matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
3,919 Commits 5 Branches 108 Tags 7.5 MiB
C 91.1%
C++ 5.9%
Shell 2.1%
Makefile 0.5%
Yacc 0.2%
Go to file
Eyal Birger dd29621578 tc: add em_ipt ematch for calling xtables matches from tc matching context 
The commit calls a new tc ematch for using netfilter xtable matches.

This allows early classification as well as mirroning/redirecting traffic
based on logic implemented in netfilter extensions.

Current supported use case is classification based on the incoming IPSec
state used during decpsulation using the 'policy' iptables extension
(xt_policy).

The matcher uses libxtables for parsing the input parameters.

Example use for matching an IPSec state with reqid 1:

tc qdisc add dev eth0 ingress
tc filter add dev eth0 protocol ip parent ffff: \
    basic match 'ipt(-m policy --dir in --pol ipsec --reqid 1)' \
    action drop

This is the user-space counter part of kernel commit ccc007e4a746
("net: sched: add em_ipt ematch for calling xtables matches")

Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
 		2018-02-27 09:43:16 -08:00
bash-completion tc: bash-completion: add missing 'classid' keyword 2017-12-12 12:11:37 -08:00
bridge ip: always print interface name in color 2018-02-21 08:42:04 -08:00
devlink devlink: Ignore unknown attributes 2018-01-18 16:30:36 -08:00
doc/actions doc: drop old ip command documentation 2017-09-29 10:51:02 -07:00
etc/iproute2 tc: add em_ipt ematch for calling xtables matches from tc matching context 2018-02-27 09:43:16 -08:00
examples SPDX license identifiers 2017-11-24 12:21:35 -08:00
genl SPDX license identifiers 2017-11-24 12:21:35 -08:00
include Import tc_em_ipt.h from kernel at commit 08009a760213 2018-02-27 09:42:23 -08:00
ip ip link: add json support for tun attributes 2018-02-26 09:28:16 -08:00
lib ip: always print interface name in color 2018-02-21 08:42:04 -08:00
man tc: add em_ipt ematch for calling xtables matches from tc matching context 2018-02-27 09:43:16 -08:00
misc ss: print skmeminfo for packet sockets 2018-02-22 14:45:27 -08:00
netem SPDX license identifiers 2017-11-24 12:21:35 -08:00
rdma rdma: Add batch command support 2018-02-22 14:44:46 -08:00
schema bridge: add json schema for bridge fdb show 2016-07-20 12:02:02 -07:00
tc tc: add em_ipt ematch for calling xtables matches from tc matching context 2018-02-27 09:43:16 -08:00
testsuite tests: make sure rand_dev suffix has 6 chars 2018-01-10 08:29:51 -08:00
tipc devlink, rdma, tipc: properly define TARGETS without HAVE_MNL 2018-01-05 16:32:17 -08:00
.gitignore Remove leftovers from removed Latex documentation 2018-02-13 16:43:19 -08:00
COPYING Update address of FSF in license 2008-03-08 13:31:03 -08:00
Makefile lib: Correct object file dependencies 2018-02-16 08:14:18 -08:00
README README: update location of git repositories, remove broken info link 2018-02-13 16:42:51 -08:00
README.decnet Decnet documentation update 2005-06-13 18:47:56 +00:00
README.devel README: update location of git repositories, remove broken info link 2018-02-13 16:42:51 -08:00
README.distribution README cleanup's 2012-01-03 15:04:55 -08:00
README.iproute2+tc tc, bpf: finalize eBPF support for cls and act front-end 2015-04-10 13:31:19 -07:00
README.lnstat Rename: misc/README.lnstat -> README.lnstat 2004-10-19 20:24:47 +00:00
configure Remove leftovers from removed Latex documentation 2018-02-13 16:43:19 -08:00

README 

This is a set of utilities for Linux networking.

Download:
    http://www.kernel.org/pub/linux/utils/net/iproute2/

Stable version repository:
    git://git.kernel.org/pub/scm/network/iproute2/iproute2.git

Development repository:
    git://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git

How to compile this.
--------------------
1. libdbm

arpd needs to have the db4 development libraries. For Debian
users this is the package with a name like libdb4.x-dev.
DBM_INCLUDE points to the directory with db_185.h which
is the include file used by arpd to get to the old format Berkeley
database routines.  Often this is in the db-devel package.

2. make

The makefile will automatically build a config.mk file which
contains definitions of libraries that may or may not be available
on the system such as: ATM, ELF, MNL, and SELINUX.

3. To make documentation, cd to doc/ directory , then
   look at start of Makefile and set correct values for
   PAGESIZE=a4		, ie: a4 , letter ...	(string)
   PAGESPERPAGE=2	, ie: 1 , 2 ...		(numeric)
   and make there. It assumes, that latex, dvips and psnup
   are in your path.

4. This package includes matching sanitized kernel headers because
   the build environment may not have up to date versions. See Makefile
   if you have special requirements and need to point at different
   kernel include files.

Stephen Hemminger
stephen@networkplumber.org

Alexey Kuznetsov
kuznet@ms2.inr.ac.ru