The help/usage screen of ematch cmp and nbyte say recognised symbolic
values for "layer FOO" are link, header and next-header, but the code
does _not_ implement that: it will recognise "next-header" as what is
supposed to be "header" and will not recognise "header". The right
symbolic values seem to be link, network, transport. Here is a patch
that changes the help/usage screen to match the code.
(http://bugs.debian.org/438653)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Spotted by Aleš Kozumplík <al_es@seznam.cz>
(http://bugs.debian.org/289225)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
If a zero-length string is given, it is not rejected by
netlink in kernel so catch it at command line.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Based on patch from Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Enable users of ip to specify the times for rtt, rttvar and rto_min
in human-friendly terms a la "tc" while maintaining backwards
compatability with the previous "raw" mechanism. Builds upon
David Miller's uncommited patch to set rto_min.
Signed-off-by: Rick Jones <rick.jones2@hp.com>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Making veth a shared library for ip caused build problems (not PIC)
and is unneeded.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Hi Stephen
This small patch allows to use lnstat/rtstat with a pipe output, without a full bufferisation.
Thank you
Eric
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Fix xfrm state or policy flush message.
And minor updates are included:
o Use static buffer to show unknown value as string.
o Show policy type (ptype) only when kernel specified it.
o Clean-up xfrm_monitor.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
o Support policy flag with string format.
Note that kernel defines only one name "localok" for the flag
and it has not had any effect currently.
o Support state flag value XFRM_STATE_NOPMTUDISC.
o Fix to show detailed flags value when "-s" option is used.
o Fix minor typo.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Remove unused or redundant usage for xfrm_filter.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
The usage is
# ip link add [name] type veth [peer <name>] [mac <mac>] [peer_mac <mac>]
This version doesn't include the fix for ip/iplink.c as Patrick
said that he had included it into his patches already.
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This is a resend of the iproute VLAN patch with the if_link.h changes
edited out since the headers are already synced.
[IPROUTE]: VLAN support
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This patch fixes a bug in the 'ip' command to display
IPv6 cloned routes.
ip -6 route ls cache
returns empty even when there are cloned routes because of
of a missing else in print_route() routine.
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
em_meta doesn't send 0 values to the kernel. breaking matching on them and
resulting in "Missing value TLV" messages on dump.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Add support for using netlink for link configuration. Kernel-support is
probed, when not available it falls back to using ioctls.
Signed-off-by: Patrick McHardy <kaber@trash.net>
The new command is called "veth" with the following syntax:
* ip veth add <dev1> <dev2>
creates interconnected pair of veth devices.
* ip veth del <dev>
destroys the pair of veth devices, where <dev> is either
<dev1> or <dev2> used to create the pair.
One question that is to be solved is whether or not to create
a hard-coded netlink family for veth driver. Without it the
family resolution code has to be moved to general place in ip
utility (by now it is copy-paste-ed from one file to another
till final decision).
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Use the FRA attributes for routing rules, with exception of RTA_GATEWAY
(used for route-NAT) which isn't supported by current kernels anymore
and thus doesn't exist as FRA attribute.
Signed-off-by: Patrick McHardy <kaber@trash.net>
This patch applies on top of Patrick McHardy's RTNETLINK
patches to add nested compat attributes. This is needed to maintain
ABI for sch_{rr|prio} in the kernel with respect to tc. A new option,
namely multiqueue, was added to sch_prio and sch_rr. This will allow
a user to turn multiqueue support on for sch_prio or sch_rr at loadtime.
Also, tc qdisc ls will display whether or not multiqueue is enabled on
that qdisc. When in multiqueue mode, a user can specify a value of 0 for
bands, and the number of bands will be created to match the number of
queues on the device.
This patch is to support the new sch_rr (round-robin) qdisc being proposed
in NET for multiqueue network device support in the Linux network stack.
It uses q_prio.c as the template, since the qdiscs are nearly identical,
outside of the ->dequeue() routine.
Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
This adds capability for iproute2 to send nested attributes to the
kernel, while maintaining backwards compatibility.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Update the included version of the genetlink.h header to the multicast
group API and make the generic netlink controller part show multicast
groups where applicable. Also fix two typos.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
>>That command is from a script that used to work with iproute2-ss020116
>>(2002!), which had the following in tc/m_police.c:
>>
>>210 } else if (strcmp(*argv, "action") == 0) {
>>211 NEXT_ARG();
>>212 if (get_police_result(&p.action, &presult, *argv)) {
>>
>>I don't know when that bit was dropped, but it used to be there. :-)
>
>
>
> Indeed, I missed that. I'll fix up the patch ..
OK this patch fixes parsing of "action ...". I've removed
the erroring on unknown arguments again since in that case
the caller should continue parsing.
>
> Is it a bug that:
>
> # tc filter add dev eth0 parent 1: protocol ip prio 0 handle 0xfffffff
> fw police rate 1 burst 1 mpu 0 mtu 1 action drop
> ^^^^^^^^^^^
> creates a filter that looks like:
>
> # tc filter ls dev eth0
> filter parent 1: protocol ip pref 49152 fw
> filter parent 1: protocol ip pref 49152 fw handle 0xfffffff police 0x1
> rate 0bit burst 0b mtu 1b action reclassify
> ^^^^^^^^^^^^^^^^^
> ref -543190236 bind 4
>
> (which reclassifies and thus lets 0xfffffff-marked packets through).
>
> I'm pretty sure this used to work under 2.4.x (though I no longer have a
> 2.4 box to test with), but it hasn't worked on any of the 2.6.x kernels
> I've tried (with both iproute2-ss060323 and 070710).
Good catch. It seems this is merely a parsing error, iproute doesn't
have an "action" parameter and aborts parsing, so it uses the default
value of "RECLASSIFY". It never had this parameter, so this patch
removes it from the help text and makes it return an error.
Output from /proc may include partial records, so rather than
trying to be sexy and do own parsing, just use stdio.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
keep people from screwing their systems with routef
minor patch here ... if you run `routef --help`,
it'll turn around and flush your routing tables anyways :)
so patch will have routef output usage if any arguments are given,
otherwise it'll flush the tables ... idea is from Lars Strojny
Make netem static rather than shared library. It saves problems
on 64 bit platforms.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This one also makes sense for the release I guess.
-------- Original Message --------
Subject: Re: more iproute2 issues (not critical)
Date: Sat, 31 Mar 2007 16:16:56 +0200
From: Patrick McHardy <kaber@trash.net>
To: Denys <denys@visp.net.lb>
CC: Stephen Hemminger <shemminger@linux-foundation.org>,
netdev@vger.kernel.org
References: <20070321175951.M73913@visp.net.lb>
<46026717.9060909@trash.net> <20070322124533.M79867@visp.net.lb>
<46027FF2.6020001@trash.net> <20070322101224.3e6bb899@freekitty>
<20070331021401.M17326@visp.net.lb> <20070331023011.M8101@visp.net.lb>
Denys wrote:
> Ooops, sorry, it seems my fault, no library exist on this system.
> But i guess it must not coredump in this case? Is it possible to check if
> library not exist and just print some nice message?
> It is trivial i guess.
The problem is that lib_dir is NULL when calling get_target_names.
This patch fixes it.
[IPROUTE]: m_ipt: fix crash when dumping rules
lib_dir is NULL when calling get_target_name, causing a NULL pointer
dereference in the strlen call.
Signed-off-by: Patrick McHardy <kaber@trash.net>
In order to support these new flags add current
linux/if.h into the directory with the local copies.
This caused troubles with outdated redefinitions from net/if.h
so I've removed the dependency on it.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
tc-pbfifo.8 does not exist because it was moved to tc-bfifo.8.
Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Change formatting of IPv6 tunnel endpoints from hex chain to standard IPv6
representation.
Signed-off-by: David Lamparter <equinox@diac24.net>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Need to use correct XFRMA_ constants.
Get rid of bogus casts. Fix case where no attribute returned.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
and heres the SPD version ...
cheers,
jamal
[XFRM] see SPD info
i.e instead of something like ip xfrm policy ls | grep -i src | wc -l
do:
ip xfrm policy count
And you get the count; you can also pass -s or -s -s to see more
details
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Stephen,
Use this patch instead of the one i sent yesterday.
As before, you will need to pull include/linux/xfrm.h from
net-2.6 once Dave applies the kernel patch.
cheers,
jamal
[XFRM] see SAD info
i.e instead of something like ip xfrm state ls | grep -i src | wc -l
do:
ip xfrm state count
And you get the count; you can also pass -s to the command line and
get the hash info.
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
802 is 802.11 with prism headers. 803 is 802.11 with radiotap headers.
Signed-off-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
