diff options
Diffstat (limited to 'src/vnet/pg')
-rw-r--r-- | src/vnet/pg/input.c | 118 | ||||
-rw-r--r-- | src/vnet/pg/pg.h | 4 | ||||
-rw-r--r-- | src/vnet/pg/stream.c | 37 |
3 files changed, 159 insertions, 0 deletions
diff --git a/src/vnet/pg/input.c b/src/vnet/pg/input.c index 785592f3618..60fc96e6faa 100644 --- a/src/vnet/pg/input.c +++ b/src/vnet/pg/input.c @@ -1823,6 +1823,124 @@ VLIB_REGISTER_NODE (pg_input_node) = { }; /* *INDENT-ON* */ +VLIB_NODE_FN (pg_input_mac_filter) (vlib_main_t * vm, + vlib_node_runtime_t * node, + vlib_frame_t * frame) +{ + vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b = bufs; + u16 nexts[VLIB_FRAME_SIZE], *next; + pg_main_t *pg = &pg_main; + u32 n_left, *from; + + from = vlib_frame_vector_args (frame); + n_left = frame->n_vectors; + next = nexts; + + clib_memset_u16 (next, 0, VLIB_FRAME_SIZE); + + vlib_get_buffers (vm, from, bufs, n_left); + + while (n_left) + { + const ethernet_header_t *eth; + pg_interface_t *pi; + mac_address_t in; + + pi = pool_elt_at_index + (pg->interfaces, + pg->if_id_by_sw_if_index[vnet_buffer (b[0])->sw_if_index[VLIB_RX]]); + eth = vlib_buffer_get_current (b[0]); + + mac_address_from_bytes (&in, eth->dst_address); + + if (PREDICT_FALSE (ethernet_address_cast (in.bytes))) + { + mac_address_t *allowed; + + if (0 != vec_len (pi->allowed_mcast_macs)) + { + vec_foreach (allowed, pi->allowed_mcast_macs) + { + if (0 != mac_address_cmp (allowed, &in)) + break; + } + + if (vec_is_member (allowed, pi->allowed_mcast_macs)) + vnet_feature_next_u16 (&next[0], b[0]); + } + } + + b += 1; + next += 1; + n_left -= 1; + } + + vlib_buffer_enqueue_to_next (vm, node, from, nexts, frame->n_vectors); + + return (frame->n_vectors); +} + +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE (pg_input_mac_filter) = { + .name = "pg-input-mac-filter", + .vector_size = sizeof (u32), + .format_trace = format_pg_input_trace, + .n_next_nodes = 1, + .next_nodes = { + [0] = "error-drop", + }, +}; +VNET_FEATURE_INIT (pg_input_mac_filter_feat, static) = { + .arc_name = "device-input", + .node_name = "pg-input-mac-filter", +}; +/* *INDENT-ON* */ + +static clib_error_t * +pg_input_mac_filter_cfg (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + unformat_input_t _line_input, *line_input = &_line_input; + u32 sw_if_index = ~0; + int is_enable; + + if (!unformat_user (input, unformat_line_input, line_input)) + return 0; + + while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (line_input, "%U", + unformat_vnet_sw_interface, + vnet_get_main (), &sw_if_index)) + ; + else if (unformat (line_input, "%U", + unformat_vlib_enable_disable, &is_enable)) + ; + else + return clib_error_create ("unknown input `%U'", + format_unformat_error, line_input); + } + unformat_free (line_input); + + if (~0 == sw_if_index) + return clib_error_create ("specify interface"); + + vnet_feature_enable_disable ("device-input", + "pg-input-mac-filter", + sw_if_index, is_enable, 0, 0); + + return NULL; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (enable_streams_cli, static) = { + .path = "packet-generator mac-filter", + .short_help = "packet-generator mac-filter <INTERFACE> <on|off>", + .function = pg_input_mac_filter_cfg, +}; +/* *INDENT-ON* */ + + /* * fd.io coding-style-patch-verification: ON * diff --git a/src/vnet/pg/pg.h b/src/vnet/pg/pg.h index 06e61261b7d..f5b5e5ac358 100644 --- a/src/vnet/pg/pg.h +++ b/src/vnet/pg/pg.h @@ -45,6 +45,7 @@ #include <vppinfra/fifo.h> /* for buffer_fifo */ #include <vppinfra/pcap.h> #include <vnet/interface.h> +#include <vnet/ethernet/mac_address.h> #include <vnet/gso/gro.h> extern vnet_device_class_t pg_dev_class; @@ -312,6 +313,8 @@ typedef struct u32 gso_size; pcap_main_t pcap_main; char *pcap_file_name; + + mac_address_t *allowed_mcast_macs; } pg_interface_t; /* Per VLIB node data. */ @@ -335,6 +338,7 @@ typedef struct pg_main_t /* Pool of interfaces. */ pg_interface_t *interfaces; uword *if_index_by_if_id; + uword *if_id_by_sw_if_index; /* Vector of buffer indices for use in pg_stream_fill_replay, per thread */ u32 **replay_buffers_by_thread; diff --git a/src/vnet/pg/stream.c b/src/vnet/pg/stream.c index 88c89371c6c..6ea80903de0 100644 --- a/src/vnet/pg/stream.c +++ b/src/vnet/pg/stream.c @@ -139,6 +139,39 @@ pg_interface_admin_up_down (vnet_main_t * vnm, u32 hw_if_index, u32 flags) return 0; } +static int +pg_mac_address_cmp (const mac_address_t * m1, const mac_address_t * m2) +{ + return (!mac_address_cmp (m1, m2)); +} + +static clib_error_t * +pg_add_del_mac_address (vnet_hw_interface_t * hi, + const u8 * address, u8 is_add) +{ + pg_main_t *pg = &pg_main; + + if (ethernet_address_cast (address)) + { + mac_address_t mac; + pg_interface_t *pi; + + pi = pool_elt_at_index (pg->interfaces, hi->dev_instance); + + mac_address_from_bytes (&mac, address); + if (is_add) + vec_add1 (pi->allowed_mcast_macs, mac); + else + { + u32 pos = vec_search_with_function (pi->allowed_mcast_macs, &mac, + pg_mac_address_cmp); + if (~0 != pos) + vec_del1 (pi->allowed_mcast_macs, pos); + } + } + return (NULL); +} + /* *INDENT-OFF* */ VNET_DEVICE_CLASS (pg_dev_class) = { .name = "pg", @@ -146,6 +179,7 @@ VNET_DEVICE_CLASS (pg_dev_class) = { .format_device_name = format_pg_interface_name, .format_tx_trace = format_pg_output_trace, .admin_up_down_function = pg_interface_admin_up_down, + .mac_addr_add_del_function = pg_add_del_mac_address, }; /* *INDENT-ON* */ @@ -245,6 +279,9 @@ pg_interface_add_or_get (pg_main_t * pg, uword if_id, u8 gso_enabled, hash_set (pg->if_index_by_if_id, if_id, i); + vec_validate (pg->if_id_by_sw_if_index, hi->sw_if_index); + pg->if_id_by_sw_if_index[hi->sw_if_index] = i; + if (vlib_num_workers ()) { pi->lockp = clib_mem_alloc_aligned (CLIB_CACHE_LINE_BYTES, |