- 26 Apr, 2012 1 commit
-
-
JP Abgrall authored
Some commands are run to be able to recover after failures. Those cleanup commands are generally allowed to fail. But the lower level system commands would log an error. Now that error is hidden if nobody will care about the result. A "#define LOG_NDEBUG 0" will show those failing commands. Removed leftover LOG_NDEBUG in CommandListener. Bug: 6377175 Change-Id: I1205fb077f7d0496969bd2a0b5da42025bc5a8dc
-
- 25 Apr, 2012 1 commit
-
-
JP Abgrall authored
Some commands are run to be able to recover after failures. Those cleanup commands are generally allowed to fail. But the lower level system commands would log an error. Now that error is hidden if nobody will care about the result. A "#define LOG_NDEBUG 0" will show those failing commands. Removed leftover LOG_NDEBUG in CommandListener. Bug: 6377175 Change-Id: I1205fb077f7d0496969bd2a0b5da42025bc5a8dc
-
- 20 Apr, 2012 1 commit
-
-
JP Abgrall authored
* modified iptables users to work in controller specific custom chains. - each controller only works withing his own custom chains and not the top level ones (INPUT, OUTPUT, FORWARD, POSTROUTING,...) - CommandListener now invokes setupIptablesHooks() for each controller once. That is the only time they are allowed to access the top-level chains. * Added idletimer controller. From https://android-git.corp.google.com/g/#/c/180769/2 - supported commands . ndc idletimer enable . ndc idletimer add <iface> <timeout> . ndc idletimer remove <iface> <timeout_used_during_add> There is a framework change elsewhere that receives netlink messages. Signed-off-by:
Ashish Sharma <ashishsharma@google.com> Signed-off-by:
JP Abgrall <jpa@google.com> Change-Id: Ia57450c09166ce20f21d1e3b49047ef1e98f2a3d
-
- 01 Mar, 2012 1 commit
-
-
Robert Greenwalt authored
Support multiple commands on a single socket via command numbers. Native DaemonConnector has been changed, so we need to use it here too. bug:5864209 Change-Id: I084a284db38b996e7965bb9dd18440636eff9801
-
- 06 Jan, 2012 1 commit
-
-
Steve Block authored
See https://android-git.corp.google.com/g/#/c/157220 Bug: 5449033 Change-Id: I8ab66debe4d0c3857a4b80f6f7b6925a352cda87
-
- 05 Jan, 2012 1 commit
-
-
Steve Block authored
See https://android-git.corp.google.com/g/157065 Bug: 5449033 Change-Id: Ic9a12b3bc322d1fa60de50725b5ca18341d64b91
-
- 03 Jan, 2012 1 commit
-
-
Steve Block authored
See https://android-git.corp.google.com/g/156016 Bug: 5449033 Change-Id: I85b946663d5a0e7606140282bf758c27b8c6f68f
-
- 01 Dec, 2011 1 commit
-
-
Jeff Sharkey authored
Bug: 5686458 Change-Id: I9c5147446636d32bb3a420a05199870cca5f013d
-
- 30 Nov, 2011 1 commit
-
-
Jeff Sharkey authored
All trailing arguments are treated as now treated as flags, instead of mixing argument formats. Change-Id: Iab80ed47ce2c8a1e7bc0fc5a46d391638fe282c8
-
- 17 Nov, 2011 1 commit
-
-
JP Abgrall authored
Use the error message string to report the raw parsed data in case of failure. Bug:5543131 Change-Id: If9f3bcea09fd3ab8a506955d8153b3430bfd239c
-
- 04 Nov, 2011 1 commit
-
-
Robert Greenwalt authored
bug:5495862 bug:5396842 Change-Id: I51f21060947f57e63b18c4d35e9d49fac488d48a
-
- 02 Nov, 2011 1 commit
-
-
Robert Greenwalt authored
Regardless of errors we should try to do as much as possible. Sometimes some steps may fail if interfaces are taken down before we can un-nat them. bug:5536516 Change-Id: I9c9b0123198dba890565e0a6e4e15add16b369c2
-
- 25 Oct, 2011 1 commit
-
-
Steve Block authored
See https://android-git.corp.google.com/g/#/c/143865 Bug: 5449033 Change-Id: Iaf07eecf106fda89c464723661976f4570638558
-
- 07 Oct, 2011 1 commit
-
-
JP Abgrall authored
Now, when nat is enabled/disabled it will let the bandwidthcontroller know that it might need to add/remove the matching global alert into the tethering rules in the FORWARD chain of iptables. Bug: 5336638 Change-Id: I1843f3f6601f371537f754a31db792e054b36a1d
-
- 29 Sep, 2011 1 commit
-
-
repo sync authored
Bug: 5388757 Change-Id: I0506254948477cbff05603faed625cc73d94d777
-
- 27 Sep, 2011 1 commit
-
-
Lorenzo Colitti authored
Change-Id: I04c8de503229d1dce6bd08c286b7017eaea11039
-
- 18 Sep, 2011 1 commit
-
-
JP Abgrall authored
* Add ndc bandwidth gettetherstats <ifaceIn> <ifaceOut> which returns 221 ifaceIn ifaceOut rx_bytes rx_packets tx_bytes tx_packets If the iface pair is not found it will fail. 221 is the new response code for TetheringStatsResult. It gets the stats by looking at the iptables FORWARD chain's counters. * Fixed return handling after some of the responses. - no need for errorno - after ResponseCode >= 200, don't return another. * Correctly initialize the alert values on "bandwidth enable" Bug: 5244846,5230066 Change-Id: I81c941441525fa4055ae270d5cad05e6c42b8f72
-
- 14 Sep, 2011 1 commit
-
-
Irfan Sheriff authored
Bug: 3360737 Change-Id: Ifa13c425c6168acdd01600d49c1fb52288c60d3c
-
- 03 Sep, 2011 1 commit
-
-
Irfan Sheriff authored
The ioctl to set netmask fails when the interface address is 0.0.0.0. The kernel always keeps the netmask as 0 when the address is 0.0.0.0. Avoid making a call to prefix length when address is 0.0.0.0 Bug: 5255172 Change-Id: Id32f7823b2230fb9ac7cd45b0df1951f11338112
-
- 25 Jul, 2011 1 commit
-
-
Robert Greenwalt authored
Port of change 22099 from the opensource. bug:5060618 Change-Id: Ic99345881fcb30c6f1d5545a32401e6ada865d78
-
- 20 Jul, 2011 1 commit
-
-
JP Abgrall authored
* Fix quota2 updating. The old insert-new/delete-old scheme doesn't work as the kernel keeps the old counter assigned to the new rule. * Add support for setting dummy quotas used only for alerts. This needs: - new kernel with quota2 changes that support logging via NETLINK's NETLINK_NFLOG family. - NetlinkManager support for receiving the events. - java land handler for these new events. * new commands - add/remove a dummy quota to generate an alert after <bytes> are seen including loopback. alerts are only triggered once. . ndc bandwidth setglobalalert <bytes> calling it multiple times, just re-arms the alert for the specified number of bytes. Use "ndc bandwidth getiquota singleAlert" to get what is left. . ndc bandwidth removeglobalalert - add/remove alert on a shared quota (similar accounting as shared quota) . ndc bandwidth setsharedalert <bytes> Requires that a shared quota already exist. . ndc bandwidth removesharedalert Removing the last of the shared quotas will remove the matching alert. - add/remove alert on an interface (similar accounting as interface quota) . ndc bandwidth setinterfacealert <iface> <bytes> Requires that a interface quota already exist. . ndc bandwidth removeinterfacealert <iface> Removing the interface quota will remove the matching alert. - get the quotas and alert leftovers . ndc bandwidth getquota shared quota leftover . ndc bandwidth getiquota <quota_name_or_iface> iface specific quota leftover Can be used to read-out alerts. E.g. setglobalalert 12345 -> getiquota globalAlert setsharedalert 12345 -> getiquota sharedAlert setinterfacealert iface0 12345 -> getiquota iface0Alert Change-Id: Iea9698b9d20e713281755dac32b4772a6cf0e84e
-
- 24 Jun, 2011 2 commits
-
-
JP Abgrall authored
Regroup the ipv4/ipv6 choice deeper down to avoid copypasted code. Shared quota accross ifaces. Single quota per ifaces. Nothing preventing an iface from have a single and shared quota. Might be close to having a working combination. Added commands: - shared quota ndc bandwidth setquotas <quotaBytes> <iface> ... ndc bandwidth setquota <iface> <quotaBytes> ndc bandwidth removequota <iface> ndc bandwidth removequotas <iface> ... - quota per iface ndc bandwidth setiquota <iface> <quotaBytes> ndc bandwidth removeiquota <iface> Change-Id: I370d223da3c8b6e16e8d0a455309ae9e0756a721
-
JP Abgrall authored
Adds initial per-app penalty box rules, and prepares for handling per iface quota. The following commands work: * penalty box ndc bandwidth addnaughtyapps <uid> ... ndc bandwidth removenaughtyapps <uid> ... * Shared quota - add (updates the bytes, if they differ from last time) ndc bandwidth setquota <iface> <bytes> ndc bandwidth setquota <iface1> <bytes> ndc bandwidth setquota <iface2> <bytes> - remove ndc bandwidth removequota <iface> [ oldschool: ndc bandwidth setquota <iface> -1 ] Change-Id: Ibefc16e81c7713feb47577a9687dcd032dedf06e
-
- 18 Jun, 2011 1 commit
-
-
Mike Lockwood authored
Change-Id: I1a49dc2c96998e9a44729b4b0303dbe9eb8c6569 Signed-off-by:
Mike Lockwood <lockwood@android.com>
-
- 17 Jun, 2011 1 commit
-
-
Irfan Sheriff authored
Bug: 4676254 Change-Id: Ifb0b573750504f5daeb8db038d13dddd553797de
-
- 16 Jun, 2011 1 commit
-
-
JP Abgrall authored
This is a minimalistic version to get accounting of data going through tagged socket per uid. When netd starts up the BandwidthController, it will look at the properties for persist.bandwidth.enable=1 and enabled it. It needs the kernel with the xt_qtaguid + iptables/netfilter goodness. stlport is ok to use. The "owner" netfilter module used is actually our xt_qtaguid that acts as it (just until we get around to talking directly the to kernel). Once "ndc bandwidth enable" is invoked all traffic is counted against the UIDs receiving/sending it. This allows BlockGuard.java to "tag" sockets and see stats for the tags. Data shows up in /proc/net/xt_qtaguid/stats /proc/net/xt_qtaguid/iface_stat/<iface>/ rx_packets_tcp rx_bytes_tcp ... There is no <uid>/... Supported commands: - "ndc bandwidth enable" will setup the needed iptable entries to track tag/uid. - "ndc bandwidth disable" will remove the iptable entries. - "ndc bandwidth setquota <iface> <value>" will set a quota on the iface. Once quota is reached, packets are rejected. With the correct kernel, rejects are turned in socket errors. TODO ---- * make bandwidth controller cooperate with tethering. - they both manipulate the iptables. Change-Id: Ieb9e7c60ef8c974e99828f7833065d59b2922bf3
-
- 12 May, 2011 1 commit
-
-
Robert Greenwalt authored
Now we can move this out of the framework. Also adds v6 support and explicit route removal (rather than the big hammer of "remove all"). Change-Id: Ia7f1b12b2175c566c4906064796131a2f7e81466
-
- 29 Apr, 2011 1 commit
-
-
Mattias Falk authored
Added a ResolverController class that handles the communication with the dns resolver in netd. Change-Id: I0f71bd516109fd942e68b3400666c7a859228372
-
- 08 Mar, 2011 1 commit
-
-
Dmitry Shmidt authored
Change-Id: I3694a0b2b570e0925b7f807f133e6fa5d95c3ac2 Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
- 01 Feb, 2011 1 commit
-
-
Robert Greenwalt authored
Use prefixlength instead. bug:2542681 Change-Id: I4cc0d9a84a5b043da7f8cb19a42cc6aaae3f9584
-
- 17 Nov, 2010 1 commit
-
-
Olivier Bailly authored
Change-Id: I99f7b79bfb5b6305a0772f418a54ace50cac1bbe
-
- 23 Apr, 2010 1 commit
-
-
Robert Greenwalt authored
When the bytes received counter gets too big it changes format from name: 10 ... name: 100 ... name:1000 ... The last one means sscanf can't parse a string and a long seperately - you just get a string. Fixed by detecting a char after ':', splitting the name and reparsing the long. bug:2612082 Change-Id: I84e41da1e38d24ea61f996ede9c87769abba5d22
-
- 14 Apr, 2010 1 commit
-
-
Robert Greenwalt authored
On sholes ppp0 comes and goes with wifi and net availability. We don't want our traffic poller to have to care (and deal with race conditions) so just don't make so much noise if we try to read the traffic data for a non-existing iface. bug:2576057 Change-Id: I8c1d721e7afc288b08cffb79f8f52f6cab55c88b
-
- 07 Apr, 2010 1 commit
-
-
San Mehat authored
Change-Id: I9092a37b3d5f2bfa4f49ddc473d0a5490abaae8f Signed-off-by:
San Mehat <san@google.com>
-
- 03 Apr, 2010 1 commit
-
-
Robert Greenwalt authored
Some networks iface names are too long to fit in a 6-char string. bug:2561759 Change-Id: I571c9871db424d349bc47b4d15c6015a33be6f2a
-
- 01 Apr, 2010 1 commit
-
-
San Mehat authored
Change-Id: I361f3c4ac30f7bb6efe4ed703405f0e843b075b4 Signed-off-by:
San Mehat <san@google.com>
-
- 24 Mar, 2010 1 commit
-
-
Robert Greenwalt authored
We need multiple dhcp ranges to support dhcp on different interfaces. bug:2533491 Change-Id: I3b568e81c048c6aff1a752ac4a81669034104413
-
- 12 Mar, 2010 2 commits
-
-
Dmitry Shmidt authored
Change-Id: I2081e4943b6b93109288e8d764ce25a55f3b6198 Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
Dmitry Shmidt authored
Change-Id: I731c2e390187c0fa5f69779cd25d8f2388ee511e Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
- 24 Feb, 2010 1 commit
-
-
Robert Greenwalt authored
Also fix some errors in the interface control code (if we pass out all flags like so: [up broadcast multicast] we should probably accept that back)
-