Daniel Borkmann [Wed, 18 Mar 2015 09:13:34 +0000 (10:13 +0100)]
tc: m_bpf: fix next arg selection after tc opcode
Next argument after the tc opcode/verdict is optional, using NEXT_ARG()
requires to have another argument after that one otherwise tc will bail
out. Therefore, we need to advance to the next argument manually as done
elsewhere.
Fixes: 86ab59a6660f ("tc: add support for BPF based actions") Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Jiri Pirko <jiri@resnulli.us>
Roopa Prabhu [Wed, 18 Mar 2015 02:18:28 +0000 (19:18 -0700)]
lib utils: fix family during af_bit_len calculation
commit f3a2ddc124e0 ("lib utils: Use helpers to get AF bit/byte len")
used a wrong family or family of zero in the default case
during af_bit_len calculation causing ip route commands to
fail with below error
Error: an inet prefix is expected rather than "10.0.2.14/24".
Mark Einon [Mon, 16 Mar 2015 09:59:09 +0000 (09:59 +0000)]
ip: Make uniform the use of synonyms list, show and lst
Where used in the ip tool, the 'show' option always has the synonyms
'list' and 'lst', except for ip-token and ip-addrlabel, which are missing
'lst'. Add this as a synonym for these commands.
Vadim Kochan [Sat, 7 Mar 2015 06:30:58 +0000 (08:30 +0200)]
ip netns: Fix rtnl error while print netns list
Observed on the Linux 3.18:
# ip netns
RTNETLINK answers: Operation not supported
net0
CC: Nicolas Dichtel <nicolas.dichtel@6wind.com> Fixes: d182ee1307c7 ("ipnetns: allow to get and set netns ids") Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Keep ss output consistent and format DCTCP socket statistics similar to skmen
and timer where a group of logical values are grouped by brackets. This makes
parser scripts *and* humans more happy.
Nicolas Dichtel [Tue, 17 Feb 2015 16:30:38 +0000 (17:30 +0100)]
iplink: add support of IFLA_LINK_NETNSID attribute
This new attribute is now advertised by the kernel for x-netns interfaces.
It's also possible to set it when an interface is created (and thus creating a
x-netns interface with one single message).
Example:
$ ip netns add foo
$ ip netns add bar
$ ip -n foo netns set bar 15
$ ip -n foo link add ipip1 link-netnsid 15 type ipip remote 10.16.0.121 local 10.16.0.249
$ ip -n foo link ls ipip1
3: ipip1@NONE: <POINTOPOINT,NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default
link/ipip 10.16.0.249 peer 10.16.0.121 link-netnsid 15
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Nicolas Dichtel [Tue, 17 Feb 2015 16:30:37 +0000 (17:30 +0100)]
ipnetns: allow to get and set netns ids
The kernel now provides ids for peer netns. This patch implements a new command
'set' to assign an id.
When netns are listed, if an id is assigned, it is now displayed.
Example:
$ ip netns add foo
$ ip netns set foo 1
$ ip netns
foo (id: 1)
init_net
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Tom Herbert [Thu, 29 Jan 2015 16:52:01 +0000 (08:52 -0800)]
iproute: Descriptions of fou and gue options in ip-link man pages
Add section for additional arguments to GRE, IPIP, and SIT types
that are related to Foo-over-UDP and Generic UDP Encapsulation.
Also, added an example GUE configuration in the examples section.
Tom Herbert [Thu, 29 Jan 2015 16:51:58 +0000 (08:51 -0800)]
ip link: Add support for remote checksum offload to IP tunnels
This patch adds support to remote checksum checksum offload
confinguration for IPIP, SIT, and GRE tunnels. This patch
adds a [no]encap-remcsum to ip link command which applicable
when configured tunnels that use GUE.
ip link add name tun1 type gre remote 192.168.1.1 local 192.168.1.2 \
ttl 225 encap fou encap-sport auto encap-dport 7777 encap-csum \
encap-remcsum
This would create an GRE tunnel in GUE encapsulation where the source
port is automatically selected (based on hash of inner packet),
checksums in the encapsulating UDP header are enabled (needed.for
remote checksum offload), and remote checksum ffload is configured to
be used on the tunnel (affects TX side).
Roopa Prabhu [Mon, 26 Jan 2015 02:26:24 +0000 (18:26 -0800)]
iproute2: bridge: support vlan range adds
This patch adds vlan range support to bridge add command
using the newly added vinfo flags BRIDGE_VLAN_INFO_RANGE_BEGIN and
BRIDGE_VLAN_INFO_RANGE_END.
$bridge vlan show
port vlan ids
br0 1 PVID Egress Untagged
dummy0 1 PVID Egress Untagged
$bridge vlan add vid 10-15 dev dummy0
port vlan ids
br0 1 PVID Egress Untagged
dummy0 1 PVID Egress Untagged
10
11
12
13
14
15
$bridge vlan del vid 14 dev dummy0
$bridge vlan show
port vlan ids
br0 1 PVID Egress Untagged
dummy0 1 PVID Egress Untagged
10
11
12
13
15
$bridge vlan del vid 10-15 dev dummy0
$bridge vlan show
port vlan ids
br0 1 PVID Egress Untagged
dummy0 1 PVID Egress Untagged
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com>
Oliver Hartkopp [Thu, 22 Jan 2015 18:04:33 +0000 (19:04 +0100)]
can: Add support for CAN FD non-ISO feature
This patch makes CAN_CTRLMODE_FD_NON_ISO netlink feature configurable.
During the CAN FD standardization process within the ISO it turned out that
the failure detection capability has to be improved.
The CAN in Automation organization (CiA) defined the already implemented CAN
FD controllers as 'non-ISO' and the upcoming improved CAN FD controllers as
'ISO' compliant. See at http://www.can-cia.com/index.php?id=1937
Starting with the - currently non-ISO - driver for M_CAN v3.0.1 introduced in
Linux 3.18 this bit needs to be propagated to userspace. In future drivers this
bit will become configurable depending on the CAN FD controllers capabilities.
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
iproute2/ip: fix up filter when printing addresses
"ip addr show up" would exclude the interface (link), but include the
addresses of down interfaces (which looked like they where indented
under a different interface). This fixes the filtering.
For a full example see the original bug report at:
http://bugs.debian.org/776040
Reported-by: Paul Slootman <paul@debian.org> CC: 776040@bugs.debian.org Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Vadim Kochan [Sun, 18 Jan 2015 14:10:18 +0000 (16:10 +0200)]
ip netns: Allow exec on each netns
This change allows to exec some cmd on each
named netns (except default) by specifying '-all' option:
# ip -all netns exec ip link
Each command executes synchronously.
Exit status is not considered, so there might be a case
that some CMD can fail on some netns but success on the other.
EXAMPLES:
1) Show link info on all netns:
$ ip -all netns exec ip link
netns: test_net
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: tap0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 500
link/ether 1a:19:6f:25:eb:85 brd ff:ff:ff:ff:ff:ff
netns: home0
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: tap0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 500
link/ether ea:1a:59:40:d3:29 brd ff:ff:ff:ff:ff:ff
netns: lan0
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: tap0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 500
link/ether ce:49:d5:46:81:ea brd ff:ff:ff:ff:ff:ff
Vadim Kochan [Thu, 8 Jan 2015 17:32:22 +0000 (19:32 +0200)]
ss: Filter inet dgram sockets with established state by default
As inet dgram sockets (udp, raw) can call connect(...) - they
might be set in ESTABLISHED state. So keep the original behaviour of
'ss' which filtered them by ESTABLISHED state by default. So:
$ ss -u
or
$ ss -w
Will show only ESTABLISHED UDP sockets by default.
Nicolas Dichtel [Thu, 15 Jan 2015 10:36:25 +0000 (11:36 +0100)]
lib: fix setns() function when !HAVE_SETNS
When HAVE_SETNS is not set, iproute2 provides a local implementation of this
function based on __NR_setns.
This macro is defined in sys/syscall.h, which was not included, thus the local
implementation always returned -1.
CC: Vadim Kochan <vadim4j@gmail.com> Fixes: eb67e4498aec ("lib: Add netns_switch func for change network namespace") Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Vadim Kochan [Thu, 8 Jan 2015 00:42:54 +0000 (02:42 +0200)]
ss: Fix case when UDP is printed as ipproto-xxx
When 'ss' prints UDP sockets info together with RAW sockets
e.g.:
$ ss -a
then UDP sockets are resolved as "ipproto-xxx".
It was caused that dg_proto was set after printing UDP
socket info from netlink. So fixed issue by moving
setting dg_proto before printing info from Netlink.
Vadim Kochan [Sun, 4 Jan 2015 20:18:40 +0000 (22:18 +0200)]
ss: Filtering logic changing, with fixes
This patch fixes some filtering combinations issues which does not
work on the 'master' version:
$ ss -4
shows inet & unix sockets, instead of only inet sockets
$ ss -u
needs to specify 'state closed'
$ ss src unix:*X11*
needs to specify '-x' shortcut for UNIX family
$ ss -A all
shows only sockets with established states
There might some other issues which was not observed.
Also changed logic for calculating families, socket types and
states filtering. I think that this version is a little simpler
one. Now there are 2 predefined default tables which describes
the following maping:
Jiri Pirko [Tue, 6 Jan 2015 16:23:45 +0000 (17:23 +0100)]
libnetlink: add parse_rtattr_one_nested helper
Sometimes, it is more convenient to get only one specific nested attribute by
type. For example for IFLA_AF_SPEC where type is address family (AF_INET6).
So add this helper for this purpose.
projects / mirror_iproute2.git / log