- when checked, also change 'Default class' to align the default value with the other pages
- when unchecked, restore the default values for 'Default class' and 'Qdisc Scheduler'
QoS:
- use correct WAN MTU when starting QoS
- fix completely broken behavior with multiple wans
- fix 'rate' and 'limit' table headings
- separate ATM overhead fields for each wan
- add PPPoE LLC + VLAN to overhead options
- support enabling queuing without classification (SQM)
- rearrange QoS Basic Settings page to make it clear
- when stopping qos, don't forget to delete the ingress qdisc
- don't use broken iptables set-return
- L7 fix and comment improvement
- use proper fwmask when matching fwmark
- check wan up once and use the same result for all rules
PBR:
- don't use broken iptables set-return
- fix connmark restore mark mask
- copy connection mark to packet mark to pbr
Eric Dumazet pointed out that act_mirred needs to find the current net_ns,
and struct net pointer is not provided in the call chain. His original
patch made use of current->nsproxy->net_ns to find the network namespace,
but this fails to work correctly for userspace code that makes use of
netlink sockets in different network namespaces. Instead, pass the
"struct net *" down along the call chain to where it is needed.
This version removes the ifb changes as Eric has submitted that patch
separately, but is otherwise identical to the previous version.
Signed-off-by: Benjamin LaHaise <bcrl@kvack.org>
Tested-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1b52739e45f5969b208ebc377f52468280af11e
cls_flow.c plays with uids and gids. Unless I misread that
code it is possible for classifiers to depend on the specific uid and
gid values. Therefore I need to know the user namespace of the
netlink socket that is installing the packet classifiers. Pass
in the rtnetlink skb so I can access the NETLINK_CB of the passed
packet. In particular I want access to sk_user_ns(NETLINK_CB(in_skb).ssk).
Pass in not the user namespace but the incomming rtnetlink skb into
the the classifier change routines as that is generally the more useful
parameter.
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Prerequisite patch for mirred namespace compatibility: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=af4c6641f5ad445fe6d0832da42406dbd9a37ce4
Eric Dumazet pointed out that act_mirred needs to find the current net_ns,
and struct net pointer is not provided in the call chain. His original
patch made use of current->nsproxy->net_ns to find the network namespace,
but this fails to work correctly for userspace code that makes use of
netlink sockets in different network namespaces. Instead, pass the
"struct net *" down along the call chain to where it is needed.
This version removes the ifb changes as Eric has submitted that patch
separately, but is otherwise identical to the previous version.
Signed-off-by: Benjamin LaHaise <bcrl@kvack.org>
Tested-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1b52739e45f5969b208ebc377f52468280af11e
cls_flow.c plays with uids and gids. Unless I misread that
code it is possible for classifiers to depend on the specific uid and
gid values. Therefore I need to know the user namespace of the
netlink socket that is installing the packet classifiers. Pass
in the rtnetlink skb so I can access the NETLINK_CB of the passed
packet. In particular I want access to sk_user_ns(NETLINK_CB(in_skb).ssk).
Pass in not the user namespace but the incomming rtnetlink skb into
the the classifier change routines as that is generally the more useful
parameter.
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Prerequisite patch for mirred namespace compatibility: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=af4c6641f5ad445fe6d0832da42406dbd9a37ce4
pedro
notsure2
Johan Källström
Johan Källström
M_ars