Oliver Hartkopp [Fri, 27 Mar 2009 18:21:29 +0000 (11:21 -0700)]
Add support Controller Area Network
t's not a big problem, but it makes a better show in 'ip link show' on
CAN interfaces :-)
I also moved __PF(CAN,can) in ll_proto.c to the same position where it
can be found in if_ether.h .
The only thing i did not know if the __PF(CAN,can) in ll_types.c needs
to be put in #ifdef ARPHDR_CAN like __PF(HWX25,hwx25) is or not. You
definitely know that better than me.
Srivats P [Fri, 27 Mar 2009 18:17:26 +0000 (11:17 -0700)]
ip6tunnel: Fix no default display of ip4ip6 tunnels
"ip -6 tunnel show" displays only ip6ip6 tunnels not ip4ip6 tunnels
- it should display all irrespective of proto.
This is because the default tunnel proto is initialized to IPPROTO_IPV6 in ip6_tnl_parm_init() which is fine for a 'add' command but not for 'show'. This patch overrides proto with 0 signifying 'mode any' as the default in case of a 'show'.
Sascha Hlusiak [Fri, 27 Mar 2009 18:14:00 +0000 (11:14 -0700)]
iptunnel: allow ISATAP with stateless autoconf
please commit my patch below to the iproutes package. It just an incorrect
check so that adding an isatap tunnel with remote works, since it's needed if
one wants to use stateless autoconf. The current check makes tunnel mode
isatap unusable for all client users.
Currently you can configure "equalize" and it looks all fine and dandy.
The kernel has the interface defined, but apparently there's never actually
been any implementation for it (only a never merged patch in the 2.4 era).
I'm suggesting to drop the code to give any potential users of this feature
the benefit of receiving a proper error message. I see it unlikely that
this will be implemented in the near future, but if it ever happens
reviving the iproute2 side should be as easy as git revert this patch.
For more details see http://bugs.debian.org/149897
jamal [Fri, 8 Aug 2008 14:06:17 +0000 (10:06 -0400)]
ip: Allow for easier debug of buggy devices that dont send their names
patch attached this time..
On Fri, 2008-08-08 at 10:01 -0400, jamal wrote:
> wireless drivers using wext is a prime example if you need a test case.
>
> cheers,
> jamal
ip: Allow for easier debug of buggy devices that dont send their names
With the old message couldnt tell which device had the bug.
This patch provides at least an ifindex to narrow it down.
Theres also no point in bailing out because of one bug; we
allow it to go on so we could dump as much info as we can
Breakage noticed when debian upgraded to xtables (iptables > 1.4.1)
Many thanks to Yevgeny Kosarzhevsky <yevg@pisem.net> for reporting
and a lot of testing
Thanks to Jan Engelhardt <jengelh@medozas.de> for a lot of advice
Thanks to Denys Fedoryschenko <denys@visp.net.lb> for some sample
code that he tried and thanks to Andreas Henriksson <andreas@fatal.se>
(who maintains iproute2 on debian) for the persistent followup.
Original from: Alexander Duyck <alexander.h.duyck@intel.com>
A bug was found in which the memory for the tc_skbedit struct was being
used uninitialized to 0. Alternative version of original fix
using initializer rather than memset.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
1)optind according iptables sources have to be set to 0. If it is set to 1, in
batch it will mess up things. Also in iptables sources i notice that ->tflags
and ->used need to be reset.
2)Since target->t = fw_calloc(1, size); allocated memory in function build_st,
it have to be freed at the end, or in batch we will have memory leak. TODO:
Probably it must be freed in all "return -1" cases in parse_ipt after
build_st. About this i am not sure, up to Stephen.
When the preferred lifetime of a prefix assigned by IPv6 autoconfiguration
(router solicitation) becomes negative
How reproducible:
Always.
Steps to Reproduce:
1. Configure an IPv6 router to advertise a prefix with a short preferred
lifetime, e.g. 0.
2. Wait for the IPv6 autoconfiguration process to complete for an interface
<if> connected to a link where that router advertises.
3. Run ip -6 show dev <if>.
Actual results:
The preferred lifetime will have become negative, but it is printed as an
unsigned integer. The preferred lifetime to be displayed will therefore be
close to UINT_MAX.
Alexander Duyck [Fri, 5 Dec 2008 22:16:42 +0000 (14:16 -0800)]
add support for multiq qdisc
Add support for multiq qdisc
This patch adds the ability to configure the multiq qdisc. Since the qdisc does not require any input it will pull the number of bands directly from the device that it is added to the root of.
usage: tc qdisc add dev <DEV> root handle <HANDLE> multiq
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Olivier Fourdan [Tue, 25 Nov 2008 12:36:22 +0000 (12:36 +0000)]
ip maddr show” on an infiniband address causes a stack corruption
“ip maddr show” on an infiniband address causes a stack corruption
because the length of the address for Infiniband (20 bytes, as
described in kernel doc Documentation/infiniband/ipoib.txt) does not
fit on the 16 bytes of the field in which it gets stored.
The proposed patch increases the size of the hardware address from 4
__u32 to 8 and also adds a check to avoid overriding the available
size while parsing the hardware address.
This bug affects current upstream code AFAICT.
Hope this helps,
Cheers,
Olivier.
“ip maddr show ib0” causes a stack corruption because the length of the address
for Infiniband (20 see kernel doc Documentation/infiniband/ipoib.txt) does not
fit on the 16 bytes of the field in which it gets stored.
The proposed patch increases the size of the hardware address from 4 u32 to 8
and adds a check to avoid overriding the available size while parsing the
hardware address.
Herbert Xu [Wed, 7 Jan 2009 02:27:52 +0000 (18:27 -0800)]
Update version of IP gre
This patch adds support for configuring GRE tunnels using the
new rtnl_link interface. This only works on kernels that have
the new GRE configuration interface.
This is accessed through the "ip link" command. The previous
tunnel configuration interface "ip tunnel" remains as it is
and should be retained for compatibility with old kernels.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Thu, 9 Oct 2008 07:08:24 +0000 (15:08 +0800)]
ip: gre: Add GRE configuration support through rtnl_link
This patch adds support for configuring GRE tunnels using the
new rtnl_link interface. This only works on kernels that have
the new GRE configuration interface.
This is accessed through the "ip link" command. The previous
tunnel configuration interface "ip tunnel" remains as it is
and should be retained for compatibility with old kernels.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Handle 10/8 as 10.0.0.0/8 and check for bogus values like 256/8.
This is a comprimise between original iproute2 parsing and standard BSD
parsing of abbreviated IPV4 addresses.
This is a variant of Patrick McHardy patch for help text.
Add help for ip link add and ip link delete.
The help conditional on what the kernel supports.
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Herbert Xu [Thu, 18 Sep 2008 05:09:01 +0000 (22:09 -0700)]
ip: xfrm: Add AEAD support
This patch allows the user to create/manage AEAD algorithms with
the ip xfrm command. AEAD algorithms are also known as combined-
mode algorithms. They provide the functionality of encryption
algorithms as well as authentication algorithms.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Li Yewang [Tue, 9 Sep 2008 01:13:42 +0000 (09:13 +0800)]
distinguish the inet and inet6 domain when loading the tcp_diag module
When load the tcp_diag module, and use "ss -f inet" command to show the socket
information of inet domain. But this command also shows the information of inet6
domain, but not only inet domain. and "ss -f inet6", "ss -4", "ss -6" have the
same problem.
Signed-off-by: Li Yewang <lyw@cn.fujitsu.com> Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Li Yewang [Tue, 9 Sep 2008 01:06:47 +0000 (09:06 +0800)]
Fix the error of "ss -f inet -t"
when using the "ss -f inet -t" command to show the tcp socket information of
inet domain, we get the error message: "ss: no socket tables to show with such filter."
This patch can fix this bug.
Signed-off-by: Li Yewang <lyw@cn.fujitsu.com> Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
I noticed your patch adding DESTDIR support in the latest iproute2 release.
Much appreciated! Soon the debian packages might be able to move to actually
using "make install" rather then it's own installation procedure when
building packages. I've noticed something that will break though....
Debian packages usually sets DESTDIR=debian/tmp/ and packages the contents
of that directory as if it where the root file system. This will break
the /usr/lib/{tc,ip}/ module loading, because they DESTDIR (/usr) will be
/whatever-the-build-path-was/debian/tmp/lib/{tc,ip}/.
I beleive others usually call this the LIBDIR to make the separation between
DISTDIR being the (possibly temporary) place things are put when build is
done, and LIBDIR (and others) are used for actual runtime paths.
I'm attaching a patch that I think fixes this, but would be really happy if
you could have a look at to verify I'm not screwing something up.
--
Regards,
Andreas Henriksson
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
ip a flush: unnecessarily chatty when there's nothing to flush
On tis, 2008-07-22 at 20:21 +0200, martin f krafft wrote:
> piper:~|master|% sudo ip a flush dev eth0 >/dev/null
> Nothing to flush.
>
> It should just shut up, shouldn't it? :)
The patch below makes the "Nothing to flush" only visible when show
statistics flag is given, and then only to stdout rather then stderr.
$ sudo ./ip/ip -s addr flush dev skif
Nothing to flush.
$ sudo ./ip/ip addr flush dev skif
$
Stephen Hemminger [Thu, 22 May 2008 20:41:40 +0000 (13:41 -0700)]
> Use the standard POSIX inet_pton to convert from string to IPV4
> address. This avoids problems where ip parses "127.2" wrong.
Apparently inet_pton doesn't support abbreviated/shortened/classful
ipv4 addresses at all, but inet_aton does.
Since the function only deals with AF_INET anyway maybe using
inet_aton "to increse backwards compatability" (please those
who still want to use the format) could be considered?
(This will still not restore the 10/8 format which apparently used
to work in iproute, so people would have to settle for 10.0/8)
Rafael Almeida [Mon, 2 Jun 2008 00:33:44 +0000 (21:33 -0300)]
Fixed installation when changing DESTDIR
After changing the DESTDIR the installated binaries have some issues
due to hard coded paths. For example, using distributions on NetEm
would segfault.
I've changed iplink.c and tc_util.c so they are now aware of DESTDIR.
Along with that change I needed to change the main Makefile so it
defines the DESTDIR macro when calling gcc.
I also changed the paths so that during the installation sbin, etc,
share and lib directories are created directly inside of the DESTDIR,
instead of creating a usr directory inside that. That's the behaviour
of most packages out there, so I think most users will be expecting
that to happen.
The command "ip addrlabel add/del" displays incorrect error message when provided with insufficient inputs. This patch fixes it in par with "ip addr add/del".
Currently:
# ./ip addrlabel add
RTNETLINK answers: Numerical result out of range
# ./ip addr add
Not enough information: "dev" argument is required.
After patch:
# ./ip addrlabel add
Not enough information: "prefix" argument is required.
Signed-off-by: Varun Chandramohan <varunc@linux.vnet.ibm.com> Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
The current kernel generates 71 possible header fields, but
MAX_FIELDS in lnstat is only 64. This leads to referencing outside
of the array. To fix, increase size of array and chop off parsing
at MAX_FIELDS - 1.
Bertrand Jacquin [Sat, 21 Jun 2008 05:51:19 +0000 (01:51 -0400)]
netem: fix cross-compiling failure
The programs in netem are compiled and run on the build machine, but they
use the CFLAGS that are meant for the target system and often times, these
are incompatible.
Benjamin Thery [Fri, 20 Jun 2008 09:07:35 +0000 (11:07 +0200)]
iproute2: add support for IFLA_NET_NS_PID in ip link
Hi Stephen,
I resend you this patch once more. This time I updated the documentation
too (may be that was the reason why you didn't take it before?).
Please tell me if there are other things missing in this patch
It applies on iproute2 git tree.
Regards,
Benjamin
Description:
------------
This patch adds support for the IFLA_NET_NS_PID type. It is used to
move network devices between network namespaces.
The syntax is:
ip link set DEVICE netns PID
PID is the pid of a process in the target network namespace.
(Daniel Lezcano is the original author).
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: Benjamin Thery <benjamin.thery@bull.net> Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Patrick McHardy [Mon, 23 Jun 2008 13:59:18 +0000 (15:59 +0200)]
tc: don't set protococol field on filter delete
> # tc filter show dev eth1 | grep 4:29:d1
> filter parent 1: protocol ip pref 5 u32 fh 4:29:d1 order 209 key ht 4
> bkt 29 flowid 1:b7aa
>
> # tc filter del dev eth1 parent 1: pref 5 handle 4:29:d1 u32
> RTNETLINK answers: Invalid argument
> We have an error talking to the kernel
>
> after rollback to package"sys-apps/iproute2-2.6.24.20080108" all
> deleted normal...
The current iproute version uses "protocol all" by default
if its not specified. This is actually only useful for creating
new filters, on deletion an unset protocol is treated as wildcard.
The function get_hz() returns the psched hz value which is wrong
for anything other than tc usage. Should be user hz instead, but
kernel is broken (patch sent) and this code doesn't get hit on
current systems (netlink is used first).
Herbert Xu [Wed, 23 Apr 2008 07:42:32 +0000 (15:42 +0800)]
xfrm: Allow replay setting
Hi Stephen:
[IP] xfrm: Allow replay setting
For certain applications there is a requirement to start the
sequence number from a point other than the default. As it
is the kernel provides an interface to do that but it isn't
available through the ip(8) command. Since we're encouraging
people to migrate over to ip(8) for manual keying, it is useful
to have this ability there.
This patch adds support for setting replay sequence numbers
through ip(8).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
Don't break scripts that depend on previous offset/value format.
Introduce a new -pretty flag for decoding, and (*gasp*) document
the formatting arguments.
Write something about the tweak to enable promoting secondary addresses
instead of deleting them together with the primary address as discussed
in this thread on the netdev mailing list:
http://www.spinics.net/lists/netdev/msg52294.html
The claim that this is supported since 2.6.15 is based on looking at
changes to net/ipv4/devinet.c in the linux-2.6 git tree:
I was asked to at least mention the xfrm option in ip manual. I added
all usage into ip.8 and try to write some basic information about xfrm.
If someone want complete it, I'll be happy.
In ss.c, generic_proc_open(), for which the net_*_open functions are just
convenient wrappers, uses fopen, so errors are signalled by a NULL return
value. Some checks were expecting negative values instead, fix them.
Signed-off-by: Björn Steinbrink <B.Steinbrink@gmx.de> Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Add more aliases to synchronize IPv4 and IPv6 tunnel command, e.g.,
IPv4: hoplimit (alias to ttl), tclass (alias to tos)
IPv6: dsfield, tos (alias to tc, or tclass), ttl (alias to hoplimit)
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>