94b2ab92f6e886d24092781159714be75c9f3954 |
|
04-Aug-2015 |
Paul Jensen <pauljensen@google.com> |
Make netd calls to iptables wait for xtables lock Without this wait iptables commands can fail with various unpleasant consequences like Log.wtf() or missing iptables rules. The most critical calls to iptables in NetdConstants.cpp already wait for the lock. Bug:22802665 Change-Id: I7d542c3d4f0e005618e368da674159b90d652c8a
/system/netd/server/NatController.cpp
|
32d768792bcd5860512998543f6904d91da1a9b7 |
|
25-Feb-2015 |
Lorenzo Colitti <lorenzo@google.com> |
Separate NAT from forwarding. Bug: 19500693 Change-Id: Ib3871106ea3c0d68327611e7568c0710210e4ff2
/system/netd/server/NatController.cpp
|
e8164ddc8204b626c1144a0a504754bf6622c6fd |
|
02-Oct-2014 |
Lorenzo Colitti <lorenzo@google.com> |
Fix MSS clamping. http://ag/553410 added an iptables chain and rule to do MSS clamping for tethered clients, but did not add the chain to any other chains, so the rule had no effect. Fix this by adding the chain to the proper forwarding chains. Also rename some of the new variables and constants so they are more consistent with the previous code. Bug: 17552732 Bug: 17727533 Change-Id: I9fcae31de5c0283d7d9f1dac989de84f77c5e53c
/system/netd/server/NatController.cpp
|
6b6f22fac4c33fcd349aaf6970bbdc191db752a3 |
|
18-Sep-2014 |
Gordon Gao <njh348@motorola.com> |
Enable tcp mss clamp for Tethering With this change, IPv4 tethering clients (such as PC) with default MTU size 1500 will be configured again in the phone to use MTU matching the carrier network, then no IP fragemention in the phone and have higher data throughput for tethering. bug:17552732 Change-Id: Ia306b1b8454da1b0e2d9c320e770aeff172d5fc4
/system/netd/server/NatController.cpp
|
8b3b91c6cad577e2928a29073fc962c57ef75af5 |
|
22-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Try to undo iptables rules if a command fails. As per review comments at: https://googleplex-android-review.git.corp.google.com/#/c/504240/5/server/NatController.cpp@194 Bug: 15413694 Bug: 15413741 Change-Id: I99e2f83792fa81498447e4c03f5f8be1d2c43b7d
/system/netd/server/NatController.cpp
|
87475a1471373b72ffc9f81f17dfd7884723fa86 |
|
16-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Fix WiFi-Direct and Tethering. A LocalNetwork object now always exists in the NetworkController, with a fixed NetId that's guaranteed not to collide with NetIds created by the framework. When routes are added on an interface tracked by the LocalNetwork, they are added to a fixed "local_network" table. When NAT is enabled, we add a special "iif -> oif" tethering rule. Bug: 15413694 Bug: 15413741 Change-Id: I36effc438d5ac193a77174493bf196cb68a5b97a
/system/netd/server/NatController.cpp
|
6a773534e7f8541f221f27fb8063af079b1a5936 |
|
11-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Fix tethering in the case of a regular upstream connection. Fixes tethering via Ethernet, Bluetooth and WiFi (hotspot). Tethering when the upstream has a DUN-specific APN is likely still broken (untested). For now, assign a fixed NetId (a hack) until we can change the framework to create a valid NetworkAgent and all that jazz. Bug: 15968336 Bug: 14988803 Change-Id: Idcf4d492d9329a9c87913e27be6dd835a792bea2
/system/netd/server/NatController.cpp
|
e09b20aee85f1dfd8c18c3d8581ac875d939ba70 |
|
06-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Add full support for UIDs in VPNs. Major: + Implement the functions mentioned in http://go/android-multinetwork-routing correctly, including handling accept(), connect(), setNetworkForSocket() and protect() and supporting functions like canUserSelectNetwork(). + Eliminate the old code path of getting/setting UID ranges through SecondaryTableController (which is currently unused) and mUidMap. Minor: + Rename some methods/variables for clarity and consistency. + Moved some methods in .cpp files to match declaration order in the .h files. Bug: 15409918 Change-Id: Ic6ce3646c58cf645db0d9a53cbeefdd7ffafff93
/system/netd/server/NatController.cpp
|
69261cb65186e27dfbdc1e3eec796437f9968ff9 |
|
20-Jun-2014 |
JP Abgrall <jpa@google.com> |
server: check interface names in RPC arguments for validity This patch introduces a method isIfaceName that checks interface names from various RPCs for validity before e.g. using them as part of iptables arguments or in filenames. All of these RPC calls can only be called from applications with at least the CONNECTIVITY_INTERNAL permission in recent Android versions, so the impact of the missing checks luckily isn't very high. Orig-Author: Jann Horn <jann@thejh.net> Change-Id: I80df8d745a3de99ad02d6649f0d10562c81f6b98 Signed-off-by: JP Abgrall <jpa@google.com>
/system/netd/server/NatController.cpp
|
56afacf838d24cf8e54d2cf0d8ab9182ab704125 |
|
29-May-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Turn on C++11 and make all warnings into errors. As a consequence: + Comment out the names of all unused parameters. + Remove all unused variables and functions. In server/Android.mk, there are a couple of non-trivial changes: + Use libcxx instead of stlport. This is needed to fix a bunch of errors due to specifying -std=c++11. + LOCAL_SHARED_LIBRARIES is sorted. Technically, the order in which libraries are listed has an effect on linking, but nobody should be doing such brittle things anyway. Change-Id: I0aff5b745e04609da23144d0e8be4c5694321b8b
/system/netd/server/NatController.cpp
|
f4cfad361175a7f9ccf4d41e76a9b289c3c3da22 |
|
21-May-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Move netd_client into netd. Change-Id: Ie4b6b303225c93f2448a503d6ea9cebb552cbad5
/system/netd/server/NatController.cpp
|