| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `len` parameter of `mnl_nlmsg_ok`, which holds the buffer length and
is compared to the size of the object expected to fit into the buffer,
is signed because the function validates the length, and it can be
negative in the case of malformed messages. Comparing it to unsigned
operands used to lead to compiler warnings:
msg.c: In function 'mnl_nlmsg_ok':
msg.c:136: warning: comparison between signed and unsigned
msg.c:138: warning: comparison between signed and unsigned
and so commit 73661922bc3b ("fix warning in compilation due to different
signess") added casts of the unsigned operands to `int`. However, the
comparison to `nlh->nlmsg_len`:
(int)nlh->nlmsg_len <= len
is problematic, since `nlh->nlmsg_len` is of type `__u32` and so may
hold values greater than `INT_MAX`. In the case where `len` is positive
and `nlh->nlmsg_len` is greater than `INT_MAX`, the cast will yield a
negative value and `mnl_nlmsg_ok` will incorrectly return true.
Instead, assign `len` to an unsigned local variable, check for a
negative value first, then use the unsigned local for the other
comparisons, and remove the casts.
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1691
Fixes: 73661922bc3b ("fix warning in compilation due to different signess")
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Ensure that rtnl-link-can example compiles in any installation. These
headers are not installed in the system.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
| |
The patch adds and modifies the .gitignore files to hide all the
examples generated by the compilation.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
I developed this application to test the Linux kernel series referenced below.
I could not use the iproute2 package since the microcontroller is without MMU.
On suggestion of the Linux CAN subsystem maintainer I decided to upstream it.
Cc: Marc Kleine-Budde <mkl@pengutronix.de>
Link: https://marc.info/?l=linux-netdev&m=167999323611710&w=2
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
| |
"allows to" -> "allows ${pronoun} to". We use "you" if that appears in context,
"one" otherwise.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Use a more modern alternative to bzip2.
Suggested-by: Jan Engelhardt <jengelh@inai.de>
Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
|
|
|
|
|
| |
We use `$(SHELL)` to run the script and exec bash if `$(SHELL)` is something
else. We don't hard-code the path to bash.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
| |
Now that the `INPUT` directory is correct, we can update `OUTPUT_DIRECTORY` to
`.` and we don't need to cd out of the doxygen directory to run doxygen.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
| |
It avoids the need to move src directories in doxygen/Makefile.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
| |
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
| |
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
|
| |
This locates bash according to its presence in the PATH, not at a
hard-coded path which may not exist or may not be the most suitable bash
to use.
Signed-off-by: Mark Mentovai <mark@mentovai.com>
Acked-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
|
| |
Update the function comments in lib/attr.c to use the \return notation,
which produces better man page output.
Suggested-by: Duncan Roe <duncan.roe2@gmail.com>
Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
Acked-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Check isatty() to skip colors for non-terminals.
Add mnl_fprintf_attr_color() and mnl_fprintf_attr_raw() helper function.
Joint work with Pablo.
Signed-off-by: Kerin Millar <kfm@plushkava.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The request to dump neighbours was attaching a generic route message
header but the proper header (used by iproute2) is to use ndmsg.
The original way works but better to format the message as a
neighbour request.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Put the diagram in a *verbatim* block (like all the other diagrams)
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
./configure
Also fix bogus "Doxygen not found ..." warning if --without-doxygen given
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There used to be 3 things in doxygen/Makefile.am that developers had to update:
1. The dependency list (i.e. all C sources)
2. The setgroup lines, which renamed each module man page to be the page for the
first described function. setgroup also set the target for:
3. The add2group lines, which symlinked pages for other documented functions
in the group.
The new system eliminates all of the above.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Repeat what we did for libnetfilter_queue:
- New makefile in doxygen directory. Rebuilds documentation if any sources
change that contain doxygen comments:
- Renames each group man page to the first function listed therein
- Creates symlinks for subsequently listed functions
- Deletes _* temp files and moves sctruct-describing man pages to man7
- Update top-level makefile to visit new subdir doxygen
- Update top-level configure to only build documentation if doxygen installed
- Add --with/without-doxygen switch
- Check whether dot is available when configuring doxygen
- Reduce size of doxygen.cfg and doxygen build o/p
- `make distcheck` passes with doxygen enabled
Aditionally, exclude opaque structs mnl_nlmsg_batch & mnl_socket
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Old link no longer worked.
Also upgraded it to https.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add definition to recommend a new buffer size for netlink dumps.
Details are available here:
commit d35c99ff77ecb2eb239731b799386f3b3637a31e
Author: Eric Dumazet <edumazet@google.com>
Date: Thu Oct 6 04:13:18 2016 +0900
netlink: do not enter direct reclaim from netlink_dump()
iproute2 is using 32 KBytes buffer in netlink dumps to speed up netlink
dumps for a while. Let's recommend this buffer size through this new
definition. Update examples too.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Add input filter to remove the internal EXPORT_SYMBOL macro that turns
on the compiler visibility attribute.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Duncan Roe <duncan_roe@optusnet.com.au>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This corrects an oddity in the web doco (and presumably in the man pages as
well) whereby "Netlink message batch helpers" was showing up as a sub-topic of
"Netlink message helpers".
This was included in my original (rejected) patch "Enable doxygen to generate
Function Documentation" with a comment "(didn't think it warrantied an extra
patch)" - clearly wrong
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently clang requires EXPORT_SYMBOL() to be above the function
implementation. At the same time doxygen is not generating the proper
documentation because of that.
This patch solves that problem but EXPORT_SYMBOL looks less like the Linux
kernel way exporting symbols.
Reported-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
This patch avoids some LOCs duplication.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Use 80 characters per line limit.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Use NDA_MAX for neigh maximum attributes instead of IFA_MAX,
which is only for interfaces.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
Adding ARP example in order to dump the info in the form:
index=<interface> family=<family> dst=<destination ip> lladdr=<mac address> state=<arp status>
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sergei Trofimovich reports 'uninitialized bytes' warnings from nftables:
Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
at 0x55B9EFB: sendmsg (in /lib64/libc-2.25.so)
by 0x43E658: mnl_nft_socket_sendmsg (mnl.c:239)
by 0x43E658: mnl_batch_talk (mnl.c:254)
by 0x407898: nft_netlink (libnftables.c:58)
by 0x407898: nft_run (libnftables.c:96)
by 0x407CD5: nft_run_cmd_from_buffer (libnftables.c:291)
by 0x406EDE: main (main.c:274)
This is harmless, the uninitialized memory is the padding
that sometimes needs to be inserted between end of an attribute
and the beginning of the new attribute.
Zero it to silence memory sanitizer output.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
The example about addresses uses link attributes when it meant to use
address attributes.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Users of mnl_cb_run2() would typically pass a 'static const' array as
cb_ctl_array parameter. Unfortunately this triggers a compiler warning
because the prototype doesn't declare cb_ctl_array with the 'const'
qualifier.
Since mnl_cb_run2() and __mnl_cb_run() don't modify cb_ctl_array (and
don't have any reason to do so in the future), we can mark this
parameter as 'const'.
There should be no impact on existing users beyond removing the
compiler warning when using a constant array.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
On musl libc, sys/select.h is where FD_* definitions are located.
Signed-off-by: Kylie McClain <somasis@exherbo.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Place the returned value, function name and parameters (as many as can
fit) in the same line.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When compiling with clang, the visibility attributes are ignored
since they are after the definition of the exported function.
Fix this by moving the attribute declaration before the function.
attr.c:439:1: error: attribute declaration must precede definition [-Werror,-Wignored-attributes]
EXPORT_SYMBOL(mnl_attr_put_u8);
^
./internal.h:7:41: note: expanded from macro 'EXPORT_SYMBOL'
^
./internal.h:6:35: note: expanded from macro '__visible'
^
attr.c:435:6: note: previous definition is here
void mnl_attr_put_u8(struct nlmsghdr *nlh, uint16_t type, uint8_t data)
^
Signed-off-by: Peter Foley <pefoley2@pefoley.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It makes more sense to use isprint() than isalnum() because we use non
alphanumeric characters like '%', '_', etc. And, in case of non
printable character, print a space is preferable to print a NULL (0) in
order to keep alignment.
Before:
...
|00012|--|00002| |len |flags| type|
| 5f 5f 73 65 | | data | s e
| 74 25 64 00 | | data | t d
...
After:
...
|00012|--|00002| |len |flags| type|
| 5f 5f 73 65 | | data | _ _ s e
| 74 25 64 00 | | data | t % d
...
Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Define mnl_socket_open2() so that user can pass a set of SOCK_* flags
at socket creation time.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
This is defined in <linux/types.h>, which is included by the nfnetlink_* header
files.
Thus, we can get rid of u_int64_t which causes problems to musl according to
Felix Janda.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Felix Janda <felix.janda@posteo.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
The sysconf(_SC_PAGESIZE) call is more portable since it does not need
_BSD_SOURCE defined.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
mnl_attr_next(): remove unused param - len
Signed-off-by: Hisao Tanabe <xtanabe@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
| |
mnl_attr_ok(): fix return value type
mnl_attr_put_u8(): remove unused param - len
mnl_attr_put_u8_check(): remove unused param - len
mnl_nlmsg_ok(): fix return value type
mnl_nlmsg_batch_stop(): not return batch size, but release it
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
| |
This patch defines a new function mnl_socket_fdopen() which creates a
struct mnl_socket object from a pre-existing socket like obtained from
other process and different domain/type from the same prodess.
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
The parameters where accidentally swapped.
Reported-by: Chris Rapier <rapier@psc.edu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes compilation in Debian Squeeze:
CC attr.lo
In file included from ../include/libmnl/libmnl.h:9,
from socket.c:10:
../include/linux/netlink.h:35: error: expected specifier-qualifier-list before ‘__kernel_sa_family_t’
In file included from ../include/libmnl/libmnl.h:9,
from callback.c:11:
../include/linux/netlink.h:35: error: expected specifier-qualifier-list before ‘__kernel_sa_family_t’
socket.c: In function ‘mnl_socket_get_portid’:
socket.c:102: error: ‘const struct sockaddr_nl’ has no member named ‘nl_pid’
socket.c: In function ‘mnl_socket_bind’:
socket.c:146: error: ‘struct sockaddr_nl’ has no member named ‘nl_family’
socket.c:147: error: ‘struct sockaddr_nl’ has no member named ‘nl_groups’
socket.c:148: error: ‘struct sockaddr_nl’ has no member named ‘nl_pid’
socket.c:163: error: ‘struct sockaddr_nl’ has no member named ‘nl_family’
socket.c: In function ‘mnl_socket_sendto’:
socket.c:184: error: unknown field ‘nl_family’ specified in initializer
socket.c:185: warning: excess elements in struct initializer
socket.c:185: warning: (near initialization for ‘snl’)
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
instead of raw setsockopt()
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
| |
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
| |
show entry in oneline and RTA_PRIORITY
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|