- 18 Jan, 2016 7 commits
-
-
Daniel Borkmann authored
eBPF llvm backend can support different BPF formats, make sure the object we're trying to load matches with regards to endiannes and while at it, also check for other attributes related to BPF ELFs. # llc --version LLVM (http://llvm.org/): LLVM version 3.8.0svn Optimized build. Built Jan 9 2016 (02:08:10). Default target: x86_64-unknown-linux-gnu Host CPU: ivybridge Registered Targets: bpf - BPF (host endian) bpfeb - BPF (big endian) bpfel - BPF (little endian) [...] Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org>
-
Daniel Borkmann authored
When extracting sections, we better check for name and type. Noticed that some llvm versions emit .strtab and .shstrtab (e.g. saw it on pre 3.7), while more recent ones only seem to emit .strtab. Thus, make sure we get the right sections. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org>
-
Daniel Borkmann authored
Add the tc part for the kernel commit 1f211a1b929c ("net, sched: add clsact qdisc"). Quoting example usage from that commit description: Example, adding qdisc: # tc qdisc add dev foo clsact # tc qdisc show dev foo qdisc mq 0: root qdisc pfifo_fast 0: parent :1 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc pfifo_fast 0: parent :2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc pfifo_fast 0: parent :3 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc pfifo_fast 0: parent :4 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc clsact ffff: parent ffff:fff1 Adding filters (deleting, etc works analogous by specifying ingress/egress): # tc filter add dev foo ingress bpf da obj bar.o sec ingress # tc filter add dev foo egress bpf da obj bar.o sec egress # tc filter show dev foo ingress filter protocol all pref 49152 bpf filter protocol all pref 49152 bpf handle 0x1 bar.o:[ingress] direct-action # tc filter show dev foo egress filter protocol all pref 49152 bpf filter protocol all pref 49152 bpf handle 0x1 bar.o:[egress] direct-action The ingress parent alias can also be used with ingress qdisc. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Daniel Borkmann authored
Clean it up a bit, we can also get rid of some ugly ifdefs as in our case TC_H_INGRESS is always defined. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
-
Stephen Hemminger authored
This reverts commit 8f80d450.
-
- 11 Jan, 2016 6 commits
-
-
Richard Alpe authored
This enables a user to remove an offline peer from the kernel data structures. This could for example be useful when deliberately scaling in peer nodes in a cloud environment. Signed-off-by: Richard Alpe <richard.alpe@ericsson.com> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com> Reviewed-by: Ying Xue <ying.xue@windriver.com>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
This reverts commit d4585a4b. This commit is meant for later kernel.
-
Jamal Hadi Salim authored
since all tc classifiers are required to specify ethertype as part of grammar By not allowing eth_type to be specified we remove contradiction for example when a user specifies: tc filter add ... priority xxx protocol ip flower eth_type ipv6 This patch removes that contradiction Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
-
Julien Floret authored
gcc < 4.6 does not handle C11 syntax for the static initialization of anonymous struct/union, hence the following error: tc_bpf.c:260: error: unknown field map_type specified in initializer Signed-off-by: Julien Floret <julien.floret@6wind.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net>
-
Roopa Prabhu authored
This patch replaces exits with returns in iplink command. Helps to continue on errors when invoked with ip -force -batch. Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
- 07 Jan, 2016 1 commit
-
-
Phil Sutter authored
When specifying a conntrack zone, the 'zone' keyword has to be used before the actual zone index. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
- 06 Jan, 2016 7 commits
-
-
Stephen Hemminger authored
The FQ man page was not following whatis formatting rules.
-
Richard Alpe authored
This enables a user to remove an offline peer from the kernel data structures. This could for example be useful when deliberately scaling in peer nodes in a cloud environment. Signed-off-by: Richard Alpe <richard.alpe@ericsson.com> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com> Reviewed-by: Ying Xue <ying.xue@windriver.com>
-
Richard Alpe authored
-
Bjørn Mork authored
Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Bjørn Mork <bjorn@mork.no>
-
Bjørn Mork authored
"random" is a new IPv6 addrgenmode, enabling "stable_secret" type addresses with an auto-generated secret. $ ip link set eth0 addrgenmode random $ ip -d link show dev eth0 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000 link/ether 00:21:86:a3:25:7d brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode random Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Bjørn Mork <bjorn@mork.no>
-
Bjørn Mork authored
It is possible to switch to another addrgenmode after setting a valid secret. Allow switching back without reconfiguring the secret for completeness. Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Bjørn Mork <bjorn@mork.no>
-
Stephen Hemminger authored
still have issues with xtables
-
- 03 Jan, 2016 1 commit
-
-
Stephen Hemminger authored
Keep in sync with current iptables upstream
-
- 31 Dec, 2015 4 commits
-
-
Stephen Hemminger authored
Track any coverity overrides for this project. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
Stephen Hemminger authored
Error handling was silent and had leaks. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
Stephen Hemminger authored
In some cases passing file to monitor left file open. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
Stephen Hemminger authored
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
- 30 Dec, 2015 2 commits
-
-
Hangbin Liu authored
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
-
Hangbin Liu authored
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
-
- 22 Dec, 2015 3 commits
-
-
Hangbin Liu authored
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
-
Stephen Hemminger authored
-
Phil Sutter authored
I repeatedly failed to get this right, so now I have to clean up my mess afterwards. Fixes: 7d6aadcd ("ip{,6}tunnel: have a shared stats parser/printer") Signed-off-by: Phil Sutter <phil@nwl.cc>
-
- 18 Dec, 2015 9 commits
-
-
Phil Sutter authored
This has a slight side-effect of not aborting when /proc/net/dev is malformed, but OTOH stats are not parsed for uninteresting interfaces. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Paolo Abeni authored
Currently ip6 encap support for lwtunnel is missing. This patch implement it, mostly duplicating the ipv4 parts. Also be sure to insert a space after the encap type, when showing lwtunnel, to avoid the tunnel type and the following argument being merged into a single word. Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-
Paolo Abeni authored
This patch add support for IFLA_GRE_COLLECT_METADATA via the 'external' keyword to the gre link. Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-
Paolo Abeni authored
This patch add support for IFLA_VXLAN_COLLECT_METADATA via the 'external' keyword to the vxlan link. Also enforce mutual exclusion between 'vni' and 'external'. Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-
Hannes Frederic Sowa authored
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
-
Daniel Borkmann authored
Fix a whitespace in bpf_dump_error() usage, and also a missing closing bracket in ntohl() macro for eBPF programs. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Stephen Hemminger authored
Current headers for net-next
-
Stephen Hemminger authored
-
Paolo Abeni authored
Currently parse_encap_ip() does not update correctly argv/argc; if multiple lwtunnel arguments are provided, the parsing fails after the first one, i.e. ip route add 172.16.101.0/24 dev vxlan1 encap ip id 42 dst 192.168.255.1 fails with: Error: either "to" is duplicate, or "dst" is a garbage. This commit addresses the issue, stepping to next argument at each iteration of the parsing loop. Fixes: 1e529305 ("lwtunnel: Add encapsulation support to ip route") Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-