History log of /external/iproute2/tc/m_ipt.c
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
ff24746cca1ef0c92d46614158e6672acd6b63d3 10-Apr-2012 Stephen Hemminger <shemminger@vyatta.com> Convert to use rta_getattr_ functions

User new functions (inspired by libmnl) to do type safe access
of routeing attributes
a3da01c519ed13714ad80be3a771e81ae10ea835 23-Nov-2011 Thomas Jarosch <thomas.jarosch@intra2net.com> tc: Remove unused variable 'res'.

Detected by cppcheck.

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
1a6543c56bead259a44d5d1f288392503eaec292 03-Oct-2011 Thomas Jarosch <thomas.jarosch@intra2net.com> Fix memory leak of lname variable in get_target_name()

Detected by cppcheck.

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
f2e27cfb016e2465cd3f07e0b556058060702578 06-Nov-2009 Mike Frysinger <vapier@gentoo.org> support static-only systems

The iptables code supports a "no shared libs" mode where it can be used
without requiring dlfcn related functionality. This adds similar support
to iproute2 so that it can easily be used on systems like nommu Linux (but
obviously with a few limitations -- no dynamic plugins).

Rather than modify every location that uses dlfcn.h, I hooked the dlfcn.h
header with stub functions when shared library support is disabled. Then
symbol lookup is done via a local static lookup table (which is generated
automatically at build time) so that internal symbols can be found.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
52d6a850505d70a699fc89604986c45b0cd0c54e 27-Mar-2009 Stephen Hemminger <stephen.hemminger@vyatta.com> remove duplicate limits.h
a589dcda9cc10c8475db18258e6456c1d9c15371 07-Feb-2009 Denys Fedoryschenko <denys@visp.net.lb> Fix memory leak in local options

This change was forgotten by Stephen in the last release

Signed-off-by: Denys Fedoryschenko <denys@visp.net.lb>
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
bdc213423ad9c0edcacef2fcf98294f239e4c4de 08-Jan-2009 Stephen Hemminger <stephen.hemminger@vyatta.com> Fix leftovers from earlier change

Still had references to l_name.
6e34e7dc0ae01176f1c2a2fa2e6310b0e04ae204 07-Jan-2009 Denys Fedoryshchenko <denys@visp.net.lb> Fix tc/m_ipt memory leaks

1)optind according iptables sources have to be set to 0. If it is set to 1, in
batch it will mess up things. Also in iptables sources i notice that ->tflags
and ->used need to be reset.

2)Since target->t = fw_calloc(1, size); allocated memory in function build_st,
it have to be freed at the end, or in batch we will have memory leak. TODO:
Probably it must be freed in all "return -1" cases in parse_ipt after
build_st. About this i am not sure, up to Stephen.

3)new_name was malloc'ed, but not freed
4c7abb271b8fc44caa40388d02bdd0de196d0dac 31-Dec-2007 Stephen Hemminger <stephen.hemminger@vyatta.com> Merge branch 'master' into net-2.6.25
53c017880b311d7d68926109d4248c900286f6b7 24-Dec-2007 Denys Fedoryshchenko <nuclearcat@nuclearcat.com> iptables compatiablity

New iptables 1.4.0 has some library names changed from libipt to libxt.
It is prefferable also to open libxt_ first, as newer "style".

Signed-off-by: Denys Fedoryshchenko <nuclearcat@nuclearcat.com>
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
ece02ea0a388a0bda5e5dff425fe93e50b2d5c9b 10-Dec-2007 Stephen Hemminger <shemminger@linux-foundation.org> Fix breakage from netfilter/ip_tables header change.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
f7cd9b0354c1d60415f5aaddf3e608ca0e546e1b 22-Aug-2007 Stephen Hemminger <shemminger@linux-foundation.org> Fix m_ipt build

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
c6ab5b824714fd89a5799c91ddbee975c3c84f75 20-Jun-2007 Patrick McHardy <kaber@trash.net> [Fwd: Re: more iproute2 issues (not critical)]

This one also makes sense for the release I guess.

-------- Original Message --------
Subject: Re: more iproute2 issues (not critical)
Date: Sat, 31 Mar 2007 16:16:56 +0200
From: Patrick McHardy <kaber@trash.net>
To: Denys <denys@visp.net.lb>
CC: Stephen Hemminger <shemminger@linux-foundation.org>,
References: <20070321175951.M73913@visp.net.lb>
<46026717.9060909@trash.net> <20070322124533.M79867@visp.net.lb>
<46027FF2.6020001@trash.net> <20070322101224.3e6bb899@freekitty>
<20070331021401.M17326@visp.net.lb> <20070331023011.M8101@visp.net.lb>

Denys wrote:
> Ooops, sorry, it seems my fault, no library exist on this system.
> But i guess it must not coredump in this case? Is it possible to check if
> library not exist and just print some nice message?
> It is trivial i guess.

The problem is that lib_dir is NULL when calling get_target_names.
This patch fixes it.

[IPROUTE]: m_ipt: fix crash when dumping rules

lib_dir is NULL when calling get_target_name, causing a NULL pointer
dereference in the strlen call.

Signed-off-by: Patrick McHardy <kaber@trash.net>
9aa446896e2085e9993d9c299d62fe477ff3cf95 08-Mar-2007 jamal <hadi@cyberus.ca> Old bug on tc

> It is in current git tree.

A small fix attached after some testing.
Please dont forget to apply my other patches. When you have them let me
know so i can do some more testing.


[TC] Get iptables path selection to set correct path

A small tweak on top of Stephens patch

Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
de539ecf6cc04530ee88839722be700fd1b0db01 06-Mar-2007 Stephen Hemminger <shemminger@linux-foundation.org> iptables library fix

Don't hard code iptables library path. Allow use of environment variable.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
95dd5950491a4f60265494969731c019fcd7f9bc 06-Mar-2007 Mike Frysinger <vapier@gentoo.org> do not ignore build failures in subdirs of iproute2

if a file fails to compile in a subdir of iproute2 fails (say "tunnel.c" in
the "ip" dir), the top level makefile does not abort:
all: Config
@for i in $(SUBDIRS); \
do $(MAKE) $(MFLAGS) -C $$i; done

the attached patch inserts a 'set -e' so that if the $(MAKE) fails, the all
target fails as well
ae665a522bd46bea44c5ea84c89c8b1731954170 05-Dec-2006 Stephen Hemminger <shemminger@osdl.org> Remove trailing whitespace

Go through source files and remove all trailing whitespace

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
6d4662d4f7508fa9d247ab0f5a179946722499fc 23-Jun-2005 shemminger <shemminger> From: Pablo Neira

Hi jamal,

I found some spare time to play around a bit more with you ipt action stuff.

I've tested the patch attached with the testcase here below. It works
fine here. It fixes broken target option checkings (final_check) and a
leak in the merge_options function. I've killed copy_options since I
didn't find any reason why we need it.

--- test.sh ---
tc qdisc del dev wlan0 ingress
tc qdisc add dev wlan0 ingress
tc filter add dev wlan0 parent ffff: protocol ip prio 6 u32 \
match ip src flowid 1:16 \
action ipt -j TOS --set-tos Maximize-Reliability
sleep 3
tc -s filter ls dev wlan0 parent ffff:
--- end of test.sh ---


tablename: mangle hook: NF_IP_PRE_ROUTING
target: TOS set Maximize-Reliability index 0
filter protocol ip pref 6 u32
filter protocol ip pref 6 u32 fh 800: ht divisor 1
filter protocol ip pref 6 u32 fh 800::800 order 2048 key ht 800 bkt 0
flowid 1:16
match c0a80002/ffffffff at 12
action order 1: tablename: mangle hook: NF_IP_PRE_ROUTING
target TOS set Maximize-Reliability
index 18 ref 1 bind 1 installed 3 sec used 0 sec
Action statistics:
Sent 725 bytes 7 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0

Now, check if options passed to the target are correct.

# tc filter add dev wlan0 parent ffff: protocol ip prio 6 u32 \
match ip dst flowid 1:16 \
action ipt -j TOS --set-tos
missing parameter

ipt: option `--set-tos' requires an argument
tc-ipt v0.1: TOS target: Parameter --set-tos is required
Try `tc-ipt -h' or 'tc-ipt --help' for more information.

btw, how's your schedule ? did you finally get spare time to come to the
netfilter workshop in seville ?

894b1c66872ceb943e8e1b8a3c121ce7e9cc2fd9 30-Mar-2005 net[shemminger]!shemminger <net[shemminger]!shemminger> Import patch p_mipt

(Logical change 1.180)
65840e27ba0ad201fbcb143d38f94197963645d5 10-Mar-2005 osdl.net!shemminger <osdl.net!shemminger> put register_target in and get rid of code that ease
duplicated then marked with if 0

(Logical change 1.156)
78934000777e1f1837450ed6bfe738df1fde5a03 18-Jan-2005 2!tgraf <2!tgraf> Use parse_rtattr_nested

(Logical change 1.129)
fc78a8e98dcb8efad64b06dc65716d97fc99b307 18-Jan-2005 2!tgraf <2!tgraf> Use NLMSG_TAIL

(Logical change 1.127)
1ffd7fd23eeaff57eb3b83b9dbbbda89ddf030e3 18-Jan-2005 net[shemminger]!shemminger <net[shemminger]!shemminger> Import patch iproute2.110

(Logical change 1.112)
3e1d2ea6abe3c0f2fe9e180187e7f48efc80f290 18-Jan-2005 net[shemminger]!shemminger <net[shemminger]!shemminger> Initial revision