Ondrej Zajicek
354496ace8
Some fixes for TTL security.
2013-07-11 13:50:44 +02:00
Ondrej Zajicek
c01a94663c
Implements multiple routing table support for FreeBSD and OpenBSD.
...
Inspired by the patch from Alexander V. Chernikov.
2013-07-07 12:11:42 +02:00
Ondrej Zajicek
c6964c305b
Makes krt.c much more readable.
2013-07-04 18:02:22 +02:00
Ondrej Zajicek
70e212f913
Implements TTL security for OSPF and RIP.
...
Interfaces for OSPF and RIP could be configured to use (and request)
TTL 255 for traffic to direct neighbors.
Thanks to Simon Dickhoven for the original patch for RIPng.
2013-06-25 15:39:44 +02:00
Ondrej Zajicek
ef4a50be10
Better packet priority and traffic class handling.
...
Implements support for IPv6 traffic class, sets higher priority for OSPF
and RIP outgoing packets by default and allows to configure ToS/DS/TClass
IP header field and the local priority of outgoing packets.
2013-06-24 16:37:30 +02:00
Ondrej Zajicek
9810d05562
Fixes problems with routing table scans on some platforms.
...
Negative bit shifts are definitely undefined oprations.
2013-05-28 10:44:44 +02:00
Ondrej Zajicek
a2017200c7
NEWS and version update.
2013-04-29 22:33:50 +02:00
Ondrej Zajicek
a92cf57dd6
Implements undo command and optional timeout for configuration
...
Several new configure command variants:
configure undo - undo last reconfiguration
configure timeout - configure with scheduled undo if not confirmed in timeout
configure confirm - confirm last configuration
configure check - just parse and validate config file
2012-12-26 12:40:48 +01:00
Ondrej Zajicek
c93c02088a
NEWS and version update.
2012-11-16 13:30:54 +01:00
Ondrej Zajicek
cf98be7b67
Allows rejected routes to be kept and examined.
...
When 'import keep rejected' protocol option is activated, routes
rejected by the import filter are kept in the routing table, but they
are hidden and not propagated to other protocols. It is possible to
examine them using 'show route rejected'.
2012-11-10 14:26:13 +01:00
Ondrej Zajicek
0343d066da
Fixes a bug in primary IP selection.
2012-08-29 12:42:49 +02:00
Ondrej Zajicek
094d2bdb79
Implements ADD-PATH extension for BGP.
...
Allows to send and receive multiple routes for one network by one BGP
session. Also contains necessary core changes to support this (routing
tables accepting several routes for one network from one protocol).
It needs some more cleanup before merging to the master branch.
2012-08-14 16:46:43 +02:00
Ondrej Filip
d760229ab8
DragonFly support add - thanks to john@marino.st
2012-08-08 14:10:31 +02:00
Ondrej Zajicek
94e2f1c111
NEWS and version update.
2012-08-07 11:06:57 +02:00
Ondrej Zajicek
c06de722dd
Some minor fixes.
2012-08-06 11:09:13 +02:00
Ondrej Zajicek
c4b76d7b19
Rename sk_new() to avoid name collision with OpenSSL.
2012-07-18 19:35:30 +02:00
Ondrej Zajicek
4be266a983
Implements wildcard matching in config file include.
...
Also fixes some minor bugs in include.
Thanks Kelly Cochran for suggestion and draft patch.
2012-07-18 19:29:33 +02:00
Ondrej Zajicek
47c447c42e
Minor cleanups.
2012-05-11 12:10:21 +02:00
Ondrej Zajicek
95616c8202
Cleanup in sysdep KRT code, part 4.
...
Adding some files that was accidentally removed
(instead of moved) in cleanup part 2.
2012-05-04 16:38:25 +02:00
Ondrej Zajicek
e14bd38087
Fixes flushing of device routes.
2012-05-03 14:04:56 +02:00
Ondrej Zajicek
ab188fb76d
Implements build options to specify socket dir and suffix.
2012-05-03 12:25:15 +02:00
Ondrej Zajicek
7a2c48dafc
Cleanup in sysdep KRT code, part 3.
...
Just one more renaming, old krt_set_notify() to krt_replace_rte().
2012-04-30 22:34:06 +02:00
Ondrej Zajicek
f1aceff59b
Cleanup in sysdep KRT code, part 2.
...
Remove support for historic Linux kernels,
merge krt-iface, krt-set and krt-scan stub headers.
2012-04-30 22:25:24 +02:00
Ondrej Zajicek
396dfa9042
Cleanup in sysdep KRT code, part 1.
...
OS-dependent functions renamed to be more consistent,
prepared to merge krt-set and krt-scan headers.
Name changes:
struct krt_if_params -> struct kif_params
struct krt_if_status -> struct kif_status
struct krt_set/scan_params -> struct krt_params
struct krt_set/scan_status -> struct krt_status
krt_if_params_same -> kif_sys_reconfigure
krt_if_copy_params -> kif_sys_copy_config
krt_set/scan_params_same -> krt_sys_reconfigure
krt_set/scan_copy_params -> krt_sys_copy_config
krt_if_scan -> kif_do_scan
krt_set_notify -> krt_do_notify
krt_scan_fire -> krt_do_scan
krt_if_ -> kif_sys_
krt_scan_ -> krt_sys_
krt_set_ -> krt_sys_
2012-04-30 15:31:32 +02:00
Ondrej Zajicek
3589546af4
Merge commit 'origin/master'
2012-04-24 23:37:01 +02:00
Ondrej Zajicek
334a0ed24d
Fixes missing device attributes when exporting routes to kernel.
...
Thanks to Howden Nick for the bugreport.
2012-04-21 11:00:23 +02:00
Ondrej Filip
f93e6f338e
Small clean up in debug texts
2012-04-19 17:14:16 +02:00
Ondrej Zajicek
ebecb6f6a1
Implements generalized import hooks.
...
Thanks to Alexander V. Chernikov for the original patch.
2012-04-15 15:28:29 +02:00
Ondrej Zajicek
ae8b300164
Merge commit 'origin/master'
2012-04-15 15:15:05 +02:00
Ondrej Filip
ed7c4b0cd5
Small bugfix in error message related to reconfiguration.
2012-04-09 14:19:28 +02:00
Ondrej Zajicek
bf2abe2f51
Merge branch 'soon'
...
Conflicts:
nest/proto.c
nest/rt-table.c
2012-03-30 11:04:12 +02:00
Ondrej Zajicek
c9df01d321
Fixes several minor bugs in kernel syncer.
2012-03-25 19:44:14 +02:00
Ondrej Zajicek
9ba2798c65
Adds krt_metric linux route attribute.
2012-03-23 17:22:13 +01:00
Ondrej Zajicek
72aed1a00b
Adds krt_source route attribute.
...
Thanks Jeremie Dimino for the original patch.
2012-03-23 00:26:26 +01:00
Ondrej Zajicek
89647357af
NEWS and version update.
2012-03-22 12:29:02 +01:00
Ondrej Zajicek
df27911880
Fixes problem with dirname().
...
Thanks Henrique de Moraes Holschuh for the original patch.
2012-03-19 13:00:00 +01:00
Ondrej Zajicek
af582c4811
Route Origin Authorization basics.
...
- ROA tables, which are used as a basic part for RPKI.
- Commands for examining and modifying ROA tables.
- Filter operators based on ROA tables consistent with RFC 6483.
2012-03-18 17:32:30 +01:00
Ondrej Zajicek
46c1a583a5
Fixes a bug causing crash during soft reconfiguration of export to kernel proto.
2012-02-03 11:50:51 +01:00
Ondrej Zajicek
39c028e9e9
Assign default protocol preference via proto_config_new().
...
The patch from Alexander V. Chernikov.
2012-01-24 11:31:00 +01:00
Ondrej Zajicek
09686693d3
Implements handling of BSD iface arrival/departure notifications.
...
Thanks to Alexander V. Chernikov for original patch.
2012-01-23 03:15:12 +01:00
Ondrej Zajicek
732a0a257d
Fixes problems with creating/removing/renaming ifaces on BSD.
2012-01-23 01:26:40 +01:00
Ondrej Zajicek
b573755df4
Fixes a bug in BSD iface scan.
...
if_update() should be called always, because periodic iface scan code
removes all not-updated ifaces.
2012-01-21 22:41:31 +01:00
Ondrej Zajicek
544f2e1b36
NEWS and version update.
2012-01-20 18:16:35 +01:00
Ondrej Filip
2c5ca47ad4
New version 1.3.5
2012-01-10 13:48:53 +01:00
root
4b3a8ff8c6
Extend buffer for netlink messages.
2012-01-09 16:57:45 +01:00
Ondrej Zajicek
d7f469c15c
Some minor fixes.
2012-01-09 02:41:13 +01:00
Ondrej Zajicek
3f58437405
Fix for IPv6 addresses on non-multiaccess ifaces on BSD.
...
Thanks Matthias Schiffer for the patch.
2012-01-08 16:32:28 +01:00
Ondrej Zajicek
eb1451a3a0
Better support for link-local addresses in IO code.
2012-01-08 15:27:04 +01:00
Ondrej Zajicek
a7f23f581f
Implements protocol templates.
...
Based on the patch from Alexander V. Chernikov.
Extended to support almost all protocols.
Uses 'protocol bgp NAME from TEMPLATE { ... }' syntax.
2011-11-07 00:31:23 +01:00
Ondrej Zajicek
00a124e3fc
NEWS and version update.
2011-10-10 02:33:11 +02:00
Ondrej Zajicek
9b7fdfc84a
Fixes for include.
2011-10-10 01:41:08 +02:00
Ondrej Zajicek
1cb97af419
Extend the error message.
2011-10-09 17:01:01 +02:00
Ondrej Zajicek
32f95476a8
Signal problems with route installation to kernel tables.
2011-10-06 22:48:49 +02:00
Ondrej Filip
48ec367aab
Configuration can include other files.
2011-09-11 21:21:47 +02:00
Ondrej Zajicek
a98995273b
NEWS and version update.
2011-09-04 13:23:26 +02:00
Ondrej Zajicek
cb2b586f00
NetBSD compile fix.
2011-09-04 10:39:10 +02:00
Ondrej Zajicek
b1b1943360
The generalized TTL security mechanism (RFC 5082) support.
...
Thanks to Alexander V. Chernikov for the patch.
2011-08-16 23:13:05 +02:00
Ondrej Zajicek
a209d5d8e1
A minor fix in BSD.
2011-08-15 02:06:56 +02:00
Ondrej Zajicek
42a0c05408
BGP Extended communities.
2011-08-14 13:55:02 +02:00
root
aca0e79faa
Handles missing macro.
2011-07-29 14:52:28 +02:00
Ondrej Zajicek
14272097df
Fixes crash on BSD.
2011-07-28 13:50:02 +02:00
Ondrej Zajicek
c49490f8c0
NEWS and version update.
2011-07-08 08:58:50 +02:00
Ondrej Zajicek
beeda6af44
Removes timers for stub interfaces. Also fixes some minor bugs.
2011-07-08 01:14:52 +02:00
Ondrej Zajicek
e8b89a6104
Update and document the privilege restriction.
2011-05-15 16:29:44 +02:00
Ondrej Zajicek
1bc2695744
Allows run with restricted privileges.
...
Adds option -u and -g to specify user and group.
When different user (than root) is specified,
linux capabilities CAP_NET_* are kept.
2011-05-10 02:42:17 +02:00
Ondrej Zajicek
409e8a6e21
NEWS and version update.
2011-05-02 02:06:03 +02:00
Ondrej Zajicek
acc93efd4c
Use constants from /etc/iproute2/rt_* files.
2011-04-28 00:31:37 +02:00
Ondrej Zajicek
71ca77169d
Adds support for several Linux kernel route attributes.
2011-04-13 12:32:27 +02:00
Ondrej Zajicek
4aef102be1
Fixes KRT sync in BSD.
...
When buffer is too small (because of change between sysctls()),
needed is *not* changed.
2011-04-07 11:42:13 +02:00
Ondrej Zajicek
eb3786e4ea
NEWS and version update.
...
(and minor changes in documentation)
2011-03-30 02:00:56 +02:00
Ondrej Zajicek
83696b3913
Hide 6to4 route warnings.
2011-03-29 02:44:39 +02:00
Ondrej Zajicek
52a43ae3b7
Minor changes in addresses.
...
Mainly changes IA_UNNUMBERED to IA_PEER and adds IA_HOST. Also do not
show broadcast addr in show interfaces. Nobody cares for that.
2011-03-28 22:46:18 +02:00
Ondrej Zajicek
d0e9b36d30
Added header file.
2011-03-23 17:15:11 +01:00
Ondrej Zajicek
93e868c730
Implements Router Advertisement protocol.
2011-03-13 11:33:50 +01:00
Ondrej Zajicek
d32a071da9
Some cleanups in krt_read_ifinfo().
2011-01-08 11:31:12 +01:00
Ondrej Zajicek
dad7ee70c1
Fixes interface names on BSD systems.
2011-01-08 11:22:38 +01:00
Ondrej Zajicek
32b4972834
Multipath support for linux kernel protocol.
2010-12-07 23:36:11 +01:00
Ondrej Zajicek
01427d3f2b
Remove some runaway debug messages and typos.
2010-11-19 18:03:27 +01:00
Ondrej Zajicek
f25cb0ef9f
Implements link state detection.
...
Also changes some symbol names (IFF_ADMIN_DOWN -> IFF_SHUTDOWN,
IFF_LINK_UP -> IFF_ADMIN_UP).
2010-11-11 10:03:02 +01:00
Ondrej Zajicek
0d1b3c4c0e
Changes print-like filter commands to use a log instead of a stderr.
...
And extends the log subsystem to better handle that.
2010-09-20 13:01:01 +02:00
Ondrej Zajicek
f428631cd6
Ignore warning when BGP peer is unreachable.
2010-08-03 01:12:43 +02:00
Ondrej Zajicek
f038f0a638
Fixes missing check in reconfiguration.
2010-07-12 21:39:10 +02:00
Ondrej Zajicek
9be9a26413
Implements proper multihop BGP.
...
Also does some incompatible changes to config file syntax,
like removing 'via IP' from multihop option.
2010-07-12 17:39:39 +02:00
Ondrej Zajicek
cfe34a316e
Implements hostcache and recursive next hops.
...
Hostcache is a structure for monitoring changes in a routing table that
is used for routes with dynamic/recursive next hops. This is needed for
proper iBGP next hop handling.
2010-07-05 17:50:19 +02:00
Ondrej Zajicek
acb60628f5
Implements command that shows memory usage.
2010-06-02 22:20:40 +02:00
Ondrej Zajicek
9ef239946b
NEWS and version update.
2010-05-31 20:41:40 +02:00
Ondrej Zajicek
9b061f7ea5
Minor fixes.
2010-05-28 11:16:39 +02:00
Ondrej Zajicek
691057f033
Support loopback/dummy addresses.
2010-05-26 16:09:22 +02:00
Ondrej Zajicek
87a9abeac9
Fixes interface scan on Linux 2.4.x in IPv6 mode.
2010-05-21 15:17:49 +02:00
Ondrej Zajicek
002b642318
Fixes bug on Linux 2.4.x - kernel sync does not work until restart of kernel protocol.
...
Which was, actually, a bug in timers - on older kernel, monotonic timer
is missing and the other implementation started with now == 0, which
collides with usage 0 as a special value in timer->expires field.
2010-05-21 12:00:53 +02:00
Ondrej Zajicek
475977242a
Handle EPIPE as a common connection close event.
2010-05-14 16:54:39 +02:00
Ondrej Zajicek
ba32170657
Better support for /31 networks.
2010-04-28 00:39:57 +02:00
Ondrej Zajicek
1d44ddf20f
Merge commit 'origin/master' into new
2010-04-21 21:52:10 +02:00
Ondrej Filip
6bc414d619
It seems that prefixes /31 and /127 are valid and used in this strange world.
2010-04-19 16:10:20 +02:00
Ondrej Zajicek
607d991424
Fixes build on newer Linux systems.
2010-04-14 15:35:08 +02:00
Ondrej Zajicek
dcc6049444
Fixes IPv6 build on older systems.
2010-04-14 14:46:21 +02:00
Ondrej Zajicek
d759c1a6f8
NEWS and version update.
2010-04-09 17:42:39 +02:00
Ondrej Zajicek
de14a7c7aa
Ignore routes with next-hop 127.0.0.1 on BSD.
2010-04-09 00:56:47 +02:00
Ondrej Zajicek
a9f380fe83
On BSD, consider unmarked non-device routes as alien.
2010-04-08 18:41:17 +02:00
Ondrej Zajicek
646b24d932
Minor changes.
2010-04-08 17:45:50 +02:00