- avoid unncessary name change requests
The kernel does not check if the specified IFNAME is different
from the current name. It assumes that if IFNAME and ifindex
are both specified, a name change is requested. Therefore avoid
specyfing IFNAME if ifindex is provided and original and new
name are identical.
- move link building to own function (to allow link add later on)
- error if immutable changes have been made
- better documentation
Provide nl_pickup() to pick up an answer from a netlink request and parse
it using the supplied parser.
Add rtnl_link_get_kernel() which sends an RTM_GETLINK to the kernel to
fetch a single link directly from the kernel. This can be faster than
dumping the whole table, especially if lots of links are configured.
- removed dead functions in header files
- deprecated rtnl_class_foreach_*() functions due to their missing
handling possibility of OOM situations
- improved API documentation
Deprecated the functions rtnl_qdisc_change() and
rtnl_qdisc_build_change_request() for their lack of being able to
specify flags. The new functions rtnl_qdisc_update() and
rtnl_qdisc_build_update_request() may be used instead. The old
functions are still available though. However, rtnl_qdisc_update()
no longer implies NLM_F_REPLACE, it has to specified implicitely
to allow updating a qdisc without risking to replace another qdisc.
Included detailed documentation of qdisc addition/update/deletion.
Introduced APPBUG() macro to let application developer know of
API abuse.
Their usage is not completely safe, it is not possible to handle
the out of memory situation of the allocate filter. It is very
unlikely for this to cause any problem though.
The functions are still accessible but gcc will warn about their
deprecation.
This commit adds some missing files (some header files, the files below
/etc and the bison/flex files) to the distribution tarball to ensure
that libnl can be built from the tarballs created using "make dist".
It also adds some incantations to properly generate the flex and bison
output since the generated output is no longer shipped in the tarball.
Finally got rid of all the qdisc/class/cls code duplication in
the tc module API. The API takes care of allocation/freeing the
tc object specific data.
I hope I got it right this time.
Note: The code for this is not upstream yet.
Extends the link api to allow address family modules to fill a link
message and implements a AF_INET address family link module which
uses the new interface.
This feature isn't upstream yet. It's required to test a patch in
my local tree.
Makes the link parser understand IFLA_AF_SPEC and call the address
family specific parser.
Adds a family argument which allows to request link dumps for a certain
address family. This allows to f.e. dump ipv6 specific statistics and data.
nl-link-list --family inet6
Introduces a new API to handle address familiy specific link data such as
IFLA_PROTINFO. It provides entry hooks for parsing IFLA_PROTINFO attributes
and allows to include the parsed data when a link object is dumped.
- parse IFLA_IFALIAS if available
- provides API to access/change ifalias
rtnl_link_get_ifalias(link)
rtnl_link_set_ifalias(link, alias)
- extends nl-link-set to test functionality
Manually editing etc/libnl/classid before adding tc objects is a pain.
This patch adds code to attempt auto generating a unique tc id which
will then be assigned to the provided name and added to the classid
file.
This will make the following commands work with prior definitions of
the names "top" and "test"
sudo sbin/nl-qdisc-add --dev eth0 --parent root --id top htb
sudo sbin/nl-class-add --dev eth0 --parent top --id test htb --rate 100mbit
It will generate the following ids automatically:
4001: top
4001:1 test
- Fixes a bunch of bugs related to ematches
- Adds support for the nbyte ematch
- Adds a bison/flex parser for ematch expressions, expressions
may look like this:
ip.length > 256 && pattern(ip6.src = 3ffe::/16)
documenation on syntax follows
- adds ematch support to the basic classifier (--ematch EXPR)
This patch includes various bugfixes in the packet location parser.
Namely it removes two memory leaks if parsing fails. The parser is
correctly quit if an allocation error occurs and it is no longer
possible to add duplicates.
It removes the possibility to differ between net and host byteorder.
This is better done in the actual classifiers as it makes more sense
to specify this together with the value to compare against.
The patch also extends the API to add new packet locations via
rtnl_pktloc_add().
It introduces reference counting, therefore you now have to give
back packet locations with rtnl_pktloc_put() after looking them up
with rtnl_pktloc_lookup(). But you are allowed to keep using them
if the packet location file has been reread.
The packet location file now also understands "eth", "ip", and
"tcp" for "link", "net", and "transport".
A --list option has been added to nl-pktloc-lookup to list all
packet location definitions
A --u32=VALUE option has been added to let nl-pktloc-lookup print
the definition in iproute2's u32 selector style.
A manual page has been written for nl-pktloc-lookup.
Finally, nl-pktloc-lookup has been made installable.
So far all common tc atttributes were accessed via specific functions, i.e.
rtnl_class_set_parent(), rtnl_qdisc_set_parent(), rtnl_cls_set_parent()
which implied a lot of code duplication. Since all tc objects are derived
from struct rtnl_tc and these common attributes are already stored in there
this patch removes all type specific functions and makes rtnl_tc_* attribute
functions public.
rtnl_qdisc_set_parent(qdisc, 10);
becomes:
rtnl_tc_set_parent((struct rtnl_tc *) qdisc, 10);
This patch also adds the following new attributes to tc objects therefore
removing them as tc specific attributes:
- mtu
- mpu
- overhead
This allows for the rate table calculations to be unified as well taking into
account the new kernel behavior to take care of overhead automatically.
Dumping objects as environment variables has never been implemented
completely and only increases the size of the library for no real
purpose. Integration into scripts is better achieved by implementing
a python module anyway.
Adds a cli based tool to add/update traffic classes. This tool requires
each class to be supported via the respetive qdisc module in
pkglibdir/cli/qdisc/$name.so.
Syntax:
nl-class-add --dev eth2 --parent 1: --id 1:1 htb --rate 100mbit
nl-class-add --update --dev eth2 --id 1:1 htb --rate 200mbit
A database to resolve qdisc/class names to classid values and vice versa.
The function rtnl_tc_handle2str() and rtnl_tc_str2handle() will resolve
names automatically.
A CLI based tool nl-classid-lookup is provided to integrate the database
into existing iproute2 scripts.
Adds a cli based tool to add/update/replace qdiscs. This tool requires
each qdisc to be supported via a dynamic loadable module in
pkglibdir/cli/qdisc/$name.so.
So far HTB and blackhole have been implemented.
Syntax:
nl-qdisc-add --dev eth2 --parent root --id 1: htb --r2q=5
nl-qdisc-add --update-only --dev eth2 --id 1: htb --r2q=10
I have a patch against commit d378220c96
extending libnl with a facility to receive generic netlink messages sent
to multicast groups.
Essentially it add one new function genl_ctrl_resolve_grp which
prototype looks like this
int genl_ctrl_resolve_grp(struct nl_sock *sk, const char *family_name,
const char *grp_name)
It resolves the family name and the group name to group id. Then
the returned id can be used in nl_socket_add_membership to subscribe
to multicast messages.
Besides that it adds two more functions
uint32_t nl_socket_get_peer_groups(struct nl_sock *sk)
void nl_socket_set_peer_groups(struct nl_sock *sk, uint32_t groups)
allowing to modify the socket peer groups field. So it's possible to
multicast messages from the user space using the legacy interface.
Looks like there is no way (or I was not able to find one?) to modify
the netlink socket destination group from the user space, when the
group id is greater then 32.
the patch below adds the possibility to
pass user data to callbacks of type
change_func_t when using the nl_cache_mngr_*
family of functions.
If there is any better way to do this,
without duplicating the code in
cache_mngr.c please let me know.
Currently two attributes are regarded as different if they are absent in
both objects to be compared. This is obviously incorrect, change to
regard objects as different if an attribute is only present on one of
them or if the attribute data differs.
Signed-off-by: Patrick McHardy <kaber@trash.net>
nfnl_queue_msg_send_verdict_payload() will to send the verdict, mark,
and possibly changed payload through the netlink socket.
Add a few docbook comments in other funcs.
Signed-off-by: Karl Hiramoto <karl@hiramoto.org>
Create new function nl_send_iovec() to be used to send multiple 'struct iovec'
through the netlink socket. This will be used for NF_QUEUE, to send
packet payload of a modified packet.
Refactor nl_send() to use nl_send_iovec() sending a single struct iovec.
Create new function nl_auto_complete() by refactoring nl_send_auto_complete(),
so other functions that call nl_send may also use nl_auto_complete()
Signed-off-by: Karl Hiramoto <karl@hiramoto.org>
Issues solved:
* PACKAGE_VERSION was abused for SOVERSION
* unneeded DEP stage
* did not support out-of-tree builds
* no way to turn off silent mode
* overriding CFLAGS at make time was not supported
* no static libs were provided
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Instead of calling the membership functions several times it is
helpfull to extend the API and make the single group functions a
special case.
The value 0 (NFNLGRP_NONE) terminates this list.
Example use:
nl_socket_add_memberships(sock, group_1, group_2, 0);
nl_socket_drop_memberships(sock, group_1, group_2, 0);
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
commit e92539843a0c7e5116254382626cce226bf2135e
Author: Patrick McHardy <kaber@trash.net>
Date: Thu Oct 23 13:46:16 2008 +0200
libnl: nfqueue: add nfqueue specific socket allocation function
nfqueue users usually send verdict messages from the receive callback.
When waiting for ACKs, the receive callback might be called again
recursively until the stack blows up.
Add a nfqueue specific socket allocation function that automatically
disables ACKing for the socket.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Hello! It seems that libnl is missing an include for limits.h, which
causes it to FTBFS when glibc 2.8 is installed (currently in
experimental, so I left this bug severity at "normal").
In file included from addr.c:28:
../include/netlink-local.h:119:1: warning: "__deprecated" redefined
In file included from /usr/include/linux/stddef.h:4,
from /usr/include/linux/posix_types.h:4,
from /usr/include/linux/types.h:8,
from ../include/netlink-local.h:37,
from addr.c:28:
/usr/include/linux/compiler.h:45:1: warning: this is the location of the previous definition
This happens about 100 times. Suggested patch:
This changes make nfnl_ct_get_src_port() and others return the value
in host byte order rather than in network byte order.
Also splits printing into details and statistical section and
improves readability.
The idea of a common handle is long revised and only misleading,
nl_handle really represents a socket with some additional
action handlers assigned to it.
Alias for nl_handle is kept for backwards compatibility.
Replaces obsolete calls to nla_get_addr() and nla_get_data()
with nl_addr_alloc_attr() respectively nl_data_alloc_attr().
Also fixes missing error handling while parsing routing multipath
configuration.
In order for the interface to become more thread safe, the error
handling was revised to no longer depend on a static errno and
error string buffer.
This patch converts all error paths to return a libnl specific
error code which can be translated to a error message using
nl_geterror(int error). The functions nl_error() and
nl_get_errno() are therefore obsolete.
This change required various sets of function prototypes to be
changed in order to return an error code, the most prominent
are:
struct nl_cache *foo_alloc_cache(...);
changed to:
int foo_alloc_cache(..., struct nl_cache **);
struct nl_msg *foo_build_request(...);
changed to:
int foo_build_request(..., struct nl_msg **);
struct foo *foo_parse(...);
changed to:
int foo_parse(..., struct foo **);
This pretty much only leaves trivial allocation functions to
still return a pointer object which can still return NULL to
signal out of memory.
This change is a serious API and ABI breaker, sorry!
Added rtnl_route_foreach_nexthop() to walk the list of nexthops invoking a
caller-provided callback for each nexthop entry, and added rtnl_route_nexthop_n()
to retrieve the Nth nexthop entry in the list.
This changesets adds the possibility to fill a nl_cache with
the contents of the route cache. It also adds the possibility
to limit route caches to certain address families.
New netem-related functionality:
Added ability to save new settings to the kernel. In netem.c, the
netem_get_opts() stub has been replaced with netem_build_msg() which
manipulates the nl_msg data directly and returns an error code instead
of a new nl_msg. Modifications to qdisc_build() in qdisc.c and struct
rtnl_qdisc_ops were necessary for this.
Added support for getting/setting corruption probability/correlation.
Added support for setting a delay distribution.
Fixed tbf_msg_parser() to call tbf_alloc() instead of tbf_qdisc() to
prevent a seg fault.
I stepped over libnl always freeing the messages and it
kind of made it awkward to reuse the message data without
reallocating.
The basic idea is: if a callback return value has a bit set,
don't free that message. The calling application owns it.
By default, things stay as before (messages are freed).
Signed-off-by: Inaky Perez-Gonzalez <inaky@linux.intel.com>
Adds all missing routing attributes and brings the routing
related code to a working state. In the process the API
was broken several times with the justification that nobody
is using this code yet.
The changes include new example code which is also a prototype
for how plain CLI tools could look like to control routes.
[LIBNL]: Fix nfnl_queue_msg_get_packetid() return type
The packet-ID is a 32 bit value, but nfnl_queue_msg_get_packetid() returns
an uint16_t. Makes queueing fail after 2^16 packets.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Split the nfnetlink_log code into two seperate objects, "netfilter/log"
to represent logging instances and "netfilter/log_msg" to represent
log messages. Also perform some function name unification for consistency
with other libnl object types, mainly renaming nfnl_log_build_*_msg
to nfnl_log_build_*_request.
This changes the API in an incompatible way, but since this feature is
new and the libnl netfilter headers haven't been installed so far,
there shouldn't be any users affected by this.
Signed-off-by: Patrick McHardy <kaber@trash.net>
The NUFLA_GID attribute (currently only in net-2.6.25) contains the
gid of the sending process for locally generated packets.
Signed-off-by: Patrick McHardy <kaber@trash.net>
vlan support needs VLAN_FLAG_REORDER_HDR, which is not available in
older if_vlan.h versions. Add the current version from the kernel.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Patrick McHardy reported a problem where pointers to the
payload of a netlink message as returned by f.e. the
nesting helpers become stale when the payload data
chunk is reallocated.
In order to avoid further problems, the payload chunk is
no longer extended on the fly. Instead the allocation is
made during netlink message object allocation time with
a default size of a page which should be fine for the
majority of all users. Additionally the functions
nlmsg_alloc_size() and nlmsg_set_default_size() have been
added to allocate messages of a particular length and to
modify the default message size.
10-amd64-linux-types.patch from Ubuntu:
- In order to make libnl compilable on amd64 include linux/types.h
rather than defining the types ourselves; necessary as other headers
include that and get different definitions.
-- Scott James Remnant <scott@ubuntu.com> Wed, 22 Mar 2006 02:12:08 +0000
This interface was internal so far which required all code defining
caches to be compiled with the sources available.
In order to simplify the interface, the co_msg_parser prototype was
changed to take the struct nl_parser_param directly instead of a
void *. It used to be void * because the co_msg_parser was directly
passed as the NL_CB_VALID callback function.
This interface was internal so far which required all code defining
objects to be compiled with the sources available.
This change exposes struct nl_object_ops which seems safe as it
is not supposed to be embedded in other structures.
Patch contains extensive documentation to help with the creation
of own object implementations.
Thomas Graf
Patrick McHardy