When we add an action to a filter, its lifetime becomes
same with the filter. So in case user frees it before
us, we could just grab a reference here.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
So that users could keep a refcount for the peer.
The capability trick is from Thomas Haller.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This expands functionality for manipulating conntracks over netlink by
adding other attributes to nfnl_ct_build_message(). Added a command link
program to add conntracks.
https://github.com/thom311/libnl/pull/55
[thaller@redhat.com: cleaned up whitespace from original patch]
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Take 'include/uapi/linux/snmp.h' from current kernel v3.13
(commit d8ec26d7f8287f5788a494f56e8814210f0e64be).
The header file added new values for IPSTATS_MIB_* and ICMP6_MIB_*, but
more importantly, the kernel broke user space API by reordering enum values in
IPSTATS_MIB_*. Add a workaround when parsing IFLA_PROTINFO trying to
be compatible with both older and newer kernels.
Note that this workaround might fail for some specific kernel versions by
assuming the old enum value mapping, although the kernel version already
contains the API change. In this case rtnl_link_get_stat() mixes up
values.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Cc: Thomas Haller <thaller@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This capability indicates that libnl does no longer overwrites
the route scope in rtnl_route_build_msg(), as fixed by commit
85ec9c7ad8.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
It is complicated to cache tc actions, they are different
from tc qdisc's and filters by design. So, it is simple
if we just don't cache them.
This patch only removes the tc action cache allocation API.
We still need to bypass the libnl cache layer from scratch,
but that would not break ABI any more, therefore we can do
it later.
Cc: Thomas Graf <tgraf@suug.ch>
Cc: Thomas Haller <thaller@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Usually the peer of a veth device is moved to a new netns
after creation, so add a pid parameter to rtnl_link_veth_add().
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
We should copy and use the kernel header linux/tc_act/tc_mirred.h.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Add flags set/get methods aim to change bridge flags :
o hairpin_mode
o bpdu_guard
o root_block
o fast_leave
Signed-off-by: Nicolas PLANEL <nicolas.planel@enovance.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
The application could use the same handler for multiple
nl_cb_type events. This patch stores the nl_cb_type in
the nl_cb struct during the callback. This allows the
application to obtain that information using the new
nl_cb_active_type() function. This way the callback
signature remains as is so existing applications are
not affected.
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Newer kernels support conntrack zones, which help to partition the
conntrack table into virtual conntrack tables.
This patch is for adding support for the optional attribute, adds
setters and getters, and adds support for the zone ID in the conntrack
dumper.
An example entry in NL_DUMP_LINE format looks like:
tcp SYN_SENT 10.128.128.99:43354 <-> 10.128.129.20:22 zone 1
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Recent kernels support conntrack time stamping, which is a helpful
feature to determine the duration of a flow without building a flow
cache in your user space application, just to keep the 'start' time of
your flow.
Timestamps are recorded with nanosecond resolution once this feature
is enabled.
This patch adds optional support for the CTA_TIMESTAMP, then
modifies the dump routine to write that info in a format similar
to /proc/net/nf_conntrack. This is an example output when using
NL_DUMP_LINE:
udp 10.128.128.28:56836 <-> 10.128.129.255:8612 delta-time 30
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
- Inet diag allows users to gather low-level socket information.
- This library provides a higher-level API for creating inetdiag requests (via
idiagnl_connect and idiagnl_send_simple) and parsing the replies (via
idiagnl_msg_parse). A cache is also provided (via idiagnl_msg_alloc_cache).
- Request and message objects provide APIs for accessing and setting the
various properties of each.
- This library also allows the user to parse the inetdiag response attributes
which contain information about traffic class, TOS, congestion, socket
memory info, and more depending on the kernel version used.
- Includes doxygen documentation.
The batched verdict implicitely ACKs all queue packet IDs up to the
one send back, which reduces the number of verdict messages send
to the kernel.
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Reason: there is no rtnl_link_free() definition anywhere in the code.
Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
rtnl_route_put() is declared twice in the same header file
Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
