PF_RING API
API documentation for PF_RING: high-speed packet capture, filtering and analysis framework.
rrc.h File Reference

RRC library header file (low-level API to configure the switch). More...

#include "nbpf.h"

Go to the source code of this file.

Classes

struct  __attribute__
 
struct  __attribute__
 
struct  __attribute__
 
struct  __attribute__
 
struct  __attribute__
 
struct  __attribute__
 

Macros

#define MAX_NUM_PORTS   10
 
#define MAX_NUM_RULES   0x7FFFFFFF
 
#define MAX_NUM_USER_RULES   (MAX_NUM_RULES-2)
 
#define DEFAULT_RULE_ID   (MAX_NUM_RULES-2)
 
#define INIT_RULE_ID   (MAX_NUM_RULES-1)
 
#define RRC_INIT_FLAG_PORTMASK   (0 << 1) /* Set destination port mask (this is not compatible with redirection rules) */
 
#define EGRESS_TRAFFIC_FILTERING   EGRESS_TRAFFIC
 
#define INGRESS_TRAFFIC_STEERING   INGRESS_TRAFFIC
 

Typedefs

typedef struct rrc_port rrc_port_t
 

Enumerations

enum  rrc_policy_t { PERMIT = 0, DENY, REDIRECT }
 
enum  rrc_filter_type_t { EGRESS_TRAFFIC = 0, INGRESS_TRAFFIC }
 

Functions

int rrc_init (u_int32_t flags)
 
rrc_port_t * rrc_port_get (int portNumber)
 
int rrc_add_default_rule (rrc_port_t *port, rrc_filter_type_t type, rrc_policy_t action, int redirectPortNumber)
 
int rrc_add_rule (rrc_port_t *port, int ruleNumber, rrc_filter_type_t type, rrc_match_t *rule, rrc_policy_t action, int redirectPortNumber)
 
int rrc_add_nbpf_rule (rrc_port_t *port, int ruleNumber, rrc_filter_type_t type, nbpf_rule_core_fields_t *nBPFRule, rrc_policy_t action, int redirectPortNumber)
 
int rrc_remove_rule (rrc_port_t *port, int ruleNumber, rrc_filter_type_t type)
 
int rrc_remove_all_rules (rrc_port_t *port, rrc_filter_type_t type)
 
int rrc_read_rule_stats (rrc_port_t *port, int ruleNumber, rrc_filter_type_t type, rrc_stats_t *stats)
 
int rrc_read_port_stats (rrc_port_t *port, rrc_stats_t *stats)
 
int rrc_port_apply (rrc_port_t *port, rrc_filter_type_t type)
 
int rrc_apply ()
 
int rrc_add_mirror (rrc_port_t *in_port, rrc_port_t *out_port, rrc_match_t *rule)
 
int rrc_remove_mirror (rrc_port_t *out_port)
 
int rrc_set_load_balancer (rrc_port_t *out_ports, int num_out_ports, rrc_match_t *r)
 
int rrc_ifname_to_phys_port (const char *ifname)
 
int rrc_get_external_phys_port (int internal_phys_port)
 
int rrc_get_internal_phys_port (int external_phys_port)
 
void rrc_dump_rules (rrc_port_t *port, rrc_filter_type_t type)
 
void rrc_set_log_level (u_int8_t l)
 
void rrc_set_log_file (FILE *f)
 

Detailed Description

RRC library header file (low-level API to configure the switch).

Function Documentation

◆ rrc_add_default_rule()

int rrc_add_default_rule ( rrc_port_t *  port,
rrc_filter_type_t  type,
rrc_policy_t  action,
int  redirectPortNumber 
)

Sets the default policy

Parameters
portThe port handler
typeThe rule type: EGRESS_TRAFFIC or INGRESS_TRAFFIC
actionThe action in case of match (PERMIT/DENY for EGRESS_TRAFFIC, REDIRECT for INGRESS_TRAFFIC)
redirectPortNumberThe destination port in case of action = REDIRECT
Returns
0 on success, -1 otherwise

◆ rrc_add_mirror()

int rrc_add_mirror ( rrc_port_t *  in_port,
rrc_port_t *  out_port,
rrc_match_t *  rule 
)

Creates a mirror sending traffic from in_port to out_port. Setting two mirrors with the same source port does not work Setting two mirrors with the same destination port is not supported

Parameters
in_portThe source port
out_portThe destination port
ruleThe RRC rule to match (optional)
Returns
0 on success, -1 otherwise

◆ rrc_add_nbpf_rule()

int rrc_add_nbpf_rule ( rrc_port_t *  port,
int  ruleNumber,
rrc_filter_type_t  type,
nbpf_rule_core_fields_t *  nBPFRule,
rrc_policy_t  action,
int  redirectPortNumber 
)

Converts a nBPF rule into a RRC rule. nBPF fields are in network byte order. Please note a rule is identified by <port, ruleNumber, type>.

Parameters
portThe port handler
ruleNumberThe rule number (0..2147483645), -1 for auto
typeThe rule type: EGRESS_TRAFFIC or INGRESS_TRAFFIC
nBPFRuleThe nBPF rule to convert
actionThe action in case of match
redirectPortNumberThe destination port in case of action = REDIRECT
Returns
The rule number on success, -1 otherwise

◆ rrc_add_rule()

int rrc_add_rule ( rrc_port_t *  port,
int  ruleNumber,
rrc_filter_type_t  type,
rrc_match_t *  rule,
rrc_policy_t  action,
int  redirectPortNumber 
)

Add a rule. Fields are in network byte order. Please note a rule is identified by <port, ruleNumber, type>.

Parameters
portThe port handler
ruleNumberThe rule number (0..2147483645), -1 for auto
typeThe rule type: EGRESS_TRAFFIC or INGRESS_TRAFFIC
ruleThe RRC rule
actionThe action in case of match
redirectPortNumberThe destination port in case of action = REDIRECT
Returns
The rule number on success, -1 otherwise

◆ rrc_apply()

int rrc_apply ( )

Applies all changes

Returns
0 on success, -1 otherwise

◆ rrc_dump_rules()

void rrc_dump_rules ( rrc_port_t *  port,
rrc_filter_type_t  type 
)

Prints all the rules on a <port, type> (only for debugging)

◆ rrc_get_external_phys_port()

int rrc_get_external_phys_port ( int  internal_phys_port)

Returns the physical EPL port bound to the provided PEP port

Parameters
internal_phys_portThe physical PEP port number
Returns
The EPL port number on success, -1 otherwise

◆ rrc_get_internal_phys_port()

int rrc_get_internal_phys_port ( int  external_phys_port)

Returns the physical PEP port bound to the provided EPL port

Parameters
external_phys_portThe physical EPL port number
Returns
The PEP port number on success, -1 otherwise

◆ rrc_ifname_to_phys_port()

int rrc_ifname_to_phys_port ( const char *  ifname)

Returns the physical PEP port number bound to the interface

Parameters
ifnameThe interface name
Returns
The port number on success, -1 otherwise

◆ rrc_init()

int rrc_init ( u_int32_t  flags)

Initialise the card switch

Parameters
flagsSee RRC_INIT_FLAG_* defines
Returns
0 on success, -1 otherwise

◆ rrc_port_apply()

int rrc_port_apply ( rrc_port_t *  port,
rrc_filter_type_t  type 
)

Applies all changes to a port

Returns
0 on success, -1 otherwise

◆ rrc_port_get()

rrc_port_t* rrc_port_get ( int  portNumber)

Get the port handle

Parameters
portNumberThe port number (usually 1 or 2 in case of INGRESS_TRAFFIC, 3 or 4 in case of EGRESS_TRAFFIC)
Returns
The port handler on success, NULL otherwise

◆ rrc_read_port_stats()

int rrc_read_port_stats ( rrc_port_t *  port,
rrc_stats_t *  stats 
)

Egress port stats (packets dropped by ACLs).

Parameters
portThe port handler
statsThe port stats (out).
Returns
0 on success, -1 otherwise

◆ rrc_read_rule_stats()

int rrc_read_rule_stats ( rrc_port_t *  port,
int  ruleNumber,
rrc_filter_type_t  type,
rrc_stats_t *  stats 
)

Read rule stats (packets matched). Please note a rule is identified by <port, ruleNumber, type>. Please note rules with type EGRESS_TRAFFIC do not support match counters, a good practice is to use DENY rules on INGRESS_TRAFFIC rather then EGRESS_TRAFFIC.

Parameters
portThe port handler
ruleNumberThe rule number
typeThe rule type: INGRESS_TRAFFIC only (EGRESS_TRAFFIC does not support rule stats)
statsThe rule stats (out).
Returns
0 on success, -1 otherwise

◆ rrc_remove_all_rules()

int rrc_remove_all_rules ( rrc_port_t *  port,
rrc_filter_type_t  type 
)

Removes all rules for a <port, type>, including the default rule.

Parameters
portThe port handler
typeThe rule type: EGRESS_TRAFFIC or INGRESS_TRAFFIC
Returns
0 on success, -1 otherwise

◆ rrc_remove_mirror()

int rrc_remove_mirror ( rrc_port_t *  out_port)

Removes mirror specifying the out_port.

Returns
0 on success, -1 otherwise

◆ rrc_remove_rule()

int rrc_remove_rule ( rrc_port_t *  port,
int  ruleNumber,
rrc_filter_type_t  type 
)

Removes a rule. Please note a rule is identified by <port, ruleNumber, type>.

Parameters
portThe port handler
ruleNumberThe rule number
typeThe rule type: EGRESS_TRAFFIC or INGRESS_TRAFFIC
Returns
0 on success, -1 otherwise

◆ rrc_set_load_balancer()

int rrc_set_load_balancer ( rrc_port_t *  out_ports,
int  num_out_ports,
rrc_match_t *  r 
)

Sets a load balancer, for traffic matching the specified rule, with the specified destination ports.

Parameters
out_portsThe destination ports
num_out_portsThe number of destination ports
ruleThe RRC rule to match
Returns
0 on success, -1 otherwise

◆ rrc_set_log_file()

void rrc_set_log_file ( FILE *  f)

Sets the output file for logs (default is stdout)

◆ rrc_set_log_level()

void rrc_set_log_level ( u_int8_t  l)

Sets the verbosity level for logs