#define RTN_FAILED_POLICY 12
#endif
-#ifndef RT_TABLE_PRELOCAL
-#define RT_TABLE_PRELOCAL 128
-#endif
-
#ifndef IFA_F_NOPREFIXROUTE
#define IFA_F_NOPREFIXROUTE 0x200
#endif
system_set_dev_sysctl("/proc/sys/net/ipv6/neigh/%s/base_reachable_time_ms", dev->ifname, val);
}
+static void system_set_neigh4gcstaletime(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/gc_stale_time", dev->ifname, val);
+}
+
+static void system_set_neigh6gcstaletime(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv6/neigh/%s/gc_stale_time", dev->ifname, val);
+}
+
static void system_set_dadtransmits(struct device *dev, const char *val)
{
system_set_dev_sysctl("/proc/sys/net/ipv6/conf/%s/dad_transmits", dev->ifname, val);
dev->ifname, val);
}
+static void system_bridge_set_robustness(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_startup_query_count",
+ dev->ifname, val);
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_last_member_count",
+ dev->ifname, val);
+}
+
+static void system_bridge_set_query_interval(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_query_interval",
+ dev->ifname, val);
+}
+
+static void system_bridge_set_query_response_interval(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_query_response_interval",
+ dev->ifname, val);
+}
+
+static void system_bridge_set_last_member_interval(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_last_member_interval",
+ dev->ifname, val);
+}
+
+static void system_bridge_set_membership_interval(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_membership_interval",
+ dev->ifname, val);
+}
+
+static void system_bridge_set_other_querier_timeout(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_querier_interval",
+ dev->ifname, val);
+}
+
+static void system_bridge_set_startup_query_interval(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_startup_query_interval",
+ dev->ifname, val);
+}
+
+static void system_bridge_set_learning(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/class/net/%s/brport/learning", dev->ifname, val);
+}
+
+static void system_bridge_set_unicast_flood(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/sys/class/net/%s/brport/unicast_flood", dev->ifname, val);
+}
+
static int system_get_sysctl(const char *path, char *buf, const size_t buf_sz)
{
int fd = -1, ret = -1;
dev->ifname, buf, buf_sz);
}
+static int system_get_neigh4gcstaletime(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/gc_stale_time",
+ dev->ifname, buf, buf_sz);
+}
+
+static int system_get_neigh6gcstaletime(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv6/neigh/%s/gc_stale_time",
+ dev->ifname, buf, buf_sz);
+}
+
static int system_get_dadtransmits(struct device *dev, char *buf, const size_t buf_sz)
{
return system_get_dev_sysctl("/proc/sys/net/ipv6/conf/%s/dad_transmits",
if (!nla[IFLA_IFNAME])
goto out;
- struct device *dev = device_get(nla_data(nla[IFLA_IFNAME]), false);
+ struct device *dev = device_find(nla_data(nla[IFLA_IFNAME]));
if (!dev)
goto out;
return;
found:
- dev = device_get(interface, false);
+ dev = device_find(interface);
if (!dev)
return;
system_bridge_set_multicast_router(dev, buf, false);
}
+ if (dev->settings.flags & DEV_OPT_LEARNING &&
+ !dev->settings.learning)
+ system_bridge_set_learning(dev, "0");
+
+ if (dev->settings.flags & DEV_OPT_UNICAST_FLOOD &&
+ !dev->settings.unicast_flood)
+ system_bridge_set_unicast_flood(dev, "0");
+
return ret;
}
return (unsigned long) val * 100;
}
-int system_bridge_addbr(struct device *bridge, struct bridge_config *cfg)
+static void system_bridge_conf_multicast_deps(struct device *bridge,
+ struct bridge_config *cfg,
+ char *buf,
+ int buf_len)
{
- char buf[64];
- unsigned long args[4] = {};
+ int val;
- if (ioctl(sock_ioctl, SIOCBRADDBR, bridge->ifname) < 0)
- return -1;
+ if (cfg->flags & BRIDGE_OPT_ROBUSTNESS ||
+ cfg->flags & BRIDGE_OPT_QUERY_INTERVAL ||
+ cfg->flags & BRIDGE_OPT_QUERY_RESPONSE_INTERVAL) {
+ val = cfg->robustness * cfg->query_interval +
+ cfg->query_response_interval;
- args[0] = BRCTL_SET_BRIDGE_STP_STATE;
- args[1] = !!cfg->stp;
- system_bridge_if(bridge->ifname, NULL, SIOCDEVPRIVATE, &args);
+ snprintf(buf, buf_len, "%i", val);
+ system_bridge_set_membership_interval(bridge, buf);
- args[0] = BRCTL_SET_BRIDGE_FORWARD_DELAY;
- args[1] = sec_to_jiffies(cfg->forward_delay);
- system_bridge_if(bridge->ifname, NULL, SIOCDEVPRIVATE, &args);
+ val = cfg->robustness * cfg->query_interval +
+ cfg->query_response_interval / 2;
+
+ snprintf(buf, buf_len, "%i", val);
+ system_bridge_set_other_querier_timeout(bridge, buf);
+ }
+
+ if (cfg->flags & BRIDGE_OPT_QUERY_INTERVAL) {
+ val = cfg->query_interval / 4;
+
+ snprintf(buf, buf_len, "%i", val);
+ system_bridge_set_startup_query_interval(bridge, buf);
+ }
+}
+static void system_bridge_conf_multicast(struct device *bridge,
+ struct bridge_config *cfg,
+ char *buf,
+ int buf_len)
+{
system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_snooping",
bridge->ifname, cfg->igmp_snoop ? "1" : "0");
system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_querier",
bridge->ifname, cfg->multicast_querier ? "1" : "0");
- snprintf(buf, sizeof(buf), "%i", cfg->hash_max);
+ snprintf(buf, buf_len, "%i", cfg->hash_max);
system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/hash_max",
bridge->ifname, buf);
if (bridge->settings.flags & DEV_OPT_MULTICAST_ROUTER) {
- snprintf(buf, sizeof(buf), "%i", bridge->settings.multicast_router);
+ snprintf(buf, buf_len, "%i", bridge->settings.multicast_router);
system_bridge_set_multicast_router(bridge, buf, true);
}
+ if (cfg->flags & BRIDGE_OPT_ROBUSTNESS) {
+ snprintf(buf, buf_len, "%i", cfg->robustness);
+ system_bridge_set_robustness(bridge, buf);
+ }
+
+ if (cfg->flags & BRIDGE_OPT_QUERY_INTERVAL) {
+ snprintf(buf, buf_len, "%i", cfg->query_interval);
+ system_bridge_set_query_interval(bridge, buf);
+ }
+
+ if (cfg->flags & BRIDGE_OPT_QUERY_RESPONSE_INTERVAL) {
+ snprintf(buf, buf_len, "%i", cfg->query_response_interval);
+ system_bridge_set_query_response_interval(bridge, buf);
+ }
+
+ if (cfg->flags & BRIDGE_OPT_LAST_MEMBER_INTERVAL) {
+ snprintf(buf, buf_len, "%i", cfg->last_member_interval);
+ system_bridge_set_last_member_interval(bridge, buf);
+ }
+
+ system_bridge_conf_multicast_deps(bridge, cfg, buf, buf_len);
+}
+
+int system_bridge_addbr(struct device *bridge, struct bridge_config *cfg)
+{
+ char buf[64];
+ unsigned long args[4] = {};
+
+ if (ioctl(sock_ioctl, SIOCBRADDBR, bridge->ifname) < 0)
+ return -1;
+
+ args[0] = BRCTL_SET_BRIDGE_STP_STATE;
+ args[1] = !!cfg->stp;
+ system_bridge_if(bridge->ifname, NULL, SIOCDEVPRIVATE, &args);
+
+ args[0] = BRCTL_SET_BRIDGE_FORWARD_DELAY;
+ args[1] = sec_to_jiffies(cfg->forward_delay);
+ system_bridge_if(bridge->ifname, NULL, SIOCDEVPRIVATE, &args);
+
+ system_bridge_conf_multicast(bridge, cfg, buf, sizeof(buf));
+
args[0] = BRCTL_SET_BRIDGE_PRIORITY;
args[1] = cfg->priority;
system_bridge_if(bridge->ifname, NULL, SIOCDEVPRIVATE, &args);
return system_link_del(vlandev->ifname);
}
-static void
+void
system_if_get_settings(struct device *dev, struct device_settings *s)
{
struct ifreq ifr;
if (ioctl(sock_ioctl, SIOCGIFFLAGS, &ifr) == 0) {
s->promisc = ifr.ifr_flags & IFF_PROMISC;
s->flags |= DEV_OPT_PROMISC;
+
+ s->multicast = ifr.ifr_flags & IFF_MULTICAST;
+ s->flags |= DEV_OPT_MULTICAST;
}
if (!system_get_rpfilter(dev, buf, sizeof(buf))) {
s->flags |= DEV_OPT_NEIGHREACHABLETIME;
}
+ if (!system_get_neigh4gcstaletime(dev, buf, sizeof(buf))) {
+ s->neigh4gcstaletime = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_NEIGHGCSTALETIME;
+ }
+
+ if (!system_get_neigh6gcstaletime(dev, buf, sizeof(buf))) {
+ s->neigh6gcstaletime = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_NEIGHGCSTALETIME;
+ }
+
if (!system_get_dadtransmits(dev, buf, sizeof(buf))) {
s->dadtransmits = strtoul(buf, NULL, 0);
s->flags |= DEV_OPT_DADTRANSMITS;
snprintf(val_buf, sizeof(val_buf), "%x", val);
for (i = 0; i < gl.gl_pathc; i++)
system_set_sysctl(gl.gl_pathv[i], val_buf);
+
+ globfree(&gl);
}
static void
snprintf(buf, sizeof(buf), "%d", s->neigh6reachabletime);
system_set_neigh6reachabletime(dev, buf);
}
+ if (s->flags & DEV_OPT_NEIGHGCSTALETIME & apply_mask) {
+ snprintf(buf, sizeof(buf), "%d", s->neigh4gcstaletime);
+ system_set_neigh4gcstaletime(dev, buf);
+ snprintf(buf, sizeof(buf), "%d", s->neigh6gcstaletime);
+ system_set_neigh6gcstaletime(dev, buf);
+ }
if (s->flags & DEV_OPT_DADTRANSMITS & apply_mask) {
snprintf(buf, sizeof(buf), "%d", s->dadtransmits);
system_set_dadtransmits(dev, buf);
}
+ if (s->flags & DEV_OPT_MULTICAST & apply_mask) {
+ if (system_if_flags(dev->ifname, s->multicast ? IFF_MULTICAST : 0,
+ !s->multicast ? IFF_MULTICAST : 0) < 0)
+ s->flags &= ~DEV_OPT_MULTICAST;
+ }
system_if_apply_rps_xps(dev, s);
}
table = RT_TABLE_MAIN;
else if (!strcmp(name, "local"))
table = RT_TABLE_LOCAL;
- else if (!strcmp(name, "prelocal"))
- table = RT_TABLE_PRELOCAL;
/* try to look up name in /etc/iproute2/rt_tables */
else if ((f = fopen("/etc/iproute2/rt_tables", "r")) != NULL)
.rtm_flags = 0,
};
- if (cmd == RTM_NEWRULE) {
+ if (cmd == RTM_NEWRULE)
rtm.rtm_type = RTN_UNICAST;
- rtm.rtm_flags |= NLM_F_REPLACE | NLM_F_EXCL;
- }
if (rule->invert)
rtm.rtm_flags |= FIB_RULE_INVERT;
rule.flags = IPRULE_INET4 | IPRULE_PRIORITY | IPRULE_LOOKUP;
rule.priority = 0;
- rule.lookup = RT_TABLE_PRELOCAL;
- rv |= system_iprule(&rule, RTM_NEWRULE);
-
- rule.priority = 1;
rule.lookup = RT_TABLE_LOCAL;
rv |= system_iprule(&rule, RTM_NEWRULE);
rule.flags = IPRULE_INET6 | IPRULE_PRIORITY | IPRULE_LOOKUP;
rule.priority = 0;
- rule.lookup = RT_TABLE_PRELOCAL;
- rv |= system_iprule(&rule, RTM_NEWRULE);
-
- rule.priority = 1;
rule.lookup = RT_TABLE_LOCAL;
rv |= system_iprule(&rule, RTM_NEWRULE);
}
#endif
+#ifdef IFLA_VTI_MAX
+static int system_add_vti_tunnel(const char *name, const char *kind,
+ const unsigned int link, struct blob_attr **tb, bool v6)
+{
+ struct nl_msg *nlm;
+ struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC, };
+ struct blob_attr *cur;
+ uint32_t ikey = 0, okey = 0;
+ int ret = 0;
+
+ nlm = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE);
+ if (!nlm)
+ return -1;
+
+ nlmsg_append(nlm, &ifi, sizeof(ifi), 0);
+ nla_put_string(nlm, IFLA_IFNAME, name);
+
+ struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO);
+ if (!linkinfo) {
+ ret = -ENOMEM;
+ goto failure;
+ }
+
+ nla_put_string(nlm, IFLA_INFO_KIND, kind);
+ struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA);
+ if (!infodata) {
+ ret = -ENOMEM;
+ goto failure;
+ }
+
+ if (link)
+ nla_put_u32(nlm, IFLA_VTI_LINK, link);
+
+ if ((cur = tb[TUNNEL_ATTR_INFO]) && (blobmsg_type(cur) == BLOBMSG_TYPE_STRING)) {
+ if (sscanf(blobmsg_get_string(cur), "%u,%u",
+ &ikey, &okey) < 2) {
+ ret = -EINVAL;
+ goto failure;
+ }
+ }
+
+ if (v6) {
+ struct in6_addr in6buf;
+ if ((cur = tb[TUNNEL_ATTR_LOCAL])) {
+ if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) {
+ ret = -EINVAL;
+ goto failure;
+ }
+ nla_put(nlm, IFLA_VTI_LOCAL, sizeof(in6buf), &in6buf);
+ }
+
+ if ((cur = tb[TUNNEL_ATTR_REMOTE])) {
+ if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) {
+ ret = -EINVAL;
+ goto failure;
+ }
+ nla_put(nlm, IFLA_VTI_REMOTE, sizeof(in6buf), &in6buf);
+ }
+
+ } else {
+ struct in_addr inbuf;
+
+ if ((cur = tb[TUNNEL_ATTR_LOCAL])) {
+ if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) {
+ ret = -EINVAL;
+ goto failure;
+ }
+ nla_put(nlm, IFLA_VTI_LOCAL, sizeof(inbuf), &inbuf);
+ }
+
+ if ((cur = tb[TUNNEL_ATTR_REMOTE])) {
+ if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) {
+ ret = -EINVAL;
+ goto failure;
+ }
+ nla_put(nlm, IFLA_VTI_REMOTE, sizeof(inbuf), &inbuf);
+ }
+
+ }
+
+ if (okey)
+ nla_put_u32(nlm, IFLA_VTI_OKEY, htonl(okey));
+
+ if (ikey)
+ nla_put_u32(nlm, IFLA_VTI_IKEY, htonl(ikey));
+
+ nla_nest_end(nlm, infodata);
+ nla_nest_end(nlm, linkinfo);
+
+ return system_rtnl_call(nlm);
+
+failure:
+ nlmsg_free(nlm);
+ return ret;
+}
+#endif
+
static int system_add_proto_tunnel(const char *name, const uint8_t proto, const unsigned int link, struct blob_attr **tb)
{
struct blob_attr *cur;
str = blobmsg_data(cur);
if (!strcmp(str, "greip") || !strcmp(str, "gretapip") ||
- !strcmp(str, "greip6") || !strcmp(str, "gretapip6"))
+ !strcmp(str, "greip6") || !strcmp(str, "gretapip6") ||
+ !strcmp(str, "vtiip") || !strcmp(str, "vtiip6"))
return system_link_del(name);
else
return tunnel_ioctl(name, SIOCDELTUNNEL, NULL);
return system_add_gre_tunnel(name, "ip6gre", link, tb, true);
} else if (!strcmp(str, "gretapip6")) {
return system_add_gre_tunnel(name, "ip6gretap", link, tb, true);
+#ifdef IFLA_VTI_MAX
+ } else if (!strcmp(str, "vtiip")) {
+ return system_add_vti_tunnel(name, "vti", link, tb, false);
+ } else if (!strcmp(str, "vtiip6")) {
+ return system_add_vti_tunnel(name, "vti6", link, tb, true);
+#endif
#endif
} else if (!strcmp(str, "ipip")) {
return system_add_proto_tunnel(name, IPPROTO_IPIP, link, tb);
projects / project / netifd.git / blobdiff