Commit Graph

22 Commits

Author SHA1 Message Date
Derek Dagit dbf1bd04f9 Linux rule list results have Family populated
Fixes #708
2023-07-28 08:26:29 -07:00
Nikolay Aleksandrov ced5aaba43 rule: add support for FRA_PROTOCOL
Add support for ip rules' FRA_PROTOCOL attribute and also check for it
when testing rules. The default ip rule protocol is RTPROT_UNSPEC (0) so
we set the attribute only when it is >0.

Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>
2023-03-16 09:30:32 -07:00
Manjiri Gadagkar 20de99527f rule: add support for uidrange
Rename rule.UID as rule.UIDRange
2022-07-28 08:58:17 -07:00
Artem Glazychev d6b03fdeb8 Fix review comment
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
2022-01-18 11:05:37 -06:00
Zihong Zheng 5a3e901175 rule: add support for ipproto
This is similar to https://github.com/vishvananda/netlink/pull/511,
but this time for the ipproto option:
```
ip rule add ipproto xxx table main
```
2022-01-18 11:05:37 -06:00
Sig Lange e1a867c6b4 fix size required for a uint64 2021-08-11 12:18:23 -07:00
Tobias Klauser 4ef7bcbf15 Don't re-initialize or shadow package level var native to fix data race
The package level var native (holding the native endianness) is
initialized at package load time. Thus there is no need to re-initalize
it in functions using it, e.g. (*Handle).filterModify, parseU32Data,
parseFwData, parseBpfData and parseMatchAllData.

This fixes a data race between these functions and any read access of
var native, e.g. in LinkDeserialize as reported in issue #633.

Also don't re-declare local variables shadowing the global package-level
var.

Fixes #633

Signed-off-by: Tobias Klauser <tobias@cilium.io>
2021-05-10 07:24:37 -07:00
Wu Zongyong e909d4e8ec rule_linux: convert IIFNAME and OIFNAME to null terminated string
Strings in GO is not null-terminated while linux is written by
C and strings in C is null-terminated. Request will fail if we
perform rule request with not null-terminated iifname or ofiname,
with error message "no such file or directory".

Signed-off-by: Wu Zongyong <wuzongyong@linux.alibaba.com>
2020-09-14 10:47:31 -04:00
Chris Tarazi 564132f787 Implement RuleListFiltered
This commit adds the ability to list rules in a filtered manner, similar
to RouteListFiltered.

Signed-off-by: Chris Tarazi <tarazichris@gmail.com>
2020-06-03 11:26:35 -07:00
chendotjs a2e8781202 rule: add support for dport/sport 2020-02-10 06:52:06 -08:00
Amit Nishry 7ed9c95980 rule, add TOS
Signed-off-by: Amit Nishry <amit.nishry@gmail.com>
2020-02-09 10:15:44 -08:00
yandong.yan c8c507c80e fix: fix ip rule goto bug 2019-06-03 19:20:42 -07:00
Alessandro Boch 6174cd873f Support invert in ip rules
Signed-off-by: Alessandro Boch <aboch@tetrationanalytics.com>
2017-11-08 03:31:45 -08:00
Ian Bishop 0e3b74dbe2 replace syscall with golang.org/x/sys/unix 2017-10-26 09:45:08 -07:00
kishiguro 4fe6bd0383 Add Family to struct Rule so that user can specify address family. 2017-09-05 23:13:17 -07:00
Kojima Takanori e1813385ef Fix bug in ruleHandle: allocate different buffers for each rtattr 2016-11-03 19:48:18 -07:00
Vish Ishaya 0bc457d244 fix darwin build by moving code (#138)
Fixes issue #135
2016-06-15 08:44:14 -07:00
Alessandro Boch f116a3048a Use package empty handle for pkg APIs (#117)
- Package methods only need an empty handle.
  Not a regular Handle with a couple of
  sockets creation/delete.

Signed-off-by: Alessandro Boch <aboch@docker.com>
2016-05-09 16:55:00 -07:00
Alessandro Boch 14f41c27fa Provide netlink handle (#104)
- Ties to a netlink socket. All client requests
  will re-use same socket. Socket released at
  handle deletion.
- Also network namespace can be specified during
  handle creation. Socket will be opened on the
  specified network namespace.

Signed-off-by: Alessandro Boch <aboch@docker.com>
2016-05-08 11:35:49 -07:00
Hubert Krauze 487b33a083 Support Rule tun id 2015-12-09 14:14:24 +01:00
Hubert Krauze 97758f316b Remove FlagMask from Rule 2015-12-09 14:07:11 +01:00
Marek Polewski 89945b09c0 Add support for rules 2015-11-26 11:50:07 +01:00