blob: f104691a614149de0a66a359a9b460e94012aca0 [file] [log] [blame]
Matus Fabianb4515b42018-11-19 04:25:32 -08001/*
2 * Copyright (c) 2018 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15/**
16 * @file RFC5424 syslog protocol implementation
17 */
18
19#include <unistd.h>
20#include <vnet/fib/fib_table.h>
21#include <vnet/ip/format.h>
22#include <vnet/syslog/syslog.h>
23#include <vnet/syslog/syslog_udp.h>
24
25#define SYSLOG_VERSION "1"
26#define NILVALUE "-"
27#define DEFAULT_UDP_PORT 514
28#define DEFAULT_MAX_MSG_SIZE 480
29
30#define encode_priority(f, p) ((f << 3) | p)
31
32syslog_main_t syslog_main;
33
34/* format timestamp RFC5424 6.2.3. */
35static u8 *
36format_syslog_timestamp (u8 * s, va_list * args)
37{
38 f64 timestamp = va_arg (*args, f64);
39 struct tm *tm;
40 word msec;
41
42 time_t t = timestamp;
43 tm = gmtime (&t);
44 msec = 1e6 * (timestamp - t);
45 return format (s, "%4d-%02d-%02dT%02d:%02d:%02d.%06dZ", 1900 + tm->tm_year,
46 1 + tm->tm_mon, tm->tm_mday, tm->tm_hour, tm->tm_min,
47 tm->tm_sec, msec);
48}
49
50/* format header RFC5424 6.2. */
51static u8 *
52format_syslog_header (u8 * s, va_list * args)
53{
54 syslog_main_t *sm = &syslog_main;
55 syslog_header_t *h = va_arg (*args, syslog_header_t *);
56 u32 pri = encode_priority (h->facility, h->severity);
57
58 return format (s, "<%d>%s %U %U %s %d %s", pri, SYSLOG_VERSION,
59 format_syslog_timestamp, h->timestamp + sm->time_offset,
60 format_ip4_address, &sm->src_address,
61 h->app_name ? h->app_name : NILVALUE, sm->procid,
62 h->msgid ? h->msgid : NILVALUE);
63}
64
65/* format strucured data elements RFC5424 6.3. */
66static u8 *
67format_syslog_structured_data (u8 * s, va_list * args)
68{
69 u8 **sds = va_arg (*args, u8 **);
70 int i;
71
72 if (vec_len (sds))
73 {
74 for (i = 0; i < vec_len (sds); i++)
BenoƮt Gannebbe6d112019-07-10 17:01:09 +020075 s = format (s, "[%v]", sds[i]);
Matus Fabianb4515b42018-11-19 04:25:32 -080076 }
77 /* if zero structured data elemts field must contain NILVALUE */
78 else
79 s = format (s, "%s", NILVALUE);
80
81 return s;
82}
83
84static u8 *
85format_syslog_msg (u8 * s, va_list * args)
86{
87 syslog_msg_t *m = va_arg (*args, syslog_msg_t *);
88
89 s =
90 format (s, "%U %U", format_syslog_header, &m->header,
91 format_syslog_structured_data, m->structured_data);
92 /* free-form message is optional */
93 if (m->msg)
94 s = format (s, " %s", m->msg);
95
96 return s;
97}
98
99void
100syslog_msg_sd_init (syslog_msg_t * syslog_msg, char *sd_id)
101{
102 u8 *sd;
103
104 sd = format (0, "%s", sd_id);
105 vec_add1 (syslog_msg->structured_data, sd);
106 syslog_msg->curr_sd_index++;
107}
108
109void
110syslog_msg_add_sd_param (syslog_msg_t * syslog_msg, char *name, char *fmt,
111 ...)
112{
113 va_list va;
114 u8 *value;
115
116 va_start (va, fmt);
117 value = va_format (0, fmt, &va);
118 va_end (va);
119 vec_terminate_c_string (value);
120
121 syslog_msg->structured_data[syslog_msg->curr_sd_index] =
122 format (syslog_msg->structured_data[syslog_msg->curr_sd_index],
123 " %s=\"%s\"", name, value);
124 vec_free (value);
125}
126
127void
128syslog_msg_add_msg (syslog_msg_t * syslog_msg, char *fmt, ...)
129{
130 va_list va;
131 u8 *msg;
132
133 va_start (va, fmt);
134 msg = va_format (0, fmt, &va);
135 va_end (va);
136 vec_terminate_c_string (msg);
137
138 syslog_msg->msg = msg;
139}
140
141void
142syslog_msg_init (syslog_msg_t * syslog_msg, syslog_facility_t facility,
143 syslog_severity_t severity, char *app_name, char *msgid)
144{
145 syslog_main_t *sm = &syslog_main;
146 vlib_main_t *vm = sm->vlib_main;
147
148 syslog_msg->header.facility = facility;
149 syslog_msg->header.severity = severity;
150 syslog_msg->header.timestamp = vlib_time_now (vm);
151 syslog_msg->header.app_name = app_name;
152 syslog_msg->header.msgid = msgid;
153 syslog_msg->structured_data = 0;
154 syslog_msg->curr_sd_index = ~0;
155 syslog_msg->msg = 0;
156}
157
158int
159syslog_msg_send (syslog_msg_t * syslog_msg)
160{
161 syslog_main_t *sm = &syslog_main;
162 vlib_main_t *vm = sm->vlib_main;
163 u32 bi, msg_len, *to_next;
164 u8 *tmp;
165 vlib_buffer_t *b;
Matus Fabianb4515b42018-11-19 04:25:32 -0800166 vlib_frame_t *f;
167 int i;
168
169 if (vlib_buffer_alloc (vm, &bi, 1) != 1)
170 return -1;
171
172 b = vlib_get_buffer (vm, bi);
Matus Fabianb4515b42018-11-19 04:25:32 -0800173 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b);
174
175 /* one message per UDP datagram RFC5426 3.1. */
176 tmp = format (0, "%U", format_syslog_msg, syslog_msg);
177 msg_len = vec_len (tmp) - (vec_c_string_is_terminated (tmp) ? 1 : 0);
178 msg_len = msg_len < sm->max_msg_size ? msg_len : sm->max_msg_size;
179 clib_memcpy_fast (b->data, tmp, msg_len);
180 b->current_length = msg_len;
181 vec_free (tmp);
182
183 vec_free (syslog_msg->msg);
184 for (i = 0; i < vec_len (syslog_msg->structured_data); i++)
185 vec_free (syslog_msg->structured_data[i]);
186 vec_free (syslog_msg->structured_data);
187
188 syslog_add_udp_transport (vm, bi);
189
190 f = vlib_get_frame_to_node (vm, sm->ip4_lookup_node_index);
191 to_next = vlib_frame_vector_args (f);
192 to_next[0] = bi;
193 f->n_vectors = 1;
194 vlib_put_frame_to_node (vm, sm->ip4_lookup_node_index, f);
195
196 return 0;
197}
198
199static uword
200unformat_syslog_facility (unformat_input_t * input, va_list * args)
201{
202 u32 *r = va_arg (*args, u32 *);
203
204 if (0);
205#define _(v,f,s) else if (unformat (input, s)) *r = SYSLOG_FACILITY_##f;
206 foreach_syslog_facility
207#undef _
208 else
209 return 0;
210
211 return 1;
212}
213
214static uword
215unformat_syslog_severity (unformat_input_t * input, va_list * args)
216{
217 u32 *r = va_arg (*args, u32 *);
218
219 if (0);
220#define _(v,f,s) else if (unformat (input, s)) *r = SYSLOG_SEVERITY_##f;
221 foreach_syslog_severity
222#undef _
223 else
224 return 0;
225
226 return 1;
227}
228
229static u8 *
230format_syslog_severity (u8 * s, va_list * args)
231{
232 u32 i = va_arg (*args, u32);
233 u8 *t = 0;
234
235 switch (i)
236 {
237#define _(v,f,str) case SYSLOG_SEVERITY_##f: t = (u8 *) str; break;
238 foreach_syslog_severity
239#undef _
240 default:
241 return format (s, "unknown");
242 }
243
244 return format (s, "%s", t);
245}
246
247vnet_api_error_t
248set_syslog_sender (ip4_address_t * collector, u16 collector_port,
249 ip4_address_t * src, u32 vrf_id, u32 max_msg_size)
250{
251 syslog_main_t *sm = &syslog_main;
252 u32 fib_index;
253
254 if (max_msg_size < DEFAULT_MAX_MSG_SIZE)
255 return VNET_API_ERROR_INVALID_VALUE;
256
257 if (collector->as_u32 == 0 || collector_port == 0 || src->as_u32 == 0)
258 return VNET_API_ERROR_INVALID_VALUE;
259
260 if (vrf_id == ~0)
261 {
262 fib_index = ~0;
263 }
264 else
265 {
266 fib_index = fib_table_find (FIB_PROTOCOL_IP4, vrf_id);
267 if (fib_index == ~0)
268 return VNET_API_ERROR_NO_SUCH_FIB;
269 }
270
271 sm->fib_index = fib_index;
272
273 sm->collector.as_u32 = collector->as_u32;
274 sm->collector_port = (u16) collector_port;
275 sm->src_address.as_u32 = src->as_u32;
276 sm->max_msg_size = max_msg_size;
277
278 return 0;
279}
280
281static clib_error_t *
282set_syslog_sender_command_fn (vlib_main_t * vm, unformat_input_t * input,
283 vlib_cli_command_t * cmd)
284{
285 unformat_input_t _line_input, *line_input = &_line_input;
286 ip4_address_t collector, src;
287 u32 collector_port = DEFAULT_UDP_PORT;
288 u32 vrf_id = ~0;
289 u32 max_msg_size = DEFAULT_MAX_MSG_SIZE;
290 clib_error_t *ret = 0;
291
292 collector.as_u32 = 0;
293 src.as_u32 = 0;
294
295 /* Get a line of input. */
296 if (!unformat_user (input, unformat_line_input, line_input))
297 return 0;
298
299 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
300 {
301 if (unformat
302 (line_input, "collector %U", unformat_ip4_address, &collector))
303 ;
304 else if (unformat (line_input, "port %u", &collector_port))
305 ;
306 else if (unformat (line_input, "src %U", unformat_ip4_address, &src))
307 ;
308 else if (unformat (line_input, "vrf-id %u", &vrf_id))
309 ;
310 else if (unformat (line_input, "max-msg-size %u", &max_msg_size))
311 ;
312 else
313 {
314 ret = clib_error_return (0, "Unknown input `%U'",
315 format_unformat_error, line_input);
316 goto done;
317 }
318 }
319
320 if (collector.as_u32 == 0)
321 {
322 ret = clib_error_return (0, "collector address required");
323 goto done;
324 }
325
326 if (src.as_u32 == 0)
327 {
328 ret = clib_error_return (0, "src address required");
329 goto done;
330 }
331
332 if (max_msg_size < DEFAULT_MAX_MSG_SIZE)
333 {
334 ret =
335 clib_error_return (0, "too small max-msg-size value, minimum is %u",
336 DEFAULT_MAX_MSG_SIZE);
337 goto done;
338 }
339
340 vnet_api_error_t rv =
341 set_syslog_sender (&collector, collector_port, &src, vrf_id,
342 max_msg_size);
343
344 if (rv)
345 ret =
346 clib_error_return (0, "set syslog sender failed rv=%d:%U", (int) rv,
347 format_vnet_api_errno, rv);
348
349done:
350 unformat_free (line_input);
351 return ret;
352}
353
354static clib_error_t *
355show_syslog_sender_command_fn (vlib_main_t * vm, unformat_input_t * input,
356 vlib_cli_command_t * cmd)
357{
358 syslog_main_t *sm = &syslog_main;
359 u32 vrf_id = ~0;
360
361 if (sm->fib_index != ~0)
362 vrf_id = fib_table_get_table_id (sm->fib_index, FIB_PROTOCOL_IP4);
363
364 if (syslog_is_enabled ())
365 vlib_cli_output (vm, "collector %U:%u, src address %U, VRF ID %d, "
366 "max-msg-size %u",
367 format_ip4_address, &sm->collector, sm->collector_port,
368 format_ip4_address, &sm->src_address,
369 vrf_id, sm->max_msg_size);
370 else
371 vlib_cli_output (vm, "syslog sender is disabled");
372
373 return 0;
374}
375
376static clib_error_t *
377test_syslog_command_fn (vlib_main_t * vm, unformat_input_t * input,
378 vlib_cli_command_t * cmd)
379{
380 unformat_input_t _line_input, *line_input = &_line_input;
381 syslog_msg_t syslog_msg;
382 syslog_facility_t facility;
383 syslog_severity_t severity;
384 clib_error_t *ret = 0;
385 u8 *app_name = 0, *msgid = 0, *sd_id = 0, *param_name = 0, *param_value = 0;
386
387 if (!syslog_is_enabled ())
388 return 0;
389
390 /* Get a line of input. */
391 if (!unformat_user (input, unformat_line_input, line_input))
392 return 0;
393
394 if (unformat (line_input, "%U", unformat_syslog_facility, &facility))
395 {
396 if (unformat (line_input, "%U", unformat_syslog_severity, &severity))
397 {
398 if (syslog_severity_filter_block (severity))
399 goto done;
400
401 if (unformat (line_input, "%s", &app_name))
402 {
403 if (unformat (line_input, "%s", &msgid))
404 {
405 syslog_msg_init (&syslog_msg, facility, severity,
406 (char *) app_name, (char *) msgid);
407 while (unformat (line_input, "sd-id %s", &sd_id))
408 {
409 syslog_msg_sd_init (&syslog_msg, (char *) sd_id);
410 while (unformat
411 (line_input, "sd-param %s %s", &param_name,
412 &param_value))
413 {
414 syslog_msg_add_sd_param (&syslog_msg,
415 (char *) param_name,
416 (char *) param_value);
417 vec_free (param_name);
418 vec_free (param_value);
419 }
420 vec_free (sd_id);
421 }
422 if (unformat_check_input (line_input) !=
423 UNFORMAT_END_OF_INPUT)
424 syslog_msg_add_msg (&syslog_msg, "%U",
425 format_unformat_input, line_input);
426 syslog_msg_send (&syslog_msg);
427 }
428 else
429 {
430 ret =
431 clib_error_return (0, "Unknown input `%U'",
432 format_unformat_error, line_input);
433 goto done;
434 }
435 }
436 else
437 {
438 ret =
439 clib_error_return (0, "Unknown input `%U'",
440 format_unformat_error, line_input);
441 goto done;
442 }
443 }
444 else
445 {
446 ret =
447 clib_error_return (0, "Unknown input `%U'", format_unformat_error,
448 line_input);
449 goto done;
450 }
451 }
452 else
453 {
454 ret =
455 clib_error_return (0, "Unknown input `%U'", format_unformat_error,
456 line_input);
457 goto done;
458 }
459
460done:
461 vec_free (app_name);
462 vec_free (msgid);
463 unformat_free (line_input);
464 return ret;
465}
466
467static clib_error_t *
468set_syslog_filter_command_fn (vlib_main_t * vm, unformat_input_t * input,
469 vlib_cli_command_t * cmd)
470{
471 unformat_input_t _line_input, *line_input = &_line_input;
472 syslog_main_t *sm = &syslog_main;
473 clib_error_t *ret = 0;
474
475 /* Get a line of input. */
476 if (!unformat_user (input, unformat_line_input, line_input))
477 return 0;
478
479 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
480 {
481 if (unformat
482 (line_input, "severity %U", unformat_syslog_severity,
483 &sm->severity_filter))
484 ;
485 else
486 {
487 ret = clib_error_return (0, "Unknown input `%U'",
488 format_unformat_error, line_input);
489 goto done;
490 }
491 }
492
493done:
494 unformat_free (line_input);
495 return ret;
496}
497
498static clib_error_t *
499show_syslog_filter_command_fn (vlib_main_t * vm, unformat_input_t * input,
500 vlib_cli_command_t * cmd)
501{
502 syslog_main_t *sm = &syslog_main;
503
504 vlib_cli_output (vm, "severity-filter: %U", format_syslog_severity,
505 sm->severity_filter);
506
507 return 0;
508}
509
510/* *INDENT-OFF* */
511/*?
512 * Set syslog sender configuration.
513 *
514 * @cliexpar
515 * @parblock
516 *
517 * Example of how to configure syslog sender:
518 * @cliexcmd{set syslog sender collector 10.10.10.10 port 514 src 172.16.2.2}
519 * @endparblock
520?*/
521VLIB_CLI_COMMAND (set_syslog_sender_command, static) = {
522 .path = "set syslog sender",
523 .short_help = "set syslog sender "
524 "collector <ip4-address> [port <port>] "
525 "src <ip4-address> [vrf-id <vrf-id>] "
526 "[max-msg-size <max-msg-size>]",
527 .function = set_syslog_sender_command_fn,
528};
529
530/*?
531 * Show syslog sender configuration.
532 *
533 * @cliexpar
534 * @parblock
535 *
536 * Example of how to display syslog sender configuration:
537 * @cliexstart{show syslog sender}
538 * collector 10.10.10.10:514, src address 172.16.2.2, VRF ID 0, max-msg-size 480
539 * @cliexend
540 * @endparblock
541?*/
542VLIB_CLI_COMMAND (show_syslog_sender_command, static) = {
543 .path = "show syslog sender",
544 .short_help = "show syslog sender",
545 .function = show_syslog_sender_command_fn,
546};
547
548/*?
549 * This command generate test syslog message.
550 *
551 * @cliexpar
552 * @parblock
553 *
554 * Example of how to generate following syslog message
555 * '<em><180>1 2018-11-07T11:36:41.231759Z 172.16.1.1 test 10484 testMsg
556 * [exampleSDID@32473 eventID="1011" eventSource="App" iut="3"]
557 * this is message</em>'
558 * @cliexcmd{test syslog local6 warning test testMsg sd-id <!--
559 * --> exampleSDID@32473 sd-param eventID 1011 sd-param eventSource App <!--
560 * --> sd-param iut 3 this is message}
561 * @endparblock
562?*/
563VLIB_CLI_COMMAND (test_syslog_command, static) = {
564 .path = "test syslog",
565 .short_help = "test syslog <facility> <severity> <app-name> <msgid> "
566 "[sd-id <sd-id> sd-param <name> <value>] [<message]",
567 .function = test_syslog_command_fn,
568};
569
570/*?
571 * Set syslog severity filter, specified severity and greater match.
572 *
573 * @cliexpar
574 * @parblock
575 *
576 * Example of how to configure syslog severity filter:
577 * @cliexcmd{set syslog filter severity warning}
578 * @endparblock
579?*/
580VLIB_CLI_COMMAND (set_syslog_filter_command, static) = {
581 .path = "set syslog filter",
582 .short_help = "set syslog filter severity <severity>",
583 .function = set_syslog_filter_command_fn,
584};
585
586/*?
587 * Show syslog severity filter.
588 *
589 * @cliexpar
590 * @parblock
591 *
592 * Example of how to display syslog severity filter:
593 * @cliexstart{show syslog filter}
594 * severity-filter: warning
595 * @cliexend
596 * @endparblock
597?*/
598VLIB_CLI_COMMAND (show_syslog_filter_command, static) = {
599 .path = "show syslog filter",
600 .short_help = "show syslog filter",
601 .function = show_syslog_filter_command_fn,
602};
603/* *INDENT-ON* */
604
605static clib_error_t *
606syslog_init (vlib_main_t * vm)
607{
608 syslog_main_t *sm = &syslog_main;
609 f64 vlib_time_0 = vlib_time_now (vm);
610 struct timeval timeval_0;
611 vlib_node_t *ip4_lookup_node;
612
613 sm->vlib_main = vm;
614 sm->vnet_main = vnet_get_main ();
615
616 sm->procid = getpid ();
617 gettimeofday (&timeval_0, 0);
618 sm->time_offset =
619 (f64) timeval_0.tv_sec + (((f64) timeval_0.tv_usec) * 1e-6) - vlib_time_0;
620
621 sm->collector.as_u32 = 0;
622 sm->src_address.as_u32 = 0;
623 sm->collector_port = DEFAULT_UDP_PORT;
624 sm->max_msg_size = DEFAULT_MAX_MSG_SIZE;
625 sm->fib_index = ~0;
626 sm->severity_filter = SYSLOG_SEVERITY_INFORMATIONAL;
627
628 ip4_lookup_node = vlib_get_node_by_name (vm, (u8 *) "ip4-lookup");
629 sm->ip4_lookup_node_index = ip4_lookup_node->index;
630
631 return 0;
632}
633
634VLIB_INIT_FUNCTION (syslog_init);
635
636/*
637 * fd.io coding-style-patch-verification: ON
638 *
639 * Local Variables:
640 * eval: (c-set-style "gnu")
641 * End:
642 */