- 23 Oct, 2015 4 commits
-
-
Stephen Hemminger authored
-
Daniel Borkmann authored
If get_rt_realms() fails, try to get a possible raw u32 realms value for the u32 RTA_FLOW/FRA_FLOW attribute, as it might be useful to directly configure the hex value itself. And only if that fails, then bail out. The source realm is provided in the upper u16 (mask: 0xffff0000) and the destination realm through the lower u16 part (mask: 0x0000ffff). This can be useful for tc's bpf realm matcher, but also a full hex/mask param can be provided already for matching through iptables' --realm cmdline option, for example. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Stephen Hemminger authored
Track upstream
-
Kirill Tkhai authored
This patch adds save and restore commands to "ip rule" similar the same is made in commit f4ff11e3 for "ip route". The feature is useful in checkpoint/restore for container migration, also it may be helpful in some normal situations. Signed-off-by: Kirill Tkhai <ktkhai@odin.com>
-
- 19 Oct, 2015 5 commits
-
-
Stephen Hemminger authored
-
Roopa Prabhu authored
replace exit with return -2 on rtnl_talk failure Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
Wilson Kok authored
This patch adds fflush in fdb and mdb print functions Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com> Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
Phil Sutter authored
This has been inconsistent since the beginning of Git and seems to be merely a documentation leftover, therefore just remove it from help output and man page. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
When getopt_long encounters an option which has not been registered, it returns '?'. React upon that and call usage() instead of help() so ss returns with a non-zero exit status. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
- 16 Oct, 2015 7 commits
-
-
Roopa Prabhu authored
This patch updates ip-route man page with lwtunnel encap usage and description, covering MPLS and IP encapsulation. Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: Thomas Graf <tgraf@suug.ch> Acked-by: Jiri Benc <jbenc@redhat.com>
-
Roopa Prabhu authored
This patch adds support to parse and print lwtunnel encapsulation attributes attached to routes for MPLS and IP tunnels. example: Add ipv4 route with mpls encap attributes: Examples: MPLS: $ ip route add 40.1.2.0/30 encap mpls 200 via inet 40.1.1.1 dev eth3 $ ip route show 40.1.2.0/30 encap mpls 200 via 40.1.1.1 dev eth3 Add ipv4 multipath route with mpls encap attributes: $ ip route add 10.1.1.0/30 nexthop encap mpls 200 via 10.1.1.1 dev eth0 \ nexthop encap mpls 700 via 40.1.1.2 dev eth3 $ ip route show 10.1.1.0/30 nexthop encap mpls 200 via 10.1.1.1 dev eth0 weight 1 nexthop encap mpls 700 via 40.1.1.2 dev eth3 weight 1 IP: $ ip route add 10.1.1.1/24 encap ip id 200 dst 20.1.1.1 dev vxlan0 Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: Thomas Graf <tgraf@suug.ch> Acked-by: Jiri Benc <jbenc@redhat.com>
-
Stephen Hemminger authored
Files needed for new lwtunnel code.
-
Stephen Hemminger authored
-
Phil Sutter authored
Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Roopa Prabhu authored
It helps to grep for one string "Deleted" when monitoring all events. Fixes: 6ea3ebaf ("iproute2: inform user when a neighbor is removed") Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
-
Roopa Prabhu authored
This patch introduces two new api's rta_nest and rta_nest_end to nest attributes inside a rta attribute represented by 'struct rtattr' as required to construct a nexthop. Also adds rta_addattr* variants for u8, u16 and u64 as needed to support encapsulation. Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: Thomas Graf <tgraf@suug.ch> Acked-by: Jiri Benc <jbenc@redhat.com>
-
- 12 Oct, 2015 14 commits
-
-
Stephen Hemminger authored
-
willy tarreau authored
I've updated Jose's patch to make it slightly simpler (eg: calloc instead of malloc+memset), and ported it to 4.2.0 which requires it as well, and attached it to this e-mail. I can confirm that with this patch 4.1.1 doesn't segfault on me anymore. The commit message should be reworked I guess though everything's in it and I didn't want to modify his description. Can it be merged as-is or should I reword the commit message and reference Jose as the fix reporter ? We should not let this bug live forever. From: "j.ps@openmailbox.org" <j.ps@openmailbox.org> Essentially all that is needed to get rid of this issue is the addition of: memset(u, 0, sizeof(*u)); after: if (!(u = malloc(sizeof(*u)))) break; Also patched some other situations (strcpy and sprintf uses) that potentially produce the same results. Signed-off-by: Jose P Santos <j.ps@openmailbox.org> [ wt: made Jose's patch slightly simpler, all credits to him for the diag ] Signed-off-by: Willy Tarreau <w@1wt.eu>
-
Phil Sutter authored
Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
This flag is allowed for devices in passthru mode to prevent forcing the underlying interface into promiscuous mode. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Phil Sutter authored
After eliminating the minor differences in both files which existed solely because features/fixes were applied to only one of them and not the other, the remaining differences were in function naming and error messages. The latter is addressed by using the 'id' field of struct link_util. Fold both files into one in order to share common code and eliminate the chance of having fixes/enhancements applied to only one of them. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Daniel Borkmann authored
After the patch, the most minimal command to load an eBPF action for late binding with auto index selection through tc is: tc actions add action bpf obj prog.o We already set TC_ACT_PIPE in tc as default opcode, so if nothing further has been specified, just use it. Also, allow "ok" next to "pass" for matching cmdline on TC_ACT_OK. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
David Ahern authored
Add ifindex to dump request when filtering by device. If the kernel supports it adding the index to the request limits the amount of data the kernel pushes to userpsace. The feature exists in userspace already, so no need to warn the user if kernel side support does not exist. Using the kernel side filter makes the request more efficient. Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
-
Daniel Borkmann authored
When having optional classid, most minimal command can be sth like: tc filter add dev foo parent X: bpf obj prog.o Therefore, adapt the code so that a next argument will not be enforced as the case currently. Also, minor cleanup on the classid, where we should rather have used addattr32(), and add flags for exec configuration, for example (using short notation): tc filter add dev foo parent X: bpf da obj prog.o Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@plumgrid.com>
-
David Ahern authored
Add support for filtering neighbor dumps by master device. Kernel side support provided by commit 21fdd092acc7. Since the feature is not available in older kernels the user is given a warning message if the kernel does not support the request. Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
-
Satish Ashok authored
This patch documents bridge and ip -timestamp option Signed-off-by: Satish Ashok <sashok@cumulusnetworks.com>
-
Wilson Kok authored
This patch adds support to batch bridge commands. Follows ip batch code. Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com> Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Acked-by: Christophe Gouault <christophe.gouault@6wind.com>
-
Stephen Hemminger authored
-
- 07 Oct, 2015 4 commits
-
-
Christophe Gouault authored
Support quoting strings with " or ' in an iproute2 batch file. Enables to configure empty crypto keys (for ESP-null) or keys with spaces: xfrm state add src 1.1.1.1 dst 2.2.2.2 proto ah spi 0x1 \ mode tunnel auth hmac(sha1) "r4ezR/@kd6'749f2 6zf$" xfrm state add src 5.5.5.5 dst 2.2.2.2 proto esp spi 0x2 \ mode tunnel enc cipher_null "" Signed-off-by: Christophe Gouault <christophe.gouault@6wind.com>
-
Christoph Schulz authored
Device names that match "help" or a prefix thereof should be allowed anywhere a device name can be used. Note that a suitable keyword ("dev" or "name", the latter for "ip tunnel") has to be used in these cases to resolve ambiguities. Signed-off-by: Christoph Schulz <develop@kristov.de> Reported-by: Leonhard Preis <leonhard@pre.is> Reported-by: Wilhelm Wijkander <lists@0x5e.se>
-
Stephen Hemminger authored
-
Richard Alpe authored
This patch adds man pages for the TIPC tool. There is one main page and one page for each top level sub-command. These pages mainly aims to help a user of the tipc tool. In addition to this they describe a bit about what TIPC is and some of its features as a protocol. Signed-off-by: Richard Alpe <richard.alpe@ericsson.com> Reviewed-by: Erik Hugne <erik.hugne@ericsson.com> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com>
-
- 25 Sep, 2015 5 commits
-
-
Stephen Hemminger authored
-
Eric Dumazet authored
linux-3.19 fq packet scheduler got a new attribute, controlling number of 'flows' holding packets not attached to a socket (forwarding usage) kernel commit is 06eb395fa9856b5a87cf7d80baee2a0ed3cdb9d7 ("pkt_sched: fq: better control of DDOS traffic") This patch adds corresponding code to tc command. tc qd replace dev eth0 root fq orphan_mask 511 Signed-off-by: Eric Dumazet <edumazet@google.com>
-
Dan Webster authored
Commit 1527a17e introduced a change where the second of two ssfilter_parse() calls in ss.c was moved outside of a conditional block (ss.c: ~3575). This commit enabled the parsing of services, such as 'sport = :ssh', but inadvertently broke the '-F' file-based filtering:
-
Florian Westphal authored
Partially based on kernel Kconfig help text, code comments and git commit messages from Eric Dumazet. Joint work with Phil Sutter. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
-
Eric Dumazet authored
Support -timestamp and -tshort options for tc monitor like ip monitor. # tc -tshort monitor [2015-09-23T16:39:11.260555] qdisc fq 8003: dev eth0 root refcnt 2 limit 10000p flow_limit 100p buckets 1024 quantum 3028 initial_quantum 15140 refill_delay 40.0ms Signed-off-by: Eric Dumazet <edumazet@google.com>
-
- 23 Sep, 2015 1 commit
-
-
David Ahern authored
The brief format does not honer the master and type filters: $ ip link show master vrf-mgmt 7: dummy0: <BROADCAST,NOARP,SLAVE> mtu 1500 qdisc noop master vrf-mgmt state DOWN mode DEFAULT group default qlen 1000 link/ether 66:39:cc:2b:e9:bd brd ff:ff:ff:ff:ff:ff $ ip -br link show master vrf-mgmt lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> eth0 UP 08:00:27:de:14:c8 <BROADCAST,MULTICAST,UP,LOWER_UP> eth1 UP 08:00:27:87:02:f1 <BROADCAST,MULTICAST,UP,LOWER_UP> eth2 UP 08:00:27:61:1e:fd <BROADCAST,MULTICAST,UP,LOWER_UP> vrf-blue UNKNOWN a6:3f:09:34:7e:74 <NOARP,MASTER,UP,LOWER_UP> vrf-red DOWN fe:a2:2d:e1:bc:ac <NOARP,MASTER> dummy0 DOWN 66:39:cc:2b:e9:bd <BROADCAST,NOARP,SLAVE> dummy1 DOWN 4a:4f:13:91:64:b1 <BROADCAST,NOARP,SLAVE> dummy2 DOWN b2:4f:b6:cd:bd:a6 <BROADCAST,NOARP> dummy3 DOWN 1e:06:3d:40:b8:c2 <BROADCAST,NOARP,SLAVE> vrf-mgmt DOWN ce:b2:74:41:21:df <NOARP,MASTER> With this patch the expected output is shown: $ ip -br link show master vrf-mgmt dummy0 DOWN 66:39:cc:2b:e9:bd <BROADCAST,NOARP,SLAVE> Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
-