b082b9f9ad94f08d3f3d2e617f71dbaf3751ccad |
|
08-Sep-2010 |
Dmitry Shmidt <dimitrysh@google.com> |
iproute2: Add ip utility Change-Id: If7072c8d1b2d23c4383a452a4b0afddad779f3c1 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/iproute2/ip/xfrm_state.c
|
cd70f3f522e04b4d2fa80ae10292379bf223a53b |
|
28-Dec-2011 |
Stephen Hemminger <shemminger@vyatta.com> |
libnetlink: remove unused junk callback Both rtnl_talk and rtnl_dump had a callback for handling portions of netlink message that do not match the correct pid or seq. But this callback was never used by any part of iproute2 so remove it.
/external/iproute2/ip/xfrm_state.c
|
cbec0219132afd1749e1b8852b8b3729988af841 |
|
11-Jun-2011 |
David Ward <david.ward@ll.mit.edu> |
xfrm: Update documentation The ip(8) man page and the "ip xfrm [ XFRM-OBJECT ] help" command output are updated to include missing options, fix errors, and improve grammar. There are no functional changes made. The documentation for the ip command has many different meanings for the same formatting symbols (which really needs to be fixed). This patch makes consistent use of brackets [ ] to indicate optional parameters, pipes | to mean "OR", braces { } to group things together, and dashes - instead of underscores _ inside of parameter names. The parameters are listed in the order in which they are parsed in the source code. There are several parameters and options that are still not mentioned or need to be described more thoroughly in the "COMMAND SYNTAX" section of the ip(8) man page. I would appreciate help from the developers with this. Signed-off-by: David Ward <david.ward@ll.mit.edu>
/external/iproute2/ip/xfrm_state.c
|
98f5519cd9db9d1ca58c49af27698101c8fff373 |
|
01-Feb-2011 |
Nicolas Dichtel <nicolas.dichtel@6wind.com> |
iproute2: add support of flag XFRM_STATE_ALIGN4 Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
/external/iproute2/ip/xfrm_state.c
|
f323f2a32c3b9c29fb91c812472b7fd663f9ae73 |
|
11-Jan-2011 |
Nicolas Dichtel <nicolas.dichtel@6wind.com> |
iproute2: allow to specify truncation bits on auth algo Hi, here is a patch against iproute2 to allow user to set a state with a specific auth length. Example: $ ip xfrm state add src 10.16.0.72 dst 10.16.0.121 proto ah spi 0x10000000 auth-trunc "sha256" "azertyuiopqsdfghjklmwxcvbn123456" 96 mode tunnel $ ip xfrm state src 10.16.0.72 dst 10.16.0.121 proto ah spi 0x10000000 reqid 0 mode tunnel replay-window 0 auth-trunc hmac(sha256) 0x617a6572747975696f707173646667686a6b6c6d77786376626e313233343536 96 sel src 0.0.0.0/0 dst 0.0.0.0/0 Regards, Nicolas >From 522ed7348cdf3b6f501af2a5a5d989de1696565a Mon Sep 17 00:00:00 2001 From: Nicolas Dichtel <nicolas.dichtel@6wind.com> Date: Thu, 23 Dec 2010 06:48:12 -0500 Subject: [PATCH] iproute2: allow to specify truncation bits on auth algo Attribute XFRMA_ALG_AUTH_TRUNC can be used to specify truncation bits, so we add a new algo type: auth-trunc. Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
/external/iproute2/ip/xfrm_state.c
|
0c7a594541df84d3497681a8ecc09b05c1449dd0 |
|
03-Feb-2011 |
Joy Latten <jml@austin.ibm.com> |
xfrm security context support Adds security context support to ip xfrm state. Signed-off-by: Joy Latten <latten@austin.ibm.com>
/external/iproute2/ip/xfrm_state.c
|
c90cda94006ed9d4a53750bd036adbfe1ae7069d |
|
23-Feb-2010 |
Jamal Hadi Salim <hadi@cyberus.ca> |
xfrm: add support for SA by mark Add support for SA manipulation by mark Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
/external/iproute2/ip/xfrm_state.c
|
15bb82c6fb9ae401f48eb7f03179ee6669496bf0 |
|
11-Jan-2010 |
Alex Badea <abadea@ixiacom.com> |
ip xfrm state: parse and print "icmp" and "af-unspec" flags Convert to/from XFRM_STATE_ICMP and XFRM_STATE_AF_UNSPEC state flags. Signed-off-by: Alex Badea <abadea@ixiacom.com>
/external/iproute2/ip/xfrm_state.c
|
1758a81f49d1360c930393d2042221f567dc52b5 |
|
18-Sep-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
ip: xfrm: Add AEAD support This patch allows the user to create/manage AEAD algorithms with the ip xfrm command. AEAD algorithms are also known as combined- mode algorithms. They provide the functionality of encryption algorithms as well as authentication algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
/external/iproute2/ip/xfrm_state.c
|
de95ae7ca7d6a290eaab2c137b74f19c78a9a1fe |
|
23-Apr-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
xfrm: Allow replay setting Hi Stephen: [IP] xfrm: Allow replay setting For certain applications there is a requirement to start the sequence number from a point other than the default. As it is the kernel provides an interface to do that but it isn't available through the ip(8) command. Since we're encouraging people to migrate over to ip(8) for manual keying, it is useful to have this ability there. This patch adds support for setting replay sequence numbers through ip(8). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Thanks, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt --
/external/iproute2/ip/xfrm_state.c
|
9414cd6d380c3a9317b6912c14e571fb5b5a4f62 |
|
08-Mar-2008 |
Stephen Hemminger <stephen.hemminger@vyatta.com> |
revert earlier mistake ALGO_NAME is okay Revert "I found out when I was writing manual page, that options ALGO_NAME and" This reverts commit 8a1485bb21bf84a7932ca849e29300853e647afc.
/external/iproute2/ip/xfrm_state.c
|
8a1485bb21bf84a7932ca849e29300853e647afc |
|
22-Feb-2008 |
Marcela Maslanova <mmaslano@redhat.com> |
I found out when I was writing manual page, that options ALGO_NAME and ALGO_KEY aren't used. If it's a bug or should it be remove it, as I did?
/external/iproute2/ip/xfrm_state.c
|
f31a37f79d1f33d4d0d6a18f3768bfee27e8b6cc |
|
01-Feb-2008 |
Stephen Hemminger <stephen.hemminger@vyatta.com> |
fix problem caused by rtnl_send checks Some usages of rtnl_send could cause errors (ie flush requests) others do a listen afterwards. Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
/external/iproute2/ip/xfrm_state.c
|
efe69c1b7220e6c89bc5ccbeceeadf7c9e09768b |
|
24-Aug-2007 |
Masahide NAKAMURA <nakam@linux-ipv6.org> |
ip: xfrm: Fix flush message. Fix xfrm state or policy flush message. And minor updates are included: o Use static buffer to show unknown value as string. o Show policy type (ptype) only when kernel specified it. o Clean-up xfrm_monitor. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
/external/iproute2/ip/xfrm_state.c
|
c1fa2253241f3cddac3519700549f98d7840b864 |
|
24-Aug-2007 |
Masahide NAKAMURA <nakam@linux-ipv6.org> |
ip: xfrm: Fix policy and state flags. o Support policy flag with string format. Note that kernel defines only one name "localok" for the flag and it has not had any effect currently. o Support state flag value XFRM_STATE_NOPMTUDISC. o Fix to show detailed flags value when "-s" option is used. o Fix minor typo. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
/external/iproute2/ip/xfrm_state.c
|
ed01e3906854516188a5d57a31eab2e5e9ba673f |
|
24-Aug-2007 |
Masahide NAKAMURA <nakam@linux-ipv6.org> |
ip: xfrm: Clean-up for internal mask to filter. Remove unused or redundant usage for xfrm_filter. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
/external/iproute2/ip/xfrm_state.c
|
bdf9e86d727156ca68fefd243afa29ad4f29f4bf |
|
20-Jun-2007 |
Stephen Hemminger <shemminger@linux-foundation.org> |
fix last change Need to use correct XFRMA_ constants. Get rid of bogus casts. Fix case where no attribute returned. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
/external/iproute2/ip/xfrm_state.c
|
0bb4a4c20c9deeac26f7239d83c8747c4dfb4d89 |
|
04-May-2007 |
jamal <hadi@cyberus.ca> |
see SAD info Stephen, Use this patch instead of the one i sent yesterday. As before, you will need to pull include/linux/xfrm.h from net-2.6 once Dave applies the kernel patch. cheers, jamal [XFRM] see SAD info i.e instead of something like ip xfrm state ls | grep -i src | wc -l do: ip xfrm state count And you get the count; you can also pass -s to the command line and get the hash info. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
/external/iproute2/ip/xfrm_state.c
|
ae665a522bd46bea44c5ea84c89c8b1731954170 |
|
05-Dec-2006 |
Stephen Hemminger <shemminger@osdl.org> |
Remove trailing whitespace Go through source files and remove all trailing whitespace Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
/external/iproute2/ip/xfrm_state.c
|
7ea4f5d33d27b23a3127b0b6ec46d0b4821d9431 |
|
05-Dec-2006 |
Masahide NAKAMURA <nakam@linux-ipv6.org> |
XFRM: Mobile IPv6 route optimization support. To support Mobile IPv6 RO, the following extension is included: o Use XFRM_MODE_XXX macro instead of magic number o New attribute option for all state: source address for deleting or getting message o New attribute options for RO: care-of address, last-used timestamp and wild-receive flag Note: Flush command like `ip xfrm state flush` is to remove all XFRM state. It has been effected for IPsec SAD but with this patch it flushes both IPsec SAD and Mobile IPv6 RO states. To make only IPsec SA flush, it is recommanded to specify each XFRM protocol like below: `ip x s f proto esp ; ip x s f proto ah ; ip x s f proto comp` Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
/external/iproute2/ip/xfrm_state.c
|
34e099e24fd3c9070b68c1286a201834c0f4ae03 |
|
19-Oct-2006 |
Stephen Hemminger <shemminger@osdl.org> |
SA and SP in IPSec BEET mode. Patch which allows for setting SA and SP also for new IPSec mode BEET, beside tunnel and transport, according to the latest changes in the kernel you can find at the following link: Signed-off-by: Diego Beltrami <diego.beltrami@gmail.com> Signed-off-by: Miika Komu <miika@iki.fi> Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
/external/iproute2/ip/xfrm_state.c
|
af1b6a41d4c7ed8aab98cfdcdafd55ec6c638b07 |
|
11-Aug-2006 |
Andy Gay <andy@andynet.net> |
Fix struct alignment with cris architecture [IPROUTE]: Fix struct alignment with cris architecture gcc for the cris arch does not pad structures to the next multiple of 4 bytes, as the i386 gcc does. This causes errors like this when displaying xfrm policies: # ip x p !!!Deficit 3, rta_len=300 src 192.168.251.32/29 dst 192.168.251.32/29 dir in priority 0 !!!Deficit 3, rta_len=180 src 0.0.0.0/0 dst 192.168.251.32/29 dir in priority 2208 .... Similar errors are seen from ip x s. This patch fixes the errors when printing. I'm not sure whether we should worry about other uses of the affected structs, I've not seen any other bad effects from this though, so hopefully this is enough. (Thanks to Herbert Xu for pointing out that NLMSG_SPACE is the correct macro to use here.) Tested against 2.6.17.6 kernel on i386, and 2.6.16.1 kernel on cris. Signed-off-by: Andy Gay <andy@andynet.net> Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
/external/iproute2/ip/xfrm_state.c
|
669ae748d6ae3a476090f7dc48dd0fa6d246f77e |
|
07-Nov-2005 |
shemminger <shemminger> |
Minor fixes from Masahide for XFRM dynamic keying
/external/iproute2/ip/xfrm_state.c
|
c595c790a08366db90654c01aba02a1bd97d73e2 |
|
02-Nov-2005 |
shemminger <shemminger> |
Fix XFRM bugs introduced by batching code. Re-introduces the SA and policy add/del events
/external/iproute2/ip/xfrm_state.c
|
737f15f6da0ed7512220f6fa5244a39777de4e0d |
|
09-Jul-2005 |
shemminger <shemminger> |
Thomas's ematch fixes for lex. Fix more GCC signedness warnings.
/external/iproute2/ip/xfrm_state.c
|
9bec1a436335457f3067a17de6ddb913bd95a184 |
|
07-Jun-2005 |
shemminger <shemminger> |
Masahide NAKAMURA <nakam@linux-ipv6.org> It fixes flush feature for IPsec(ip xfrm). Jamal gave me comment about it. I've tested it on 2.6.11.7. Please find the log below, check code and pull it: bk://bk.skbuff.net:38000/iproute2-xfrm-flush ChangeSet@1.182, 2005-04-13 21:19:44+09:00, nakam@linux-ipv6.org [ip] add "deleteall" command for xfrm; "flush" uses kernel's flush interface and "deleteall" uses legacy iproute2's flush feature like getting-and-deleting-for-each.
/external/iproute2/ip/xfrm_state.c
|
90f93024a0818dc691138d8401721e797004b042 |
|
07-Jun-2005 |
shemminger <shemminger> |
Monitor time patch from Masahide NAKAMURA
/external/iproute2/ip/xfrm_state.c
|
fb7399b2baf9018c896985c3d669422a33ce5b38 |
|
22-Mar-2005 |
linux-ipv6.org!nakam <linux-ipv6.org!nakam> |
allocspi feature support. support to specify sequence number. split printing state info function for xfrm common use. (Logical change 1.175)
/external/iproute2/ip/xfrm_state.c
|
5cf576d928c515ce8dea2500154a291477ce38ba |
|
10-Mar-2005 |
osdl.net!shemminger <osdl.net!shemminger> |
Add Esp-in-udp encapsulation (Logical change 1.152)
/external/iproute2/ip/xfrm_state.c
|
2534613eeba36f2a59a7876dbe1b291c76fcb4da |
|
18-Jan-2005 |
12!tgraf <12!tgraf> |
Switch to parse_rtattr and use XFRMA_MAX directly instead of a easly forgetable magic define (Logical change 1.129)
/external/iproute2/ip/xfrm_state.c
|
eaa34ee35d6b801cabb96aafce2ca410e3f5b31d |
|
18-Jan-2005 |
net[shemminger]!shemminger <net[shemminger]!shemminger> |
Import patch iproute2.117 (Logical change 1.119)
/external/iproute2/ip/xfrm_state.c
|
50772dc51ac02239958e1ebcdb21277fcdf133a7 |
|
07-Dec-2004 |
osdl.net!shemminger <osdl.net!shemminger> |
Add ip rule flush capabilty and fix all the prototype changes because of that code rewrites the nlmsghdr. (Logical change 1.106)
/external/iproute2/ip/xfrm_state.c
|
c70b36d231afba1700d6bb4ca1181fd9bb76c77b |
|
28-Sep-2004 |
org[shemminger]!nakam <org[shemminger]!nakam> |
[iproute2] XFRM: support ICMP/ICMPv6's type and code (Logical change 1.85)
/external/iproute2/ip/xfrm_state.c
|
29aa4dd76c0c1877d50b2d643eb081d5477ceadf |
|
28-Sep-2004 |
org[shemminger]!nakam <org[shemminger]!nakam> |
[iproute2] XFRM: fixing protocol (Logical change 1.84)
/external/iproute2/ip/xfrm_state.c
|
bd641cd661527469a9d15c0fa09f19d017c2299f |
|
28-Sep-2004 |
org[shemminger]!nakam <org[shemminger]!nakam> |
[iproute2] XFRM: using flush message type (Logical change 1.83)
/external/iproute2/ip/xfrm_state.c
|
54f7328aecfb8421b0e9ca180324aed135e780de |
|
28-Sep-2004 |
org[shemminger]!nakam <org[shemminger]!nakam> |
[iproute2] XFRM: fixing IPsec algorithm key (Logical change 1.82)
/external/iproute2/ip/xfrm_state.c
|
6dc9f016347441fbf94cf851c054b0f45ba32c1c |
|
31-Aug-2004 |
osdl.net!shemminger <osdl.net!shemminger> |
make all filtering handles take const args. (Logical change 1.77)
/external/iproute2/ip/xfrm_state.c
|
7809c61688c4a30799a07c727616887e5c885ab8 |
|
12-Aug-2004 |
net[shemminger]!shemminger <net[shemminger]!shemminger> |
Import patch xrfm-msg.patch (Logical change 1.64)
/external/iproute2/ip/xfrm_state.c
|
9e566a46f24fd89e104dea064d5233ab614f490b |
|
30-Jul-2004 |
net[shemminger]!shemminger <net[shemminger]!shemminger> |
Import patch iproute-xfrm.3 2004/07/14 00:35:49-07:00 net[shemminger]!shemminger Import patch iproute-xfrm.2 (Logical change 1.58)
/external/iproute2/ip/xfrm_state.c
|
c7699875bee00fbcd057fc62c30d6560b044e007 |
|
07-Jul-2004 |
net[shemminger]!shemminger <net[shemminger]!shemminger> |
Import patch ipxfrm-20040707_2.diff (Logical change 1.53)
/external/iproute2/ip/xfrm_state.c
|
7798b5237ef2b710c87f7f052d134d2180ffbd5c |
|
07-Jul-2004 |
net[shemminger]!shemminger <net[shemminger]!shemminger> |
Initial revision
/external/iproute2/ip/xfrm_state.c
|