |
tree | 8a87c5c74cd8583690bdcf612727a2b4f4136cf2 /src/vnet | |
parent | 19ca78fbd7567c676beefc2b511dfdcd9f20201a (diff) |
Add RFC5424 syslog protocol support (VPP-1139)
Syslog protocol logging transport event messages across network over UDP
protocol based on RFC5426.
Change-Id: Ica74b40bcc2e6d0fbd41e9bf78e76395fbabab3c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/vnet')
-rw-r--r-- | src/vnet/CMakeLists.txt | 17 | ||||
-rw-r--r-- | src/vnet/syslog/dir.dox | 18 | ||||
-rw-r--r-- | src/vnet/syslog/sylog_doc.md | 65 | ||||
-rw-r--r-- | src/vnet/syslog/syslog.api | 119 | ||||
-rw-r--r-- | src/vnet/syslog/syslog.c | 646 | ||||
-rw-r--r-- | src/vnet/syslog/syslog.h | 225 | ||||
-rw-r--r-- | src/vnet/syslog/syslog_api.c | 243 | ||||
-rw-r--r-- | src/vnet/syslog/syslog_udp.c | 72 | ||||
-rw-r--r-- | src/vnet/syslog/syslog_udp.h | 36 | ||||
-rw-r--r-- | src/vnet/vnet_all_api_h.h | 1 |
10 files changed, 1442 insertions, 0 deletions
diff --git a/src/vnet/CMakeLists.txt b/src/vnet/CMakeLists.txt index ac448e268b6..290a4eeacc9 100644 --- a/src/vnet/CMakeLists.txt +++ b/src/vnet/CMakeLists.txt @@ -1355,6 +1355,23 @@ list(APPEND VNET_HEADERS list(APPEND VNET_API_FILES bier/bier.api) ############################################################################## +# SYSLOG +############################################################################## + +list (APPEND VNET_SOURCES + syslog/syslog_api.c + syslog/syslog_udp.c + syslog/syslog.c +) + +list(APPEND VNET_HEADERS + syslog/syslog_udp.h + syslog/syslog.h +) + +list(APPEND VNET_API_FILES syslog/syslog.api) + +############################################################################## # VNET Library ############################################################################## diff --git a/src/vnet/syslog/dir.dox b/src/vnet/syslog/dir.dox new file mode 100644 index 00000000000..ea64053e1df --- /dev/null +++ b/src/vnet/syslog/dir.dox @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + @dir + @brief RFC5424 syslog protocol implementation +*/ diff --git a/src/vnet/syslog/sylog_doc.md b/src/vnet/syslog/sylog_doc.md new file mode 100644 index 00000000000..0b48d4db573 --- /dev/null +++ b/src/vnet/syslog/sylog_doc.md @@ -0,0 +1,65 @@ +# Syslog protocol support {#syslog_doc} + +VPP provides [RFC5424](https://tools.ietf.org/html/rfc5424) syslog protocol +logging, which is used to transport event messages across network. VPP +currently suports UDP transport based on +[RFC5426](https://tools.ietf.org/html/rfc5426). + +The syslog message has the following format: +* header +* structured data +* free-form message + +The header contains, priority, version, timestamp, hostname, application, +process id and message id. It is followed by structured data, which provides +a mechanism to express event data in easily parsable format. Structured data +can contain zero, one or multiple structured data elements. Structured data +element contains name-value pairs. Structured data can by followed by free-form +message. + +Following example explains how to use the internal APIs to genrate syslog +message: +```{.c} + #include <vnet/syslog/syslog.h> + + ... + + syslog_msg_t syslog_msg; + + /* Check if syslog logging is enabled */ + if (!syslog_is_enabled ()) + return; + + /* Severity filer test */ + if (syslog_severity_filter_block (severity)) + return; + + /* Initialize syslog message header */ + syslog_msg_init (&syslog_msg, facility, severity, "NAT", "SADD"); + + /* Create structured data element */ + syslog_msg_sd_init (&syslog_msg, "nsess"); + /* Add structured data element parameters (name-value pairs) */ + syslog_msg_add_sd_param (&syslog_msg, "SSUBIX", "%d", ssubix); + syslog_msg_add_sd_param (&syslog_msg, "SVLAN", "%d", svlan); + syslog_msg_add_sd_param (&syslog_msg, "IATYP", "IPv4"); + syslog_msg_add_sd_param (&syslog_msg, "ISADDR", "%U", + format_ip4_address, isaddr); + syslog_msg_add_sd_param (&syslog_msg, "ISPORT", "%d", isport); + syslog_msg_add_sd_param (&syslog_msg, "XATYP", "IPv4"); + syslog_msg_add_sd_param (&syslog_msg, "XSADDR", "%U", + format_ip4_address, xsaddr); + syslog_msg_add_sd_param (&syslog_msg, "XSPORT", "%d", xsport); + syslog_msg_add_sd_param (&syslog_msg, "PROTO", "%d", proto); + + /* Send syslog message */ + syslog_msg_send (&syslog_msg); +``` + +Example above produces following syslog message: + <134>1 2018-11-12T11:25:30.252715Z 172.16.4.1 NAT 5901 SADD [nsess SSUBIX="0" SVLAN="0" IATYP="IPv4" ISADDR="172.16.1.2" ISPORT="6303" XATYP="IPv4" XSADDR="10.0.0.3" XSPORT="16253" PROTO="6"] + +To add free-form message use: +```{.c} + syslog_msg_add_msg (&syslog_msg, "event log entry"); +``` diff --git a/src/vnet/syslog/syslog.api b/src/vnet/syslog/syslog.api new file mode 100644 index 00000000000..3ba5d69cc41 --- /dev/null +++ b/src/vnet/syslog/syslog.api @@ -0,0 +1,119 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +option version = "1.0.0"; +import "vnet/ip/ip_types.api"; + +enum syslog_severity +{ + SYSLOG_API_SEVERITY_EMERG = 0, + SYSLOG_API_SEVERITY_ALERT = 1, + SYSLOG_API_SEVERITY_CRIT = 2, + SYSLOG_API_SEVERITY_ERR = 3, + SYSLOG_API_SEVERITY_WARN = 4, + SYSLOG_API_SEVERITY_NOTICE = 5, + SYSLOG_API_SEVERITY_INFO = 6, + SYSLOG_API_SEVERITY_DBG = 7, +}; + +/** \brief Set syslog sender configuration + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param src_address - IPv4 address of syslog sender (source) + @param collector_address - IPv4 address of syslog collector (destination) + @param collector_port - UDP port of syslog colector (destination) + @param vrf_id - VRF/FIB table ID + @param max_msg_size - maximum message length +*/ +autoreply define syslog_set_sender +{ + u32 client_index; + u32 context; + vl_api_ip4_address_t src_address; + vl_api_ip4_address_t collector_address; + u16 collector_port; + u32 vrf_id; + u32 max_msg_size; +}; + +/** \brief Get syslog sender configuration + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request +*/ +define syslog_get_sender +{ + u32 client_index; + u32 context; +}; + +/** \brief Get syslog sender configuration reply + @param context - sender context, to match reply w/ request + @param retval - return code for the request + @param src_address - IPv4 address of syslog sender (source) + @param collector_address - IPv4 address of syslog collector (destination) + @param collector_port - UDP port of syslog colector (destination) + @param vrf_id - VRF/FIB table ID + @param max_msg_size - maximum message length +*/ +define syslog_get_sender_reply +{ + u32 context; + i32 retval; + vl_api_ip4_address_t src_address; + vl_api_ip4_address_t collector_address; + u16 collector_port; + u32 vrf_id; + u32 max_msg_size; +}; + +/** \brief Set syslog filter + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param severity - severity filter (specified severity and greater match) +*/ +autoreply define syslog_set_filter +{ + u32 client_index; + u32 context; + vl_api_syslog_severity_t severity; + }; + +/** \brief Get syslog filter + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request +*/ +define syslog_get_filter +{ + u32 client_index; + u32 context; +}; + +/** \brief Get syslog filter reply + @param context - sender context, to match reply w/ request + @param retval - return code for the request + @param severity - severity filter (specified severity and greater match) +*/ +define syslog_get_filter_reply +{ + u32 context; + i32 retval; + vl_api_syslog_severity_t severity; +}; + +/* + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/syslog/syslog.c b/src/vnet/syslog/syslog.c new file mode 100644 index 00000000000..1cffe03d768 --- /dev/null +++ b/src/vnet/syslog/syslog.c @@ -0,0 +1,646 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @file RFC5424 syslog protocol implementation + */ + +#include <unistd.h> +#include <vnet/fib/fib_table.h> +#include <vnet/ip/format.h> +#include <vnet/syslog/syslog.h> +#include <vnet/syslog/syslog_udp.h> + +#define SYSLOG_VERSION "1" +#define NILVALUE "-" +#define DEFAULT_UDP_PORT 514 +#define DEFAULT_MAX_MSG_SIZE 480 + +#define encode_priority(f, p) ((f << 3) | p) + +syslog_main_t syslog_main; + +/* format timestamp RFC5424 6.2.3. */ +static u8 * +format_syslog_timestamp (u8 * s, va_list * args) +{ + f64 timestamp = va_arg (*args, f64); + struct tm *tm; + word msec; + + time_t t = timestamp; + tm = gmtime (&t); + msec = 1e6 * (timestamp - t); + return format (s, "%4d-%02d-%02dT%02d:%02d:%02d.%06dZ", 1900 + tm->tm_year, + 1 + tm->tm_mon, tm->tm_mday, tm->tm_hour, tm->tm_min, + tm->tm_sec, msec); +} + +/* format header RFC5424 6.2. */ +static u8 * +format_syslog_header (u8 * s, va_list * args) +{ + syslog_main_t *sm = &syslog_main; + syslog_header_t *h = va_arg (*args, syslog_header_t *); + u32 pri = encode_priority (h->facility, h->severity); + + return format (s, "<%d>%s %U %U %s %d %s", pri, SYSLOG_VERSION, + format_syslog_timestamp, h->timestamp + sm->time_offset, + format_ip4_address, &sm->src_address, + h->app_name ? h->app_name : NILVALUE, sm->procid, + h->msgid ? h->msgid : NILVALUE); +} + +/* format strucured data elements RFC5424 6.3. */ +static u8 * +format_syslog_structured_data (u8 * s, va_list * args) +{ + u8 **sds = va_arg (*args, u8 **); + int i; + + if (vec_len (sds)) + { + for (i = 0; i < vec_len (sds); i++) + s = format (s, "[%s]", sds[i]); + } + /* if zero structured data elemts field must contain NILVALUE */ + else + s = format (s, "%s", NILVALUE); + + return s; +} + +static u8 * +format_syslog_msg (u8 * s, va_list * args) +{ + syslog_msg_t *m = va_arg (*args, syslog_msg_t *); + + s = + format (s, "%U %U", format_syslog_header, &m->header, + format_syslog_structured_data, m->structured_data); + /* free-form message is optional */ + if (m->msg) + s = format (s, " %s", m->msg); + + return s; +} + +void +syslog_msg_sd_init (syslog_msg_t * syslog_msg, char *sd_id) +{ + u8 *sd; + + sd = format (0, "%s", sd_id); + vec_add1 (syslog_msg->structured_data, sd); + syslog_msg->curr_sd_index++; +} + +void +syslog_msg_add_sd_param (syslog_msg_t * syslog_msg, char *name, char *fmt, + ...) +{ + va_list va; + u8 *value; + + va_start (va, fmt); + value = va_format (0, fmt, &va); + va_end (va); + vec_terminate_c_string (value); + + syslog_msg->structured_data[syslog_msg->curr_sd_index] = + format (syslog_msg->structured_data[syslog_msg->curr_sd_index], + " %s=\"%s\"", name, value); + vec_free (value); +} + +void +syslog_msg_add_msg (syslog_msg_t * syslog_msg, char *fmt, ...) +{ + va_list va; + u8 *msg; + + va_start (va, fmt); + msg = va_format (0, fmt, &va); + va_end (va); + vec_terminate_c_string (msg); + + syslog_msg->msg = msg; +} + +void +syslog_msg_init (syslog_msg_t * syslog_msg, syslog_facility_t facility, + syslog_severity_t severity, char *app_name, char *msgid) +{ + syslog_main_t *sm = &syslog_main; + vlib_main_t *vm = sm->vlib_main; + + syslog_msg->header.facility = facility; + syslog_msg->header.severity = severity; + syslog_msg->header.timestamp = vlib_time_now (vm); + syslog_msg->header.app_name = app_name; + syslog_msg->header.msgid = msgid; + syslog_msg->structured_data = 0; + syslog_msg->curr_sd_index = ~0; + syslog_msg->msg = 0; +} + +int +syslog_msg_send (syslog_msg_t * syslog_msg) +{ + syslog_main_t *sm = &syslog_main; + vlib_main_t *vm = sm->vlib_main; + u32 bi, msg_len, *to_next; + u8 *tmp; + vlib_buffer_t *b; + vlib_buffer_free_list_t *fl; + vlib_frame_t *f; + int i; + + if (vlib_buffer_alloc (vm, &bi, 1) != 1) + return -1; + + b = vlib_get_buffer (vm, bi); + clib_memset (vnet_buffer (b), 0, sizeof (*vnet_buffer (b))); + fl = vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX); + vlib_buffer_init_for_free_list (b, fl); + VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b); + + /* one message per UDP datagram RFC5426 3.1. */ + tmp = format (0, "%U", format_syslog_msg, syslog_msg); + msg_len = vec_len (tmp) - (vec_c_string_is_terminated (tmp) ? 1 : 0); + msg_len = msg_len < sm->max_msg_size ? msg_len : sm->max_msg_size; + clib_memcpy_fast (b->data, tmp, msg_len); + b->current_length = msg_len; + vec_free (tmp); + + vec_free (syslog_msg->msg); + for (i = 0; i < vec_len (syslog_msg->structured_data); i++) + vec_free (syslog_msg->structured_data[i]); + vec_free (syslog_msg->structured_data); + + syslog_add_udp_transport (vm, bi); + + f = vlib_get_frame_to_node (vm, sm->ip4_lookup_node_index); + to_next = vlib_frame_vector_args (f); + to_next[0] = bi; + f->n_vectors = 1; + vlib_put_frame_to_node (vm, sm->ip4_lookup_node_index, f); + + return 0; +} + +static uword +unformat_syslog_facility (unformat_input_t * input, va_list * args) +{ + u32 *r = va_arg (*args, u32 *); + + if (0); +#define _(v,f,s) else if (unformat (input, s)) *r = SYSLOG_FACILITY_##f; + foreach_syslog_facility +#undef _ + else + return 0; + + return 1; +} + +static uword +unformat_syslog_severity (unformat_input_t * input, va_list * args) +{ + u32 *r = va_arg (*args, u32 *); + + if (0); +#define _(v,f,s) else if (unformat (input, s)) *r = SYSLOG_SEVERITY_##f; + foreach_syslog_severity +#undef _ + else + return 0; + + return 1; +} + +static u8 * +format_syslog_severity (u8 * s, va_list * args) +{ + u32 i = va_arg (*args, u32); + u8 *t = 0; + + switch (i) + { +#define _(v,f,str) case SYSLOG_SEVERITY_##f: t = (u8 *) str; break; + foreach_syslog_severity +#undef _ + default: + return format (s, "unknown"); + } + + return format (s, "%s", t); +} + +vnet_api_error_t +set_syslog_sender (ip4_address_t * collector, u16 collector_port, + ip4_address_t * src, u32 vrf_id, u32 max_msg_size) +{ + syslog_main_t *sm = &syslog_main; + u32 fib_index; + + if (max_msg_size < DEFAULT_MAX_MSG_SIZE) + return VNET_API_ERROR_INVALID_VALUE; + + if (collector->as_u32 == 0 || collector_port == 0 || src->as_u32 == 0) + return VNET_API_ERROR_INVALID_VALUE; + + if (vrf_id == ~0) + { + fib_index = ~0; + } + else + { + fib_index = fib_table_find (FIB_PROTOCOL_IP4, vrf_id); + if (fib_index == ~0) + return VNET_API_ERROR_NO_SUCH_FIB; + } + + sm->fib_index = fib_index; + + sm->collector.as_u32 = collector->as_u32; + sm->collector_port = (u16) collector_port; + sm->src_address.as_u32 = src->as_u32; + sm->max_msg_size = max_msg_size; + + return 0; +} + +static clib_error_t * +set_syslog_sender_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + unformat_input_t _line_input, *line_input = &_line_input; + ip4_address_t collector, src; + u32 collector_port = DEFAULT_UDP_PORT; + u32 vrf_id = ~0; + u32 max_msg_size = DEFAULT_MAX_MSG_SIZE; + clib_error_t *ret = 0; + + collector.as_u32 = 0; + src.as_u32 = 0; + + /* Get a line of input. */ + if (!unformat_user (input, unformat_line_input, line_input)) + return 0; + + while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) + { + if (unformat + (line_input, "collector %U", unformat_ip4_address, &collector)) + ; + else if (unformat (line_input, "port %u", &collector_port)) + ; + else if (unformat (line_input, "src %U", unformat_ip4_address, &src)) + ; + else if (unformat (line_input, "vrf-id %u", &vrf_id)) + ; + else if (unformat (line_input, "max-msg-size %u", &max_msg_size)) + ; + else + { + ret = clib_error_return (0, "Unknown input `%U'", + format_unformat_error, line_input); + goto done; + } + } + + if (collector.as_u32 == 0) + { + ret = clib_error_return (0, "collector address required"); + goto done; + } + + if (src.as_u32 == 0) + { + ret = clib_error_return (0, "src address required"); + goto done; + } + + if (max_msg_size < DEFAULT_MAX_MSG_SIZE) + { + ret = + clib_error_return (0, "too small max-msg-size value, minimum is %u", + DEFAULT_MAX_MSG_SIZE); + goto done; + } + + vnet_api_error_t rv = + set_syslog_sender (&collector, collector_port, &src, vrf_id, + max_msg_size); + + if (rv) + ret = + clib_error_return (0, "set syslog sender failed rv=%d:%U", (int) rv, + format_vnet_api_errno, rv); + +done: + unformat_free (line_input); + return ret; +} + +static clib_error_t * +show_syslog_sender_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + syslog_main_t *sm = &syslog_main; + u32 vrf_id = ~0; + + if (sm->fib_index != ~0) + vrf_id = fib_table_get_table_id (sm->fib_index, FIB_PROTOCOL_IP4); + + if (syslog_is_enabled ()) + vlib_cli_output (vm, "collector %U:%u, src address %U, VRF ID %d, " + "max-msg-size %u", + format_ip4_address, &sm->collector, sm->collector_port, + format_ip4_address, &sm->src_address, + vrf_id, sm->max_msg_size); + else + vlib_cli_output (vm, "syslog sender is disabled"); + + return 0; +} + +static clib_error_t * +test_syslog_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + unformat_input_t _line_input, *line_input = &_line_input; + syslog_msg_t syslog_msg; + syslog_facility_t facility; + syslog_severity_t severity; + clib_error_t *ret = 0; + u8 *app_name = 0, *msgid = 0, *sd_id = 0, *param_name = 0, *param_value = 0; + + if (!syslog_is_enabled ()) + return 0; + + /* Get a line of input. */ + if (!unformat_user (input, unformat_line_input, line_input)) + return 0; + + if (unformat (line_input, "%U", unformat_syslog_facility, &facility)) + { + if (unformat (line_input, "%U", unformat_syslog_severity, &severity)) + { + if (syslog_severity_filter_block (severity)) + goto done; + + if (unformat (line_input, "%s", &app_name)) + { + if (unformat (line_input, "%s", &msgid)) + { + syslog_msg_init (&syslog_msg, facility, severity, + (char *) app_name, (char *) msgid); + while (unformat (line_input, "sd-id %s", &sd_id)) + { + syslog_msg_sd_init (&syslog_msg, (char *) sd_id); + while (unformat + (line_input, "sd-param %s %s", ¶m_name, + ¶m_value)) + { + syslog_msg_add_sd_param (&syslog_msg, + (char *) param_name, + (char *) param_value); + vec_free (param_name); + vec_free (param_value); + } + vec_free (sd_id); + } + if (unformat_check_input (line_input) != + UNFORMAT_END_OF_INPUT) + syslog_msg_add_msg (&syslog_msg, "%U", + format_unformat_input, line_input); + syslog_msg_send (&syslog_msg); + } + else + { + ret = + clib_error_return (0, "Unknown input `%U'", + format_unformat_error, line_input); + goto done; + } + } + else + { + ret = + clib_error_return (0, "Unknown input `%U'", + format_unformat_error, line_input); + goto done; + } + } + else + { + ret = + clib_error_return (0, "Unknown input `%U'", format_unformat_error, + line_input); + goto done; + } + } + else + { + ret = + clib_error_return (0, "Unknown input `%U'", format_unformat_error, + line_input); + goto done; + } + +done: + vec_free (app_name); + vec_free (msgid); + unformat_free (line_input); + return ret; +} + +static clib_error_t * +set_syslog_filter_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + unformat_input_t _line_input, *line_input = &_line_input; + syslog_main_t *sm = &syslog_main; + clib_error_t *ret = 0; + + /* Get a line of input. */ + if (!unformat_user (input, unformat_line_input, line_input)) + return 0; + + while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) + { + if (unformat + (line_input, "severity %U", unformat_syslog_severity, + &sm->severity_filter)) + ; + else + { + ret = clib_error_return (0, "Unknown input `%U'", + format_unformat_error, line_input); + goto done; + } + } + +done: + unformat_free (line_input); + return ret; +} + +static clib_error_t * +show_syslog_filter_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + syslog_main_t *sm = &syslog_main; + + vlib_cli_output (vm, "severity-filter: %U", format_syslog_severity, + sm->severity_filter); + + return 0; +} + +/* *INDENT-OFF* */ +/*? + * Set syslog sender configuration. + * + * @cliexpar + * @parblock + * + * Example of how to configure syslog sender: + * @cliexcmd{set syslog sender collector 10.10.10.10 port 514 src 172.16.2.2} + * @endparblock +?*/ +VLIB_CLI_COMMAND (set_syslog_sender_command, static) = { + .path = "set syslog sender", + .short_help = "set syslog sender " + "collector <ip4-address> [port <port>] " + "src <ip4-address> [vrf-id <vrf-id>] " + "[max-msg-size <max-msg-size>]", + .function = set_syslog_sender_command_fn, +}; + +/*? + * Show syslog sender configuration. + * + * @cliexpar + * @parblock + * + * Example of how to display syslog sender configuration: + * @cliexstart{show syslog sender} + * collector 10.10.10.10:514, src address 172.16.2.2, VRF ID 0, max-msg-size 480 + * @cliexend + * @endparblock +?*/ +VLIB_CLI_COMMAND (show_syslog_sender_command, static) = { + .path = "show syslog sender", + .short_help = "show syslog sender", + .function = show_syslog_sender_command_fn, +}; + +/*? + * This command generate test syslog message. + * + * @cliexpar + * @parblock + * + * Example of how to generate following syslog message + * '<em><180>1 2018-11-07T11:36:41.231759Z 172.16.1.1 test 10484 testMsg + * [exampleSDID@32473 eventID="1011" eventSource="App" iut="3"] + * this is message</em>' + * @cliexcmd{test syslog local6 warning test testMsg sd-id <!-- + * --> exampleSDID@32473 sd-param eventID 1011 sd-param eventSource App <!-- + * --> sd-param iut 3 this is message} + * @endparblock +?*/ +VLIB_CLI_COMMAND (test_syslog_command, static) = { + .path = "test syslog", + .short_help = "test syslog <facility> <severity> <app-name> <msgid> " + "[sd-id <sd-id> sd-param <name> <value>] [<message]", + .function = test_syslog_command_fn, +}; + +/*? + * Set syslog severity filter, specified severity and greater match. + * + * @cliexpar + * @parblock + * + * Example of how to configure syslog severity filter: + * @cliexcmd{set syslog filter severity warning} + * @endparblock +?*/ +VLIB_CLI_COMMAND (set_syslog_filter_command, static) = { + .path = "set syslog filter", + .short_help = "set syslog filter severity <severity>", + .function = set_syslog_filter_command_fn, +}; + +/*? + * Show syslog severity filter. + * + * @cliexpar + * @parblock + * + * Example of how to display syslog severity filter: + * @cliexstart{show syslog filter} + * severity-filter: warning + * @cliexend + * @endparblock +?*/ +VLIB_CLI_COMMAND (show_syslog_filter_command, static) = { + .path = "show syslog filter", + .short_help = "show syslog filter", + .function = show_syslog_filter_command_fn, +}; +/* *INDENT-ON* */ + +static clib_error_t * +syslog_init (vlib_main_t * vm) +{ + syslog_main_t *sm = &syslog_main; + f64 vlib_time_0 = vlib_time_now (vm); + struct timeval timeval_0; + vlib_node_t *ip4_lookup_node; + + sm->vlib_main = vm; + sm->vnet_main = vnet_get_main (); + + sm->procid = getpid (); + gettimeofday (&timeval_0, 0); + sm->time_offset = + (f64) timeval_0.tv_sec + (((f64) timeval_0.tv_usec) * 1e-6) - vlib_time_0; + + sm->collector.as_u32 = 0; + sm->src_address.as_u32 = 0; + sm->collector_port = DEFAULT_UDP_PORT; + sm->max_msg_size = DEFAULT_MAX_MSG_SIZE; + sm->fib_index = ~0; + sm->severity_filter = SYSLOG_SEVERITY_INFORMATIONAL; + + ip4_lookup_node = vlib_get_node_by_name (vm, (u8 *) "ip4-lookup"); + sm->ip4_lookup_node_index = ip4_lookup_node->index; + + return 0; +} + +VLIB_INIT_FUNCTION (syslog_init); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/syslog/syslog.h b/src/vnet/syslog/syslog.h new file mode 100644 index 00000000000..ed915877518 --- /dev/null +++ b/src/vnet/syslog/syslog.h @@ -0,0 +1,225 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @file RFC5424 syslog protocol declarations + */ +#ifndef __included_syslog_h__ +#define __included_syslog_h__ + +#include <vlib/vlib.h> +#include <vnet/vnet.h> +#include <vnet/ip/ip4_packet.h> + +/* syslog message facilities */ +#define foreach_syslog_facility \ + _(0, KERNEL, "kernel") \ + _(1, USER_LEVEL, "user-level") \ + _(2, MAIL_SYSTEM, "mail-system") \ + _(3, SYSTEM_DAEMONS, "system-daemons") \ + _(4, SEC_AUTH, "security-authorization") \ + _(5, SYSLOGD, "syslogd") \ + _(6, LINE_PRINTER, "line-printer") \ + _(7, NETWORK_NEWS, "network-news") \ + _(8, UUCP, "uucp") \ + _(9, CLOCK, "clock-daemon") \ + _(11, FTP, "ftp-daemon") \ + _(12, NTP, "ntp-subsystem") \ + _(13, LOG_AUDIT, "log-audit") \ + _(14, LOG_ALERT, "log-alert") \ + _(16, LOCAL0, "local0") \ + _(17, LOCAL1, "local1") \ + _(18, LOCAL2, "local2") \ + _(19, LOCAL3, "local3") \ + _(20, LOCAL4, "local4") \ + _(21, LOCAL5, "local5") \ + _(22, LOCAL6, "local6") \ + _(23, LOCAL7, "local7") + +typedef enum +{ +#define _(v, N, s) SYSLOG_FACILITY_##N = v, + foreach_syslog_facility +#undef _ +} syslog_facility_t; + +/* syslog message severities */ +#define foreach_syslog_severity \ + _(0, EMERGENCY, "emergency") \ + _(1, ALERT, "alert") \ + _(2, CRITICAL, "critical") \ + _(3, ERROR, "error") \ + _(4, WARNING, "warning") \ + _(5, NOTICE, "notice") \ + _(6, INFORMATIONAL, "informational") \ + _(7, DEBUG, "debug") + +typedef enum +{ +#define _(v, N, s) SYSLOG_SEVERITY_##N = v, + foreach_syslog_severity +#undef _ +} syslog_severity_t; + +/** syslog header */ +typedef struct +{ + /** facility value, part of priority */ + syslog_facility_t facility; + + /** severity value, part of priority */ + syslog_severity_t severity; + + /** message timestamp */ + f64 timestamp; + + /** application that originated the message RFC5424 6.2.5. */ + char *app_name; + + /** identify the type of message RFC5424 6.2.7. */ + char *msgid; +} syslog_header_t; + +/** syslog message */ +typedef struct +{ + /** header */ + syslog_header_t header; + + /** structured data RFC5424 6.3. */ + u8 **structured_data; + u32 curr_sd_index; + + /** free-form message RFC5424 6.4. */ + u8 *msg; +} syslog_msg_t; + +typedef struct +{ + /** process ID RFC5424 6.2.6. */ + u32 procid; + + /** time offset */ + f64 time_offset; + + /** IPv4 address of remote host (destination) */ + ip4_address_t collector; + + /** UDP port number of remote host (destination) */ + u16 collector_port; + + /** IPv4 address of sender (source) */ + ip4_address_t src_address; + + /** FIB table index */ + u32 fib_index; + + /** message size limit */ + u32 max_msg_size; + + /** severity filter (specified severity and greater match) */ + syslog_severity_t severity_filter; + + /** ip4-lookup node index */ + u32 ip4_lookup_node_index; + + /** convenience variables */ + vlib_main_t *vlib_main; + vnet_main_t *vnet_main; +} syslog_main_t; + +extern syslog_main_t syslog_main; + +/** + * @brief Initialize syslog message header + * + * @param facility facility value + * @param severity severity level + * @param app_name application that originated message RFC424 6.2.5. (optional) + * @param msgid identify the type of message RFC5424 6.2.7. (optional) + */ +void syslog_msg_init (syslog_msg_t * syslog_msg, syslog_facility_t facility, + syslog_severity_t severity, char *app_name, + char *msgid); +/** + * @brief Initialize structured data element + * + * @param sd_id structured data element name RFC5424 6.3.2. + */ +void syslog_msg_sd_init (syslog_msg_t * syslog_msg, char *sd_id); + +/** + * @brief Add structured data elemnt parameter name-value pair RFC5424 6.3.3. + */ +void syslog_msg_add_sd_param (syslog_msg_t * syslog_msg, char *name, + char *fmt, ...); + +/** + * @brief Add free-form message RFC5424 6.4. + */ +void syslog_msg_add_msg (syslog_msg_t * syslog_msg, char *fmt, ...); + +/** + * @brief Send syslog message + */ +int syslog_msg_send (syslog_msg_t * syslog_msg); + +/** + * @brief Set syslog sender configuration + * + * @param collector IPv4 address of syslog collector (destination) + * @param collector_port UDP port of syslog colector (destination) + * @param src IPv4 address of syslog sender (source) + * @param vrf_id VRF/FIB table ID + * @param max_msg_size maximum message length + */ +vnet_api_error_t set_syslog_sender (ip4_address_t * collector, + u16 collector_port, ip4_address_t * src, + u32 vrf_id, u32 max_msg_size); + +/** + * @brief Check if syslog logging is enabled + * + * @return 1 if syslog logging is enabled, 0 otherwise + */ +always_inline int +syslog_is_enabled (void) +{ + syslog_main_t *sm = &syslog_main; + + return sm->collector.as_u32 ? 1 : 0; +} + +/** + * @brief Severity filter test + * + * @return 1 if message with specified severity is not selected to be logged + */ +always_inline int +syslog_severity_filter_block (syslog_severity_t s) +{ + syslog_main_t *sm = &syslog_main; + + return (sm->severity_filter < s); +} + +#endif /* __included_syslog_h__ */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/syslog/syslog_api.c b/src/vnet/syslog/syslog_api.c new file mode 100644 index 00000000000..8f94c72b291 --- /dev/null +++ b/src/vnet/syslog/syslog_api.c @@ -0,0 +1,243 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <vnet/vnet.h> +#include <vlibmemory/api.h> + +#include <vnet/interface.h> +#include <vnet/api_errno.h> + +#include <vnet/fib/fib_table.h> +#include <vnet/syslog/syslog.h> + +#include <vnet/vnet_msg_enum.h> + +#define vl_typedefs /* define message structures */ +#include <vnet/vnet_all_api_h.h> +#undef vl_typedefs + +#define vl_endianfun /* define message structures */ +#include <vnet/vnet_all_api_h.h> +#undef vl_endianfun + +/* instantiate all the print functions we know about */ +#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__) +#define vl_printfun +#include <vnet/vnet_all_api_h.h> +#undef vl_printfun + +#include <vlibapi/api_helper_macros.h> + +#define foreach_vpe_api_msg \ +_(SYSLOG_SET_SENDER, syslog_set_sender) \ +_(SYSLOG_GET_SENDER, syslog_get_sender) \ +_(SYSLOG_SET_FILTER, syslog_set_filter) \ +_(SYSLOG_GET_FILTER, syslog_get_filter) + +static int +syslog_severity_decode (vl_api_syslog_severity_t v, syslog_severity_t * s) +{ + v = ntohl (v); + int rv = 0; + + switch (v) + { + case SYSLOG_API_SEVERITY_EMERG: + *s = SYSLOG_SEVERITY_EMERGENCY; + break; + case SYSLOG_API_SEVERITY_ALERT: + *s = SYSLOG_SEVERITY_ALERT; + break; + case SYSLOG_API_SEVERITY_CRIT: + *s = SYSLOG_SEVERITY_CRITICAL; + break; + case SYSLOG_API_SEVERITY_ERR: + *s = SYSLOG_SEVERITY_ERROR; + break; + case SYSLOG_API_SEVERITY_WARN: + *s = SYSLOG_SEVERITY_WARNING; + break; + case SYSLOG_API_SEVERITY_NOTICE: + *s = SYSLOG_SEVERITY_NOTICE; + break; + case SYSLOG_API_SEVERITY_INFO: + *s = SYSLOG_SEVERITY_INFORMATIONAL; + break; + case SYSLOG_API_SEVERITY_DBG: + *s = SYSLOG_SEVERITY_DEBUG; + break; + default: + rv = VNET_API_ERROR_INVALID_VALUE; + } + + return rv; +} + +static int +syslog_severity_encode (syslog_severity_t v, vl_api_syslog_severity_t * s) +{ + int rv = 0; + switch (v) + { + case SYSLOG_SEVERITY_EMERGENCY: + *s = SYSLOG_API_SEVERITY_EMERG; + break; + case SYSLOG_SEVERITY_ALERT: + *s = SYSLOG_API_SEVERITY_ALERT; + break; + case SYSLOG_SEVERITY_CRITICAL: + *s = SYSLOG_API_SEVERITY_CRIT; + break; + case SYSLOG_SEVERITY_ERROR: + *s = SYSLOG_API_SEVERITY_ERR; + break; + case SYSLOG_SEVERITY_WARNING: + *s = SYSLOG_API_SEVERITY_WARN; + break; + case SYSLOG_SEVERITY_NOTICE: + *s = SYSLOG_API_SEVERITY_NOTICE; + break; + case SYSLOG_SEVERITY_INFORMATIONAL: + *s = SYSLOG_API_SEVERITY_INFO; + break; + case SYSLOG_SEVERITY_DEBUG: + *s = SYSLOG_API_SEVERITY_DBG; + break; + default: + rv = VNET_API_ERROR_INVALID_VALUE; + } + + *s = htonl (*s); + return rv; +} + +static void +vl_api_syslog_set_sender_t_handler (vl_api_syslog_set_sender_t * mp) +{ + vl_api_syslog_set_sender_reply_t *rmp; + ip4_address_t collector, src; + + clib_memcpy (&collector, &mp->collector_address, sizeof (collector)); + clib_memcpy (&src, &mp->src_address, sizeof (src)); + + int rv = set_syslog_sender (&collector, ntohs (mp->collector_port), &src, + ntohl (mp->vrf_id), ntohl (mp->max_msg_size)); + + REPLY_MACRO (VL_API_SYSLOG_SET_SENDER_REPLY); +} + +static void +vl_api_syslog_get_sender_t_handler (vl_api_syslog_get_sender_t * mp) +{ + int rv = 0; + vl_api_syslog_get_sender_reply_t *rmp; + syslog_main_t *sm = &syslog_main; + u32 vrf_id; + + /* *INDENT-OFF* */ + REPLY_MACRO2 (VL_API_SYSLOG_GET_SENDER_REPLY, + ({ + clib_memcpy (rmp->collector_address.address, &(sm->collector), + sizeof(ip4_address_t)); + clib_memcpy (rmp->src_address.address, &(sm->src_address), + sizeof(ip4_address_t)); + rmp->collector_port = htons (sm->collector_port); + if (sm->fib_index == ~0) + vrf_id = ~0; + else + vrf_id = htonl (fib_table_get_table_id (sm->fib_index, FIB_PROTOCOL_IP4)); + rmp->vrf_id = vrf_id; + rmp->max_msg_size = htonl (sm->max_msg_size); + })) + /* *INDENT-ON* */ +} + +static void +vl_api_syslog_set_filter_t_handler (vl_api_syslog_set_filter_t * mp) +{ + vl_api_syslog_set_filter_reply_t *rmp; + syslog_main_t *sm = &syslog_main; + int rv = 0; + syslog_severity_t s; + + rv = syslog_severity_decode (mp->severity, &s); + if (rv) + goto send_reply; + + sm->severity_filter = s; + +send_reply: + REPLY_MACRO (VL_API_SYSLOG_SET_FILTER_REPLY); +} + +static void +vl_api_syslog_get_filter_t_handler (vl_api_syslog_get_filter_t * mp) +{ + int rv = 0; + vl_api_syslog_get_filter_reply_t *rmp; + syslog_main_t *sm = &syslog_main; + + /* *INDENT-OFF* */ + REPLY_MACRO2 (VL_API_SYSLOG_GET_FILTER_REPLY, + ({ + rv = syslog_severity_encode (sm->severity_filter, &rmp->severity); + })) + /* *INDENT-ON* */ +} + +#define vl_msg_name_crc_list +#include <vnet/vnet_all_api_h.h> +#undef vl_msg_name_crc_list + +static void +setup_message_id_table (api_main_t * am) +{ +#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id); + foreach_vl_msg_name_crc_syslog; +#undef _ +} + +static clib_error_t * +syslog_api_hookup (vlib_main_t * vm) +{ + api_main_t *am = &api_main; + +#define _(N,n) \ + vl_msg_api_set_handlers(VL_API_##N, #n, \ + vl_api_##n##_t_handler, \ + vl_noop_handler, \ + vl_api_##n##_t_endian, \ + vl_api_##n##_t_print, \ + sizeof(vl_api_##n##_t), 1); + foreach_vpe_api_msg; +#undef _ + + /* + * Set up the (msg_name, crc, message-id) table + */ + setup_message_id_table (am); + + return 0; +} + +VLIB_API_INIT_FUNCTION (syslog_api_hookup); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/syslog/syslog_udp.c b/src/vnet/syslog/syslog_udp.c new file mode 100644 index 00000000000..f4fa1d0baf5 --- /dev/null +++ b/src/vnet/syslog/syslog_udp.c @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @file syslog protocol UDP transport layer implementation (RFC5426) + */ + +#include <vnet/syslog/syslog_udp.h> +#include <vnet/ip/ip4.h> +#include <vnet/udp/udp_packet.h> + +void +syslog_add_udp_transport (vlib_main_t * vm, u32 bi) +{ + syslog_main_t *sm = &syslog_main; + vlib_buffer_t *b = vlib_get_buffer (vm, bi); + ip4_header_t *ip; + udp_header_t *udp; + + vlib_buffer_advance (b, -(sizeof (ip4_header_t) + sizeof (udp_header_t))); + + b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED; + vnet_buffer (b)->sw_if_index[VLIB_RX] = 0; + vnet_buffer (b)->sw_if_index[VLIB_TX] = sm->fib_index; + + ip = vlib_buffer_get_current (b); + clib_memset (ip, 0, sizeof (*ip)); + udp = (udp_header_t *) (ip + 1); + clib_memset (udp, 0, sizeof (*udp)); + + ip->ip_version_and_header_length = 0x45; + ip->flags_and_fragment_offset = + clib_host_to_net_u16 (IP4_HEADER_FLAG_DONT_FRAGMENT); + ip->ttl = 255; + ip->protocol = IP_PROTOCOL_UDP; + ip->src_address.as_u32 = sm->src_address.as_u32; + ip->dst_address.as_u32 = sm->collector.as_u32; + + udp->src_port = udp->dst_port = clib_host_to_net_u16 (sm->collector_port); + + const u16 ip_length = vlib_buffer_length_in_chain (vm, b); + ip->length = clib_host_to_net_u16 (ip_length); + ip->checksum = ip4_header_checksum (ip); + + const u16 udp_length = ip_length - (sizeof (ip4_header_t)); + udp->length = clib_host_to_net_u16 (udp_length); + /* RFC5426 3.6. */ + udp->checksum = ip4_tcp_udp_compute_checksum (vm, b, ip); + if (udp->checksum == 0) + udp->checksum = 0xffff; + + b->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID; +} + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/syslog/syslog_udp.h b/src/vnet/syslog/syslog_udp.h new file mode 100644 index 00000000000..008fed70d19 --- /dev/null +++ b/src/vnet/syslog/syslog_udp.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @file syslog protocol UDP transport layer declaration (RFC5426) + */ +#ifndef __included_syslog_udp_h__ +#define __included_syslog_udp_h__ + +#include <vnet/syslog/syslog.h> + +/** + * @brief Add UDP/IP transport layer by prepending it to existing data + */ +void syslog_add_udp_transport (vlib_main_t * vm, u32 bi); + +#endif /* __included_syslog_udp_h__ */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/vnet_all_api_h.h b/src/vnet/vnet_all_api_h.h index 157006b2643..927bcab9e92 100644 --- a/src/vnet/vnet_all_api_h.h +++ b/src/vnet/vnet_all_api_h.h @@ -76,6 +76,7 @@ #include <vnet/dhcp/dhcp6_ia_na_client_cp.api.h> #include <vnet/devices/pipe/pipe.api.h> #include <vnet/vxlan-gbp/vxlan_gbp.api.h> +#include <vnet/syslog/syslog.api.h> /* * fd.io coding-style-patch-verification: ON |