Commit Graph

743 Commits

Author SHA1 Message Date
Jordan Rife 976bd8de7d Add support for IFLA_NETKIT_SCRUB and IFLA_NETKIT_PEER_SCRUB
Link: https://lore.kernel.org/bpf/20241004101335.117711-1-daniel@iogearbox.net/T/#u
2024-10-21 20:13:24 -07:00
Rob Murray 084abd93d3 Add ErrDumpInterrupted
Add a specific error to report that a netlink response had
NLM_F_DUMP_INTR set, indicating that the set of results may be
incomplete or inconsistent.

unix.EINTR was previously returned (with no results) when the
NLM_F_DUMP_INTR flag was set. Now, errors.Is(err, unix.EINTR) will
still work. But, this will be a breaking change for any code that's
checking for equality with unix.EINTR.

Return results with ErrDumpInterrupted. Results may be incomplete
or inconsistent, but give the caller the option of using them.

Look for NLM_F_DUMP_INTR in more places:
- linkSubscribeAt, neighSubscribeAt, routeSubscribeAt
  - can do an initial dump, which may report inconsistent results
  -> if there's an error callback, call it with ErrDumpInterrupted
- socketDiagXDPExecutor
  - makes an NLM_F_DUMP request, without using Execute()
  -> give it the same behaviour as functions that do use Execute()

Signed-off-by: Rob Murray <rob.murray@docker.com>
2024-09-22 00:00:40 -07:00
feng a01829657b Fix FouList attribute body truncated error with kernel 5.2+
fou module added a bunch of new attributes in commit
1713cb37bf

which caused the old parsing logic failed, fix and add support for these attrributes.
2024-09-09 10:36:41 -07:00
Daman Arora b1ce50cfa9 capture and return errors in ConntrackDeleteFilters
Signed-off-by: Daman Arora <aroradaman@gmail.com>
2024-09-05 11:07:32 -07:00
Rob Murray e194da52b1 Fix SetSendTimeout/SetReceiveTimeout
They were implemented using SO_SNDTIMEO/SO_RCVTIMEO on the
socket descriptor - but that doesn't work now the socket is
non-blocking. Instead, set deadlines on the file read/write.

Signed-off-by: Rob Murray <rob.murray@docker.com>
2024-09-04 15:52:52 -07:00
Matus Petrulak 0cd1f7961c Fix: Do not crash when enumerating tc filters with unknown actionType
for example actionType "vlan"

#987
2024-09-04 15:52:09 -07:00
Etienne Champetier 92645823f3 Fix deprecated comments
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2024-08-26 11:35:36 -07:00
世界 6f57139475 Fix recvfrom goroutine leak 2024-08-23 12:41:44 -07:00
Sebastiaan van Stijn 298ff277ed Handle: add ConntrackDeleteFilter alias for backward compat
Commit c96b03b4be changed the signature
of this method to accept a list of filters and renamed it to
ConntrackDeleteFilters (plural).

This patch

- adds back ConntrackDeleteFilter as an alias
- marks it as deprecated in favor of the new version.
- adds missing stubs for other platforms

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-08-23 12:31:44 -07:00
Percy Wegmann 5b0b9d8260 rule: add Rule.Type to allow adding/listing unreachable (RTN_UNREACHABLE) rules
Updates #710

Co-authored-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Signed-off-by: Percy Wegmann <percy@tailscale.com>
2024-08-23 12:10:14 -07:00
Etienne Champetier 65a253d375 link_linux: add support for IFLA_MACVLAN_BC_QUEUE_LEN(_USED)
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2024-08-15 09:19:21 -07:00
Daman Arora 3b7e16c5f8 Add ConntrackDeleteFilters
ConntrackDeleteFilters enables users to delete flow entries
that match any of the specified filters. This allows users
to delete multiple flow entries with a single dump table call.

Signed-off-by: Daman Arora <aroradaman@gmail.com>
2024-08-06 10:33:35 -07:00
Jason Joo 4317e32776 feat: add LinkSetBondSlaveActive()/LinkDelBondSlave()
Signed-off-by: Jason Joo <hblzxsj@gmail.com>
2024-08-06 10:15:19 -07:00
Hasan Mahmood a57a7bd6b2 Add handle support for socket 2024-08-06 10:13:40 -07:00
Frank Dressler aaf4f9866c Fix determination of the promiscuity counter for links
Function `LinkDeserialize` checked for presence of `IFF_PROMISC` in
the link's flags to determine whether it was in promiscuous mode.

This flag only tracks what is set with commands such as

	ip set <link> promisc on

but is not set when you run `tcpdump` or `wireshark` for example,
which also put the device in promiscuous mode.

There is a counter that tracks the number of times promiscuous mode
has been requested. It reacts to all the ways, `ip set`, and also
`tcpdump` and co.

With this change this counter is used instead of checking the flag.
This makes the library reflect what

	ip -d link show <link>

would show in its `promiscuity` field.

To test this change, start some processes of `tcpdump` or similar
and see the counter increase in `ip -d link show <link>` as well
as in the patched version of this netlink library. With the
unpatched version the counter remains 0. Then enable promiscuous
mode globally for the interface. This will increase the count in
all variants, `ip link`, the old unpatched and the patched version
of this netlink library.

Simple test program for reference:

	package main

	import "fmt"
	import "github.com/vishvananda/netlink"

	func main() {
		handle, _ := netlink.NewHandle()
		links, _ := handle.LinkList()
		for _, link := range links {
			attrs := link.Attrs()
			fmt.Printf("dev=%v promisc=%v\n",
				attrs.Name, attrs.Promisc)
		}
	}
2024-08-06 09:46:02 -07:00
Alex Godwin 7a4f10d3bc fix: updates SizeofVfVlanInfo to address #1003 2024-08-06 09:43:04 -07:00
qianxiao 8f96fd8b2f # rule: fix 32-bit platforms don't support adding rules with a mark value of 0x80000000/0xF0000000 ~ 0xF0000000/0xF0000000
The maximum value for an `int` type on a 32-bit platform is 0x7FFFFFFF. Since 0xF0000000 exceeds this limit, we need to use `uint` instead of `int` to handle these values.
2024-08-05 10:25:28 -07:00
TheDiveO d13535d71e supports AF_XDP socket diagnosis; skip XSK diag test if kernel doesn't support XSK diag 2024-07-13 14:00:50 -07:00
Alex O'Regan aed23dbf5e Adds ConntrackCreate & ConntrackUpdate
- Also refactored setUpNetlinkTestWithKModule function to reduce redundant NS's created and checks made.

 - Add conntrack protoinfo TCP support + groundwork for other protocols.

 - Tests to cover the above.
2024-07-04 08:47:44 -07:00
Byoungchan Lee a1c5e0237d Add support for TCA_HTB_DIRECT_QLEN in HTB qdisc
- Extend Htb struct in qdisc.go to include DirectQlen field
- Implement the DirectQlen option in qdisc_linux.go
- Modify TestHtbAddDel test to validate DirectQlen changes
2024-07-03 13:27:39 -07:00
Sebastiaan van Stijn 7b120549aa go.mod: github.com/vishvananda/netns v0.0.4
Use a tagged version of the dependency. I picked the current version,
although older versions could probably work.

full diff: db3c7e526a...v0.0.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-03 13:14:58 -07:00
Christian Worm Mortensen 03cf170900 Take lock when reading clock information. This is to avoid races reported by the go race detector. 2024-07-03 13:12:52 -07:00
Shaun Crampton b54f85093f Add RouteListFilteredIter API.
Allows for listing large numbers of routes without
buffering the whole list in memory at once.

Add benchmarks for RouteListFiltered variants.
2024-07-03 13:08:00 -07:00
Hu Jun b7b7ca8632 add group_fwd_mask support for bridge and bridge port 2024-07-03 13:06:37 -07:00
Sven Rebhan 154a91137f Add extension definitions according to include/uapi/linux/inet_diag.h
Signed-off-by: Sven Rebhan <srebhan@influxdata.com>
2024-07-03 13:03:00 -07:00
shu1r0 e6a5c0e113 Support SEG6_LOCAL_ACTION_END_BPF
fix unit test

fix end.bpf

fix bug
2024-07-03 12:55:03 -07:00
Lorenz Brun dd7e3f1b2a Add missing bond hash policy VLAN_SRCMAC
Linux added a new bond transmit hashing policy, VLAN_SRCMAC in [1],
available since Linux 5.12. Add this hashing policy into the respective
data structures.

[1] 7b8fc0103b
2024-07-03 12:49:13 -07:00
youngifif 4d4ba1473f fix logic bug caused by operator precedence 2024-05-24 09:54:44 -07:00
Quan Tian 1e68b2710d Revert "Change behavior of `Subscribe` to non-blocking. Fix test."
This reverts commit 916f9685fa.
2024-05-23 09:21:30 -07:00
Nadia Pinaeva 856e190dd7 nl_linux: align message length before parsing.
Signed-off-by: Nadia Pinaeva <n.m.pinaeva@gmail.com>
2024-04-25 09:47:35 -07:00
Ronak Jain 578e95cc31 rule: fix parsing zero priority rule 2024-04-11 14:50:12 -07:00
Christian Worm Mortensen f4e6e3d5d5 Allow a Police to be specified directly on a U32 filter 2024-04-10 11:27:34 -07:00
Hongliang Liu 99ce943af8 Add zone filter to conntrack 2024-04-10 11:23:27 -07:00
foyerunix 19057e85f5 Fix RouteListFiltered when using FAMILY_ALL 2024-04-03 06:56:43 -07:00
Byoungchan Lee 6765a4402e Add support for TCA_NETEM_RATE64 in Netem qdisc
- `Rate64` field added to the `Netem` struct in `qdisc.go`
- Implemented serialization and deserialization methods for `Rate64`
- Modify `TestClassAddDel` test to validate Rate64 changes
2024-03-31 17:34:55 -07:00
Lorenz Brun 306ce7b5b2 Add field for permanent hardware address
Linux 5.6 and higher support IFLA_PERM_ADDRESS, which contains the
permanent hardware address of the interface if an interface has such an
address. This can be used to identify interfaces even when the normal
hardware address has been changed.

Signed-off-by: Lorenz Brun <lorenz@monogon.tech>
2024-03-29 14:43:07 -07:00
Asutorufa d237ee16c3 SocketGet support udp and ipv6
Signed-off-by: Asutorufa <16442314+Asutorufa@users.noreply.github.com>
2024-03-29 09:33:44 -07:00
frei-0xff 3e28e6db88 Added SocketDestroy function. 2024-03-28 11:51:11 -07:00
foyerunix aafe841692 Filter RouteListFiltered response by requested IP family in 2024-03-27 08:56:09 -07:00
konradh 0e685ffcfc link: add don't fragment support to Geneve 2024-03-20 14:21:27 -07:00
konradh 9453b0562a link: add INNER_PROTO_INHERIT support for Geneve 2024-03-20 14:21:27 -07:00
Christian Worm Mortensen 70def89fcb Allow link argument to AddrAdd, AddReplace and AddrDel to be nil 2024-03-04 10:50:31 -08:00
Date Huang 0cd15d9a7a bridge: add/del vlan range
Signed-off-by: Date Huang <tjjh89017@hotmail.com>
2024-03-04 10:45:37 -08:00
Kuroame 916f9685fa Change behavior of `Subscribe` to non-blocking. Fix test.
When listening for IPv6 address changes, I found that subscribe is not returning when there is message in the socket. After some researching, I found that libnl suggest setting socket to non-blocking when subscribing to groups. (Ref)[https://www.infradead.org/~tgr/libnl/doc/core.html#:~:text=best%20to%20put%20the%20socket%20in%20non-blocking%20mode]

Also fixed test related to BareUDP, which requires "bareudp" kmod. (Ref)[https://www.kernelconfig.io/config_bareudp]
2024-03-01 13:38:14 -08:00
Maxime Soulé 7f562ed576 RouteUpdate gains NlFlags field
It allows to distinguish between a new created route or a replaced one.

Signed-off-by: Maxime Soulé <btik-git@scoubidou.com>
2024-03-01 13:06:15 -08:00
Kangjie Xu 8fa22700b3 qdisc: add statistics for qdisc
qdisc statistics is exposed in netlink response but not parsed, here we
parse it and expose it via struct QdiscStatistics.

Signed-off-by: Kangjie Xu <kanxu@ebay.com>
2024-03-01 12:50:42 -08:00
steiler 8ac83962db Link: Fix LinkByName with long (>15 char) name by using altnames 2024-02-29 23:58:15 -08:00
Maxime Soulé 124bb8e721 Add RouteChange API
Signed-off-by: Maxime Soulé <btik-git@scoubidou.com>
2024-02-26 09:50:43 -08:00
Hasan Mahmood 6ab7f5a376 Use local handle, not package handle for link lookups 2024-02-23 09:54:32 -08:00
Hasan Mahmood 42d9a053ea Add IifIndex option to RouteGetOptions 2024-02-23 09:54:32 -08:00