David Miller wrote:
> From: Patrick McHardy <kaber@trash.net>
> Date: Mon, 30 Nov 2009 19:00:14 +0100
>
>> This patch contains iproute support for iprule oif classification
>> for the send-to-self RFC I just sent out.
>
> Patrick, you need to submit a new version of this patch with
> the FIB_RULE_* macro fixed, just like the kernel version got
> fixed.
Thanks for reminind me of this. New patch attached.
commit 0fe5164cbaa1d65dda341075710be71bf1f32d10
Author: Patrick McHardy <kaber@trash.net>
Date: Fri Dec 4 07:06:18 2009 +0100
iprule: add oif classification support
Signed-off-by: Patrick McHardy <kaber@trash.net>
This adds support for setting the skb mark.
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
This patch adds support for the VLAN loose binding flag that is
supported in net-next to iplink_vlan.
commit 870970deb6cbea7a5d4881bdd717304d5284d315
Author: Patrick McHardy <kaber@trash.net>
Date: Tue Dec 1 12:21:15 2009 +0100
iplink_vlan: add support for VLAN loose binding flag
Signed-off-by: Patrick McHardy <kaber@trash.net>
Split up in functions. Make XT checks bail if previous XT check
was successful.
This result improves the output of the configure script to not indicate
using iptables only because the last test failed (when previous ones could
have already succeded).
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Unless promote_secondaries has been active deleting the primary address of
an interface will automatically delete all the secondary addresses.
In the case where ip flush requests the primary then secondary addresses to
be removed - which is the order the addresses are returned by the kernel -
this will cause an error as by the time the request to remove a secondary
address is made it will be missing as it will have been deleted in the
course of deleting the primary address.
This approach to solving this problem orders requests for the
deletion of secondary addresses before primary ones providing
rtnl_dump_filter_l(), a version of rtnl_dump_filter() that
iterates over a list of filters. And by providing two specialised
filters print_addrinfo_secondary() and print_addrinfo_primary().
rtnl_dump_filter_l() first iterates over all addresses using
print_addrinfo_secondary(), which appends secondary addresses to the
request buffer. Then again using print_addrinfo_primary() which appends
primary addresses.
This approach should work regardless of it promote_secondaries is
active or not. And regardless of if any primary of secondary addresses
are present or not.
Signed-off-by: Simon Horman <horms@verge.net.au>
Add a new cleaned up m_xt.c based on m_xt_old.c
The new m_xt.c has been updated to use the new names and new api
that xtables exposes in iptables 1.4.5.
All the old internal api cruft has also been dropped.
Additionally, a configure script test is added to check for
the new xtables api and set the TC_CONFIG_XT flag in Config.
(tc/Makefile already handles this flag in previous commit.)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Move the file and rename the configure flags.
The file is being kept around for iptables < 1.4.5 compatibility.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Peter Palfrader said in http://bugs.debian.org/545008 that
"--help output, if explicitly requested, should go to stdout, not stderr."
which this patch fixes.
Additionally, the exit code was adjusted to success if help was
explicitly requested.
(Syntax error still outputs to stderr and has the same exit code.)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
The kernel takes a lack of options as indication that the fw classifier
should operate in compatibility mode, where marks are mapped directly to
classids.
Commit e22b42a (tc mask patch) broke this by adding an empty TCA_OPTIONS
attribute even if no handle is specified. Restore the old behaviour.
Signed-off-by: Patrick McHardy <kaber@trash.net>
The static libnetlink.a library is exposed to other users in Debian via the
"iproute-dev" package. Apparently people are interested in using it in their
shared libraries and would like to see the code be position independent.
Patch below makes the code under lib/ build with -fPIC.
See http://bugs.debian.org/547602
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
The command "ip mroute show" will only show the first Oif.
mark@flappie:~$ ip mroute show
(192.168.1.1, 224.0.0.123) Iif: _rename Oifs: eth1
mark@flappie:~$ cat /proc/net/ip_mr_cache
Group Origin Iif Pkts Bytes Wrong Oifs
7B0000E0 0101A8C0 2 0 0 0 0:1 1:1
This shows 2 Oifs here. However, ipmroute.c, function read_mroute_list(), uses sscanf() with a %s mask for oiflist, which stops after the first whitespace (i.e. after Oif 0:1). The patch below fixes this to read until the newline (though I'm not sure whether this is the proper way to fix it).
After this patch:
mark@flappie:~/iproute-20090324/ip$ ./ip mroute show
(192.168.1.1, 224.0.0.123) Iif: _rename Oifs: eth1 eth0
This patch originally submitted as http://bugs.debian.org/550097
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Add IFA_F_DADFAILED flag to denote an IPv6 address that has
failed Duplicate Address Detection, that way tools like
/sbin/ip can be more informative.
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2001:db8::1/64 scope global tentative dadfailed
valid_lft forever preferred_lft forever
Signed-off-by: Brian Haley <brian.haley@hp.com>
After calling ll_init_map, all of the information stored in the link-layer map
can be retrieved by function calls (ll_index_to_*), except for the link-layer
address. This patch fills the gap by adding a ll_index_to_addr function.
Changes welcome.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
- Parse and handle the hoplimit ip route option and add it to the usage
line and documentation.
- Add the missing reordering ip route option to the usage line.
- Add documentation for initcwnd ip route option.
Tested by setting hoplimit and retreiving it via "show".
Signed-off-by: Gilad Ben-Yossef <gilad@codefidence.com>
[ported to HEAD, fixed a bug with hoplimit lock handling, added documentation]
Signed-off-by: Ori Finkelman <ori@comsleep.com>
Signed-off-by: Yony Amit <yony@comsleep.com>
A bunch of source files look like they're copy & pasted from other files,
and some include header files that they don't actually need. Since dlfcn
has very specific usage (and is a pain on a static-only system), drop it
where it isn't really needed.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
The iptables code supports a "no shared libs" mode where it can be used
without requiring dlfcn related functionality. This adds similar support
to iproute2 so that it can easily be used on systems like nommu Linux (but
obviously with a few limitations -- no dynamic plugins).
Rather than modify every location that uses dlfcn.h, I hooked the dlfcn.h
header with stub functions when shared library support is disabled. Then
symbol lookup is done via a local static lookup table (which is generated
automatically at build time) so that internal symbols can be found.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
A bunch of misc utils basically reimplement the daemon() function (the
whole fork/close/chdir/etc...). Rather than do that, use daemon() as
that will work under nommu Linux systems that lack fork().
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
It uses 1MB as receive buf limit by default (without
increasing /proc/sys/net/core/rmem_max it will be limited by less
however) and allows to specify the size manually using "-rcvbuf X"
(-r is already used, so you need to specify at least -rc).
Additionally rtnl_listen() continues on ENOBUFS after printing the
error message.
I experienced an error, if I try to perform a
ip route flush proto 4
with many routes in a complex environment, it
gave me the following error:
Failed to send flush request: Success
Flush terminated
--Boundary-01=_wxi/JRaNdLkbr7g
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hi Stephen,
please review attached patch to add support for in-kernel potential router=
=20
lists for ISATAP tunnels.
Usage:
ip tunnel add name isatap0 mode isatap local 192.168.1.100
ip tunnel prl dev isatap0 prl-default 192.168.1.1
ip tunnel prl dev isatap0 prl-nodefault 192.168.1.2
ip tunnel prl dev isatap0 prl-delete 192.168.1.1
ip tunnel show # pr and pdr will be listed as well
Patch based on http://osprey67.com/seal/iproute2_diff.v0_3.txt by Fred L.=20
Templin.
Thanks,
Sascha
Sometimes while dividing bandwidth by classes it is useful to see how some
specific class doing things live.
Which my simple patch it is possible to do
watch -n1 "tc -s -d class show dev eth0.2022 classid 1:1520"
and to get live statistics, how packets queued or dropped, and how much
bandwidth used (if estimator defined) for specific class.
Signed-off-by: Denys Fedoryshchenko <denys@visp.net.lb>
On tor, 2009-04-30 at 14:32 +0100, Timothy Baldwin wrote:
> Package: iproute
> Version: 20090324-1
> Severity: minor
>
>
> $ ip link set eth0 address help
> "help" is invalid lladdr.
> Segmentation fault
>
> Desipte the invalid command line arguments it shouldn't crash.
>
Callers need to check return value from ll_addr_a2n(). Patch below.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
