summaryrefslogtreecommitdiffstats
path: root/lib/route/rule.c
Commit message (Collapse)AuthorAgeFilesLines
* include: use <linux/$file> instead of <linux-private/linux/$file>Thomas Haller2023-08-081-1/+1
| | | | | | As we now copy all linux headers, and we have include/linux-private in our include search path, just include the linux headers as we commonly do.
* include: don't explicitly include headers from "nl-default.h"Thomas Haller2023-08-031-2/+0
|
* include: include private linux headers with explicit pathThomas Haller2023-08-031-1/+1
| | | | | | | We have copies of the linux headers in include/linux-private. For those files, include the copies explicitly. No practice there is no difference, since we build with :-Ilinux-private".
* include: drop "netlink-private/netlink.h" and move declarationsThomas Haller2023-08-021-2/+1
|
* all: cleanup includes and use "nm-default.h"Thomas Haller2023-08-021-3/+8
|
* include: split and drop "netlink-private/types.h"Thomas Haller2023-08-021-0/+27
| | | | | Move all the declarations from "netlink-private/types.h" to places closer to where they are used.
* lib: use _nl_{init,exit} instead of __{init,exit}Thomas Haller2023-07-281-2/+2
| | | | | We should have things with "nl" prefix in our headers. Also, netlink-private/netlink.h is not header-only, preferably header-only stuff is in netlink-private/utils.h
* all: rework ATTR_DIFF() macros to not generate attribute namesThomas Haller2023-07-281-17/+15
| | | | | | | | | | I find macros that stitch together names like "FAMILY_ATTR_##ATTR" very confusing, because we no longer see where a certain name is used. It breaks grepping for symbols, and it breaks cscope. Yes, it's more verbose to not do that. If you really think that those names are too verbose, then maybe they should get a shorter name. And not use macros to make them palatable.
* doc: fix typoLeon M. George2022-08-241-2/+2
|
* lib: make nl_object_clone() out-of-memory safeThomas Haller2022-03-161-0/+3
| | | | | | | | | | | | | | | | | nl_object_clone() first does a shallow copy using memcpy(). That is useful, because it can correctly copy simple fields (like numbers). For pointer values, we need to implement oo_clone() to fixup the pointers and get the deep-copy correct. Now, oo_clone() must always follow through, to un-alias the copied pointer. In particular also in the error case. The oo_clone() implementations sometimes fail (with ENOMEM) and just return. In those cases, we must make sure that we don't leave the wrong pointers there. The pointers must be cleared first. Otherwise, any failure (which basically are ENOMEM) leave the object in an inconsistent state, and we double-free/use-after-free the pointers.
* license: fix and add SPDX license identifiers and drop license commentsThomas Haller2020-04-161-7/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This also fixes a few wrong SPDX license identifiers, where the original license comment indicates GPL-2.0-only. This is not done manually, but by running the following script: --- #!/bin/bash # Tool to drop license comments, adding SPDX license identifiers, while preserving # copyright comments. The point is not to manually do this task, but perform some # hacked up string replacement. _cp() { /bin/cp "$@" } _cat() { /bin/cat "$@" } in_file() { local T=$(mktemp) _cp -f "$1" "$T" _cat "$T" rm -f "$T" } out_file() { local T=$(mktemp) _cat - > "$T" _cp -f "$T" "$1" rm -f "$T" } join() { _cat "$@" | awk '{ printf("%s#x#", $0)}' } unjoin() { _cat - | sed 's/#x#/\n/g' } files_all() { git ls-files | grep -v '\.png$' | grep -v '^include/linux-private/' } adjust() { NEWLINES='\(#x#\)\+' COPYRIGHTS='\(\( \* Copyright (c) 20..\(-20..\|, 20..\)\? [^#]\+#x#\)\+\( \*#x# \* \(Stolen[^#]*\|Based on [^#]*\)#x#\)\?\)' _cat - | \ sed '1s%^\(/\* SPDX-License-Identifier: LGPL-2.1-only \*/\|\)#x#/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU Lesser General Public#x# \*[ ]\+License as published by the Free Software Foundation version 2.1#x# \*[ ]\+of the License.#x# \*#x#'"$COPYRIGHTS"' \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: LGPL-2.1-only \*/#x#/*#x#\2 */#x##x#%' | \ sed '1s%^/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU Lesser General Public#x# \*[ ]\+License as published by the Free Software Foundation version 2.1#x# \*[ ]\+of the License.#x# \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: LGPL-2.1-only \*/#x##x#%' | \ sed '1s%^\(\)/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU Lesser General Public#x# \*[ ]\+License as published by the Free Software Foundation version 2.1#x# \*[ ]\+of the License.#x# \*#x#'"$COPYRIGHTS"' \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: LGPL-2.1-only \*/#x#/*#x#\2 */#x##x#%' | \ sed '1s%^\(/\* SPDX-License-Identifier: LGPL-2.1-only \*/\|\)#x#/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU General Public License as#x# \*[ ]\+published by the Free Software Foundation version 2 of the License.#x# \*#x#'"$COPYRIGHTS"' \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: GPL-2.0-only \*/#x#/*#x#\2 */#x##x#%' } FILES=( $(files_all) ) for f in "${FILES[@]}"; do echo "processing \"$f\"..." in_file "$f" | join | adjust | unjoin | out_file "$f" done
* Add SPDX identifiersYegor Yefremov2019-08-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Software Package Data Exchange identifiers help to detect source file licenses and hence simplify the FOSS compliance process. Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> https://github.com/thom311/libnl/pull/219 --- FILES=( lib/addr.c lib/attr.c lib/cache.c lib/cache_mngr.c lib/cache_mngt.c lib/data.c lib/error.c lib/fib_lookup/lookup.c lib/fib_lookup/request.c lib/genl/ctrl.c lib/genl/family.c lib/genl/genl.c lib/genl/mngt.c lib/handlers.c lib/hash.c lib/hashtable.c lib/idiag/idiag.c lib/idiag/idiag_meminfo_obj.c lib/idiag/idiag_msg_obj.c lib/idiag/idiag_req_obj.c lib/idiag/idiag_vegasinfo_obj.c lib/mpls.c lib/msg.c lib/netfilter/ct.c lib/netfilter/ct_obj.c lib/netfilter/exp.c lib/netfilter/exp_obj.c lib/netfilter/log.c lib/netfilter/log_msg.c lib/netfilter/log_msg_obj.c lib/netfilter/log_obj.c lib/netfilter/netfilter.c lib/netfilter/nfnl.c lib/netfilter/queue.c lib/netfilter/queue_msg.c lib/netfilter/queue_msg_obj.c lib/netfilter/queue_obj.c lib/nl.c lib/object.c lib/route/act.c lib/route/addr.c lib/route/class.c lib/route/classid.c lib/route/cls.c lib/route/link.c lib/route/neigh.c lib/route/neightbl.c lib/route/netconf.c lib/route/nexthop.c lib/route/nexthop_encap.c lib/route/nh_encap_mpls.c lib/route/pktloc.c lib/route/qdisc.c lib/route/route.c lib/route/route_obj.c lib/route/route_utils.c lib/route/rtnl.c lib/route/rule.c lib/route/tc.c lib/socket.c lib/utils.c lib/version.c lib/xfrm/ae.c lib/xfrm/lifetime.c lib/xfrm/sa.c lib/xfrm/selector.c lib/xfrm/sp.c lib/xfrm/template.c src/genl-ctrl-list.c src/idiag-socket-details.c src/lib/addr.c src/lib/class.c src/lib/cls.c src/lib/ct.c src/lib/exp.c src/lib/link.c src/lib/neigh.c src/lib/qdisc.c src/lib/route.c src/lib/rule.c src/lib/tc.c src/lib/utils.c src/nf-ct-add.c src/nf-ct-events.c src/nf-ct-list.c src/nf-exp-add.c src/nf-exp-delete.c src/nf-exp-list.c src/nf-log.c src/nf-monitor.c src/nf-queue.c src/nl-addr-add.c src/nl-addr-delete.c src/nl-addr-list.c src/nl-class-add.c src/nl-class-delete.c src/nl-class-list.c src/nl-classid-lookup.c src/nl-cls-add.c src/nl-cls-delete.c src/nl-cls-list.c src/nl-fib-lookup.c src/nl-link-enslave.c src/nl-link-ifindex2name.c src/nl-link-list.c src/nl-link-name2ifindex.c src/nl-link-release.c src/nl-link-set.c src/nl-link-stats.c src/nl-list-caches.c src/nl-list-sockets.c src/nl-monitor.c src/nl-neigh-add.c src/nl-neigh-delete.c src/nl-neigh-list.c src/nl-neightbl-list.c src/nl-pktloc-lookup.c src/nl-qdisc-add.c src/nl-qdisc-delete.c src/nl-qdisc-list.c src/nl-route-add.c src/nl-route-delete.c src/nl-route-get.c src/nl-route-list.c src/nl-rule-list.c src/nl-tctree-list.c src/nl-util-addr.c ) sed '1s#^#/* SPDX-License-Identifier: LGPL-2.1-only */\n#' "${FILES[@]}" -i
* rule: Add support for protocol and port rangesDavid Ahern2018-04-061-17/+196
| | | | | | | Add support for recent fib rule features - specifying a protocol that installed a rule and an IP protocol plus port range for rules. Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
* lib: route: rule: add rule_groups to cache opsRoopa Prabhu2018-02-151-0/+7
| | | | | Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Acked-by: David Ahern <dsa@cumulusnetworks.com>
* rule: change API for setting/getting l3mdev rule propertyThomas Haller2017-05-121-4/+31
| | | | | | | | | | | | | | | | | | | | | | | - for rtnl_rule_set_l3mdev(), also allow unsetting the l3mdev field. In practice, kernel only allows for two options: either omit tb[FRA_L3MDEV] or set it to 1. As such, rtnl_rule_set_l3mdev() allows for both of these. In principle the setter could get extended to set other values. Such values are reserved. - for rtnl_rule_get_l3mdev() also return an error code. I think it is appropriate to mix value and negative error code, as long as the range of values cannot overlap with error codes. Arguably, the outcome is a bit awkward, as the function now is expected to return -NLE_MISSING_ATTR or 1. So, the best check is probably if (rtnl_rule_get_l3mdev(r) > 0) { ... } The reason for this change is that libnl should expose the netlink API without coercing uint8 to boolean. That way, future changes in kernel don't require update to libnl3. Signed-off-by: Thomas Haller <thaller@redhat.com>
* rule: Add support for l3mdev in FIB rulesDavid Ahern2017-05-121-3/+29
| | | | | | | | | | | | | | | | | | Add support for the l3mdev option in FIB rules. If l3mdev is set then the lookup is directed to the table associated with the l3mdev (e.g., VRF) device. If the l3mev attribute is set the table id is not, so update the table id attribute to make sure r_table is non-0. iproute2 shows the rule as: 1000: from all lookup [l3mdev-table] where [l3mdev-table] infers the dynamic nature of the table id. Keep that notation for libnl. Signed-off-by: David Ahern <dsahern@gmail.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
* include: don't include kernel headers in public libnl3 headersThomas Haller2017-03-021-0/+1
| | | | | | | | | | | | | | | | | It would be desirable not to include kernel headers in our public libnl3 headers. As a test, remove all those includes, and fix compilation by explicitly including the kernel headers where needed. In some cases, that requires forward declaration for kernel structures, as we use them as part of our own headers. Realistically, we cannot drop those includes as it probalby breaks compilation for users that expect to get a certain kernel header when including a libnl3 header. So, this will not be done and the includes will be restored in the next commit. Do this step to show how it would be and to verify that we could build with such a change. The reason not to do this is backward compatibility (at compile-time).
* lib: update ce-mask to uint64_tDavid Ahern2016-02-121-3/+3
| | | | | | | | | | | | | | | | | | | | lib/route/link.c already defines 32 attributes which fills the current uint32_t used for ce_mask. To accommodate more attributes the mask needs to be expanded. This patch updates the definition to uint64_t. The nl_object_diff API is maintained for ABI with existing users. A new nl_object_diff64 API is added for the expanded attribute list. The MSB of the 32-bit API is used to indicate if higher order attributes had a mismatch. (Suggested by Thomas). Note that LINK_ATTR_LINK_NETNSID changes. But since the attribute flags are not public API it shouldn't be a problem. http://lists.infradead.org/pipermail/libnl/2015-December/002078.html http://lists.infradead.org/pipermail/libnl/2015-December/002083.html Signed-off-by: David Ahern <dsa@cumulusnetworks.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
* style: require comma after __ADD() macroThomas Haller2014-07-271-13/+13
| | | | | | | $ sed -i 's/^\([\t ]\+\<__ADD\> \?([^)]\+)\) *$/\1,/' `git grep -w -l __ADD` Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
* Move private header files to <netlink-private/*>Thomas Graf2013-01-241-1/+1
| | | | | | | This clarifies the seperation between public and private header files. Signed-off-by: Thomas Graf <tgraf@suug.ch>
* missing extended Table attribute for lib/route/Romary Sonrier2012-03-061-0/+4
| | | | | | | I found a small bug in libnl, about extended table id ( above 256 ). Signed-off-by: Romary Sonrier <romary@sonrier.com> Signed-off-by: Thomas Graf <tgraf@redhat.com>
* Adding rule with "From" option doesn't workRomary Sonrier2011-05-031-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OK i found the bug, is is the patch !! Can someone push it into the git tree ? Regards, Romary Sonrier ========================= My analysis: I guess that the pay load is *struct fib_rule_hdr* struct fib_rule_hdr { __u8 family; __u8 dst_len; __u8 src_len; __u8 tos; __u8 table; __u8 res1; /* reserved */ __u8 res2; /* reserved */ __u8 action; __u32 flags; }; > [PAYLOAD] 12 octets > 02 00 00 00 0a 00 00 01 00 00 00 00 ............ so family = 02 , fine table = 10, fine but src_len =0 !!!! should be 32
* Documentation updatesThomas Graf2011-03-211-3/+5
| | | | Mostly killing doxygen warnings, some doc updates to caching
* constify struct trans_tblThomas Graf2010-11-171-1/+1
|
* routing rules: adapt to unified routing rulesThomas Graf2010-10-291-216/+216
| | | | | | - Use FRA_ definitions - Removed obsoleted fields - Added fwmask and goto support
* Revert "routing rules: mark support"Thomas Graf2010-10-291-10/+16
| | | | This reverts commit ee88c71d16a6b777c916275401a971eea78871d6.
* Revert "Include RTA_MARK in routing rule messages"Thomas Graf2010-10-291-3/+0
| | | | This reverts commit 6862c6592ad598dde0d827039b30df1a947822d1.
* Include RTA_MARK in routing rule messagesThomas Graf2010-10-281-0/+3
|
* routing rules: mark supportThomas Graf2010-10-281-16/+10
| | | | | | | | | Obsolete RTA_PROTOINFO code and parse RTA_MARK rtnl_rule_set_mark(rule, mark) rtnl_rule_get_mark(rule) now access the mark as in firewall mark
* Remove NL_DUMP_ENV codeThomas Graf2010-10-201-48/+0
| | | | | | | Dumping objects as environment variables has never been implemented completely and only increases the size of the library for no real purpose. Integration into scripts is better achieved by implementing a python module anyway.
* Add internal wait_for_ack() which only waits for ACK if !NL_NO_AUTO_ACKThomas Graf2008-10-201-2/+2
| | | | | This changeset ensures that internal code properly synchronizes to ACKs if ACKs are enabled and otherwise return immediately.
* Remove XML dumpingThomas Graf2008-06-171-52/+0
| | | | Bloats the library, not frequently used
* Remove old line counting while dumpingThomas Graf2008-05-231-78/+55
|
* Improve printing of routing rulesThomas Graf2008-05-221-10/+3
|
* Allow parser callbacks to return NL_OK, NL_SKIP, NL_EXITThomas Graf2008-05-151-5/+0
| | | | Obsoletes internal P_ACCEPT/P_IGNORE
* Rename struct nl_handle to struct nl_sockThomas Graf2008-05-151-12/+11
| | | | | | | | The idea of a common handle is long revised and only misleading, nl_handle really represents a socket with some additional action handlers assigned to it. Alias for nl_handle is kept for backwards compatibility.
* Remove obsolete nla_get_addr() and nla_get_data()Thomas Graf2008-05-141-17/+13
| | | | | | | | Replaces obsolete calls to nla_get_addr() and nla_get_data() with nl_addr_alloc_attr() respectively nl_data_alloc_attr(). Also fixes missing error handling while parsing routing multipath configuration.
* Thread-safe error handlingThomas Graf2008-05-141-62/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order for the interface to become more thread safe, the error handling was revised to no longer depend on a static errno and error string buffer. This patch converts all error paths to return a libnl specific error code which can be translated to a error message using nl_geterror(int error). The functions nl_error() and nl_get_errno() are therefore obsolete. This change required various sets of function prototypes to be changed in order to return an error code, the most prominent are: struct nl_cache *foo_alloc_cache(...); changed to: int foo_alloc_cache(..., struct nl_cache **); struct nl_msg *foo_build_request(...); changed to: int foo_build_request(..., struct nl_msg **); struct foo *foo_parse(...); changed to: int foo_parse(..., struct foo **); This pretty much only leaves trivial allocation functions to still return a pointer object which can still return NULL to signal out of memory. This change is a serious API and ABI breaker, sorry!
* patch: fixed up support for tables in rulesBen Gamsa2008-05-081-1/+7
|
* Big routing code rework (API/ABI BREAK!)Thomas Graf2008-04-291-2/+2
| | | | | | | | | | Adds all missing routing attributes and brings the routing related code to a working state. In the process the API was broken several times with the justification that nobody is using this code yet. The changes include new example code which is also a prototype for how plain CLI tools could look like to control routes.
* Fix memory leak when parsing netlink messages into cachesThomas Graf2007-12-171-1/+1
| | | | The reference created by the parsers was never given back.
* Export interface to define cachesThomas Graf2007-09-171-2/+1
| | | | | | | | | | This interface was internal so far which required all code defining caches to be compiled with the sources available. In order to simplify the interface, the co_msg_parser prototype was changed to take the struct nl_parser_param directly instead of a void *. It used to be void * because the co_msg_parser was directly passed as the NL_CB_VALID callback function.
* Initial importThomas Graf2007-09-141-0/+900
generated by cgit v0.12 at 2025-08-28 03:06:22 (GMT)