#define PACKET_SIZE 64 #define GROUP_BITS 4 #define BUCKETS (1 << GROUP_BITS) #define MAX_FIELDS 8 /* E.g. mac,mac,addr,addr,port,port */ #define ADDR_LEN 4 #define ADDR6_LEN 16 #define PORT_LEN 2 #define MAC_LEN 6 #ifdef __MATCH_AVX2 #ifdef __AVX2__ #define MATCH_AVX2 #else #warning "AVX2 not supported, disabling" #endif #endif #ifdef __MATCH_CTZL #ifdef __GNUC__ #define MATCH_CTZL #else #warning "__builtin_ctzl() not supported, disabling" #endif #endif /** * enum desc_type - Types used in set description entries * @KEY: Verdict key for packets matching entry * @ADDR: IPv4 address * @PORT: Generic 16-bit port * @ADDR6: IPv6 address * @MAC: MAC address */ enum desc_type { KEY, ADDR, PORT, ADDR6, MAC, }; /** * enum set_ops - Operations used in set files * @ADD: Add entry to set * @LIST: List current set entries * @DEL: Delete entry from set */ enum set_ops { ADD, LIST, DEL, }; /** * struct desc_spec - Description of a single set specifier * @label: Field name * @type: Type of set field * @len: Length of packet field to be matched, in bytes * @offset: Field offset in packet, bytes */ struct desc_spec { char *label; enum desc_type type; int len; int offset; }; /** * struct desc - Description of a set * @layout: Layout as array of field specifiers * @fields: Number of fields * @row_size: Size of binary data for one entry (input to pre-computation) * @entries: Total number of set operations * @data: Binary data for pre-computation, concatenation of structs below */ struct desc { struct desc_spec *layout[MAX_FIELDS]; int fields; int row_size; int entries; uint8_t *data; }; /** * struct addr - Represent an IPv4 address, range or mask (in set description) * @start: Start of range, or address * @end: End of range, zero for single addresses or masks * @cidr: Mask length, 0 for ranges, 32 for single addresses */ struct addr { uint32_t start; uint32_t end; uint8_t cidr; }; /** * struct addr6 - Represent an IPv6 address, range or mask (in set description) * @start: Start of range, or address * @end: End of range, zero for single addresses or masks * @cidr: Mask length, 0 for ranges, 128 for single addresses */ struct addr6 { uint32_t start[4]; uint32_t end[4]; uint8_t cidr; }; /** * struct port - Represent a port or port range (in set description) * @start: Start of range, or single port number * @end: End of range, zero for single port */ struct port { uint16_t start; uint16_t end; }; /** * struct mac - Represent a MAC address or range (in set description) * @start: Start of range, or single MAC address * @end: End of range, zero for single MAC address */ struct mac { uint8_t start[6]; uint8_t end[6]; }; /** * union map_bucket - Bucket in mapping table (algorithm steps 3.5, 3.6) * @to: First rule number (in next field) this rule maps to * @n: Number of rules (in next field) this rule maps to * @key: If there's no next field, key this rule maps to */ union map_bucket { struct { uint32_t to:24; uint32_t n:8; }; uint32_t key; };