- 26 Dec, 2009 14 commits
-
-
Arnd Bergmann authored
Macvlan can now optionally support forwarding between its ports, if they are in "bridge" mode. This adds support for this option to "ip link add", "ip link set" and "ip -d link show". The default mode in the kernel is now "vepa" mode, meaning "virtual ethernet port aggregator". This mode is used together with the "hairpin" mode of an ethernet bridge that the parent of the macvlan device is connected to. All frames still get sent out to the external interface, but the adjacent bridge is able to send them back on the same wire in hairpin mode, so the macvlan ports are able to see each other, which the bridge can be configured to monitor and control traffic between all macvlan instances. Multicast traffic coming in from the external interface is checked for the source MAC address and only delivered to ports that have not yet seen it. In bridge mode, macvlan will send all multicast traffic to other interfaces that are also in bridge mode but not to those in vepa mode, which get them on the way back from the hairpin. The third supported mode is "private", which prevents communication between macvlans even if the adjacent bridge is in hairpin mode. This behavior is closer to the original implementation of macvlan but stricly maintains isolation. Signed-off-by: Arnd Bergmann <arnd@arndb.de>
-
Brian Haley authored
Fix support for IFA_F_DADFAILED and update ip.8 man page. Signed-off-by: Brian Haley <brian.haley@hp.com>
-
Patrick McHardy authored
David Miller wrote: > From: Patrick McHardy <kaber@trash.net> > Date: Mon, 30 Nov 2009 19:00:14 +0100 > >> This patch contains iproute support for iprule oif classification >> for the send-to-self RFC I just sent out. > > Patrick, you need to submit a new version of this patch with > the FIB_RULE_* macro fixed, just like the kernel version got > fixed. Thanks for reminind me of this. New patch attached. commit 0fe5164cbaa1d65dda341075710be71bf1f32d10 Author: Patrick McHardy <kaber@trash.net> Date: Fri Dec 4 07:06:18 2009 +0100 iprule: add oif classification support Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Jamal Hadi Salim authored
This adds support for setting the skb mark. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
-
Patrick McHardy authored
This patch adds support for the VLAN loose binding flag that is supported in net-next to iplink_vlan. commit 870970deb6cbea7a5d4881bdd717304d5284d315 Author: Patrick McHardy <kaber@trash.net> Date: Tue Dec 1 12:21:15 2009 +0100 iplink_vlan: add support for VLAN loose binding flag Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Stephen Hemminger authored
These corespond with 2.6.33-rc2
-
Stephen Hemminger authored
-
Andreas Henriksson authored
Split up in functions. Make XT checks bail if previous XT check was successful. This result improves the output of the configure script to not indicate using iptables only because the last test failed (when previous ones could have already succeded). Signed-off-by: Andreas Henriksson <andreas@fatal.se>
-
Stephen Hemminger authored
The environment variable could contain format characters, causing problems. Better to just use it directly.
-
Stephen Hemminger authored
-
Simon Horman authored
Unless promote_secondaries has been active deleting the primary address of an interface will automatically delete all the secondary addresses. In the case where ip flush requests the primary then secondary addresses to be removed - which is the order the addresses are returned by the kernel - this will cause an error as by the time the request to remove a secondary address is made it will be missing as it will have been deleted in the course of deleting the primary address. This approach to solving this problem orders requests for the deletion of secondary addresses before primary ones providing rtnl_dump_filter_l(), a version of rtnl_dump_filter() that iterates over a list of filters. And by providing two specialised filters print_addrinfo_secondary() and print_addrinfo_primary(). rtnl_dump_filter_l() first iterates over all addresses using print_addrinfo_secondary(), which appends secondary addresses to the request buffer. Then again using print_addrinfo_primary() which appends primary addresses. This approach should work regardless of it promote_secondaries is active or not. And regardless of if any primary of secondary addresses are present or not. Signed-off-by: Simon Horman <horms@verge.net.au>
-
Andreas Henriksson authored
Add a new cleaned up m_xt.c based on m_xt_old.c The new m_xt.c has been updated to use the new names and new api that xtables exposes in iptables 1.4.5. All the old internal api cruft has also been dropped. Additionally, a configure script test is added to check for the new xtables api and set the TC_CONFIG_XT flag in Config. (tc/Makefile already handles this flag in previous commit.) Signed-off-by: Andreas Henriksson <andreas@fatal.se>
-
Andreas Henriksson authored
Move the file and rename the configure flags. The file is being kept around for iptables < 1.4.5 compatibility. Signed-off-by: Andreas Henriksson <andreas@fatal.se>
-
Andreas Henriksson authored
Peter Palfrader said in http://bugs.debian.org/545008 that "--help output, if explicitly requested, should go to stdout, not stderr." which this patch fixes. Additionally, the exit code was adjusted to success if help was explicitly requested. (Syntax error still outputs to stderr and has the same exit code.) Signed-off-by: Andreas Henriksson <andreas@fatal.se>
-
- 02 Dec, 2009 3 commits
-
-
Patrick McHardy authored
The kernel takes a lack of options as indication that the fw classifier should operate in compatibility mode, where marks are mapped directly to classids. Commit e22b42a2 (tc mask patch) broke this by adding an empty TCA_OPTIONS attribute even if no handle is specified. Restore the old behaviour. Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Andreas Henriksson authored
The static libnetlink.a library is exposed to other users in Debian via the "iproute-dev" package. Apparently people are interested in using it in their shared libraries and would like to see the code be position independent. Patch below makes the code under lib/ build with -fPIC. See http://bugs.debian.org/547602Signed-off-by: Andreas Henriksson <andreas@fatal.se>
-
Mark Borst authored
The command "ip mroute show" will only show the first Oif. mark@flappie:~$ ip mroute show (192.168.1.1, 224.0.0.123) Iif: _rename Oifs: eth1 mark@flappie:~$ cat /proc/net/ip_mr_cache Group Origin Iif Pkts Bytes Wrong Oifs 7B0000E0 0101A8C0 2 0 0 0 0:1 1:1 This shows 2 Oifs here. However, ipmroute.c, function read_mroute_list(), uses sscanf() with a %s mask for oiflist, which stops after the first whitespace (i.e. after Oif 0:1). The patch below fixes this to read until the newline (though I'm not sure whether this is the proper way to fix it). After this patch: mark@flappie:~/iproute-20090324/ip$ ./ip mroute show (192.168.1.1, 224.0.0.123) Iif: _rename Oifs: eth1 eth0 This patch originally submitted as http://bugs.debian.org/550097Signed-off-by: Andreas Henriksson <andreas@fatal.se>
-
- 01 Dec, 2009 5 commits
-
-
Brian Haley authored
Add IFA_F_DADFAILED flag to denote an IPv6 address that has failed Duplicate Address Detection, that way tools like /sbin/ip can be more informative. 3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 2001:db8::1/64 scope global tentative dadfailed valid_lft forever preferred_lft forever Signed-off-by: Brian Haley <brian.haley@hp.com>
-
David Ward authored
After calling ll_init_map, all of the information stored in the link-layer map can be retrieved by function calls (ll_index_to_*), except for the link-layer address. This patch fills the gap by adding a ll_index_to_addr function. Changes welcome. Signed-off-by: David Ward <david.ward@ll.mit.edu>
-
Gilad Ben-Yossef authored
- Parse and handle the hoplimit ip route option and add it to the usage line and documentation. - Add the missing reordering ip route option to the usage line. - Add documentation for initcwnd ip route option. Tested by setting hoplimit and retreiving it via "show". Signed-off-by: Gilad Ben-Yossef <gilad@codefidence.com> [ported to HEAD, fixed a bug with hoplimit lock handling, added documentation] Signed-off-by: Ori Finkelman <ori@comsleep.com> Signed-off-by: Yony Amit <yony@comsleep.com>
-
Stephen Hemminger authored
Discourage developers from putting change log in comments now that software has been under change control for 5 years.
-
David Ward authored
Extend the link-layer address field from 8 to 20 bytes to support InfiniBand. Signed-off-by: David Ward <david.ward@ll.mit.edu>
-
- 17 Nov, 2009 1 commit
-
-
Stephen Hemminger authored
-
- 13 Nov, 2009 3 commits
-
-
Mike Frysinger authored
Revised version of Mike's original patch
-
Stephen Hemminger authored
Ignore files from cscope, patch, etc.
-
Mike Frysinger authored
A bunch of source files look like they're copy & pasted from other files, and some include header files that they don't actually need. Since dlfcn has very specific usage (and is a pain on a static-only system), drop it where it isn't really needed. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
-
- 10 Nov, 2009 7 commits
-
-
Stephen Hemminger authored
-
Mike Frysinger authored
The iptables code supports a "no shared libs" mode where it can be used without requiring dlfcn related functionality. This adds similar support to iproute2 so that it can easily be used on systems like nommu Linux (but obviously with a few limitations -- no dynamic plugins). Rather than modify every location that uses dlfcn.h, I hooked the dlfcn.h header with stub functions when shared library support is disabled. Then symbol lookup is done via a local static lookup table (which is generated automatically at build time) so that internal symbols can be found. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
-
Mike Frysinger authored
A bunch of misc utils basically reimplement the daemon() function (the whole fork/close/chdir/etc...). Rather than do that, use daemon() as that will work under nommu Linux systems that lack fork(). Signed-off-by: Mike Frysinger <vapier@gentoo.org>
-
Patrick McHardy authored
It uses 1MB as receive buf limit by default (without increasing /proc/sys/net/core/rmem_max it will be limited by less however) and allows to specify the size manually using "-rcvbuf X" (-r is already used, so you need to specify at least -rc). Additionally rtnl_listen() continues on ENOBUFS after printing the error message.
-
Sven Anders authored
I experienced an error, if I try to perform a ip route flush proto 4 with many routes in a complex environment, it gave me the following error: Failed to send flush request: Success Flush terminated
-
Stephen Hemminger authored
Doing one item per call is like old MODULA2 code.
-
Stephen Hemminger authored
-
- 11 Sep, 2009 2 commits
-
-
Eric Dumazet authored
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
-
Eric Dumazet authored
On 64bit arches, sk pointer was 32/32 reversed. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
-
- 10 Sep, 2009 1 commit
-
-
Stephen Hemminger authored
Final 2.6.31 released, so update sanitized headers.
-
- 26 Aug, 2009 1 commit
-
-
Stephen Hemminger authored
-
- 06 Aug, 2009 3 commits
-
-
Mike Frysinger authored
The q_atm.so target defines its own link target, but it doesn't respect the $(LDFLAGS) variable. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
-
Andreas Henriksson authored
Fix spelling (s/commoand/command/) in ip(8) manpage. Spotted by dann frazier <dannf@hp.com> - http://bugs.debian.org/539830
-
Stephen Hemminger authored
-