70e212f913
Implements TTL security for OSPF and RIP.
...
Interfaces for OSPF and RIP could be configured to use (and request)
TTL 255 for traffic to direct neighbors.
Thanks to Simon Dickhoven for the original patch for RIPng.
2013-06-25 15:39:44 +02:00
ef4a50be10
Better packet priority and traffic class handling.
...
Implements support for IPv6 traffic class, sets higher priority for OSPF
and RIP outgoing packets by default and allows to configure ToS/DS/TClass
IP header field and the local priority of outgoing packets.
2013-06-24 16:37:30 +02:00
a92cf57dd6
Implements undo command and optional timeout for configuration
...
Several new configure command variants:
configure undo - undo last reconfiguration
configure timeout - configure with scheduled undo if not confirmed in timeout
configure confirm - confirm last configuration
configure check - just parse and validate config file
2012-12-26 12:40:48 +01:00
cf98be7b67
Allows rejected routes to be kept and examined.
...
When 'import keep rejected' protocol option is activated, routes
rejected by the import filter are kept in the routing table, but they
are hidden and not propagated to other protocols. It is possible to
examine them using 'show route rejected'.
2012-11-10 14:26:13 +01:00
0343d066da
Fixes a bug in primary IP selection.
2012-08-29 12:42:49 +02:00
c4b76d7b19
Rename sk_new() to avoid name collision with OpenSSL.
2012-07-18 19:35:30 +02:00
4be266a983
Implements wildcard matching in config file include.
...
Also fixes some minor bugs in include.
Thanks Kelly Cochran for suggestion and draft patch.
2012-07-18 19:29:33 +02:00
e14bd38087
Fixes flushing of device routes.
2012-05-03 14:04:56 +02:00
ab188fb76d
Implements build options to specify socket dir and suffix.
2012-05-03 12:25:15 +02:00
7a2c48dafc
Cleanup in sysdep KRT code, part 3.
...
Just one more renaming, old krt_set_notify() to krt_replace_rte().
2012-04-30 22:34:06 +02:00
f1aceff59b
Cleanup in sysdep KRT code, part 2.
...
Remove support for historic Linux kernels,
merge krt-iface, krt-set and krt-scan stub headers.
2012-04-30 22:25:24 +02:00
396dfa9042
Cleanup in sysdep KRT code, part 1.
...
OS-dependent functions renamed to be more consistent,
prepared to merge krt-set and krt-scan headers.
Name changes:
struct krt_if_params -> struct kif_params
struct krt_if_status -> struct kif_status
struct krt_set/scan_params -> struct krt_params
struct krt_set/scan_status -> struct krt_status
krt_if_params_same -> kif_sys_reconfigure
krt_if_copy_params -> kif_sys_copy_config
krt_set/scan_params_same -> krt_sys_reconfigure
krt_set/scan_copy_params -> krt_sys_copy_config
krt_if_scan -> kif_do_scan
krt_set_notify -> krt_do_notify
krt_scan_fire -> krt_do_scan
krt_if_ -> kif_sys_
krt_scan_ -> krt_sys_
krt_set_ -> krt_sys_
2012-04-30 15:31:32 +02:00
ebecb6f6a1
Implements generalized import hooks.
...
Thanks to Alexander V. Chernikov for the original patch.
2012-04-15 15:28:29 +02:00
ae8b300164
Merge commit 'origin/master'
2012-04-15 15:15:05 +02:00
ed7c4b0cd5
Small bugfix in error message related to reconfiguration.
2012-04-09 14:19:28 +02:00
bf2abe2f51
Merge branch 'soon'
...
Conflicts:
nest/proto.c
nest/rt-table.c
2012-03-30 11:04:12 +02:00
c9df01d321
Fixes several minor bugs in kernel syncer.
2012-03-25 19:44:14 +02:00
9ba2798c65
Adds krt_metric linux route attribute.
2012-03-23 17:22:13 +01:00
72aed1a00b
Adds krt_source route attribute.
...
Thanks Jeremie Dimino for the original patch.
2012-03-23 00:26:26 +01:00
df27911880
Fixes problem with dirname().
...
Thanks Henrique de Moraes Holschuh for the original patch.
2012-03-19 13:00:00 +01:00
af582c4811
Route Origin Authorization basics.
...
- ROA tables, which are used as a basic part for RPKI.
- Commands for examining and modifying ROA tables.
- Filter operators based on ROA tables consistent with RFC 6483.
2012-03-18 17:32:30 +01:00
46c1a583a5
Fixes a bug causing crash during soft reconfiguration of export to kernel proto.
2012-02-03 11:50:51 +01:00
39c028e9e9
Assign default protocol preference via proto_config_new().
...
The patch from Alexander V. Chernikov.
2012-01-24 11:31:00 +01:00
09686693d3
Implements handling of BSD iface arrival/departure notifications.
...
Thanks to Alexander V. Chernikov for original patch.
2012-01-23 03:15:12 +01:00
d7f469c15c
Some minor fixes.
2012-01-09 02:41:13 +01:00
eb1451a3a0
Better support for link-local addresses in IO code.
2012-01-08 15:27:04 +01:00
a7f23f581f
Implements protocol templates.
...
Based on the patch from Alexander V. Chernikov.
Extended to support almost all protocols.
Uses 'protocol bgp NAME from TEMPLATE { ... }' syntax.
2011-11-07 00:31:23 +01:00
9b7fdfc84a
Fixes for include.
2011-10-10 01:41:08 +02:00
32f95476a8
Signal problems with route installation to kernel tables.
2011-10-06 22:48:49 +02:00
48ec367aab
Configuration can include other files.
2011-09-11 21:21:47 +02:00
b1b1943360
The generalized TTL security mechanism (RFC 5082) support.
...
Thanks to Alexander V. Chernikov for the patch.
2011-08-16 23:13:05 +02:00
beeda6af44
Removes timers for stub interfaces. Also fixes some minor bugs.
2011-07-08 01:14:52 +02:00
e8b89a6104
Update and document the privilege restriction.
2011-05-15 16:29:44 +02:00
1bc2695744
Allows run with restricted privileges.
...
Adds option -u and -g to specify user and group.
When different user (than root) is specified,
linux capabilities CAP_NET_* are kept.
2011-05-10 02:42:17 +02:00
acc93efd4c
Use constants from /etc/iproute2/rt_* files.
2011-04-28 00:31:37 +02:00
71ca77169d
Adds support for several Linux kernel route attributes.
2011-04-13 12:32:27 +02:00
52a43ae3b7
Minor changes in addresses.
...
Mainly changes IA_UNNUMBERED to IA_PEER and adds IA_HOST. Also do not
show broadcast addr in show interfaces. Nobody cares for that.
2011-03-28 22:46:18 +02:00
d0e9b36d30
Added header file.
2011-03-23 17:15:11 +01:00
93e868c730
Implements Router Advertisement protocol.
2011-03-13 11:33:50 +01:00
f25cb0ef9f
Implements link state detection.
...
Also changes some symbol names (IFF_ADMIN_DOWN -> IFF_SHUTDOWN,
IFF_LINK_UP -> IFF_ADMIN_UP).
2010-11-11 10:03:02 +01:00
0d1b3c4c0e
Changes print-like filter commands to use a log instead of a stderr.
...
And extends the log subsystem to better handle that.
2010-09-20 13:01:01 +02:00
f428631cd6
Ignore warning when BGP peer is unreachable.
2010-08-03 01:12:43 +02:00
f038f0a638
Fixes missing check in reconfiguration.
2010-07-12 21:39:10 +02:00
9be9a26413
Implements proper multihop BGP.
...
Also does some incompatible changes to config file syntax,
like removing 'via IP' from multihop option.
2010-07-12 17:39:39 +02:00
acb60628f5
Implements command that shows memory usage.
2010-06-02 22:20:40 +02:00
002b642318
Fixes bug on Linux 2.4.x - kernel sync does not work until restart of kernel protocol.
...
Which was, actually, a bug in timers - on older kernel, monotonic timer
is missing and the other implementation started with now == 0, which
collides with usage 0 as a special value in timer->expires field.
2010-05-21 12:00:53 +02:00
475977242a
Handle EPIPE as a common connection close event.
2010-05-14 16:54:39 +02:00
ba32170657
Better support for /31 networks.
2010-04-28 00:39:57 +02:00
607d991424
Fixes build on newer Linux systems.
2010-04-14 15:35:08 +02:00
dcc6049444
Fixes IPv6 build on older systems.
2010-04-14 14:46:21 +02:00
