| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
After commit ebd3d8417c7a ("interface: fix moving interface address routes to
the table specified by ip[46]table"), it is no longer possible for clients on
LAN to reach machines on the WAN.
This patch restores support for clients on LAN reaching clients on WAN by using
rules. The rules are placed after the address rules, in order to make sure that
traffic originating from the router is routed correctly.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
interface_ip_set_enabled() is usually called two times right after one another,
once to handle config_ip and once to handle proto_ip. As long as
ip->iface->l3_dev.dev is set, the local/source policy rules are updated.
This value is in several cases set on both config_ip and proto_ip, causing the
rules to be added multiple time. The reason is that the kernel does not respect
the NLM_F_* flag for rules. In other words, the rule state has to be managed by
the routing daemon.
Since the local/source policy rules are bound to iface, this commit solves the
problem by adding a flag to interface which stores the current rule state. The
flag follows the enabled-paramter passed to interface_ip_set_enabled(), similar
to route-> and addr->enabled. The flag breaks the alignment of the interface
struct, but based on earlier commits this seems to be ok.
I have tested the patch in different configurations and have not found any
regression.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
handling for prefixes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
When the kernel subnet route has to be replaced, the cleanup call needs
to match the properties of the replacement route exactly, mainly the
metric and the routing table.
Fix handling this by embedding the device_route for the subnet in the
device_addr struct and using it in the cleanup path.
This fixes issues on config reload with changes to the routing table
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
ip[46]table
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
|
|
|
|
|
|
A /31-addressed interface requires a broadcast address of 255.255.255.255,
because there is no room for a proper broadcast address. Without this,
any packet destinated to the other end of the link is sent as broadcast,
which is incorrect.
For consistency with the Linux kernel, /32-addressed interfaces are
treated in the same way.
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
|
|
Comparing valid_until will always return false as the value is updated for each
route update message. This causes IPv6 routes to jump more around than House of
Pain, which might have undesirable consequences for user-space and user-space
applications.
Removing the valid_until comparison when setting keep fixes this problem, and
seems to have no side-effects. I am no IPv6 expert, but I see that valid of the
route is updated correctly and route is deleted if I block the route update
messages.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
Routes are now inserted in the correct routing table when interface ip4table and/or
ip6table was changed during interface_change_config
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Prevents the creation of identical address and network IP rules
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Remove ip loop policy rules as workaround for the kernel using unspecified address
to lookup locally originating traffic is fixed by http://lkml.iu.edu/hypermail/linux/kernel/1505.0/03094.html
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
The ip6ifaceid UCI interface parameter makes the interface identifier of the delegated IPv6 address configurable.
The parameter can have the following values:
eui64 : Interface identifier is generated from the interface's MAC address
random : Interface identifier is generated randomly
fixed value : Interface identifier is a fixed value (eg ::1:2)
The latter is the default value with a fixed value of ::1 for backwards compatibility
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Joeri Barbarien <joeri.barbarien@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
on-link routes for prefixes bigger than /64 make no sense and
might confuse some users
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Fix clear_if_addr for IPv6 addresses as an incorrect number of bytes were memset due to wrong sizeof argument
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Use system_is_default_rt_table() to test whether the resolved routing table
is the default one, in this case do not apply the table attribute to the
route object.
This is needed for backwards compatibility - only routes using a non-default
table shall report it in the ifstatus output.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Patch adds route type support in netifd by means of the route parameter type.
By default the route type was unicast; the parameter adss support for local/broadcast/multicast/unicast routes which will be put into the appropriate routing table.
If route type parameter is unset the route type will be unicast as before.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Not necessary since route table parameter is used as key element in route_cmp
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
Allows to add identical routes in different routing tables
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
No need to install policy routes if the prefix address cannot be installed; clean up of the policy routes
and the prefix address only needs to happen when the prefix assignment was active.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
interface name must be added to Link-local IPv6
DNS servers, otherwise they are unusable.
Signed-off-by: Ulrich Weber <uw@ocedo.com>
|
|
Interface metric needs to be assigned to the route metric parameter at route creation time. Otherwise if the interface metric is different from 0 route_cmp will wrongly conclude the routes are different.
In this case the route will be added/deleted and could end up with the route missing in the kernel depending on the add/delete order.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Actually check netlink return values and remember failure.
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Routing table parameter needs to be checked in interface_update_proto_route; a route which
has an identical nexthop but a different routing table needs to be deleted and added in the
correct routing table.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
