Use the IPv4/IPv6/TCP/UDP multicast groups of NETLINK_SOCK_DIAG
to filter and display socket statistics as they are destroyed.

Kernel support patch series: 24029a3603cfa633e8bc2b3fb3e48e76c497831d
Signed-off-by: Craig Gallek <kraig@google.com>

This patch adds support to set bridge stp priority via IFLA_BR_PRIORITY.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>

This patch adds support to set stp_state via IFLA_BR_STP_STATE.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>

This patch adds support to set ageing_time via IFLA_BR_AGEING_TIME.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>

This patch adds support to retrieve the new bond slave attributes:
IFLA_BOND_SLAVE_AD_ACTOR_OPER_PORT_STATE
IFLA_BOND_SLAVE_AD_PARTNER_OPER_PORT_STATE
which are read-only.

(Removed if_link.h changes already updated in net-next)
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>

Enable reading and displaying SRIOV VFs traffic statistics through
the host PF netdevice using the nested IFLA_VF_STATS attribute.
Signed-off-by: Eran Ben Elisha <eranbe@mellanox.com>
Signed-off-by: Hadar Hen Zion <hadarh@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>

This patch fixes incorrect -EINVAL errors due to invalid
scope and type during mpls route deletes.

$ip -f mpls route add 100 as 200 via inet 10.1.1.2 dev swp1

$ip -f mpls route show
100 as to 200 via inet 10.1.1.2 dev swp1

$ip -f mpls route del 100 as 200 via inet 10.1.1.2 dev swp1
RTNETLINK answers: Invalid argument

$ip -f mpls route del 100
RTNETLINK answers: Invalid argument

After patch:

$ip -f mpls route show
100 as to 200 via inet 10.1.1.2 dev swp1

$ip -f mpls route del 100 as 200 via inet 10.1.1.2 dev swp1

$ip -f mpls route show

Always set type to RTN_UNICAST for mpls route add/deletes.
Also to keep things consistent with kernel set scope to
RT_SCOPE_UNIVERSE for both mpls and ipv6 routes. Both mpls and ipv6 route
deletes ignore scope.
Suggested-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Vivek Venkataraman <vivek@cumulusnetworks.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>

Two new tcp_info fields: tcpi_segs_in and tcpi_segs_out.
(2efd055c53c06b7e89c167c98069bab9afce7e59)

~: ss -ti src :22
	 cubic wscale:7,6 rto:201 rtt:0.244/0.012 ato:40 mss:1418 cwnd:21 bytes_acked:80605 bytes_received:20491 segs_out:414 segs_in:600 send 976.3Mbps lastsnd:23 lastrcv:23 lastack:22 pacing_rate 1952.7Mbps rcv_rtt:98 rcv_space:28960
Signed-off-by: Craig Gallek <kraig@google.com>
Reviewed-by: Marcelo Ricardo Leitner <mleitner@redhat.com>

This update is to santized kernel headers from net-next.
With one change for fixing the in.h header incompatiablity
(already sent upstream).

Signed-off-by: John W. Linville <linville@tuxdriver.com>

Signed-off-by: John W. Linville <linville@tuxdriver.com>

Signed-off-by: John W. Linville <linville@tuxdriver.com>

Allow to retrieve uds path from the environment, facilitates
also dealing with export a bit.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

Kernel commit 04fd61ab36ec ("bpf: allow bpf programs to tail-call other
bpf programs") added support for tail calls, this patch here adds tc
front end parts for the object parser to prepopulate a given eBPF prog
array before the root prog is pushed down for classifier creation. The
prepopulation works with any number of prog arrays in any dependencies,
e.g. prog or normal maps could also be used from progs that are
tail-called themself, etc.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

Don't echo "-e" when using builtin echo in bash.

s->local.data is a pointer to a field of a non-NULL struct, and hence
cannot be NULL, thus comparing it to 0 is always false, and thus the
return is always false.

Presumably this was meant to be a check whether s->local.data[0] (which
I believe stores af_packet protocol) is 0, ie. ANY.

Change-Id: Ia232f5b06ce081e3b2fb6338f1a709cd94e03ae5
Fixes:
  ss.c:1018:37: error: comparison of array 's->local.data' equal to a null pointer is always false [-Werror,-Wtautological-pointer-compare]
    return s->lport == 0 && s->local.data == 0;
                            ~~~~~~~~~^~~~    ~
  1 error generated.

The initializers are simply not needed.

These if-blocks are outright dead code, because '0 > unsigned' is always
false, so only else clause triggers and regardless of which clause triggers
it only updates 'ind' which is later unconditionally written to before
being used anyway.

Otherwise we get errors from clang:

  m_pedit.c:166:8: error: comparison of 0 > unsigned expression is always false [-Werror,-Wtautological-compare]
    if (0 > tkey->off) {
        ~ ^ ~~~~~~~~~
  m_pedit.c:209:8: error: comparison of 0 > unsigned expression is always false [-Werror,-Wtautological-compare]
    if (0 > tkey->off) {
        ~ ^ ~~~~~~~~~
  2 errors generated.

Change-Id: I3c9e9092915088fc56f992e5df736851541a4458

The command "ip mroute show" is not showing routes when "to" and/or "from"
filter is applied.

root@mazhar:~# ip mroute show
(10.202.30.101, 235.1.2.3)       Iif: eth0       Oifs: eth1

But When I applied filter, it does not show anything.

root@mazhar:~# ip mroute show 235.1.2.3 from 10.202.30.101
root@mazhar:~#
Signed-off-by: Mazhar Rana <ranamazharp@gmail.com>

If a tunnel is created with a local address, you can't change it to any.

 # ip tunnel add tunl1 mode ipip remote 10.16.42.37 local 10.16.42.214 ttl 64
 # ip tunnel show tunl1
 tunl1: ip/ip  remote 10.16.42.37  local 10.16.42.214  ttl 64
 # ip tunnel change tunl1 local any
 # echo $?
 0
 # ip tunnel show tunl1
 tunl1: ip/ip  remote 10.16.42.37  local 10.16.42.214  ttl 64

It happens that parse_args zeroes ip_tunnel_parm, and when creating the
tunnel, it is OK to leave it as is if the address is any. However, when
changing the tunnel, the current parameters will be read from
ip_tunnel_parm, and local and remote address won't be zeroes anymore, so
it needs to be explicitly set to any.
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>

Merge branch 'net-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2 into net-next

Added possibility to check command output by grep from the testing
script.

Now TMP_OUT & TMP_ERR are passed from Makefile and changed to
STD_ERR & STD_OUT.

Also changed some existing tests to make output testing.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>

The for loop should only probe up to G[i]bit rates, so that we
end up with T[i]bit as the last max units[] slot for snprintf(3),
and not possibly an invalid pointer in case rate is multiple of
kilo.

Fixes: 8cecdc28 ("tc: more user friendly rates")
Reported-by: Jose R. Guzman Mosqueda <jose.r.guzman.mosqueda@intel.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

ss currently dumps IPv4 sockets, then IPv6 sockets from the kernel,
even if -4 or -6 option was given. Filtering in user space then has to
drop all sockets of wrong family. Such a waste of time...

Before :

$ time ss -tn -4 | wc -l
251659

real	0m1.241s
user	0m0.423s
sys	0m0.806s

After:

$ time ss -tn -4 | wc -l
251672

real	0m0.779s
user	0m0.412s
sys	0m0.386s
Signed-off-by: Eric Dumazet <edumazet@google.com>

Lets implement a full cache with proper hash table, memory got cheaper
these days.

Before :

$ time ss -t | wc -l
529678

real	0m22.708s
user	0m19.591s
sys	0m2.969s

After :

$ time ss -t | wc -l
528291

real	0m5.078s
user	0m4.099s
sys	0m0.985s
Signed-off-by: Eric Dumazet <edumazet@google.com>

On Fri, 2015-05-29 at 13:30 +0300, Vadim Kochan wrote:
> From: Vadim Kochan <vadim4j@gmail.com>
>
> Use strdup instead of malloc, and get rid of bad strcpy.
>
> Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
> ---
>  misc/ss.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/misc/ss.c b/misc/ss.c
> index 347e3a1..a719466 100644
> --- a/misc/ss.c
> +++ b/misc/ss.c
> @@ -1908,8 +1908,7 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
>
>  		if (tb[INET_DIAG_CONG]) {
>  			const char *cong_attr = rta_getattr_str(tb[INET_DIAG_CONG]);
> -			s.cong_alg = malloc(strlen(cong_attr + 1));
> -			strcpy(s.cong_alg, cong_attr);
> +			s.cong_alg = strdup(cong_attr);
>  		}
>
>  		if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) {

I doubt TCP_CA_NAME_MAX will ever change in the kernel : 16 bytes.

Its typically "cubic" and less than 8 bytes.

Using 8 bytes to point to a malloc(8) is a waste.

Please remove the memory allocation, or store the pointer, since
tcp_show_info() does the malloc()/free() before return.

Indicate existence of libmnl which is required by tipc.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>

Make sure we use 64-bit filesystem functions everywhere.  This applies not
only to being able to read large files (which generally doesn't apply to
us), but also being able to simply stat them (as they might be using large
inodes).
Signed-off-by: Mike Frysinger <vapier@chromium.org>

Upstream changes removed some kernel only stuff from header file.

Conflicts:
	include/linux/tcp.h
	lib/libnetlink.c

The definition of offload flag changed during 4.1 rc process.

Pull in some changes like RTN_F_EXTERNAL

There have been several instances where response from kernel
has overrun the stack buffer from the caller. Avoid future problems
by passing a size argument.

Also drop the unused peer and group arguments to rtnl_talk.

Now it matches the size for the answer defined in rtnl_talk()
and prevents stack corruption with answer > 1024 bytes.

Allow the qdisc limit to be set, which is particularly useful when
the default VQ is not configured with RED parameters.
Signed-off-by: David Ward <david.ward@ll.mit.edu>

With this patch, it's now possible to listen in all netns that have an nsid
assigned into the netns where is socket is opened.
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>

With this patch, it's now possible to listen in all netns that have an nsid
assigned into the netns where the socket is opened.
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>

The goal of this patch is to avoid code duplication.
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>

There is no functional change with this commit. It only prepares the next one.
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>