Heiner Kallweit [Mon, 22 Dec 2014 19:18:43 +0000 (20:18 +0100)]
ip: allow ip address show to list addresses with certain flags not being set
Sometimes it's needed to have "ip address show" list only addresses
with certain flags not being set, e.g. in network scripts.
As an example one might want to exclude addresses in "tentative"
or "deprecated" state.
Support listing addresses with flags tentative, deprecated, dadfailed
not being set by prefixing the respective flag with a minus.
Vadim Kochan [Mon, 22 Dec 2014 22:13:58 +0000 (00:13 +0200)]
ip lib: Added shorter timestamp option
Added another timestamp format to look like more logging info:
[2014-12-22T22:36:50.489 ] 2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default
link/ether 3c:97:0e:a3:86:2e brd ff:ff:ff:ff:ff:ff
vadimk [Thu, 4 Dec 2014 10:32:58 +0000 (12:32 +0200)]
ss: Use rtnl_dump_filter in handle_netlink_request
Replaced handling netlink messages by rtnl_dump_filter
from lib/libnetlink.c, also:
- removed unused dump_fp arg;
- added MAGIC_SEQ #define for 123456 seq id;
- silently exit if ENOENT errno is caused for NETLINK_SOCK_DIAG proto
in lib/libnetlink.c: rtnl_duml_filter_l(...) function. This fix
was added in a3fd8e58c1787af186f5c4b234ff974544f840b6 by Eric
for misc/ss.c
This patch makes CAN_CTRLMODE_PRESUME_ACK netlink feature configurable.
When enabled, the feature sets CAN controller in mode in which
acknowledgement absence is ignored.
Signed-off-by: Nikita Edward Baruzdin <nebaruzdin@gmail.com> Acked-by: Oliver Hartkopp <socketcan@hartkopp.net>
vadimk [Fri, 5 Dec 2014 17:19:11 +0000 (19:19 +0200)]
ss: Fix layout/output issues introduced by regression
This patch fixes the following issues which was introduced by me in commits:
#1 (2dc854854b7f1b) ss: Fixed broken output for Netlink 'Peer Address:Port' column
ISSUE: Broken layout when all sockets are printed out
#2 (eef43b5052afb7) ss: Identify more netlink protocol names
ISSUE: Protocol id is not printed if 'numbers only' output was specified (-n)
Also aligned the width of the local/peer ports to be more wider.
I tested with a lot of option combinations (I may miss some test cases),
but layout seems to me better than the previous released version of iproute2/ss.
vadimk [Fri, 5 Dec 2014 00:18:59 +0000 (02:18 +0200)]
ip monitor: Fix issue when timestamp is printed w/o msg
The issue was observed when IPv6 router broadcasted NDUSEROPT
messages which are not handled by monitor and caused printing
'Timestamps' w/o message because such kind of rtnl messages is not
handled by monitor.
As 'ip monitor' by default subscribes to the all mcast rtnl groups except
RTGRP_TC then all messages of these rtnl groups which are not handled by
monitor may cause such issues.
Fixed by subscribing by default to rtnl mcast groups which are
supported by 'ip monitor'.
Nicolas Dichtel [Thu, 4 Dec 2014 16:41:07 +0000 (17:41 +0100)]
ipaddress: enable -details option
This option was used only for 'ip link', but it can be useful to have it for
'ip address'. Thus it is possible to display link details and addresses with one
command.
Example:
$ ip -d a ls dev gre1
9: gre1@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1468 qdisc noqueue state UNKNOWN group default
link/gre 10.16.0.249 peer 10.16.0.121 promiscuity 0
gre remote 10.16.0.121 local 10.16.0.249 ttl inherit ikey 0.0.0.10 okey 0.0.0.10 icsum ocsum
inet 192.168.0.249 peer 192.168.0.121/32 scope global gre1
valid_lft forever preferred_lft forever
inet6 fe80::5efe:a10:f9/64 scope link
valid_lft forever preferred_lft forever
Suggested-by: Christophe Gouault <christophe.gouault@6wind.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
vadimk [Sun, 30 Nov 2014 16:08:25 +0000 (18:08 +0200)]
configure: Add check for the doc tools
Added checking existence of the doc files converters.
If the XXX tool exists then HAVE_XXX:=y will be written
to the Config file. Example of the configure script output:
TC schedulers
ATM no
IPT using xtables
IPSET yes
iptables modules directory: /usr/lib/iptables
libc has setns: yes
SELinux support: no
Docs
latex: no
WARNING: no docs can be built from LaTeX files
sgml2html: yes
vadimk [Sat, 18 Oct 2014 17:46:29 +0000 (20:46 +0300)]
ss: Fixed broken output for Netlink 'Peer Address:Port' column
When output the netlink sockets:
ss -A netlink state close
the layout is a little broken with a shifted 'Peer Address:Port'
stars and empty new lines. Fixed by making the port field to be
wider for 'Local Address:Port' column.
vadimk [Thu, 16 Oct 2014 08:19:29 +0000 (11:19 +0300)]
ss: Remove checking SS_CLOSE state for packet and netlink
I dont see a reason that packet and netlink states will be
printed only if SS_CLOSE state is set in filter, in that case
to print states of netlink or packet sockets it is needed to run:
Tom Herbert [Fri, 7 Nov 2014 16:05:34 +0000 (08:05 -0800)]
vxlan: Add support for enabling UDP checksums
Add udpcsum option to enable transmitting UDP checksums when doing
VXLAN/IPv4. Add udp6zerocsumtx, and udp6zerocsumrx options to enable
sending zero checksums and receiving zero checksums in VXLAN/IPv6.
Tom Herbert [Wed, 5 Nov 2014 18:06:26 +0000 (10:06 -0800)]
ip link gre: Add support to configure FOU and GUE
This patch adds support to configure foo-over-udp (FOU) and Generic
UDP Encapsulation for GRE tunnels. This configuration allows selection
of FOU or GUE for the tunnel, specification of the source and
destination ports for UDP tunnel, and enabling TX checksum. This
configuration only affects the transmit side of a tunnel.
Example:
ip link add name tun1 type gre remote 192.168.1.1 local 192.168.1.2 \
ttl 225 encap fou encap-sport auto encap-dport 7777 encap-csum
This would create an GRE tunnel in GUE encapsulation where the source
port is automatically selected (based on hash of inner packet) and
checksums in the encapsulating UDP header are enabled.
Tom Herbert [Wed, 5 Nov 2014 18:06:25 +0000 (10:06 -0800)]
ip link ipip: Add support to configure FOU and GUE
This patch adds support to configure foo-over-udp (FOU) and Generic
UDP Encapsulation for IPIP and sit tunnels. This configuration allows
selection of FOU or GUE for the tunnel, specification of the source and
destination ports for UDP tunnel, and enabling TX checksum. This
configuration only affects the transmit side of a tunnel.
Example:
ip link add name tun1 type ipip remote 192.168.1.1 local 192.168.1.2 \
ttl 225 encap gue encap-sport auto encap-dport 9999 encap-csum
This would create an IPIP tunnel in GUE encapsulation where the source
port is automatically selected (based on hash of inner packet) and
checksums in the encapsulating UDP header are enabled.
Tom Herbert [Wed, 5 Nov 2014 18:06:24 +0000 (10:06 -0800)]
ip fou: Support to configure foo-over-udp RX
Added 'ip fou...' commands to enable/disable UDP ports for doing
foo-over-udp and Generic UDP Encapsulation variant. Arguments are port
number to bind to and IP protocol to map to port (for direct FOU).
Examples:
ip fou add port 7777 gue
ip fou add port 8888 ipproto 4
The first command creates a GUE port, the second creates a direct FOU
port for IPIP (receive payload is a assumed to be an IPv4 packet).
- any ipv6 tunnel mode (proto == 0) could not be set
due to incomplete set of cases in do_add, do_del.
- vti6 logic was inverted: it was using "ip6_vti0" basedev
UNLESS mode is set to vti6.
We don't need a switch by p.proto in do_add()/do_del(): it
already exists in parse_args(). So if parse_args() call
was successful, no need to check tunnel mode again.
vadimk [Fri, 10 Oct 2014 06:27:19 +0000 (09:27 +0300)]
tests: Allow to run tests recursively
Such approach allows to run *.t scripts from any
tests/ subdirectories.
One point is that tests from tests/cls/*.t (which are needed
by tests/cls-testbed.t but does not exist yet) will also
be ran aside with tests/cls-testbed.t which is not good
because in such case they will be ran twice, so renamed these
tests path to tests/cls/*.c in tests/cls-testbed.t
Dmitry Popov [Sat, 4 Oct 2014 15:00:25 +0000 (19:00 +0400)]
ip tunnel: fix 'ip -oneline tunnel show' for some GRE tunnels
'ip -oneline tunnel show' was not "oneline" for GRE tunnels with iseq:
# ip tun add gre_test remote 1.1.1.1 local 2.2.2.2 mode gre iseq oseq
# ip -oneline tun show gre_test | wc -l
2
The problem existed because of a typo: '\n' was printed when it shouldn't be.
Fixed.
Jiri Benc [Fri, 3 Oct 2014 13:25:02 +0000 (15:25 +0200)]
ip address: print stats with -s
Make ip address show accept the -s option similarly to ip link. This creates
an one command replacement for "ifconfig -a" useful for people who still
stay with ifconfig because of this feature.
Print the stats as the last thing for the interface. This requires some code
shuffling.
Eric Dumazet [Wed, 1 Oct 2014 11:17:18 +0000 (04:17 -0700)]
ss: add more tcp socket diagnostics
Display 4 additional tcp socket info fields :
backoff : exponential backoff
lastsnd : time in milli second since last send
lastrcv : time in milli second since last receive
lastack : time in milli second since last acknowledgement
Tests were not allowed to be ran, the following
issues were fixed:
- creating the results folder before test running
- sudo $PREFIX moved before variables definition which
allow to pass them through the sudo to test script.
Broken looks like:
root@moja-1:~# tc actions add action drop index 4
root@moja-1:~# tc -s actions ls action gact
action order 0: gact action drop
random type none pass val 0
index 4 ref 1 bind 0 installed 9 sec used 4 sec
The fixed version looks like:
action order 0: gact action drop
random type none pass val 0
index 4 ref 1 bind 0 installed 9 sec used 4 sec
Sent 108948 bytes 1297 pkts (dropped 1297, overlimits 0)
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
iproute2: allow to change slave options via type_slave
This patch adds the necessary changes to allow altering a slave device's
options via ip link set <device> type <master type>_slave specific-option.
It also adds support to set the bonding slaves' queue_id.
Example:
ip link set eth0 type bond_slave queue_id 10
Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Acked-by: Jiri Pirko <jiri@resnulli.us>
ip monitor: Dont print timestamp or banner-label for cloned routes
This is ugly fix but solves the case when timestamp
or banner-label is printed before the cloned route will be skipped
by iproute filter which filters out all cached routes by default.
In such case timestamp will be printed twice:
Update the rt_dsfield file to contain values defined in current RFC.
The days of TOS precedence are gone, even Cisco doesn't refer
to these in the documents.