summaryrefslogtreecommitdiffstats
path: root/src/vppinfra/pcap.h
blob: c3e1fef71f3e03ef7609d0495410d8557c3994ea (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
/*
 * Copyright (c) 2015 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/*
 * pcap.h: libpcap packet capture format
 *
 * Copyright (c) 2008 Eliot Dresselhaus
 *
 * Permission is hereby granted, free of charge, to any person obtaining
 * a copy of this software and associated documentation files (the
 * "Software"), to deal in the Software without restriction, including
 * without limitation the rights to use, copy, modify, merge, publish,
 * distribute, sublicense, and/or sell copies of the Software, and to
 * permit persons to whom the Software is furnished to do so, subject to
 * the following conditions:
 *
 * The above copyright notice and this permission notice shall be
 * included in all copies or substantial portions of the Software.
 *
 *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 *  EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 *  MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 *  NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 *  LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 *  OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 *  WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */
/**
 * @file
 * @brief PCAP utility definitions
 */
#ifndef included_vppinfra_pcap_h
#define included_vppinfra_pcap_h

#include <vppinfra/types.h>
#include <vppinfra/cache.h>
#include <vppinfra/mem.h>
#include <vppinfra/lock.h>

/**
 * @brief Known libpcap encap types
 *
 * These codes end up in the pcap file header.
 * If you decide to build a wireshark dissector,
 * you'll need to know that these codes are mapped
 * through the pcap_to_wtap_map[] array in .../wiretap/pcap-common.c.
 *
 * For example:
 *
 *   { 280, 		WTAP_ENCAP_VPP },
 *
 * A file with the officially-allocated vpp packet type PCAP_PACKET_TYPE_vpp
 * aka 280, will need a top-level dissector registered to
 * deal with WTAP_ENCAP_VPP [=206].
 *
 * Something like so:
 *
 * dissector_add_uint("wtap_encap", WTAP_ENCAP_VPP, vpp_dissector_handle);
 *
 */
#define foreach_vnet_pcap_packet_type           \
  _ (null, 0)					\
  _ (ethernet, 1)				\
  _ (ppp, 9)					\
  _ (ip, 12)					\
  _ (hdlc, 104)                                 \
  _ (user0,    147)                             \
  _ (user1,    148)                             \
  _ (user2,    149)                             \
  _ (user3,    150)                             \
  _ (user4,    151)                             \
  _ (user5,    152)                             \
  _ (user6,    153)                             \
  _ (user7,    154)                             \
  _ (user8,    155)                             \
  _ (user9,    156)                             \
  _ (user10,   157)                             \
  _ (user11,   158)                             \
  _ (user12,   159)                             \
  _ (user13,   160)                             \
  _ (user14,   161)                             \
  _ (user15,   162)				\
  _ (vpp, 280)					\

typedef enum
{
#define _(f,n) PCAP_PACKET_TYPE_##f = (n),
  foreach_vnet_pcap_packet_type
#undef _
} pcap_packet_type_t;

#define foreach_pcap_file_header			\
  /** 0xa1b2c3d4 host byte order.			\
     0xd4c3b2a1 => need to byte swap everything. */	\
  _ (u32, magic)					\
							\
  /** Currently major 2 minor 4. */			\
  _ (u16, major_version)				\
  _ (u16, minor_version)				\
							\
  /** 0 for GMT. */					\
  _ (u32, time_zone)					\
							\
  /** Accuracy of timestamps.  Typically set to 0. */	\
  _ (u32, sigfigs)					\
							\
  /** Size of largest packet in file. */                \
  _ (u32, max_packet_size_in_bytes)			\
							\
  /** One of vnet_pcap_packet_type_t. */                \
  _ (u32, packet_type)

/** File header struct */
typedef struct
{
#define _(t, f) t f;
  foreach_pcap_file_header
#undef _
} pcap_file_header_t;

#define foreach_pcap_packet_header					\
  /** Time stamp in seconds  */                                         \
  _ (u32, time_in_sec)							\
  /** Time stamp in microseconds. */                                    \
  _ (u32, time_in_usec)							\
									\
  /** Number of bytes stored in file. */                                \
  _ (u32, n_packet_bytes_stored_in_file)				\
  /** Number of bytes in actual packet. */                              \
  _ (u32, n_bytes_in_packet)

/** Packet header. */
typedef struct
{
#define _(t, f) t f;
  foreach_pcap_packet_header
#undef _
  /** Packet data follows. */
  u8 data[0];
} pcap_packet_header_t;

/**
 * @brief PCAP main state data structure
 */
typedef struct
{
  /** spinlock to protect e.g. pcap_data */
  clib_spinlock_t lock;

  /** File name of pcap output. */
  char *file_name;

  /** Number of packets to capture. */
  u32 n_packets_to_capture;

  /** Packet type */
  pcap_packet_type_t packet_type;

  /** Number of packets currently captured. */
  u32 n_packets_captured;

  /** flags */
  u32 flags;
#define PCAP_MAIN_INIT_DONE (1 << 0)

  /** File descriptor for reading/writing. */
  int file_descriptor;

  /** Bytes written */
  u32 n_pcap_data_written;

  /** Vector of pcap data. */
  u8 *pcap_data;

  /** Packets read from file. */
  u8 **packets_read;

  /** Timestamps */
  u64 *timestamps;

  /** Min/Max Packet bytes */
  u32 min_packet_bytes, max_packet_bytes;
} pcap_main_t;

#define PCAP_DEF_PKT_TO_CAPTURE (100)

#endif /* included_vppinfra_pcap_h */

/*
 * fd.io coding-style-patch-verification: ON
 *
 * Local Variables:
 * eval: (c-set-style "gnu")
 * End:
 */
ass="p">{ vnet_buffer (b)->l2t.next_index = L2T_DECAP_NEXT_NO_INTERCEPT; return; } else { session_index = p[0]; } /* Remember mapping index, prefetch the mini counter */ vnet_buffer (b)->l2t.next_index = L2T_DECAP_NEXT_L2_INPUT; vnet_buffer (b)->l2t.session_index = session_index; /* $$$$$ prefetch counter */ } static inline u32 last_stage (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_buffer_t * b) { l2t_main_t *lm = &l2t_main; ip6_header_t *ip6 = vlib_buffer_get_current (b); vlib_node_t *n = vlib_get_node (vm, node->node_index); u32 node_counter_base_index = n->error_heap_index; vlib_error_main_t *em = &vm->error_main; l2tpv3_header_t *l2tp; u32 counter_index; l2t_session_t *session = 0; u32 session_index; u32 next_index; u8 l2tp_decap_local = (l2t_decap_local_node.index == n->index); /* Other-than-output pkt? We're done... */ if (vnet_buffer (b)->l2t.next_index != L2T_DECAP_NEXT_L2_INPUT) { next_index = vnet_buffer (b)->l2t.next_index; goto done; } em->counters[node_counter_base_index + L2T_DECAP_ERROR_USER_TO_NETWORK] += 1; session_index = vnet_buffer (b)->l2t.session_index; counter_index = session_index_to_counter_index (session_index, SESSION_COUNTER_USER_TO_NETWORK); /* per-mapping byte stats include the ethernet header */ vlib_increment_combined_counter (&lm->counter_main, vlib_get_thread_index (), counter_index, 1 /* packet_increment */ , vlib_buffer_length_in_chain (vm, b) + sizeof (ethernet_header_t)); session = pool_elt_at_index (lm->sessions, session_index); l2tp = vlib_buffer_get_current (b) + sizeof (*ip6); if (PREDICT_FALSE (l2tp->session_id != session->local_session_id)) { /* Key matched but session id does not. Assume packet is not for us. */ em->counters[node_counter_base_index + L2T_DECAP_ERROR_SESSION_ID_MISMATCH] += 1; next_index = L2T_DECAP_NEXT_NO_INTERCEPT; goto done; } if (PREDICT_FALSE (l2tp->cookie != session->local_cookie[0])) { if (l2tp->cookie != session->local_cookie[1]) { /* Key and session ID matched, but cookie doesn't. Drop this packet. */ b->error = node->errors[L2T_DECAP_ERROR_COOKIE_MISMATCH]; next_index = L2T_DECAP_NEXT_DROP; goto done; } } vnet_buffer (b)->sw_if_index[VLIB_RX] = session->sw_if_index; if (PREDICT_FALSE (!(session->admin_up))) { b->error = node->errors[L2T_DECAP_ERROR_ADMIN_DOWN]; next_index = L2T_DECAP_NEXT_DROP; goto done; } /* strip the ip6 and L2TP header */ vlib_buffer_advance (b, sizeof (*ip6) + session->l2tp_hdr_size); /* Required to make the l2 tag push / pop code work on l2 subifs */ vnet_update_l2_len (b); if (PREDICT_FALSE (b->flags & VLIB_BUFFER_IS_TRACED)) { l2t_trace_t *t = vlib_add_trace (vm, node, b, sizeof (*t)); t->is_user_to_network = 1; t->our_address.as_u64[0] = ip6->dst_address.as_u64[0]; t->our_address.as_u64[1] = ip6->dst_address.as_u64[1]; t->client_address.as_u64[0] = ip6->src_address.as_u64[0]; t->client_address.as_u64[1] = ip6->src_address.as_u64[1]; t->session_index = session_index; } return L2T_DECAP_NEXT_L2_INPUT; done: if (next_index == L2T_DECAP_NEXT_NO_INTERCEPT) { /* Small behavioral change between l2tp-decap and l2tp-decap-local */ if (l2tp_decap_local) { b->error = node->errors[L2T_DECAP_ERROR_NO_SESSION]; next_index = L2T_DECAP_NEXT_DROP; } else { /* Go to next node on the ip6 configuration chain */ if (PREDICT_TRUE (session != 0)) vnet_feature_next (&next_index, b); } } if (PREDICT_FALSE (b->flags & VLIB_BUFFER_IS_TRACED)) { l2t_trace_t *t = vlib_add_trace (vm, node, b, sizeof (*t)); t->is_user_to_network = 1; t->our_address.as_u64[0] = ip6->dst_address.as_u64[0]; t->our_address.as_u64[1] = ip6->dst_address.as_u64[1]; t->client_address.as_u64[0] = ip6->src_address.as_u64[0]; t->client_address.as_u64[1] = ip6->src_address.as_u64[1]; t->session_index = ~0; } return next_index; } #include <vnet/pipeline.h> static uword l2t_decap_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { return dispatch_pipeline (vm, node, frame); } /* * l2tp-decap and l2tp-decap-local have very slightly different behavior. * When a packet has no associated session l2tp-decap let it go to ip6 forward, * while l2tp-decap-local drops it. */ /* *INDENT-OFF* */ VLIB_REGISTER_NODE (l2t_decap_node) = { .function = l2t_decap_node_fn, .name = "l2tp-decap", .vector_size = sizeof (u32), .format_trace = format_l2t_trace, .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = ARRAY_LEN(l2t_decap_error_strings), .error_strings = l2t_decap_error_strings, .n_next_nodes = L2T_DECAP_N_NEXT, /* edit / add dispositions here */ .next_nodes = { [L2T_DECAP_NEXT_L2_INPUT] = "l2-input", [L2T_DECAP_NEXT_DROP] = "error-drop", }, }; /* *INDENT-ON* */ VLIB_NODE_FUNCTION_MULTIARCH (l2t_decap_node, l2t_decap_node_fn); /* *INDENT-OFF* */ VLIB_REGISTER_NODE (l2t_decap_local_node) = { .function = l2t_decap_node_fn, .name = "l2tp-decap-local", .vector_size = sizeof (u32), .format_trace = format_l2t_trace, .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = ARRAY_LEN(l2t_decap_error_strings), .error_strings = l2t_decap_error_strings, .n_next_nodes = L2T_DECAP_N_NEXT, /* edit / add dispositions here */ .next_nodes = { [L2T_DECAP_NEXT_L2_INPUT] = "l2-input", [L2T_DECAP_NEXT_DROP] = "error-drop", }, }; /* *INDENT-ON* */ void l2tp_decap_init (void) { ip6_register_protocol (IP_PROTOCOL_L2TP, l2t_decap_local_node.index); } /* * fd.io coding-style-patch-verification: ON * * Local Variables: * eval: (c-set-style "gnu") * End: */