ca5b4e8d0d8219273ecf0961ed6e8c47ab5d798a |
|
21-Nov-2013 |
JP Abgrall <jpa@google.com> |
SecondaryTableController: force the MSS to match pmtu on TCP SYN Without this change, the VPN sets up a tun/ppp that needs a small MTU, and during TCP SYN the MSS will end up matching the outgoing iface MTU which is potentially too big. This leads to connection flakiness. The wrong MSS is visible by tcpdump-ing on the tun/ppp device. With this change, the MSS now is correct. It requires the kernel to be configured with CONFIG_NETFILTER_XT_TARGET_TCPMSS=y If kernel is not configured, it silently fails. Bug: 11579326 Change-Id: I254d8c39435b92dff91931e461e1efb8b35f6b1e
/system/netd/SecondaryTableController.cpp
|
2349aa60771baae85b1f5fc96e653ac2ef95034b |
|
16-Jul-2013 |
Chad Brubaker <cbrubaker@google.com> |
Host exemption now handles premarked sockets Host exemption now properly handles routing for sockets that were already marked Change-Id: I55d5c00754036a5ef49379170c37607d3e71a1e8
/system/netd/SecondaryTableController.cpp
|
da7df7c8f009f014486343cfbbaaae2a766f3a2b |
|
11-Jul-2013 |
Chad Brubaker <cbrubaker@google.com> |
Add netd commands to get marks for routing Add commands for fetching the mark associated with routing a uid and for fetching the mark associated with avoiding the fwmark routing rules Change-Id: I4accd1a9aecd91f6f0630eb1a5466a81e309eeac
/system/netd/SecondaryTableController.cpp
|
4a946095dad15548ae399665be111be9cb1d9aa6 |
|
10-Jul-2013 |
Chad Brubaker <cbrubaker@google.com> |
Add destination host exemption to VPN routing requestRouteToHost requires the ability to punch holes in the VPN for certain addresses, this adds support for this under mark based VPNs. Change-Id: I9d890829048624d43c0f1efaec54563a860e850f
/system/netd/SecondaryTableController.cpp
|
2251c0fbcf24a9c8fd77b23851f60304087bab2b |
|
28-Jun-2013 |
Chad Brubaker <cbrubaker@google.com> |
Add support for fwmark split tunneling Packets are now only marked for fwmark if their destination is in one of the routes for the target interface. Change-Id: Ided4ad992c4cf957d77ae11fa62ac4843a8592c7
/system/netd/SecondaryTableController.cpp
|
d2617936acc15567fc5111bbdb4dde20845c3cba |
|
22-Jun-2013 |
Chad Brubaker <cbrubaker@google.com> |
Add netd support for uid based routing for DNS DNSProxyListener now supports bionic changes for marking DNS requests for routing DNS requests with the uid routing rules Change-Id: Iac9aa1bb14834be6da5e512405f23c6a72dc71ed
/system/netd/SecondaryTableController.cpp
|
8830b94cf4824e5a6c738d39d3015c8eec976352 |
|
12-Jun-2013 |
Chad Brubaker <cbrubaker@google.com> |
Make uid marking rule's API consistent Make the netd binds for adding uid iptables mark rules consistent with the other per uid range binds. Change-Id: I97d1576f4ac11368bf6ede866229e456a2ed24da
/system/netd/SecondaryTableController.cpp
|
7a6ce4bed8569745798bcc26f51d6f306ebdba94 |
|
07-Jun-2013 |
Chad Brubaker <cbrubaker@google.com> |
Add netd support for marked packet forwarding Add binds in netd for setting up fwmark rules to be used with the per uid marking to do per uid routing. Change-Id: Id4f315dd1aec73f074e233c2e3f70eb24b4c537a
/system/netd/SecondaryTableController.cpp
|
9a50889a22c1d93c9e1a14873cde8fc1508f66fd |
|
01-Jun-2013 |
Chad Brubaker <cbrubaker@google.com> |
Add netd binds for UID based routing Add methods for add per uid mark rules to push all traffic from specific uids to specific interfaces. Allows for per uid routing for per uid VPNs. Change-Id: I8492c668e2c96010b0f74ea7e367f0b4471238ad
/system/netd/SecondaryTableController.cpp
|
001f0a436e9fe0353dccd98ee34b91095d9ed1a1 |
|
31-Jan-2013 |
Rom Lemarchand <romlem@google.com> |
Replace system_nosh call with android_fork_execvp Replace the system_nosh call with the android_fork_execvp from liblogwrap. Change-Id: Idfbc6bcf0bef16d4ee90d6af6bd4b07bc79913bb
/system/netd/SecondaryTableController.cpp
|
4e157a5c901baa020dcc71ca453c31d462272e50 |
|
29-Feb-2012 |
Robert Greenwalt <rgreenwalt@google.com> |
resolved conflicts for merge of 924e6e4d to master Change-Id: I98212c9d7004a9ae38e463036ae6ca97b9569dda
|
3c20787d7935c2016e8e3cc49d8f15647c12c41c |
|
12-Jan-2012 |
Jaime A Lopez-Sollano <jaimel@quicinc.com> |
Increase the valid name of the iface to IFNAMSIZ Define MAX_IFACE_LENGTH as IFNAMSIZ instead of 10, to prevent netd from treating an interface name 'rmnet_sdio0' as invalid. Also fix an off-by-one error. bug:5675718 Change-Id: I2b6ba823c89941031e5898b24dab388cd9c2dae8
/system/netd/SecondaryTableController.cpp
|
d14fd4f83ffeea4ad1cd559a41f775f6814565cc |
|
12-Jan-2012 |
Jaime A Lopez-Sollano <jaimel@quicinc.com> |
Increase the valid name of the iface to IFNAMSIZ Define MAX_IFACE_LENGTH as IFNAMSIZ instead of 10, to prevent netd from treating an interface name 'rmnet_sdio0' as invalid. Also fix an off-by-one error. Change-Id: If6b2b27d2da6eb72f01c090cbe4f7dc2b9c296ae
/system/netd/SecondaryTableController.cpp
|
c462177bd58e3bf0ac4f618934dae060569e3e0b |
|
31-Jan-2012 |
Robert Greenwalt <rgreenwalt@google.com> |
Keep better tabs on secondary tables. We had some places (NatController) where routes were being set but not accounted for in the number-of-routes talley so we could end up thinking the table was empty and not clean up after ourselves properly. Also consolidated constants. bug:5917475 Change-Id: I98a41d433e1d4b4ca6692fb2328e2c9afc828145
/system/netd/SecondaryTableController.cpp
|
5ea0c05a1e7d8e664b808aa1bb1efd08fdb2fb13 |
|
06-Jan-2012 |
Steve Block <steveblock@google.com> |
Rename (IF_)LOGE(_IF) to (IF_)ALOGE(_IF) DO NOT MERGE See https://android-git.corp.google.com/g/#/c/157220 Bug: 5449033 Change-Id: I8ab66debe4d0c3857a4b80f6f7b6925a352cda87
/system/netd/SecondaryTableController.cpp
|
9e5e0ce62e88ddf9a09798eda51b0c270d354c8e |
|
15-Dec-2011 |
JP Abgrall <jpa@google.com> |
netd: fix argument interpretation bug While working around the logwrap() issue, it was replaced with system() which could lead to various commands getting misinterpreted. We now use a system() equivalent that doesn't use "sh -c". Bug:5758556 Change-Id: I2599b526ac34bcfca18d05261286d902d547efda
/system/netd/SecondaryTableController.cpp
|
063af322b48ab1bb0c3e09eb0b64915ba568275b |
|
19-Nov-2011 |
Robert Greenwalt <rgreenwalt@google.com> |
Fix some syntax issues with IP command. Was not building secondary tables properly. Also IPv6 host routes were failing. bug:5615697 Change-Id: I0d5ad2ed7d13e4d5bd8c2f8ce15fc0ccb36a4690
/system/netd/SecondaryTableController.cpp
|
fc97b82e02979f246d56a4bfd60e4aab8686d3f6 |
|
03-Nov-2011 |
Robert Greenwalt <rgreenwalt@google.com> |
Start using IP tool for advanced routing. bug:5495862 bug:5396842 Change-Id: I51f21060947f57e63b18c4d35e9d49fac488d48a
/system/netd/SecondaryTableController.cpp
|