David Miller wrote:
> From: Patrick McHardy <kaber@trash.net>
> Date: Mon, 30 Nov 2009 19:00:14 +0100
>
>> This patch contains iproute support for iprule oif classification
>> for the send-to-self RFC I just sent out.
>
> Patrick, you need to submit a new version of this patch with
> the FIB_RULE_* macro fixed, just like the kernel version got
> fixed.
Thanks for reminind me of this. New patch attached.
commit 0fe5164cbaa1d65dda341075710be71bf1f32d10
Author: Patrick McHardy <kaber@trash.net>
Date: Fri Dec 4 07:06:18 2009 +0100
iprule: add oif classification support
Signed-off-by: Patrick McHardy <kaber@trash.net>
This patch adds support for the VLAN loose binding flag that is
supported in net-next to iplink_vlan.
commit 870970deb6cbea7a5d4881bdd717304d5284d315
Author: Patrick McHardy <kaber@trash.net>
Date: Tue Dec 1 12:21:15 2009 +0100
iplink_vlan: add support for VLAN loose binding flag
Signed-off-by: Patrick McHardy <kaber@trash.net>
Unless promote_secondaries has been active deleting the primary address of
an interface will automatically delete all the secondary addresses.
In the case where ip flush requests the primary then secondary addresses to
be removed - which is the order the addresses are returned by the kernel -
this will cause an error as by the time the request to remove a secondary
address is made it will be missing as it will have been deleted in the
course of deleting the primary address.
This approach to solving this problem orders requests for the
deletion of secondary addresses before primary ones providing
rtnl_dump_filter_l(), a version of rtnl_dump_filter() that
iterates over a list of filters. And by providing two specialised
filters print_addrinfo_secondary() and print_addrinfo_primary().
rtnl_dump_filter_l() first iterates over all addresses using
print_addrinfo_secondary(), which appends secondary addresses to the
request buffer. Then again using print_addrinfo_primary() which appends
primary addresses.
This approach should work regardless of it promote_secondaries is
active or not. And regardless of if any primary of secondary addresses
are present or not.
Signed-off-by: Simon Horman <horms@verge.net.au>
The command "ip mroute show" will only show the first Oif.
mark@flappie:~$ ip mroute show
(192.168.1.1, 224.0.0.123) Iif: _rename Oifs: eth1
mark@flappie:~$ cat /proc/net/ip_mr_cache
Group Origin Iif Pkts Bytes Wrong Oifs
7B0000E0 0101A8C0 2 0 0 0 0:1 1:1
This shows 2 Oifs here. However, ipmroute.c, function read_mroute_list(), uses sscanf() with a %s mask for oiflist, which stops after the first whitespace (i.e. after Oif 0:1). The patch below fixes this to read until the newline (though I'm not sure whether this is the proper way to fix it).
After this patch:
mark@flappie:~/iproute-20090324/ip$ ./ip mroute show
(192.168.1.1, 224.0.0.123) Iif: _rename Oifs: eth1 eth0
This patch originally submitted as http://bugs.debian.org/550097
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Add IFA_F_DADFAILED flag to denote an IPv6 address that has
failed Duplicate Address Detection, that way tools like
/sbin/ip can be more informative.
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2001:db8::1/64 scope global tentative dadfailed
valid_lft forever preferred_lft forever
Signed-off-by: Brian Haley <brian.haley@hp.com>
- Parse and handle the hoplimit ip route option and add it to the usage
line and documentation.
- Add the missing reordering ip route option to the usage line.
- Add documentation for initcwnd ip route option.
Tested by setting hoplimit and retreiving it via "show".
Signed-off-by: Gilad Ben-Yossef <gilad@codefidence.com>
[ported to HEAD, fixed a bug with hoplimit lock handling, added documentation]
Signed-off-by: Ori Finkelman <ori@comsleep.com>
Signed-off-by: Yony Amit <yony@comsleep.com>
The iptables code supports a "no shared libs" mode where it can be used
without requiring dlfcn related functionality. This adds similar support
to iproute2 so that it can easily be used on systems like nommu Linux (but
obviously with a few limitations -- no dynamic plugins).
Rather than modify every location that uses dlfcn.h, I hooked the dlfcn.h
header with stub functions when shared library support is disabled. Then
symbol lookup is done via a local static lookup table (which is generated
automatically at build time) so that internal symbols can be found.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
It uses 1MB as receive buf limit by default (without
increasing /proc/sys/net/core/rmem_max it will be limited by less
however) and allows to specify the size manually using "-rcvbuf X"
(-r is already used, so you need to specify at least -rc).
Additionally rtnl_listen() continues on ENOBUFS after printing the
error message.
--Boundary-01=_wxi/JRaNdLkbr7g
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hi Stephen,
please review attached patch to add support for in-kernel potential router=
=20
lists for ISATAP tunnels.
Usage:
ip tunnel add name isatap0 mode isatap local 192.168.1.100
ip tunnel prl dev isatap0 prl-default 192.168.1.1
ip tunnel prl dev isatap0 prl-nodefault 192.168.1.2
ip tunnel prl dev isatap0 prl-delete 192.168.1.1
ip tunnel show # pr and pdr will be listed as well
Patch based on http://osprey67.com/seal/iproute2_diff.v0_3.txt by Fred L.=20
Templin.
Thanks,
Sascha
On tor, 2009-04-30 at 14:32 +0100, Timothy Baldwin wrote:
> Package: iproute
> Version: 20090324-1
> Severity: minor
>
>
> $ ip link set eth0 address help
> "help" is invalid lladdr.
> Segmentation fault
>
> Desipte the invalid command line arguments it shouldn't crash.
>
Callers need to check return value from ll_addr_a2n(). Patch below.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
When using iproute2 to display information on policies installed in kernel
(ip x p s) output is incorrect: IPv6 addresses printed as IPv4 addresses.
In case I am dealing with inter protocol policies where the template's address
family differs from those of the policy itself.
The patch attached solves this problem.
Hello Stephen,
thanks für the commit of my last CAN patch.
Today i got a hint, that the help text of 'ip link' can be improved also.
Many thanks!
Oliver
Signed-Off-By: Oliver Hartkopp <oliver@hartkopp.net>
t's not a big problem, but it makes a better show in 'ip link show' on
CAN interfaces :-)
I also moved __PF(CAN,can) in ll_proto.c to the same position where it
can be found in if_ether.h .
The only thing i did not know if the __PF(CAN,can) in ll_types.c needs
to be put in #ifdef ARPHDR_CAN like __PF(HWX25,hwx25) is or not. You
definitely know that better than me.
"ip -6 tunnel show" displays only ip6ip6 tunnels not ip4ip6 tunnels
- it should display all irrespective of proto.
This is because the default tunnel proto is initialized to IPPROTO_IPV6 in ip6_tnl_parm_init() which is fine for a 'add' command but not for 'show'. This patch overrides proto with 0 signifying 'mode any' as the default in case of a 'show'.
please commit my patch below to the iproutes package. It just an incorrect
check so that adding an isatap tunnel with remote works, since it's needed if
one wants to use stateless autoconf. The current check makes tunnel mode
isatap unusable for all client users.
Hello Stephen and netdev people!
Currently you can configure "equalize" and it looks all fine and dandy.
The kernel has the interface defined, but apparently there's never actually
been any implementation for it (only a never merged patch in the 2.4 era).
I'm suggesting to drop the code to give any potential users of this feature
the benefit of receiving a proper error message. I see it unlikely that
this will be implemented in the near future, but if it ever happens
reviving the iproute2 side should be as easy as git revert this patch.
For more details see http://bugs.debian.org/149897
Regards,
Andreas Henriksson
This patch adds prefix lables for "ip monitor all" command to simplfy
understanding of the output.
Signed-off-by: Varun Chandramohan <varunc@linux.vnet.ibm.com>
This patch adds exclusive support to enable monitoring
neighbour table entries in ip command.
Signed-off-by: Varun Chandramohan <varunc@linux.vnet.ibm.com>
patch attached this time..
On Fri, 2008-08-08 at 10:01 -0400, jamal wrote:
> wireless drivers using wext is a prime example if you need a test case.
>
> cheers,
> jamal
ip: Allow for easier debug of buggy devices that dont send their names
With the old message couldnt tell which device had the bug.
This patch provides at least an ifindex to narrow it down.
Theres also no point in bailing out because of one bug; we
allow it to go on so we could dump as much info as we can
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
(router solicitation) becomes negative
How reproducible:
Always.
Steps to Reproduce:
1. Configure an IPv6 router to advertise a prefix with a short preferred
lifetime, e.g. 0.
2. Wait for the IPv6 autoconfiguration process to complete for an interface
<if> connected to a link where that router advertises.
3. Run ip -6 show dev <if>.
Actual results:
The preferred lifetime will have become negative, but it is printed as an
unsigned integer. The preferred lifetime to be displayed will therefore be
close to UINT_MAX.
“ip maddr show” on an infiniband address causes a stack corruption
because the length of the address for Infiniband (20 bytes, as
described in kernel doc Documentation/infiniband/ipoib.txt) does not
fit on the 16 bytes of the field in which it gets stored.
The proposed patch increases the size of the hardware address from 4
__u32 to 8 and also adds a check to avoid overriding the available
size while parsing the hardware address.
This bug affects current upstream code AFAICT.
Hope this helps,
Cheers,
Olivier.
“ip maddr show ib0” causes a stack corruption because the length of the address
for Infiniband (20 see kernel doc Documentation/infiniband/ipoib.txt) does not
fit on the 16 bytes of the field in which it gets stored.
The proposed patch increases the size of the hardware address from 4 u32 to 8
and adds a check to avoid overriding the available size while parsing the
hardware address.
This patch adds support for configuring GRE tunnels using the
new rtnl_link interface. This only works on kernels that have
the new GRE configuration interface.
This is accessed through the "ip link" command. The previous
tunnel configuration interface "ip tunnel" remains as it is
and should be retained for compatibility with old kernels.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch adds support for configuring GRE tunnels using the
new rtnl_link interface. This only works on kernels that have
the new GRE configuration interface.
This is accessed through the "ip link" command. The previous
tunnel configuration interface "ip tunnel" remains as it is
and should be retained for compatibility with old kernels.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This is a variant of Patrick McHardy patch for help text.
Add help for ip link add and ip link delete.
The help conditional on what the kernel supports.
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Fix confusing error message noticed by Martin Josefsson:
Fix typo noticed by Phil Oester: information vs. informatin
# ip link add
RTNETLINK answers: Operation not supported
The reason is missing device type information, refuse this and print a message.
Signed-off-by: Patrick McHardy <kaber@trash.net>
For some reason "ip link add help" is currently not supported when using
the new rtnl_link API. Fix that.
Signed-off-by: Patrick McHardy <kaber@trash.net>
This patch allows the user to create/manage AEAD algorithms with
the ip xfrm command. AEAD algorithms are also known as combined-
mode algorithms. They provide the functionality of encryption
algorithms as well as authentication algorithms.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Hello Rafael Almeida.
I noticed your patch adding DESTDIR support in the latest iproute2 release.
Much appreciated! Soon the debian packages might be able to move to actually
using "make install" rather then it's own installation procedure when
building packages. I've noticed something that will break though....
Debian packages usually sets DESTDIR=debian/tmp/ and packages the contents
of that directory as if it where the root file system. This will break
the /usr/lib/{tc,ip}/ module loading, because they DESTDIR (/usr) will be
/whatever-the-build-path-was/debian/tmp/lib/{tc,ip}/.
I beleive others usually call this the LIBDIR to make the separation between
DISTDIR being the (possibly temporary) place things are put when build is
done, and LIBDIR (and others) are used for actual runtime paths.
I'm attaching a patch that I think fixes this, but would be really happy if
you could have a look at to verify I'm not screwing something up.
--
Regards,
Andreas Henriksson
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
This is the patch for iproute for configuring GVRP.
commit 32143eed8b706e5c6554ab42903533b3bccdc060
Author: Patrick McHardy <kaber@trash.net>
Date: Thu Jul 3 19:05:09 2008 +0200
[IPROUTE]: iflink_vlan: support GVRP flag
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
On tis, 2008-07-22 at 20:21 +0200, martin f krafft wrote:
> piper:~|master|% sudo ip a flush dev eth0 >/dev/null
> Nothing to flush.
>
> It should just shut up, shouldn't it? :)
The patch below makes the "Nothing to flush" only visible when show
statistics flag is given, and then only to stdout rather then stderr.
$ sudo ./ip/ip -s addr flush dev skif
Nothing to flush.
$ sudo ./ip/ip addr flush dev skif
$
(See http://bugs.debian.org/492196 )
After changing the DESTDIR the installated binaries have some issues
due to hard coded paths. For example, using distributions on NetEm
would segfault.
I've changed iplink.c and tc_util.c so they are now aware of DESTDIR.
Along with that change I needed to change the main Makefile so it
defines the DESTDIR macro when calling gcc.
I also changed the paths so that during the installation sbin, etc,
share and lib directories are created directly inside of the DESTDIR,
instead of creating a usr directory inside that. That's the behaviour
of most packages out there, so I think most users will be expecting
that to happen.
The command "ip addrlabel add/del" displays incorrect error message when provided with insufficient inputs. This patch fixes it in par with "ip addr add/del".
Currently:
# ./ip addrlabel add
RTNETLINK answers: Numerical result out of range
# ./ip addr add
Not enough information: "dev" argument is required.
After patch:
# ./ip addrlabel add
Not enough information: "prefix" argument is required.
Signed-off-by: Varun Chandramohan <varunc@linux.vnet.ibm.com>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Hi Stephen,
I resend you this patch once more. This time I updated the documentation
too (may be that was the reason why you didn't take it before?).
Please tell me if there are other things missing in this patch
It applies on iproute2 git tree.
Regards,
Benjamin
Description:
------------
This patch adds support for the IFLA_NET_NS_PID type. It is used to
move network devices between network namespaces.
The syntax is:
ip link set DEVICE netns PID
PID is the pid of a process in the target network namespace.
(Daniel Lezcano is the original author).
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: Benjamin Thery <benjamin.thery@bull.net>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Hi Stephen:
[IP] xfrm: Allow replay setting
For certain applications there is a requirement to start the
sequence number from a point other than the default. As it
is the kernel provides an interface to do that but it isn't
available through the ip(8) command. Since we're encouraging
people to migrate over to ip(8) for manual keying, it is useful
to have this ability there.
This patch adds support for setting replay sequence numbers
through ip(8).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
Add more aliases to synchronize IPv4 and IPv6 tunnel command, e.g.,
IPv4: hoplimit (alias to ttl), tclass (alias to tos)
IPv6: dsfield, tos (alias to tc, or tclass), ttl (alias to hoplimit)
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
The prefix bit lenght value was not updated, resulting in incorrect addrlabel
entry. This patch fixes that issue.
Signed-off-by: Varun Chandramohan <varunc@linux.vnet.ibm.com>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Some usages of rtnl_send could cause errors (ie flush requests)
others do a listen afterwards.
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Sorry. The pref and prio options are actually synonyms.
This reverts part of commit 576c63ee59.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Sorry. The pref and prio options are actually synonyms.
This reverts part of commit 576c63ee59.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Use santized kernel header for veth.h and put in correct place
to prevent possible future problems with API.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This routine parses CLI attributes, describing generic link
parameters such as name, address, etc.
This is mostly copy-pasted from iplink_modify().
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Reported by: Satoru SATOH <satoru.satoh@gmail.com>
"ip route show" does not print correct value when larger rto_min is
set (e.g. 3sec).
This problem is because of overflow in print_route() and
the patch below is a workaround fix for that.
[root test]# ./iproute2.git.org/ip/ip route show dev eth1
192.168.140.0/24 proto kernel scope link src 192.168.140.130
169.254.0.0/16 scope link
[root test]# ./iproute2.git.org/ip/ip route change 192.168.140.0/24
dev eth1 rto_min 3s
[root test]# ./iproute2.git.org/ip/ip route show dev eth1
192.168.140.0/24 scope link rto_min lock 2ms <-- wrong
169.254.0.0/16 scope link
[root test]# ./iproute2.git/ip/ip route show dev eth1 # patched version
192.168.140.0/24 scope link rto_min lock 3000ms <-- correct
169.254.0.0/16 scope link
This is a simpler fix.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This patch includes support for the Intra-Site Automatic Tunnel
Addressing Protocol (ISATAP) per RFC4214.
The following diffs are specific to the iproute2-2.6.23
software distribution. This message includes the full and
patchable diff text; please use this version to apply patches.
Signed-off-by: Fred L. Templin <fred.l.templin@boeing.com>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Arkadiusz Miskiewicz wrote:
> People are reporting that
>> ip link set multicast on dev eth0 (Invalid argument)
>> no longer works when using iproute 2.6.23 on kernel 2.6.21.
>>
>> On my testing machine it also fails:
>> # ./ip link set eth0 multicast on
>> RTNETLINK answers: Invalid argument
It seems it fails to properly detect that your kernel is missing
RTM_NEWLINK support. Apparently the reason is that the kernels
I tested with return a different error in this situation.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
If a dotted quad ikey is specified for GRE tunnels, it gets set as the
okey instead. This patch fixes it. (http://bugs.debian.org/200714)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Add src option to route help text (http://bugs.debian.org/226142).
Add prio option to rule prio help text (http://bugs.debian.org/213673).
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Fix typo in ss manpage.
Make the backslash visible in ip manpage (http://bugs.debian.org/285507).
Strict syntax for ip addr advice in error message.
Fix typo in libnetlink(3) manpage (writen -> written).
Fix typos in tc-prio(8) manpage.
Fix typo in tc-htb(8) manpage (mininum -> minimum).
Fix typo in tc-cbq-details(8) manpage (occured -> occurred).
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Andreas Henriksson wrote:
> From: Alexander Wirt <formorer@debian.org>
>
>
> Signed-off-by: Andreas Henriksson <andreas@fatal.se>
> ---
> ip/iplink.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/ip/iplink.c b/ip/iplink.c
> index 4060845..da1f64e 100644
> --- a/ip/iplink.c
> +++ b/ip/iplink.c
> @@ -670,6 +670,10 @@ static int do_set(int argc, char **argv)
> }
>
> if (newname && strcmp(dev, newname)) {
> + if (strlen(newname) == 0) {
> + printf("\"\" is not valid device identifier\n");
> + return -1;
> + }
Indentation fixed, same change for the non-ioctl case, use invarg.
While I'm at it I also fixed the error message for "name too long",
*argv is NULL at this point.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Spotted by Aleš Kozumplík <al_es@seznam.cz>
(http://bugs.debian.org/289225)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
If a zero-length string is given, it is not rejected by
netlink in kernel so catch it at command line.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Based on patch from Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Enable users of ip to specify the times for rtt, rttvar and rto_min
in human-friendly terms a la "tc" while maintaining backwards
compatability with the previous "raw" mechanism. Builds upon
David Miller's uncommited patch to set rto_min.
Signed-off-by: Rick Jones <rick.jones2@hp.com>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Making veth a shared library for ip caused build problems (not PIC)
and is unneeded.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Fix xfrm state or policy flush message.
And minor updates are included:
o Use static buffer to show unknown value as string.
o Show policy type (ptype) only when kernel specified it.
o Clean-up xfrm_monitor.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
o Support policy flag with string format.
Note that kernel defines only one name "localok" for the flag
and it has not had any effect currently.
o Support state flag value XFRM_STATE_NOPMTUDISC.
o Fix to show detailed flags value when "-s" option is used.
o Fix minor typo.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Remove unused or redundant usage for xfrm_filter.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
The usage is
# ip link add [name] type veth [peer <name>] [mac <mac>] [peer_mac <mac>]
This version doesn't include the fix for ip/iplink.c as Patrick
said that he had included it into his patches already.
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This is a resend of the iproute VLAN patch with the if_link.h changes
edited out since the headers are already synced.
[IPROUTE]: VLAN support
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This patch fixes a bug in the 'ip' command to display
IPv6 cloned routes.
ip -6 route ls cache
returns empty even when there are cloned routes because of
of a missing else in print_route() routine.
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Add support for using netlink for link configuration. Kernel-support is
probed, when not available it falls back to using ioctls.
Signed-off-by: Patrick McHardy <kaber@trash.net>
The new command is called "veth" with the following syntax:
* ip veth add <dev1> <dev2>
creates interconnected pair of veth devices.
* ip veth del <dev>
destroys the pair of veth devices, where <dev> is either
<dev1> or <dev2> used to create the pair.
One question that is to be solved is whether or not to create
a hard-coded netlink family for veth driver. Without it the
family resolution code has to be moved to general place in ip
utility (by now it is copy-paste-ed from one file to another
till final decision).
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Use the FRA attributes for routing rules, with exception of RTA_GATEWAY
(used for route-NAT) which isn't supported by current kernels anymore
and thus doesn't exist as FRA attribute.
Signed-off-by: Patrick McHardy <kaber@trash.net>
keep people from screwing their systems with routef
minor patch here ... if you run `routef --help`,
it'll turn around and flush your routing tables anyways :)
so patch will have routef output usage if any arguments are given,
otherwise it'll flush the tables ... idea is from Lars Strojny
In order to support these new flags add current
linux/if.h into the directory with the local copies.
This caused troubles with outdated redefinitions from net/if.h
so I've removed the dependency on it.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Need to use correct XFRMA_ constants.
Get rid of bogus casts. Fix case where no attribute returned.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
and heres the SPD version ...
cheers,
jamal
[XFRM] see SPD info
i.e instead of something like ip xfrm policy ls | grep -i src | wc -l
do:
ip xfrm policy count
And you get the count; you can also pass -s or -s -s to see more
details
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Stephen,
Use this patch instead of the one i sent yesterday.
As before, you will need to pull include/linux/xfrm.h from
net-2.6 once Dave applies the kernel patch.
cheers,
jamal
[XFRM] see SAD info
i.e instead of something like ip xfrm state ls | grep -i src | wc -l
do:
ip xfrm state count
And you get the count; you can also pass -s to the command line and
get the hash info.
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
cheers,
jamal
[ALL] update rest to use nl_mgrp
Signed-off-by: J Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Hi,
This patch enables ip command to add IFA_F_HOMEADDRESS and
IFA_F_NODAD flags while adding the IPv6 address.
Signed-off-by: Noriaki TAKAMIYA<takamiya@po.ntts.co.jp>
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Stephen,
I will wait until you sync all these patches ive sent; then send a
couple more then i will be done.
cheers,
jamal
[XFRM] update xfrm monitoring to use nl_mgrp
Signed-off-by: J Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
To support Mobile IPv6 RO, the following extension is included:
o Use XFRM_MODE_XXX macro instead of magic number
o New attribute option for all state: source address for
deleting or getting message
o New attribute options for RO: care-of address, last-used timestamp
and wild-receive flag
Note:
Flush command like `ip xfrm state flush` is to remove all XFRM state.
It has been effected for IPsec SAD but with this patch it flushes both
IPsec SAD and Mobile IPv6 RO states.
To make only IPsec SA flush, it is recommanded to specify each XFRM
protocol like below:
`ip x s f proto esp ; ip x s f proto ah ; ip x s f proto comp`
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Fix ip6tunnel.c to be fit with current ip command style.
Unlike other modules currently iptunnel (and ip6tunnel) is not
designed as protocol-independent because of unarranged structure
between IPv4 and IPv6.
Usage: ip -f inet6 tunnel { add | change | del | show } [ NAME ]
[ remote ADDR local ADDR ] [ dev PHYS_DEV ]
[ encaplimit ELIM ]
[ hoplimit HLIM ] [ tc TC ] [ fl FL ]
[ dscp inherit ]
Where: NAME := STRING
ADDR := IPV6_ADDRESS
ELIM := { none | 0..255 }(default=4)
HLIM := 0..255 (default=64)
TC := { 0x0..0xff | inherit }
FL := { 0x0..0xfffff | inherit }
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
This file (ip6tunnel.c) is renamed from ipv6tunnel.c which is imported
from usagi cvs tree. It is originally ported by MIPL to work on their
2.4 kernel patch (MIPL1).
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Split common functions like ioctl to export them.
This is a preparation to support to configure IPv6-over-IPv6 tunnel.
This patch also includes minor improvemen:
o to stop to include unused headers
o to change function static if it is not needed to be exported
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Patch which allows for setting SA and SP also for
new IPSec mode BEET, beside tunnel and transport, according to the latest
changes in the kernel you can find at the following link:
Signed-off-by: Diego Beltrami <diego.beltrami@gmail.com>
Signed-off-by: Miika Komu <miika@iki.fi>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
[IPROUTE]: Fix struct alignment with cris architecture
gcc for the cris arch does not pad structures to the next multiple of 4
bytes, as the i386 gcc does.
This causes errors like this when displaying xfrm policies:
# ip x p
!!!Deficit 3, rta_len=300
src 192.168.251.32/29 dst 192.168.251.32/29
dir in priority 0
!!!Deficit 3, rta_len=180
src 0.0.0.0/0 dst 192.168.251.32/29
dir in priority 2208
....
Similar errors are seen from ip x s.
This patch fixes the errors when printing. I'm not sure whether we
should worry about other uses of the affected structs, I've not seen any
other bad effects from this though, so hopefully this is enough.
(Thanks to Herbert Xu for pointing out that NLMSG_SPACE is the correct
macro to use here.)
Tested against 2.6.17.6 kernel on i386, and 2.6.16.1 kernel on cris.
Signed-off-by: Andy Gay <andy@andynet.net>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
[IPROUTE]: Add support for larger number of routing tables
Support support for 2^32 routing tables by using the new RTA_TABLE
attribute for specifying tables > 255 and intepreting it if it is
sent by the kernel.
When tables > 255 are used on a kernel not supporting it an error will
occur because of the unknown netlink attribute.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
[IPROUTE]: Preparation for 32 bit table IDs
The route table filter uses an integer for the table number and the value
-1 to represent cloned routes. For 32 bit table IDs it needs to become an
unsigned, so this won't work anymore. Introduce a new filter flag "cloned"
and use instead of filter.tb = -1.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
table from the route type. This doesn't really work anymore now that IPv6
supports multiple tables. Add detection for IPv6 multiple table support
(relying on the fact that the first routes dumped belong to the local table
and have rtm_table == RT_TABLE_LOCAL with multiple tables) and handle it
like other protocols.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Vince Worthington wrote:
> Hello,
>
> We've been working with a customer of ours who was experiencing some
> latency issues, and in the process of helping them solve their problem
> we found that adding the ability to adjust the Initial Max Congestion
> Window size on a route, they were able to tune their routes to perform
> more favorably in their mixed Linux and Solaris environment. There
> were a couple of other tuning steps necessary as well but we did find
> that the ability to set a larger initial max congestion window size
> was helpful in making Linux behave more like Solaris in low-latency
> situations.
>
> The kernel already supports this route attribute, this patch simply
> adds the option to iproute.c to provide a means to set it from userspace.
>
> I've attached the patch we used in test builds of the iproute packages
> we distribute in RHEL3 and RHEL4 for your consideration for possible
> acceptance and inclusion in iproute. Please let us know if there is
> any further information you would need or if there is a more
> appropriate venue to submit this patch.
>
> Thanks,
> Vince Worthington
> Red Hat, Inc.
Stephen,
I apologize for the last patch I sent not applying cleanly to the latest
iproute2 sources. I realized that this might impede any
review/acceptance of the patch and created a separate patch against the
20060323 build of iproute2, which seems to be the latest (by looking at
the website).
The previous patch wouldn't apply cleanly due to the label of the
ssthresh argument being corrected from REALMS to NUMBER.
Please let us know if there is any other information or assistance we
can be with this patch submission.
Thanks
Vince
/sbin/ifcfg: line 25: [: too many arguments
/sbin/ifcfg: line 26: [: -ge: unary operator expected
/sbin/ifcfg: line 27: [: -ge: unary operator expected
/sbin/ifcfg: line 28: [: -ge: unary operator expected
might i suggest the attached patch
-mike
addresses. Specifically it does not correctly handle the addition of
new entries in the neighbor/arp table. For example, this command will
fail:
ip neigh add 192.168.0.138 lladdr
00:00:04:04:fe:80:00:00:00:00:00:00:00:01:73:00:00:00:8a:91 nud
permanent dev ib0
An IPoIB link layer address is 20-bytes (see
http://www.ietf.org/internet-drafts/draft-ietf-ipoib-ip-over-infiniband-09.txt,
section 9.1.1).
The command line parsing code expects link layer addresses to be a
maximum of 16-bytes. Addresses over 16-bytes are truncated.
It fixes flush feature for IPsec(ip xfrm).
Jamal gave me comment about it. I've tested it on 2.6.11.7.
Please find the log below, check code and pull it:
bk://bk.skbuff.net:38000/iproute2-xfrm-flush
ChangeSet@1.182, 2005-04-13 21:19:44+09:00, nakam@linux-ipv6.org
[ip] add "deleteall" command for xfrm;
"flush" uses kernel's flush interface and
"deleteall" uses legacy iproute2's flush feature like
getting-and-deleting-for-each.
