1. 26 Dec, 2009 8 commits
    • Stephen Hemminger's avatar
      iproute2-091226 · abdd9bf7
      Stephen Hemminger authored
      abdd9bf7
    • Andreas Henriksson's avatar
      Slightly improve the configure script. · f1a0125b
      Andreas Henriksson authored
      Split up in functions. Make XT checks bail if previous XT check
      was successful.
      
      This result improves the output of the configure script to not indicate
      using iptables only because the last test failed (when previous ones could
      have already succeded).
      Signed-off-by: default avatarAndreas Henriksson <andreas@fatal.se>
      f1a0125b
    • Stephen Hemminger's avatar
      Fix warning about sprintf() and NSTAT_HIST · 896ebd6c
      Stephen Hemminger authored
      The environment variable could contain format characters, causing
      problems. Better to just use it directly.
      896ebd6c
    • Stephen Hemminger's avatar
      985f4578
    • Simon Horman's avatar
      flush secondary addresses before primary ones · b49240ec
      Simon Horman authored
      Unless promote_secondaries has been active deleting the primary address of
      an interface will automatically delete all the secondary addresses.
      
      In the case where ip flush requests the primary then secondary addresses to
      be removed - which is the order the addresses are returned by the kernel -
      this will cause an error as by the time the request to remove a secondary
      address is made it will be missing as it will have been deleted in the
      course of deleting the primary address.
      
      This approach to solving this problem orders requests for the
      deletion of secondary addresses before primary ones providing
      rtnl_dump_filter_l(), a version of rtnl_dump_filter() that
      iterates over a list of filters. And by providing two specialised
      filters print_addrinfo_secondary() and print_addrinfo_primary().
      
      rtnl_dump_filter_l() first iterates over all addresses using
      print_addrinfo_secondary(), which appends secondary addresses to the
      request buffer.  Then again using print_addrinfo_primary() which appends
      primary addresses.
      
      This approach should work regardless of it promote_secondaries is
      active or not. And regardless of if any primary of secondary addresses
      are present or not.
      Signed-off-by: default avatarSimon Horman <horms@verge.net.au>
      b49240ec
    • Andreas Henriksson's avatar
      Add new (iptables 1.4.5 compatible) tc/ipt/xt module. · a36ceb85
      Andreas Henriksson authored
      Add a new cleaned up m_xt.c based on m_xt_old.c
      The new m_xt.c has been updated to use the new names and new api
      that xtables exposes in iptables 1.4.5.
      All the old internal api cruft has also been dropped.
      
      Additionally, a configure script test is added to check for
      the new xtables api and set the TC_CONFIG_XT flag in Config.
      (tc/Makefile already handles this flag in previous commit.)
      Signed-off-by: default avatarAndreas Henriksson <andreas@fatal.se>
      a36ceb85
    • Andreas Henriksson's avatar
      Keep the old tc/ipt/xt module for compatibility. · 80d689d0
      Andreas Henriksson authored
      Move the file and rename the configure flags.
      The file is being kept around for iptables < 1.4.5 compatibility.
      Signed-off-by: default avatarAndreas Henriksson <andreas@fatal.se>
      80d689d0
    • Andreas Henriksson's avatar
      iproute: make ss --help output to stdout · 7a96e199
      Andreas Henriksson authored
      Peter Palfrader said in http://bugs.debian.org/545008 that
      "--help output, if explicitly requested, should go to stdout, not stderr."
      which this patch fixes.
      
      Additionally, the exit code was adjusted to success if help was
      explicitly requested.
      
      (Syntax error still outputs to stderr and has the same exit code.)
      Signed-off-by: default avatarAndreas Henriksson <andreas@fatal.se>
      7a96e199
  2. 02 Dec, 2009 3 commits
    • Patrick McHardy's avatar
      f_fw: fix compat mode · c90308ff
      Patrick McHardy authored
      The kernel takes a lack of options as indication that the fw classifier
      should operate in compatibility mode, where marks are mapped directly to
      classids.
      
      Commit e22b42a2 (tc mask patch) broke this by adding an empty TCA_OPTIONS
      attribute even if no handle is specified. Restore the old behaviour.
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      c90308ff
    • Andreas Henriksson's avatar
      iproute2: use -fPIC in lib/ · 6837f771
      Andreas Henriksson authored
      The static libnetlink.a library is exposed to other users in Debian via the
      "iproute-dev" package. Apparently people are interested in using it in their
      shared libraries and would like to see the code be position independent.
      
      Patch below makes the code under lib/ build with -fPIC.
      
      See http://bugs.debian.org/547602Signed-off-by: default avatarAndreas Henriksson <andreas@fatal.se>
      6837f771
    • Mark Borst's avatar
      iproute: "ip mroute show" doesn't show all output interfaces · 080b3ad4
      Mark Borst authored
      The command "ip mroute show" will only show the first Oif.
      
      mark@flappie:~$ ip mroute show
      (192.168.1.1, 224.0.0.123)       Iif: _rename    Oifs: eth1
      
      mark@flappie:~$ cat /proc/net/ip_mr_cache
      Group    Origin   Iif     Pkts    Bytes    Wrong Oifs
      7B0000E0 0101A8C0 2          0        0        0  0:1    1:1
      
      This shows 2 Oifs here. However, ipmroute.c, function read_mroute_list(), uses sscanf() with a %s mask for oiflist, which stops after the first whitespace (i.e. after Oif 0:1). The patch below fixes this to read until the newline (though I'm not sure whether this is the proper way to fix it).
      
      After this patch:
      mark@flappie:~/iproute-20090324/ip$ ./ip mroute show
      (192.168.1.1, 224.0.0.123)       Iif: _rename    Oifs: eth1 eth0
      
      This patch originally submitted as http://bugs.debian.org/550097Signed-off-by: default avatarAndreas Henriksson <andreas@fatal.se>
      080b3ad4
  3. 01 Dec, 2009 5 commits
  4. 17 Nov, 2009 1 commit
  5. 13 Nov, 2009 3 commits
  6. 10 Nov, 2009 7 commits
    • Stephen Hemminger's avatar
      Add static-syms.h to ignore · a6992a9c
      Stephen Hemminger authored
      a6992a9c
    • Mike Frysinger's avatar
      support static-only systems · f2e27cfb
      Mike Frysinger authored
      The iptables code supports a "no shared libs" mode where it can be used
      without requiring dlfcn related functionality.  This adds similar support
      to iproute2 so that it can easily be used on systems like nommu Linux (but
      obviously with a few limitations -- no dynamic plugins).
      
      Rather than modify every location that uses dlfcn.h, I hooked the dlfcn.h
      header with stub functions when shared library support is disabled.  Then
      symbol lookup is done via a local static lookup table (which is generated
      automatically at build time) so that internal symbols can be found.
      Signed-off-by: default avatarMike Frysinger <vapier@gentoo.org>
      f2e27cfb
    • Mike Frysinger's avatar
      arpd/ifstat/nstat/rtacct: use daemon() · a7a9ddbb
      Mike Frysinger authored
      A bunch of misc utils basically reimplement the daemon() function (the
      whole fork/close/chdir/etc...).  Rather than do that, use daemon() as
      that will work under nommu Linux systems that lack fork().
      Signed-off-by: default avatarMike Frysinger <vapier@gentoo.org>
      a7a9ddbb
    • Patrick McHardy's avatar
      iproute uses too small of a receive buffer · 7f03191f
      Patrick McHardy authored
      It uses 1MB as receive buf limit by default (without
      increasing /proc/sys/net/core/rmem_max it will be limited by less
      however) and allows to specify the size manually using "-rcvbuf X"
      (-r is already used, so you need to specify at least -rc).
      
      Additionally rtnl_listen() continues on ENOBUFS after printing the
      error message.
      7f03191f
    • Sven Anders's avatar
      Fix flushing code - rtnl_send_check · 24f38182
      Sven Anders authored
      I experienced an error, if I try to perform a
      
        ip route flush proto 4
      
      with many routes in a complex environment, it
      gave me the following error:
      
        Failed to send flush request: Success
        Flush terminated
      24f38182
    • Stephen Hemminger's avatar
      Consolidate fprintf statements · 8a1c7fcb
      Stephen Hemminger authored
      Doing one item per call is like old MODULA2 code.
      8a1c7fcb
    • Stephen Hemminger's avatar
      Update to 2.6.32 kernel headers · 8007bfb5
      Stephen Hemminger authored
      8007bfb5
  7. 11 Sep, 2009 2 commits
  8. 10 Sep, 2009 1 commit
  9. 26 Aug, 2009 1 commit
  10. 06 Aug, 2009 4 commits
  11. 13 Jul, 2009 1 commit
  12. 26 May, 2009 4 commits