| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
In the CLI parsing of 'set interface ipsec key garbage', the token
'garbage' enters the processing code for the <key>. This enters
unformat_hex_string(..) which looks through the input for 0-9,a-f and
drops out if a non-hex digit is encountered. The problem is that it
returns 1, indicating that input has been processed, but in this case,
no characters have been removed from the input string. This causes the
calling function to go to the top of the loop and process the next
token, which is now the same token and gets stuck in an infinite loop.
Updated unformat_hex_string(..) to return 0 if no characters were
processed.
This funcitons is used in multiple CLI Commands, but most have token
that preceeds the hex string. Since the token is stripped, the CLI
command is able to avoid an infinte loop.
Change-Id: Ib54f04f23c4d3563ec57a2450982d3648cedec0e
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
Change-Id: Ia25a8827ed94877e8fe6c0b2ff6d05c1568eb0e1
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
to be used for node statistics
Also fix tw_timer_stop() description
Change-Id: I84b529e330c4534fd55487e7e2b8b089ee68ca11
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
* use RLOC for IP version detection
* don't check whether RLOC is local when deleting
Change-Id: Icdb84025dd5511eb5348b654bf7b373def15406c
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: Ic674cc953b45ddd4811e07821e1a0af28b5f6214
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
snat_static_mapping_dump
Change-Id: Ib560b397700fe058ad1e2970989d98e3debf54aa
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I772b63ac25ebfccaff9ab9d8d0b1445e85f21df7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ic814b805ef77913ffe86f82c009602c75258acfb
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Add doxygen documentation for pcap tx trace CLI command.
In the process of adding the documentation, made the following changes
to the way the command worked:
* If there is an error with any of the attributes, the whole command
fails. The existing behavior was to apply attribute by attribute,
then bail if there was an issue, with partial apply.
* Move the 'on' processing to the end. The existing behavior was to
process the 'on' as it was encountered on the commandline. That meant
that any attributes after the 'on' in the commandline were saved and
displayed, but not really being used in the packet trace.
* Enhanced the 'status' to show all the configured attributes.
NOTE: The packet capture has some weird behavior with regards to how
many packets are written to file and if the file is appended or
overwritten. VPP-634 written to document the issue.
Change-Id: Iab241228b125385052de242865afd9515fa2524f
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
Change-Id: I5063d31f5305c848043afb32fcacff6e61aed79f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Id294dbbd6499ae8221cc8143e1027adc08866ae6
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I0963760a7da95612d5cab19596919b369a4d0f8e
Signed-off-by: Shwetha Bhandari <shwethab@cisco.com>
|
|
Change-Id: I5b308eb39ae770d58d1498d7fafa49b236b3f534
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
Change-Id: I51488620a7eeaf7a0edba71437d2b49ae3cf0bf5
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
This happens only on when compiled for older microarchitectures,
where BSF insutruction is used instead of TZCNT. BSF provides
undefined result if operand is 0.
Change-Id: I7a13350786a533428168595097ef01a560fde53b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
File vnet/fib/fib_urpf_list.h was included in vnet/fib/ip6_fib.h but was
exported to be installed in /usr/include/vnet. So out-of-tree builds
relying on an installed package was failing.
Fix is to inlcude fib_urpf_list.h in source file rather than including
it in header file.
Change-Id: Iae39c1d9417dbd31ee67fa1bd2d1915d5e813c73
Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
|
|
When handling the IP_DETAILS and IP_ADDRESS_DETAILS replies,
it is almost certainly going to require having both the is_ipv6
and sw_if_index context to handle them properly. Placing these
values in an essentially global location as the current VAT does
isn't thread-safe. Fruthermore, rather than forcing every
API user to hoop-jump to establish these context values, simply
provide them in their DETAILS reply messages.
Change-Id: I6a9e0cb16ecdbf87fca8fc5c7663e98d3a53c26c
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Change-Id: I97fedb0f70dd18ed9bbe985407cc5fe714e8a2e2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Refer to jira ticket for more details.
Change-Id: I6facb9ef8553a21464f9a2e612706f152badbb68
Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
|
|
Change-Id: Ie490b7fd5238cbad23f0199161cc14324fd9c554
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I1c93f96a752eb2ffd1117a656552131cde1fa489
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I666e5c0cc71a3693640960c93cdd1907f84fbe23
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Currently ip6 local check fails with error - source lookup miss if
route to source of packet is over a dpo object such as load balance -
recurssive route, tunnel adj - GRE, SR etc.
So unless packet source is of a directly connected neibhor or has
route with both interface and nexthop specified, it will be dropped.
Fix is to check urpf list and if at least one link exists in the list,
then allow packets to be processed, else drop.
Change-Id: Id426311bb63bab506754a79409c602fdb6d0f190
Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
|
|
Change-Id: Iafb071c684a43e21925e3a43019cd86372347898
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I76593632cde97f7cb80bbc395735404f39f3bd3f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: Ifaf46554e45557ebf82009d9c46a9e905a46f884
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: Iefffcf7843dc11803d69a875a72704a2543911a1
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I4433eaed3f4e201edc329c4842cbbf74beb19a9a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I7775dd3b90d5a3449650c3102e24bfedd770beb1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: If26d758997d71792cedad1afae8d6a38cfd364ac
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
found by `scan-build make plugins-release`
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
Change-Id: I52048e3a8ae3fb85eb3d91f6a5e15216dd7b9baa
|
|
Change-Id: I5499dd6b768425a56936afae50bd578620c83d30
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I3d8b7947ae6d721e9b514a59a7d2de49aed419b5
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I31730d58c34331f25f5b02cd065be94251f1302c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Running trex in a VM with a bad config, trex sent a bogus pack from
the VM to the Virtual interface. It caused a crash.
Change-Id: I64d0197b444265553ab4c24f21e6a962e89cb587
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: Ie39bb26a9aea88cf2768ec537adcdd8df1de3be0
Signed-off-by: Matej Klotton <mklotton@cisco.com>
|
|
Change-Id: I25077dd0739787de4f7512e5a70a62e8c34c28e4
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
This patch replaces requirement for vlib_plugin_register function
in the plugin so file and introduces new macro:
VLIB_PLUGIN_REGISTER () = {
.version = "version string",
.version_required = "requred version",
.default_disabled = 1,
.early_init = "early_init_function_name",
};
Plugin will nor be loaded if .default_disabled is set to 1
unless explicitely enabled in startup.conf.
If .verstion_required is set, plugin will not be loaded if there
is version mismatch between plugin and vpp. This can be bypassed
by setting "skip-version-check" for specific plugin.
If .early-init string is present, plugin loader will try to resolve
this specific symbol in the plugin namespace and make a function call.
Following startup.conf configuration is added:
plugins {
path /path/to/plugin/directory
plugin ila_plugin.so { enable skip-version-check }
plugin acl_plugin.so { disable }
}
Change-Id: I706c691dd34d94ffe9e02b59831af8859a95f061
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ia5d3d81cbc2ef85fabf9e19c89a52c589a921d14
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Ports are allocated per protocol (UDP, TCP, ICMP)
1:1 NAT with port is configured for specific protocol
Change-Id: I37ae5eed3715b223d0620d4fdaed7a482bb7a834
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Now that the M() and S() macros accept a message parameter, there
is no longer a need to introduce a new block structure around the
CONTROL_PING messages just to have a new unbound "mp" variable.
Instead, just use one named "mp_ping" directly.
Change-Id: I6b283562bb6eec25806e3d35c35b977680ecd1dd
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Instead, have them accept and assign a return paramter leaving
the return control flow up to the caller. Clean up otherwise
misleading returns present even after "NOT REACHED" comments.
Change-Id: I0861921f73ab65d55b95eabd27514f0129152723
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than rely on an unbound variable, explicitly introduce
the timeout variable within the 'do { ... } while (0)' construct
as a block-local variable.
Change-Id: I6e78635290f9b5ab3f56b7f116c5fa762c88c9e9
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than blindly assume an unbound, fixed message parameter
explicilty pass it as a paramter to the S() macro.
Change-Id: Ieea1f1815cadd2eec7d9240408d69acdc3caa49a
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Now that all the M() and M2() uses properly supply a message
pointer as second parameter, fix the macros to use it.
Change-Id: I0b8f4848416c3fa2e06755ad6ea7171b7c546124
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than maintain (?) an unused second parameter, t, and pull
an unbound message pointer, mp, out of context, explicitly list
the message pointer as the second parameter.
Change-Id: I92143efda6211cdf6b935470f8c71579742a6b64
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
1 - use the SR policy to construct the replicate DPO. Each bucket therein is a SR tunnel.
2 - install a special mfib entry that links via this replicate
3 - forwarding is now mfib-lookup -> replicate -> sr_rewrite (per-tunnel)
no need for a separate sr_replicate node.
4 - Stack the sr tunnel on the forwarding DPO of the first-hop FIB entry.
no need for a second lookup post SR encap.
5 - fix some path-list lock leaks in the MFIB entry.
Change-Id: I20de96ea4c4be4fae252625bde159d9c435c8315
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- Make puppetlabs/ubuntu-16.04-64-nocm the default box
- Enable x11 forwarding
- Install x11-utils required for emacs to work over X11
- Refactor run.sh
- Add VPP_VAGRANT_POST_BUILD environment variable to
allow selection of installing VPP or run "make test".
- Fix dependencies in src/vppapigen.am
Change-Id: I0ec054fdc83feb71ca8396df53ed02bf82ecd7e7
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Add authentication support to BFD feature. Out of three existing
authentication types, implement SHA1 (sole RFC requirement). Simple
password is insecure and MD5 is discouraged by the RFC, so ignore
those.
Add/change APIs to allow configuring BFD authentication keys
and their usage with BFD sessions.
Change-Id: Ifb0fb5b19c2e72196d84c1cde919bd4c074ea415
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Avoid coverity warning and improve safety by declaring a helper
structure and working with it when searching for ip headers.
Make sure the content following IPv6 header is actually UDP before
parsing it. Bail out if unexpcted IPv6 header found ...
Change-Id: I1c6b9fd42d6fdae226f12c91c53c07a932b29522
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
Billy McFall
Gabriel Ganne
Filip Tehlar
Matus Fabian
Klement Sekera
Juraj Sloboda
Shwetha Bhandari
Marek Gradzki
Jon Loeliger
Damjan Marion
AkshayaNadahalli
Florin Coras
Neale Ranns
Ole Troan
Dave Barach
Steven
Matej Klotton
Dave Wallace