| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Put the diagram in a *verbatim* block (like all the other diagrams)
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
./configure
Also fix bogus "Doxygen not found ..." warning if --without-doxygen given
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There used to be 3 things in doxygen/Makefile.am that developers had to update:
1. The dependency list (i.e. all C sources)
2. The setgroup lines, which renamed each module man page to be the page for the
first described function. setgroup also set the target for:
3. The add2group lines, which symlinked pages for other documented functions
in the group.
The new system eliminates all of the above.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Repeat what we did for libnetfilter_queue:
- New makefile in doxygen directory. Rebuilds documentation if any sources
change that contain doxygen comments:
- Renames each group man page to the first function listed therein
- Creates symlinks for subsequently listed functions
- Deletes _* temp files and moves sctruct-describing man pages to man7
- Update top-level makefile to visit new subdir doxygen
- Update top-level configure to only build documentation if doxygen installed
- Add --with/without-doxygen switch
- Check whether dot is available when configuring doxygen
- Reduce size of doxygen.cfg and doxygen build o/p
- `make distcheck` passes with doxygen enabled
Aditionally, exclude opaque structs mnl_nlmsg_batch & mnl_socket
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Old link no longer worked.
Also upgraded it to https.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add definition to recommend a new buffer size for netlink dumps.
Details are available here:
commit d35c99ff77ecb2eb239731b799386f3b3637a31e
Author: Eric Dumazet <edumazet@google.com>
Date: Thu Oct 6 04:13:18 2016 +0900
netlink: do not enter direct reclaim from netlink_dump()
iproute2 is using 32 KBytes buffer in netlink dumps to speed up netlink
dumps for a while. Let's recommend this buffer size through this new
definition. Update examples too.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Add input filter to remove the internal EXPORT_SYMBOL macro that turns
on the compiler visibility attribute.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Duncan Roe <duncan_roe@optusnet.com.au>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This corrects an oddity in the web doco (and presumably in the man pages as
well) whereby "Netlink message batch helpers" was showing up as a sub-topic of
"Netlink message helpers".
This was included in my original (rejected) patch "Enable doxygen to generate
Function Documentation" with a comment "(didn't think it warrantied an extra
patch)" - clearly wrong
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently clang requires EXPORT_SYMBOL() to be above the function
implementation. At the same time doxygen is not generating the proper
documentation because of that.
This patch solves that problem but EXPORT_SYMBOL looks less like the Linux
kernel way exporting symbols.
Reported-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
This patch avoids some LOCs duplication.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Use 80 characters per line limit.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Use NDA_MAX for neigh maximum attributes instead of IFA_MAX,
which is only for interfaces.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
Adding ARP example in order to dump the info in the form:
index=<interface> family=<family> dst=<destination ip> lladdr=<mac address> state=<arp status>
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sergei Trofimovich reports 'uninitialized bytes' warnings from nftables:
Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
at 0x55B9EFB: sendmsg (in /lib64/libc-2.25.so)
by 0x43E658: mnl_nft_socket_sendmsg (mnl.c:239)
by 0x43E658: mnl_batch_talk (mnl.c:254)
by 0x407898: nft_netlink (libnftables.c:58)
by 0x407898: nft_run (libnftables.c:96)
by 0x407CD5: nft_run_cmd_from_buffer (libnftables.c:291)
by 0x406EDE: main (main.c:274)
This is harmless, the uninitialized memory is the padding
that sometimes needs to be inserted between end of an attribute
and the beginning of the new attribute.
Zero it to silence memory sanitizer output.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
The example about addresses uses link attributes when it meant to use
address attributes.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Users of mnl_cb_run2() would typically pass a 'static const' array as
cb_ctl_array parameter. Unfortunately this triggers a compiler warning
because the prototype doesn't declare cb_ctl_array with the 'const'
qualifier.
Since mnl_cb_run2() and __mnl_cb_run() don't modify cb_ctl_array (and
don't have any reason to do so in the future), we can mark this
parameter as 'const'.
There should be no impact on existing users beyond removing the
compiler warning when using a constant array.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
On musl libc, sys/select.h is where FD_* definitions are located.
Signed-off-by: Kylie McClain <somasis@exherbo.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Place the returned value, function name and parameters (as many as can
fit) in the same line.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When compiling with clang, the visibility attributes are ignored
since they are after the definition of the exported function.
Fix this by moving the attribute declaration before the function.
attr.c:439:1: error: attribute declaration must precede definition [-Werror,-Wignored-attributes]
EXPORT_SYMBOL(mnl_attr_put_u8);
^
./internal.h:7:41: note: expanded from macro 'EXPORT_SYMBOL'
^
./internal.h:6:35: note: expanded from macro '__visible'
^
attr.c:435:6: note: previous definition is here
void mnl_attr_put_u8(struct nlmsghdr *nlh, uint16_t type, uint8_t data)
^
Signed-off-by: Peter Foley <pefoley2@pefoley.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It makes more sense to use isprint() than isalnum() because we use non
alphanumeric characters like '%', '_', etc. And, in case of non
printable character, print a space is preferable to print a NULL (0) in
order to keep alignment.
Before:
...
|00012|--|00002| |len |flags| type|
| 5f 5f 73 65 | | data | s e
| 74 25 64 00 | | data | t d
...
After:
...
|00012|--|00002| |len |flags| type|
| 5f 5f 73 65 | | data | _ _ s e
| 74 25 64 00 | | data | t % d
...
Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Define mnl_socket_open2() so that user can pass a set of SOCK_* flags
at socket creation time.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
This is defined in <linux/types.h>, which is included by the nfnetlink_* header
files.
Thus, we can get rid of u_int64_t which causes problems to musl according to
Felix Janda.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Felix Janda <felix.janda@posteo.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
The sysconf(_SC_PAGESIZE) call is more portable since it does not need
_BSD_SOURCE defined.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
mnl_attr_next(): remove unused param - len
Signed-off-by: Hisao Tanabe <xtanabe@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
| |
mnl_attr_ok(): fix return value type
mnl_attr_put_u8(): remove unused param - len
mnl_attr_put_u8_check(): remove unused param - len
mnl_nlmsg_ok(): fix return value type
mnl_nlmsg_batch_stop(): not return batch size, but release it
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
|
| |
This patch defines a new function mnl_socket_fdopen() which creates a
struct mnl_socket object from a pre-existing socket like obtained from
other process and different domain/type from the same prodess.
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
The parameters where accidentally swapped.
Reported-by: Chris Rapier <rapier@psc.edu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes compilation in Debian Squeeze:
CC attr.lo
In file included from ../include/libmnl/libmnl.h:9,
from socket.c:10:
../include/linux/netlink.h:35: error: expected specifier-qualifier-list before ‘__kernel_sa_family_t’
In file included from ../include/libmnl/libmnl.h:9,
from callback.c:11:
../include/linux/netlink.h:35: error: expected specifier-qualifier-list before ‘__kernel_sa_family_t’
socket.c: In function ‘mnl_socket_get_portid’:
socket.c:102: error: ‘const struct sockaddr_nl’ has no member named ‘nl_pid’
socket.c: In function ‘mnl_socket_bind’:
socket.c:146: error: ‘struct sockaddr_nl’ has no member named ‘nl_family’
socket.c:147: error: ‘struct sockaddr_nl’ has no member named ‘nl_groups’
socket.c:148: error: ‘struct sockaddr_nl’ has no member named ‘nl_pid’
socket.c:163: error: ‘struct sockaddr_nl’ has no member named ‘nl_family’
socket.c: In function ‘mnl_socket_sendto’:
socket.c:184: error: unknown field ‘nl_family’ specified in initializer
socket.c:185: warning: excess elements in struct initializer
socket.c:185: warning: (near initialization for ‘snl’)
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
instead of raw setsockopt()
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
| |
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
| |
show entry in oneline and RTA_PRIORITY
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
| |
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
| |
not increment (nlmsghdr) pointer
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
| |
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
| |
Florian adviced rtnl-route-event.c has same problem
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
| |
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Thomas reports that g++ forces you to enable C++11 mode if
you want to use <cstdint>. Tested with g++ (GCC) 4.4.4. He
reports that this compiles fine without the special headers.
So let's get rid of them. This reverts bb8c40e.
Reported-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Tested-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
|
|
|
|
|
|
|
|
| |
This patch adds the skeleton code for a daemon that collects statistics
via ctnetlink. Consider it a simplified version of ulogd2. It also
contains some documentation on several interesting tweaks.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
To ensure that examples compile in any installation. This header
is not installed in the system.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
|
| |
If present in the route message, otherwise simply skip it.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
| |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
So you can compile rtnl-route-event via `make check'
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|