- 12 Oct, 2015 9 commits
-
-
Daniel Borkmann authored
After the patch, the most minimal command to load an eBPF action for late binding with auto index selection through tc is: tc actions add action bpf obj prog.o We already set TC_ACT_PIPE in tc as default opcode, so if nothing further has been specified, just use it. Also, allow "ok" next to "pass" for matching cmdline on TC_ACT_OK. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
David Ahern authored
Add ifindex to dump request when filtering by device. If the kernel supports it adding the index to the request limits the amount of data the kernel pushes to userpsace. The feature exists in userspace already, so no need to warn the user if kernel side support does not exist. Using the kernel side filter makes the request more efficient. Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
-
Daniel Borkmann authored
When having optional classid, most minimal command can be sth like: tc filter add dev foo parent X: bpf obj prog.o Therefore, adapt the code so that a next argument will not be enforced as the case currently. Also, minor cleanup on the classid, where we should rather have used addattr32(), and add flags for exec configuration, for example (using short notation): tc filter add dev foo parent X: bpf da obj prog.o Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@plumgrid.com>
-
David Ahern authored
Add support for filtering neighbor dumps by master device. Kernel side support provided by commit 21fdd092acc7. Since the feature is not available in older kernels the user is given a warning message if the kernel does not support the request. Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
-
Satish Ashok authored
This patch documents bridge and ip -timestamp option Signed-off-by: Satish Ashok <sashok@cumulusnetworks.com>
-
Wilson Kok authored
This patch adds support to batch bridge commands. Follows ip batch code. Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com> Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Acked-by: Christophe Gouault <christophe.gouault@6wind.com>
-
Stephen Hemminger authored
-
- 07 Oct, 2015 4 commits
-
-
Christophe Gouault authored
Support quoting strings with " or ' in an iproute2 batch file. Enables to configure empty crypto keys (for ESP-null) or keys with spaces: xfrm state add src 1.1.1.1 dst 2.2.2.2 proto ah spi 0x1 \ mode tunnel auth hmac(sha1) "r4ezR/@kd6'749f2 6zf$" xfrm state add src 5.5.5.5 dst 2.2.2.2 proto esp spi 0x2 \ mode tunnel enc cipher_null "" Signed-off-by: Christophe Gouault <christophe.gouault@6wind.com>
-
Christoph Schulz authored
Device names that match "help" or a prefix thereof should be allowed anywhere a device name can be used. Note that a suitable keyword ("dev" or "name", the latter for "ip tunnel") has to be used in these cases to resolve ambiguities. Signed-off-by: Christoph Schulz <develop@kristov.de> Reported-by: Leonhard Preis <leonhard@pre.is> Reported-by: Wilhelm Wijkander <lists@0x5e.se>
-
Stephen Hemminger authored
-
Richard Alpe authored
This patch adds man pages for the TIPC tool. There is one main page and one page for each top level sub-command. These pages mainly aims to help a user of the tipc tool. In addition to this they describe a bit about what TIPC is and some of its features as a protocol. Signed-off-by: Richard Alpe <richard.alpe@ericsson.com> Reviewed-by: Erik Hugne <erik.hugne@ericsson.com> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com>
-
- 25 Sep, 2015 5 commits
-
-
Stephen Hemminger authored
-
Eric Dumazet authored
linux-3.19 fq packet scheduler got a new attribute, controlling number of 'flows' holding packets not attached to a socket (forwarding usage) kernel commit is 06eb395fa9856b5a87cf7d80baee2a0ed3cdb9d7 ("pkt_sched: fq: better control of DDOS traffic") This patch adds corresponding code to tc command. tc qd replace dev eth0 root fq orphan_mask 511 Signed-off-by: Eric Dumazet <edumazet@google.com>
-
Dan Webster authored
Commit 1527a17e introduced a change where the second of two ssfilter_parse() calls in ss.c was moved outside of a conditional block (ss.c: ~3575). This commit enabled the parsing of services, such as 'sport = :ssh', but inadvertently broke the '-F' file-based filtering:
-
Florian Westphal authored
Partially based on kernel Kconfig help text, code comments and git commit messages from Eric Dumazet. Joint work with Phil Sutter. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
-
Eric Dumazet authored
Support -timestamp and -tshort options for tc monitor like ip monitor. # tc -tshort monitor [2015-09-23T16:39:11.260555] qdisc fq 8003: dev eth0 root refcnt 2 limit 10000p flow_limit 100p buckets 1024 quantum 3028 initial_quantum 15140 refill_delay 40.0ms Signed-off-by: Eric Dumazet <edumazet@google.com>
-
- 23 Sep, 2015 15 commits
-
-
David Ahern authored
The brief format does not honer the master and type filters: $ ip link show master vrf-mgmt 7: dummy0: <BROADCAST,NOARP,SLAVE> mtu 1500 qdisc noop master vrf-mgmt state DOWN mode DEFAULT group default qlen 1000 link/ether 66:39:cc:2b:e9:bd brd ff:ff:ff:ff:ff:ff $ ip -br link show master vrf-mgmt lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> eth0 UP 08:00:27:de:14:c8 <BROADCAST,MULTICAST,UP,LOWER_UP> eth1 UP 08:00:27:87:02:f1 <BROADCAST,MULTICAST,UP,LOWER_UP> eth2 UP 08:00:27:61:1e:fd <BROADCAST,MULTICAST,UP,LOWER_UP> vrf-blue UNKNOWN a6:3f:09:34:7e:74 <NOARP,MASTER,UP,LOWER_UP> vrf-red DOWN fe:a2:2d:e1:bc:ac <NOARP,MASTER> dummy0 DOWN 66:39:cc:2b:e9:bd <BROADCAST,NOARP,SLAVE> dummy1 DOWN 4a:4f:13:91:64:b1 <BROADCAST,NOARP,SLAVE> dummy2 DOWN b2:4f:b6:cd:bd:a6 <BROADCAST,NOARP> dummy3 DOWN 1e:06:3d:40:b8:c2 <BROADCAST,NOARP,SLAVE> vrf-mgmt DOWN ce:b2:74:41:21:df <NOARP,MASTER> With this patch the expected output is shown: $ ip -br link show master vrf-mgmt dummy0 DOWN 66:39:cc:2b:e9:bd <BROADCAST,NOARP,SLAVE> Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
-
David Ahern authored
Currently 'ip route get' does not show the table the lookup result comes from and prior to kernel commit c36ba6603a11 the response from the kernel was hardcoded to the main table. From the discussion this appears to be a leftover from the route cache where the cached entry lost the table id and so the result was hardcoded to main table. c36ba6603a11 added the RTM_F_LOOKUP_TABLE flag to maintain that behavior but to allow new tools to ask for the actual table id for the lookup. This patch adds that flag to ip route get request and if the result is not the main table shows the table id. Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
-
Stephen Hemminger authored
-
Andrew Vagin authored
Currently when we specify AF_INET6 when it is disabled, we will get all routes. For example, we can boot kernel with ipv6.disable=1 and try to get ipv6 routes: $ ip -6 route show default via 192.168.122.1 dev eth0 proto static metric 100 192.168.122.0/24 dev eth0 proto kernel scope link src 192.168.122.141 metric 100 Here are ipv4 routes and this is unexpected behaviour. Signed-off-by: Andrew Vagin <avagin@openvz.org>
-
Vadim Kochan authored
Changed HRB -> HTB. Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
-
Vadim Kochan authored
Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Acked-by: Jeremy Harris <jgh@redhat.com>
-
Phil Sutter authored
Code to parse and export this tuneable via netlink is already present in sched_fq.c of the kernel, so not making it accessible for users would be a waste of resources. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
Some qdiscs still lack a manpage, so listing them here is the only way for a user to get to know them. For the others, this serves as an overview of what is there. Content was taken over from the dedicated manpage if available and suitable, so there is definitely room for improvement at least by adjusting it more to the context in which it is now. In case there wasn't appropriate wording available, I tried to identify key aspects of the given qdisc. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
Commit 05325552 ('Support "ip link add help" for rtnl_link API') added a check for specified help parameter. Though due to the place where it has been added to, it is not possible anymore to force a given parameter to be interpreted as interface name by prefixing it with 'dev '. Fix this by forcing whatever follows 'dev' to be presumed as interface name. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
While there is not much to explain about this rather trivial shell script, having a manpage for it serves as good point of reference for users wondering what it might be for. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
This patch follows the changes of commit 4d98ab00 ("Fix FSF address in file headers"), fixing file headers added after it. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
When fixing the BNF syntax error, I overlooked that 'ip address help' prints a more correct synopsis. This patch aligns them. Fixes: 715296b8 ("ip-address.8.in: fix BNF syntax error") Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
Since 'ip help' lists it, it should be described in ip.8 as well. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
- 21 Sep, 2015 2 commits
-
-
Vadim Kochan authored
Add check for Berkeley DB header & lib before compile arpd util. Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
-
Arthur Gautier authored
Signed-off-by: Arthur Gautier <baloo@gandi.net>
-
- 11 Sep, 2015 1 commit
-
-
Stephen Hemminger authored
After cookie there was no newline.
-
- 09 Sep, 2015 1 commit
-
-
Mike Saal authored
Hi: I found a formatting bug in the 4.1.1 ss command. The following line was incorrectly output due to passing a negative length to printf() when displaying the local address. In this instance hostapd does a "bind to device" on cdreth0 and then does a udp "in address any" port 67 bind. Please note the whitespace between the '*' and ' %cdreth0:67' 'udp UNCONN 0 0 ** %cdreth0:67* *:* users:(("hostapd",pid=19241,fd=5))' Attached is my patch for the bug fix, it might be prudent to add more guard code looking for negative length format codes. Sincerely, Mike
-
- 07 Sep, 2015 1 commit
-
-
Denis Kirjanov authored
Before: kda@vfirst ~/devel/iproute2 $ ./ip/ip route flush cache Cannot open "/proc/sys/net/ipv4/route/flush" After: kda@vfirst ~/devel/iproute2/ip $ ./ip route flush cache Cannot open "/proc/sys/net/ipv4/route/flush": Permission denied Signed-off-by: Denis Kirjanov <kda@linux-powerpc.org>
-
- 31 Aug, 2015 2 commits
-
-
Toshiaki Makita authored
This patch adds support for bridge vlan_protocol. Example: $ ip link set br0 type bridge vlan_protocol 802.1ad $ ip -d link show br0 4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 44:37:e6:ab:cd:ef brd ff:ff:ff:ff:ff:ff promiscuity 0 bridge forward_delay 0 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1ad addrgenmode eui64 Signed-off-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
-
Stephen Hemminger authored
-