iproute2's own netlink library asserts that the sockaddr sender pid
has to be the one of the kernel [0]. It also doesn't bail out on pid
mismatch but only skips the message instead. We've seen cases where
the latter had a pid 0; in such case we should skip to the next nl
message instead of hard bail out.
[0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/lib/libnetlink.c
rtnl_dump_filter_l(), __rtnl_talk_iov()
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
For link, address, route, add a `WithOptions` variant to the
`*Subscribe()` function to specify a namespace and an error
callback. Those options can be extended in the future without adding
more functions. For example, it could be possible to subscribe only
for a given family by adding a `Family` member to the appropriate
struct.
As a minor change, the private function is always suffixed by `At`,
since it was the case for route and raw netlink functions (but not for
address and link).
When a fatal error happens in a `*Subscribe*()` function, the error
was not available to the user. We add a callback function that will be
invoked when such an error happens.
This also modifies the behavior of `AddrSubscribe*()` function to turn
parse errors into fatal errors, as it happens with the other functions.
$ ip -M route add 100 dev eth0
$ ip -M route add 100 as to 200/300 dev eth0
$ ip -M route add 100 nexthop dev eth0 as to 200 \
nexthop dev eth1 as to 300
$ ip route add 10.10.0.0/24 encap mpls 200/300 dev eth0
$ ip route add 10.0.0.0/24 nexthop encap mpls 200 dev eth0 \
nexthop encap mpls 300 dev eth1
Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
- Package methods only need an empty handle.
Not a regular Handle with a couple of
sockets creation/delete.
Signed-off-by: Alessandro Boch <aboch@docker.com>
- Ties to a netlink socket. All client requests
will re-use same socket. Socket released at
handle deletion.
- Also network namespace can be specified during
handle creation. Socket will be opened on the
specified network namespace.
Signed-off-by: Alessandro Boch <aboch@docker.com>
RouteAdd expects at least Dst.IP, Src, or Gw to be set, but accesses the
destination IP without testing for Dst being nil in the first place.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
This provides the basic functionality of the iproute2 `route get`
command. It allows you to query netlink for the route to a destination
IP.Net
While implementing I noticed that the `s.Receive()` function was hanging
after the netlink response was recieved, so I added an additional clause
to break from the loop and return the decoded message if the NLM_F_MULTI
flag is not set.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Having object composition causes both client and library to
do potentially unecessary work to retrieve Link attributes
when only index is often sufficient.
