- 18 Jan, 2016 11 commits
-
-
Lorenzo Colitti authored
This patch adds a -K / --kill option to ss that attempts to forcibly close matching sockets using SOCK_DESTROY. Because ss typically prints sockets instead of acting on them, and because the kernel only supports forcibly closing some types of sockets, the output of -K is as follows: - If closing the socket succeeds, the socket is printed. - If the kernel does not support forcibly closing this type of socket (e.g., if it's a UDP socket, or a TIME_WAIT socket), the socket is silently skipped. - If an error occurs (e.g., permission denied), the error is reported and ss exits. Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
-
Lorenzo Colitti authored
This change is a no-op, as currently no code uses rtnl_talk on NETLINK_SOCK_DIAG_BY_FAMILY sockets. It is needed to suppress spurious errors when using SOCK_DESTROY via rtnl_talk. Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
-
Thomas Faivre authored
grff wrapper returns warnings when parsing the ip-link.8.in file. How to reproduce: $ man --warnings ip-link > /dev/null `R' is a string (producing the registered sign), not a macro. [...] Signed-off-by: Thomas Faivre <thomas.faivre@6wind.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
-
Thomas Faivre authored
Options 'group' and 'remote' cannot take 'any' as value but 'local' can. Signed-off-by: Thomas Faivre <thomas.faivre@6wind.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
-
Daniel Borkmann authored
eBPF llvm backend can support different BPF formats, make sure the object we're trying to load matches with regards to endiannes and while at it, also check for other attributes related to BPF ELFs. # llc --version LLVM (http://llvm.org/): LLVM version 3.8.0svn Optimized build. Built Jan 9 2016 (02:08:10). Default target: x86_64-unknown-linux-gnu Host CPU: ivybridge Registered Targets: bpf - BPF (host endian) bpfeb - BPF (big endian) bpfel - BPF (little endian) [...] Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org>
-
Daniel Borkmann authored
When extracting sections, we better check for name and type. Noticed that some llvm versions emit .strtab and .shstrtab (e.g. saw it on pre 3.7), while more recent ones only seem to emit .strtab. Thus, make sure we get the right sections. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org>
-
Daniel Borkmann authored
Add the tc part for the kernel commit 1f211a1b929c ("net, sched: add clsact qdisc"). Quoting example usage from that commit description: Example, adding qdisc: # tc qdisc add dev foo clsact # tc qdisc show dev foo qdisc mq 0: root qdisc pfifo_fast 0: parent :1 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc pfifo_fast 0: parent :2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc pfifo_fast 0: parent :3 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc pfifo_fast 0: parent :4 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 qdisc clsact ffff: parent ffff:fff1 Adding filters (deleting, etc works analogous by specifying ingress/egress): # tc filter add dev foo ingress bpf da obj bar.o sec ingress # tc filter add dev foo egress bpf da obj bar.o sec egress # tc filter show dev foo ingress filter protocol all pref 49152 bpf filter protocol all pref 49152 bpf handle 0x1 bar.o:[ingress] direct-action # tc filter show dev foo egress filter protocol all pref 49152 bpf filter protocol all pref 49152 bpf handle 0x1 bar.o:[egress] direct-action The ingress parent alias can also be used with ingress qdisc. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Daniel Borkmann authored
Clean it up a bit, we can also get rid of some ugly ifdefs as in our case TC_H_INGRESS is always defined. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
-
Stephen Hemminger authored
This reverts commit 8f80d450.
-
- 11 Jan, 2016 6 commits
-
-
Richard Alpe authored
This enables a user to remove an offline peer from the kernel data structures. This could for example be useful when deliberately scaling in peer nodes in a cloud environment. Signed-off-by: Richard Alpe <richard.alpe@ericsson.com> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com> Reviewed-by: Ying Xue <ying.xue@windriver.com>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
This reverts commit d4585a4b. This commit is meant for later kernel.
-
Jamal Hadi Salim authored
since all tc classifiers are required to specify ethertype as part of grammar By not allowing eth_type to be specified we remove contradiction for example when a user specifies: tc filter add ... priority xxx protocol ip flower eth_type ipv6 This patch removes that contradiction Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
-
Julien Floret authored
gcc < 4.6 does not handle C11 syntax for the static initialization of anonymous struct/union, hence the following error: tc_bpf.c:260: error: unknown field map_type specified in initializer Signed-off-by: Julien Floret <julien.floret@6wind.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net>
-
Roopa Prabhu authored
This patch replaces exits with returns in iplink command. Helps to continue on errors when invoked with ip -force -batch. Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
- 07 Jan, 2016 1 commit
-
-
Phil Sutter authored
When specifying a conntrack zone, the 'zone' keyword has to be used before the actual zone index. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
- 06 Jan, 2016 7 commits
-
-
Stephen Hemminger authored
The FQ man page was not following whatis formatting rules.
-
Richard Alpe authored
This enables a user to remove an offline peer from the kernel data structures. This could for example be useful when deliberately scaling in peer nodes in a cloud environment. Signed-off-by: Richard Alpe <richard.alpe@ericsson.com> Reviewed-by: Jon Maloy <jon.maloy@ericsson.com> Reviewed-by: Ying Xue <ying.xue@windriver.com>
-
Richard Alpe authored
-
Bjørn Mork authored
Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Bjørn Mork <bjorn@mork.no>
-
Bjørn Mork authored
"random" is a new IPv6 addrgenmode, enabling "stable_secret" type addresses with an auto-generated secret. $ ip link set eth0 addrgenmode random $ ip -d link show dev eth0 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000 link/ether 00:21:86:a3:25:7d brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode random Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Bjørn Mork <bjorn@mork.no>
-
Bjørn Mork authored
It is possible to switch to another addrgenmode after setting a valid secret. Allow switching back without reconfiguring the secret for completeness. Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Bjørn Mork <bjorn@mork.no>
-
Stephen Hemminger authored
still have issues with xtables
-
- 03 Jan, 2016 1 commit
-
-
Stephen Hemminger authored
Keep in sync with current iptables upstream
-
- 31 Dec, 2015 4 commits
-
-
Stephen Hemminger authored
Track any coverity overrides for this project. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
Stephen Hemminger authored
Error handling was silent and had leaks. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
Stephen Hemminger authored
In some cases passing file to monitor left file open. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
Stephen Hemminger authored
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
- 30 Dec, 2015 2 commits
-
-
Hangbin Liu authored
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
-
Hangbin Liu authored
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
-
- 22 Dec, 2015 3 commits
-
-
Hangbin Liu authored
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
-
Stephen Hemminger authored
-
Phil Sutter authored
I repeatedly failed to get this right, so now I have to clean up my mess afterwards. Fixes: 7d6aadcd ("ip{,6}tunnel: have a shared stats parser/printer") Signed-off-by: Phil Sutter <phil@nwl.cc>
-
- 18 Dec, 2015 5 commits
-
-
Phil Sutter authored
This has a slight side-effect of not aborting when /proc/net/dev is malformed, but OTOH stats are not parsed for uninteresting interfaces. Signed-off-by: Phil Sutter <phil@nwl.cc>
-
Paolo Abeni authored
Currently ip6 encap support for lwtunnel is missing. This patch implement it, mostly duplicating the ipv4 parts. Also be sure to insert a space after the encap type, when showing lwtunnel, to avoid the tunnel type and the following argument being merged into a single word. Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-
Paolo Abeni authored
This patch add support for IFLA_GRE_COLLECT_METADATA via the 'external' keyword to the gre link. Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-
Paolo Abeni authored
This patch add support for IFLA_VXLAN_COLLECT_METADATA via the 'external' keyword to the vxlan link. Also enforce mutual exclusion between 'vni' and 'external'. Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-
Hannes Frederic Sowa authored
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
-