For ip, tc, and bridge command introduce a new way to enable
automatic colorization via environment variable.
Example:
$ IP_COLOR=auto ip -br show addr
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Add missing brackets and surround brackets by single spaces
in the netem usage string.
Also state the P14 argument as optional.
Signed-off-by: François Michel <francois.michel@uclouvain.be>
Reviewed-by: Donald Hunter <donald.hunter@gmail.com>
Reviewed-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Fixes a misplaced newline in netem's usage string.
Signed-off-by: François Michel <francois.michel@uclouvain.be>
Reviewed-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
When an admin schedule is pending and hasn't yet become operational, the
kernel will report only the parameters of the admin schedule in a nested
TCA_TAPRIO_ATTR_ADMIN_SCHED attribute.
However, we default to printing zeroes even for the parameters of the
operational base time, when that doesn't exist.
Fixes: 0dd16449356f ("tc: Add support for configuring the taprio scheduler")
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Acked-by: Vinicius Costa Gomes <vinicius.gomes@intel.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
tc flower support for SPI field in ESP and AH packets.
Signed-off-by: Ratheesh Kannoth <rkannoth@marvell.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add support for the so called "stateless" configuration pattern (read
from /etc, fall back to /usr), giving system administrators a way to
define local configuration without changing any distro-provided files.
In practice this means that each configuration file FOO is loaded
from /usr/lib/iproute2/FOO unless /etc/iproute2/FOO exists.
Signed-off-by: Gioele Barabucci <gioele@svario.it>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
It is not currently possible to add a filter matching on port 0 despite
it being a valid port number. This is caused by cited commit which
treats a value of 0 as an indication that the port was not specified.
Instead of inferring that a port range was specified by checking that both
the minimum and the maximum ports are non-zero, simply add a boolean
argument to parse_range() and set it after parsing a port range.
Before:
# tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass
Illegal "src_port"
# tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass
Illegal "dst_port"
# tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass
Illegal "src_port"
# tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass
Illegal "dst_port"
After:
# tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass
# tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass
# tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass
# tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass
# tc filter show dev swp1 ingress | grep _port
src_port 0
dst_port 0
src_port 0-100
dst_port 0-100
Fixes: 767b6fd620dd ("tc: flower: fix port value truncation")
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Petr Machata <petrm@nvidia.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
When installing a Qdisc this way:
tc qdisc replace dev $ifname handle 8001: parent root stab overhead 24 taprio \
num_tc 8 \
map 0 1 2 3 4 5 6 7 \
queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 \
base-time 0 \
sched-entry S 01 1216 \
sched-entry S fe 12368 \
fp P E E E E E E E \
flags 0x2
the parser will error out when it tries to parse the "fp" array and it
finds "flags" as one of the elements, expecting it to be one of "P" or
"E".
The way this is handled in the parsing of other array arguments of
variable size (max-sdu, map, queues etc) is to not fail, call PREV_ARG()
and attempt re-parsing the argument as something else. Do that for "fp"
as well.
Apparently mqprio handles this case correctly, so I must have forgotten
to apply the same treatment for taprio as well, during development.
Fixes: 5fbca3b469ec ("tc/taprio: add support for preemptible traffic classes")
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The standard print function can be used to print the cfm attributes in
both standard and json use cases. In this way no string buffer is needed
which simplifies the code.
Signed-off-by: Zahari Doychev <zdoychev@maxlinear.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Previously since proto was __u8 an invalid proto would
be allowed. Gcc warns about never true conditional
since __u8 can never be negative.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
When the kernel reports offload counters through TCA_STATS2 ->
TCA_STATS_APP for the taprio qdisc, decode and print them.
Usage:
# Global stats
$ tc -s qdisc show dev eth0 root
# Per-tc stats
$ tc -s class show dev eth0
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Replace multiple whitespaces with tab where appropriate.
While at it, fix tc flower help message and remove some double
whitespaces.
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Tested-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
The function free() handles the case wher argument is NULL
by doing nothing. So the extra checks are not needed.
Found by modified version of kernel coccinelle script.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Add support for the same kind of "fp" array argument as in mqprio,
except here we already have some handling for per-tc entries (max-sdu).
We just need to expand that logic such that we also add (and parse) the
FP adminStatus property of each traffic class.
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add support for the "fp" argument in tc-mqprio, which takes an array
of letters "E" (for express) or "P" (for preemptible), one per traffic
class, and transforms them into TCA_MQPRIO_TC_ENTRY_FP u32 attributes of
the TCA_MQPRIO_TC_ENTRY nest. We also dump these new netlink attributes
when they come from the kernel.
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Currently, the output of "tc qdisc add dev lo taprio help" looks
absolutely horrible, it looks better in the source code. Put new lines
in the output everywhere where the text switches to a new line in the
source code.
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
add control plane for setting TCA_TUNNEL_KEY_NO_FRAG flag on
act_tunnel_key actions.
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
We can't use TCA_EXT_WARN_MSG directly in tc action as it's using different
enum with filter. Let's use a new TCA_ROOT_EXT_WARN_MSG for tc action
specifically.
Fixes: 6035995665b7 ("tc: add new attr TCA_EXT_WARN_MSG")
Reviewed-by: Andrea Claudi <aclaudi@redhat.com>
Reported-and-tested-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
This reverts commit 70b9ebae63ce7e6f9911bdfbcf47a6d18f24159a.
The TCA_EXT_WARN_MSG is not sit within the TCA_ACT_TAB hierarchy. It's
belong to the TCA_MAX namespace. I will fix the issue in another patch.
Reviewed-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
'action nat index 1' is a valid cli according to TC's
architecture. Fix the grammar parsing to accept it.
tdc tests:
1..28
ok 1 7565 - Add nat action on ingress with default control action
ok 2 fd79 - Add nat action on ingress with pipe control action
ok 3 eab9 - Add nat action on ingress with continue control action
ok 4 c53a - Add nat action on ingress with reclassify control action
ok 5 76c9 - Add nat action on ingress with jump control action
ok 6 24c6 - Add nat action on ingress with drop control action
ok 7 2120 - Add nat action on ingress with maximum index value
ok 8 3e9d - Add nat action on ingress with invalid index value
ok 9 f6c9 - Add nat action on ingress with invalid IP address
ok 10 be25 - Add nat action on ingress with invalid argument
ok 11 a7bd - Add nat action on ingress with DEFAULT IP address
ok 12 ee1e - Add nat action on ingress with ANY IP address
ok 13 1de8 - Add nat action on ingress with ALL IP address
ok 14 8dba - Add nat action on egress with default control action
ok 15 19a7 - Add nat action on egress with pipe control action
ok 16 f1d9 - Add nat action on egress with continue control action
ok 17 6d4a - Add nat action on egress with reclassify control action
ok 18 b313 - Add nat action on egress with jump control action
ok 19 d9fc - Add nat action on egress with drop control action
ok 20 a895 - Add nat action on egress with DEFAULT IP address
ok 21 2572 - Add nat action on egress with ANY IP address
ok 22 37f3 - Add nat action on egress with ALL IP address
ok 23 6054 - Add nat action on egress with cookie
ok 24 79d6 - Add nat action on ingress with cookie
ok 25 4b12 - Replace nat action with invalid goto chain control
ok 26 b811 - Delete nat action with valid index
ok 27 a521 - Delete nat action with invalid index
ok 28 2c81 - Reference nat action object in filter
Fixes: fc2d02069b52 ("Add NAT action")
Reviewed-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
'action mpls index 1' is a valid cli according to TC's
architecture. Fix the grammar parsing to accept it.
tdc tests:
1..54
ok 1 a933 - Add MPLS dec_ttl action with pipe opcode
ok 2 08d1 - Add mpls dec_ttl action with pass opcode
ok 3 d786 - Add mpls dec_ttl action with drop opcode
ok 4 f334 - Add mpls dec_ttl action with reclassify opcode
ok 5 29bd - Add mpls dec_ttl action with continue opcode
ok 6 48df - Add mpls dec_ttl action with jump opcode
ok 7 62eb - Add mpls dec_ttl action with trap opcode
ok 8 09d2 - Add mpls dec_ttl action with opcode and cookie
ok 9 c170 - Add mpls dec_ttl action with opcode and cookie of max length
ok 10 9118 - Add mpls dec_ttl action with invalid opcode
ok 11 6ce1 - Add mpls dec_ttl action with label (invalid)
ok 12 352f - Add mpls dec_ttl action with tc (invalid)
ok 13 fa1c - Add mpls dec_ttl action with ttl (invalid)
ok 14 6b79 - Add mpls dec_ttl action with bos (invalid)
ok 15 d4c4 - Add mpls pop action with ip proto
ok 16 91fb - Add mpls pop action with ip proto and cookie
ok 17 92fe - Add mpls pop action with mpls proto
ok 18 7e23 - Add mpls pop action with no protocol (invalid)
ok 19 6182 - Add mpls pop action with label (invalid)
ok 20 6475 - Add mpls pop action with tc (invalid)
ok 21 067b - Add mpls pop action with ttl (invalid)
ok 22 7316 - Add mpls pop action with bos (invalid)
ok 23 38cc - Add mpls push action with label
ok 24 c281 - Add mpls push action with mpls_mc protocol
ok 25 5db4 - Add mpls push action with label, tc and ttl
ok 26 7c34 - Add mpls push action with label, tc ttl and cookie of max length
ok 27 16eb - Add mpls push action with label and bos
ok 28 d69d - Add mpls push action with no label (invalid)
ok 29 e8e4 - Add mpls push action with ipv4 protocol (invalid)
ok 30 ecd0 - Add mpls push action with out of range label (invalid)
ok 31 d303 - Add mpls push action with out of range tc (invalid)
ok 32 fd6e - Add mpls push action with ttl of 0 (invalid)
ok 33 19e9 - Add mpls mod action with mpls label
ok 34 1fde - Add mpls mod action with max mpls label
ok 35 0c50 - Add mpls mod action with mpls label exceeding max (invalid)
ok 36 10b6 - Add mpls mod action with mpls label of MPLS_LABEL_IMPLNULL (invalid)
ok 37 57c9 - Add mpls mod action with mpls min tc
ok 38 6872 - Add mpls mod action with mpls max tc
ok 39 a70a - Add mpls mod action with mpls tc exceeding max (invalid)
ok 40 6ed5 - Add mpls mod action with mpls ttl
ok 41 77c1 - Add mpls mod action with mpls ttl and cookie
ok 42 b80f - Add mpls mod action with mpls max ttl
ok 43 8864 - Add mpls mod action with mpls min ttl
ok 44 6c06 - Add mpls mod action with mpls ttl of 0 (invalid)
ok 45 b5d8 - Add mpls mod action with mpls ttl exceeding max (invalid)
ok 46 451f - Add mpls mod action with mpls max bos
ok 47 a1ed - Add mpls mod action with mpls min bos
ok 48 3dcf - Add mpls mod action with mpls bos exceeding max (invalid)
ok 49 db7c - Add mpls mod action with protocol (invalid)
ok 50 b070 - Replace existing mpls push action with new ID
ok 51 95a9 - Replace existing mpls push action with new label, tc, ttl and cookie
ok 52 6cce - Delete mpls pop action
ok 53 d138 - Flush mpls actions
ok 54 7a70 - Reference mpls action object in filter
Fixes: fb57b0920f06 ("tc: add mpls actions")
Reviewed-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
'action csum index 1' is a valid cli according to TC's
architecture. Fix the grammar parsing to accept it.
tdc tests:
1..24
ok 1 6d84 - Add csum iph action
ok 2 1862 - Add csum ip4h action
ok 3 15c6 - Add csum ipv4h action
ok 4 bf47 - Add csum icmp action
ok 5 cc1d - Add csum igmp action
ok 6 bccc - Add csum foobar action
ok 7 3bb4 - Add csum tcp action
ok 8 759c - Add csum udp action
ok 9 bdb6 - Add csum udp xor iph action
ok 10 c220 - Add csum udplite action
ok 11 8993 - Add csum sctp action
ok 12 b138 - Add csum ip & icmp action
ok 13 eeda - Add csum ip & sctp action
ok 14 0017 - Add csum udp or tcp action
ok 15 b10b - Add all 7 csum actions
ok 16 ce92 - Add csum udp action with cookie
ok 17 912f - Add csum icmp action with large cookie
ok 18 879b - Add batch of 32 csum tcp actions
ok 19 b4e9 - Delete batch of 32 csum actions
ok 20 0015 - Add batch of 32 csum tcp actions with large cookies
ok 21 989e - Delete batch of 32 csum actions with large cookies
ok 22 d128 - Replace csum action with invalid goto chain control
ok 23 eaf0 - Add csum iph action with no_percpu flag
ok 24 c619 - Reference csum action object in filter
Fixes: 3822cc986cc3 ("tc: add ACT_CSUM action support (csum)")
Reviewed-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Previously, the code returned directly within the switch statement in
the functions print_{ipv4, ipv6}. While this approach was functional,
after the commit 721435dc, we can no longer return directly because we
need to close the match object. To resolve this issue, replace the return
statement with break.
Fixes: 721435dcfd92 ("tc: u32: add json support in `print_raw`, `print_ipv4`, `print_ipv6`")
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
We previously printed an asterisk if there was no 'sel' or
'TC_U32_TERMINAL' flag. However,
commit 1ff227545ce1 ("u32: fix json formatting of flowid")
changed the logic to print an asterisk only if there is a
'TC_U32_TERMINAL' flag. Therefore, we need to fix this
regression.
Before the fix, the tdc u32 test failed:
1..11
not ok 1 afa9 - Add u32 with source match
Could not match regex pattern. Verify command output:
filter protocol ip pref 1 u32 chain 0
filter protocol ip pref 1 u32 chain 0 fh 800: ht divisor 1
filter protocol ip pref 1 u32 chain 0 fh 800::800 order 2048 key ht 800 bkt 0 *flowid 1:1 not_in_hw
match 7f000001/ffffffff at 12
action order 1: gact action pass
random type none pass val 0
index 1 ref 1 bind 1
After fix, the test passed:
1..11
ok 1 afa9 - Add u32 with source match
Fixes: 1ff227545ce1 ("u32: fix json formatting of flowid")
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Reviewed-by: Victor Nogueira <victor@mojatatu.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
It should sit within the TCA_ACT_TAB hierarchy, otherwise the access to
tb is out of bounds:
./tc action ls action csum
total acts 1
action order 0: csum (?empty) action pass
index 1 ref 1 bind 0
not_in_hw
Segmentation fault (core dumped)
Fixes: 60359956 ("tc: add new attr TCA_EXT_WARN_MSG")
Reviewed-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
This is missing a separator, that was accidently removed
when JSON was added.
Fixes: 010a8388aea1 ("tc: Add JSON output to tc-class")
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
This patch is to add the setup and dump for helper in tc ct action
in userspace, and the support in kernel was added in:
https://lore.kernel.org/netdev/cover.1667766782.git.lucien.xin@gmail.com/
here is an example for usage:
# ip link add dummy0 type dummy
# tc qdisc add dev dummy0 ingress
# tc filter add dev dummy0 ingress proto ip flower ip_proto \
tcp dst_port 21 ct_state -trk action ct helper ipv4-tcp-ftp
# tc filter show dev dummy0 ingress
filter protocol ip pref 49152 flower chain 0 handle 0x1
eth_type ipv4
ip_proto tcp
dst_port 21
ct_state -trk
not_in_hw
action order 1: ct zone 0 helper ipv4-tcp-ftp pipe
index 1 ref 1 bind
v1->v2:
- add dst_port 21 in the example tc flower rule in changelog
as Marcele noticed.
- use snprintf to avoid possible string overflows as Stephen
suggested in ct_print_helper().
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Currently, when the rule is not to be exclusively executed by the
hardware, extack is not passed along and offloading failures don't
get logged. Add a new attr TCA_EXT_WARN_MSG to log the extack message
so we can monitor the HW failures. e.g.
# tc monitor
added chain dev enp3s0f1np1 parent ffff: chain 0
added filter dev enp3s0f1np1 ingress protocol all pref 49152 flower chain 0 handle 0x1
ct_state +trk+new
not_in_hw
action order 1: gact action drop
random type none pass val 0
index 1 ref 1 bind 1
mlx5_core: matching on ct_state +new isn't supported.
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
This reverts commit 0cc5533b ("tc/tc_monitor: print netlink extack message")
as the commit mentioned is not applied to upstream.
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
The Round-Robin qdisc was removed in kernel version 2.6.27.
Remove code and man page references from iproute.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
