5. nBroker API

nBroker C API header file.

Defines

NBROKER_AUTO_RULE_ID
NBROKER_FLAGS_FAST

nbroker_init() flag: use best-effort rules insert for best insert performance (it does not return errors or the rule id)

CMD_QUEUE_ITEMS
CMD_QUEUE_ITEMS_MASK

Typedefs

typedef struct nbroker nbroker_t

Enums

enum nbroker_rc_t

Values:

NBROKER_RC_OK = 0
NBROKER_RC_INTERNAL_ERROR
NBROKER_RC_SYNTAX_ERROR
NBROKER_RC_UNSUPPORTED_MODE
NBROKER_RC_INVALID_DEVICE_PORT
NBROKER_RC_INVALID_REDIRECTION_PORT
NBROKER_RC_RULE_NOT_FOUND
NBROKER_RC_RULE_EXISTS
NBROKER_RC_DEVICE_COMMAND_ERROR
NBROKER_RC_BAD_BINARY_VERSION
NBROKER_RC_CONNECTION_ERROR
NBROKER_RC_BUSY
enum nbroker_policy_t

Values:

NBROKER_POLICY_DROP
NBROKER_POLICY_PASS
enum nbroker_filter_type_t

Values:

NBROKER_TYPE_FILTERING
NBROKER_TYPE_STEERING
enum cmd_type_t

Values:

CMD_SET_RULE = 0

Functions

nbroker_rc_t nbroker_init(nbroker_t **bkr, u_int32_t flags)

Init the broker communication.

Return
The error code
Parameters
  • bkr: The broker handler (out)
  • flags: Option flags

nbroker_rc_t nbroker_term(nbroker_t *bkr)

Terminates the broker communication. The broker object is freed.

Return
The error code
Parameters
  • bkr: The broker handler

nbroker_rc_t nbroker_set_default_policy(nbroker_t *bkr, const char *port, nbroker_policy_t policy)

Set the default policy. The port parameter can be either the symbolic linux name or the numeric port id.

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • policy: The default policy

nbroker_rc_t nbroker_apply_pending_rules(nbroker_t *bkr)

Apply pending rules (if any)

Return
The error code
Parameters
  • bkr: The broker handler

nbroker_rc_t nbroker_set_default_steering(nbroker_t *bkr, const char *port, const char *steer_to)

Set the default port redirection. The port parameter can be either the symbolic linux name or the numeric port id.

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • steer_to: The default destination port number or interface name

nbroker_rc_t nbroker_set_filtering_rule(nbroker_t *bkr, const char *port, u_int32_t *rule_id, const rrc_match_t *match, nbroker_policy_t policy)

Set a filtering rule for the specified match. On success, the rule_id will contain the newly set rule id.

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • rule_id: The rule id. Use NBROKER_AUTO_RULE_ID as rule_id to use the internal rule id management (in/out)
  • match: The rule to match
  • policy: The policy

nbroker_rc_t nbroker_set_steering_rule(nbroker_t *bkr, const char *port, u_int32_t *rule_id, const rrc_match_t *match, const char *steer_to)

Set a port redirection rule for the specified match.

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • rule_id: The rule id. Use NBROKER_AUTO_RULE_ID as rule_id to use the internal rule id management. On success, the rule_id will contain the newly set rule id (in/out).
  • match: The rule to match
  • steer_to: The destination port number or interface name

nbroker_rc_t nbroker_remove_rule_by_id(nbroker_t *bkr, const char *port, u_int32_t rule_id, nbroker_filter_type_t filter_type)

Remove a rule by its rule id.

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • rule_id: The rule id
  • filter_type: The filter type

nbroker_rc_t nbroker_remove_rule_by_match(nbroker_t *bkr, const char *port, const rrc_match_t *match, nbroker_filter_type_t filter_type)

Remove the first rule matching the specifed match.

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • match: The rule to match
  • filter_type: The filter type

nbroker_rc_t nbroker_list_rules(nbroker_t *bkr, const char *port, nbroker_filter_type_t filter_type, u_int32_t *num_rules, nbroker_rule_t **rules)

List the active rules of the specified type and port

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • filter: type The filter type to filter rules by type
  • num_rules: The number of rules (out)
  • rules: The rules list (out)

nbroker_rc_t nbroker_reset_rules(nbroker_t *bkr, const char *port, nbroker_filter_type_t filter_type)

Reset all the rules of the specified type on the specified port. Note: the default rules are not affected

Return
The error code
Parameters
  • bkr: The broker handler
  • port: The target port number or interface name
  • filter_type: The filter type

nbroker_rc_t nbroker_purge_idle_rules(nbroker_t *bkr, u_int32_t idle_for)

Purge the rules which have been set more than idle_for seconds ago.

Return
The error code
Parameters
  • bkr: The broker handler
  • idle_for: The idle time (sec). Pass 0 for automatic purge.

nbroker_rc_t nbroker_set_auto_purge(nbroker_t *bkr, u_int32_t idle_for)

Enable old rules auto-purge. Periodically, rules older than idle_for will be purged.

Return
The error code
Parameters
  • bkr: The broker handler
  • idle_for: The idle time (sec). Pass 0 to disable automatic purge.

nbroker_rc_t nbroker_ifname_to_internal_port(nbroker_t *bkr, const char *ifname, u_int8_t *port)

Converts a linux interface name to the internal (pci) port index of the device.

Return
The error code
Parameters
  • bkr: The broker handler
  • ifname: The interface name
  • port: The internal port number of the RRC switch bound to the specified interface (out)

nbroker_rc_t nbroker_ifname_to_external_port(nbroker_t *bkr, const char *ifname, u_int8_t *port)

Converts a linux interface name to the external port index of the device.

Return
The error code
Parameters
  • bkr: The broker handler
  • ifname: The interface name
  • port: The external port number of the RRC switch bound to the specified interface (out)

rrc_match_t *nbroker_parse_rule(const char *rule)

Parses a rule in the broker BPF syntax and produce a rrc_match_t structure. NOTE: a mutex is aquired while performing grammar parsing.

Return
NULL on error, the rrc_match_t rule otherwise (it must be freed by the caller)
Parameters
  • rule: The BPF filter

struct nbroker_rule_t

Public Members

u_int32_t rule_id

The rule id

rrc_match_t match

The match filter

nbroker_policy_t policy

The rule policy, only used in filtering rules

u_int8_t steer_to

The redirection port, only used in steering rules

union nbroker_rule_t::[anonymous] u
struct cmd_desc_t

Public Members

cmd_type_t type
char port[IFNAMSIZ]
nbroker_filter_type_t type
u_int32_t rule_id
rrc_match_t match
nbroker_policy_t policy
char redirectionPort[IFNAMSIZ]
struct cmd_desc_t::[anonymous] rule
struct cmd_queue_t

Public Members

u_int64_t head
u_int64_t tail
cmd_desc_t desc[CMD_QUEUE_ITEMS]
struct nbroker

Public Members

void *zmq_context
void *zmq_requester
int breakloop
u_int32_t flags
pthread_t cmdqthread
cmd_queue_t cmdq