Also disabling TX checksums and not only allowing incoming packets without
checksum will provide another small speedup. As doing so would break wired
meshing with VXLAN-enabled nodes that require non-zero checksums, we will
wait a few days before this step.
In addition to significant internal differences in check_site_lib.lua (in
particular unifying error handling to a single place for the upcoming
multi-domain support), this changes the way fields are addressed in site
check scripts: rather than providing a string like 'next_node.ip6', the
path is passed as an array {'next_node', 'ip6'}.
Other changes in site check scripts:
* need_array and need_table now pass the full path to the sub fields to the
subcheck instead of the key and value
* Any check referring to a field inside a table implies that all higher
levels must be tables if they exist: a check for {'next_node', 'ip6'} adds
an implicit (optional) check for {'next_node'}, which allows to remove many
explicit checks for such tables
This should not convert JSON to a Lua table and back, as this loses the
distinction between arrays and objects, but as our site.conf is defined in
Lua anyways (for now), this can be fixed in a later revision.
[Matthias Schiffer: rename to gluon-show-site, rebase]
By basing the Lua gluon.site module on gluonutil_load_site_config(), the
config load implementation needs to changed only in a single place for
multi-domain support.
This enables the ebtables internal locking mechanism which will avoid race
conditions between multiple, concurrent ebtables calls.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
This enables the ebtables internal locking mechanism which
will avoid race conditions between multiple, concurrent
ebtables calls.
This is a preparation for the upcoming gluon-arp-limiter
daemon, to avoid issues if upon restarting gluon-ebtables
the gluon-arp-limiter daemon tries to modify the tables.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
The init scripts adds the br-client as netdev for the daemon. The daemon
will automatically be restarted when the netdev's ifindex is changed and
the reload target of the init script is called. But something has to call
this script first.
This can be done the procd triggers interface which can simply wait for all
events from type "interface.*". The reload target will always be called but
the daemon will only be restarted when the br-client ifindex actually
changed.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
A socket with the value 0 is valid (and it the first opened socket). It is
therefore a bad idea to check for 0 when wanting to find out whether a
socket was initialized.
Instead initialize it with -1 and check for < 0 to find out whether the
socket was initialized or not.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The correct way to get the data from batman-adv is not to try to parse the
freeform debugfs files. Instead, the generic netlink family "batadv" should
be used to request the tables in binary form.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The memory returned after malloc is not initialized. It must be initialized
before it is accessed in update_tqs and compared against 00:00:00:00:00:00.
Otherwise the TQ retrievel could fail because the originator address is
never updated.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The daemon must make sure that it doesn't filter any incoming router
advertisement when it was shut down. This can be achieved by flushing all
current rules and/or adding an ACCEPT all rule at the end. When both
commands work, the state of the chain will be the same as
/lib/gluon/ebtables/400-radv-filter created it.
This doesn't handle the problem that the daemon may have been crashed and
thus the chain is in an undefined state.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The select can be interrupted when it receives a signal. But the signal
might be handled and thus it should not result in an kill.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The value returned by time is not monotonic. It can jump around because it
depends on a user configurable clock. This can lead to hangs in the
processing of routers.
A monotonic clock must be used instead to avoid this problem.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The TQ of the best router can be lower than the hysteresis_thresh. The
check could cause an integer underflow which then causes an election which
is not necessary.
This can be avoided by reordering the check slightly and only substracting
values which will not cause underflows.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The check of prerequisitions is rather long and becomes unreadable. Having
it in an extra function makes the code slightly more structured and better
readable.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The 6th argument to recvfrom is not an unsigned int pointer. This may work
on systems where socklen_t and unsigned int are both 4 byte but other
systems may use 8 byte for that (glibc uses size_t as type for socklen_t
and size_t is 8 byte on amd64 and similar architectures).
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The recvfrom can fail and return -1. The caller must check for this error
to avoid that it reads uninitialized data from pkt.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The ICMPv6 packet is stored in network byte order. It must therefore always
be converted to host byteorder before it can be used in calculations.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The router access code is spread throughout the program. It is easier to
modify it when the common functionality is encapsulated in some helper
functions.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The bind to an interface can fail and the socket then isn't working as
expected. The daemon must therefore handle this problem.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
These variables are only used in the the same file. They can therefore be
static and don't have to be exported by the executable.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
