Rules don't have unique identifiers, so all attributes are compared
by initializing the ID mask to ~0. This doesn't work however since
nl_object_identical verifies whether the ID attributes are actually
present before comparing the objects, which is never the case.
Work around by using the intersection of present attributes when
comparing two rule objects.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Neighbour entries for the same destination may exist on multiple
interfaces. Include the interface in the ID attributes.
Signed-off-by: Patrick McHardy <kaber@trash.net>
When resyncing a cache, there are no delete messages, so they need to
be synthesized for deleted objects.
Signed-off-by: Patrick McHardy <kaber@trash.net>
I've noticed a wrong behavior when setting up some delays in a netem
qdisc. I will try to make the things easier for the reader describing
the calls path.
To set up a delay (or jitter...) I use 'rtnl_netem_set_delay' which
requires an int parameter that tells the delay in micro seconds. Inside
this func, the delay is set up with the help of 'nl_us2ticks', which is
just an arithmetic operation (us * ticks_per_usec), where us is the
input parameter and ticks_per_usec is a global variable initialized in
'get_psched_settings'. And here is the problem:
If this variable is going to be calculated using '/proc/net/psched', I
think the file scan is not done properly.
I don't understand what the meaning of the asterisk is here:
int r = fscanf(fd, "%08x%08x%08x%*08x", &tick, &us, &nom);
if (4 == r && nom == 1000000 && !got_tick)
ticks_per_usec = (double)tick/(double)us;
The execution path never gets in the if statement, because r is always
3, and if the fourth parameter is read (avoiding the asterisk), there is
no variable to store it in, so it comes a segv. In my opinion we can get
rid of the if statement, because I think the proc psched file has always
a fixed format of 4 parameters, and 'nom' is always 1000000
(http://lxr.linux.no/#linux+v2.6.32/net/sched/sch_api.c#L1678).
Find attached a patch I did, if I am correct.
nfnl_queue_msg_send_verdict_payload() will to send the verdict, mark,
and possibly changed payload through the netlink socket.
Add a few docbook comments in other funcs.
Signed-off-by: Karl Hiramoto <karl@hiramoto.org>
Create new function nl_send_iovec() to be used to send multiple 'struct iovec'
through the netlink socket. This will be used for NF_QUEUE, to send
packet payload of a modified packet.
Refactor nl_send() to use nl_send_iovec() sending a single struct iovec.
Create new function nl_auto_complete() by refactoring nl_send_auto_complete(),
so other functions that call nl_send may also use nl_auto_complete()
Signed-off-by: Karl Hiramoto <karl@hiramoto.org>
libnl-route must be handled before libnl-nf in lib_LTLIBRARIES since
the later depends on the former. Additionally nf-monitor, nl-list-caches,
nl-list-sockets and nl-util-addr have been dropped from the Makefile.
Signed-off-by: Patrick McHardy <kaber@trash.net>
addr_obj.ops.oo_id_attrs included ADDR_ATTR_PEER, so any address that
didn't have a peer address set would compare as unequal to itself,
meaning it could never be removed from a cache after it was added, etc.
I found the following bug, where nlmsg_ok() in lib/msg.c would
incorrectly return 'true' when the input argument 'remaining' was a negative
number. This happens when the message is not aligned the way that libnl
expects (although it is still legal).
In the comparison of the signed and unsigned numbers on line 284, the signed
number gets converted to an unsigned number, which is unexpected and
naturally produces a bug. My patch is below. The cast is ugly, but it
fixes the problem.
Issues solved:
* PACKAGE_VERSION was abused for SOVERSION
* unneeded DEP stage
* did not support out-of-tree builds
* no way to turn off silent mode
* overriding CFLAGS at make time was not supported
* no static libs were provided
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Current calculation is always off, not reflecting the right position
in the bitmap, which results in failures due to conflicts (detected at
the kernel level) when trying to open a new handle.
Signed-off-by: Inaky Perez-Gonzalez <inaky@linux.intel.com>
Instead of calling the membership functions several times it is
helpfull to extend the API and make the single group functions a
special case.
The value 0 (NFNLGRP_NONE) terminates this list.
Example use:
nl_socket_add_memberships(sock, group_1, group_2, 0);
nl_socket_drop_memberships(sock, group_1, group_2, 0);
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
commit e92539843a0c7e5116254382626cce226bf2135e
Author: Patrick McHardy <kaber@trash.net>
Date: Thu Oct 23 13:46:16 2008 +0200
libnl: nfqueue: add nfqueue specific socket allocation function
nfqueue users usually send verdict messages from the receive callback.
When waiting for ACKs, the receive callback might be called again
recursively until the stack blows up.
Add a nfqueue specific socket allocation function that automatically
disables ACKing for the socket.
Signed-off-by: Patrick McHardy <kaber@trash.net>
we're using libnl-1.1 for a project. When trying to delete all
addresses of an interface by only setting interface index and
address family of an rtnl_addr and executing rtnl_addr_delete()
we received some error (I don't remember what it was).
The bug(?) is in build_addr_msg() in lib/route/addr.c:
IFA_ADDRESS is set to a_local when a_peer is not set,
without checking if a_local was set. We just added
if (tmpl->ce_mask & ADDR_ATTR_LOCAL)
after the "else" (line 496 in the current git).
Hello! It seems that libnl is missing an include for limits.h, which
causes it to FTBFS when glibc 2.8 is installed (currently in
experimental, so I left this bug severity at "normal").
