- 03 Jul, 2013 3 commits
-
-
JP Abgrall authored
The happy box needs to be able to let UID 0 (dhcp, ...) pass through. Bug: 6212480 Change-Id: I9867b7db4e5ad71cfb1170659d2d6a14ca9590be
-
JP Abgrall authored
* ndc bandwidth happybox (enable | disable) - enable . creates a an empty happy_box chain which rejects all traffic from all UIDs by default. . Uses the penalty_box as a hook. Any costly_interface automatically gets the happy_box as it has a penalty_box. . any app UID not in the happy_box will be treated as if it was in the penalty_box (i.e. addnaughtyapps) . penalty_box (addnaughtyapps) still applies. - disable . removes the happy box. * ndc bandwidth addniceapps <appUid> ... - similar to addnaughtyapps, but for the happy_box * ndc bandwidth removeniceapps <appUid> ... - similar to removenaughtyapps, but for the happy_box Bug: 6212480 Change-Id: I1f10e8c6fa1b230c7b3bb070d88508e437589705
-
JP Abgrall authored
Rename some stuff in preparation for nice apps and the "happy box". Bug: 6212480 Change-Id: I637c4283695ac619533999beab4f88968580d2e4
-
- 29 Jun, 2013 1 commit
-
-
JP Abgrall authored
Currently the bandwidth controller will cut off traffic via an ICMP destination unreachable message with code "administratively prohibited". TCP's RFC1122 does not explicitly say what to do with it, but it does say to abort the transmission when "port-unreachable" is seen. Some servers keep on retrying with the "prohibited" ICMP message which keeps the radio longer awake as more packets come in. Bug: 9150002 Change-Id: I6eb1c3ae41c3890f26581a4b7464821b7ffb85f4
-
- 25 Jun, 2013 1 commit
-
-
JP Abgrall authored
* Persistent stats Previously we would parse the iptables counters out of the FORWARD rules used for tethering. Those rules could come an go before they were parsed, which would cause us to incorrectly count traffic. Now we have separate counting rules (and quota2 counters) which persist beyond tethering. * Rename the iface0/iface1 Match NatControllers notions for tethering ifaces during enable. Detect weird call from userspace (until b/9565268 gets fixed), or else it leaves an ugly iptables state. * The commands affected: - ndc bandwidth gettetheringstats intIface extIface . no change from before: return a single stats line - ndc bandwidth gettetheringstats . return a list of results showing all tethered stats - ndc bandwidth gettetheringstats "" extIface - ndc bandwidth gettetheringstats intIface . return a list of results matching the tethering on the given interface. Bug: 9565268 Bug: 5868832 Change-Id: I8559d9a184abcffaf65998fb3cc8c9c50d46bf06
-
- 20 Jun, 2013 9 commits
-
-
Nick Kralevich authored
* commit '5ff04590': Revert "netd: reduce privileges"
-
Nick Kralevich authored
* commit '4ea5bd05': Revert "netd: reduce privileges"
-
Nick Kralevich authored
-
Nick Kralevich authored
jpa reports that tethering is broken. This reverts commit ab3df62f. Change-Id: I0736f0fd83ea7cada9fdaee7e8d39123d2a3b5c2
-
Nick Kralevich authored
* commit '4dbd276e': netd: reduce privileges
-
Nick Kralevich authored
* commit '30583ec3': netd: reduce privileges
-
Nick Kralevich authored
-
JP Abgrall authored
Some prior change removed the ability to use a command sequence number. This would cause conflicts with java-land sending commands, and results don't get routed appropriatly: ndc would catch results destined for java. Also, cleanup the bad errno handling: don't use errno after any library call. Bug: 5886205 Change-Id: I72cafb7d8f8328a6879971e6dd5401f8c20a21f9
-
Nick Kralevich authored
netd doesn't need full root capabilities. Rather, it only needs CAP_NET_ADMIN and CAP_NET_RAW. Reduce the capabilities to that set. netd continues to run with UID=0, which allows applications spawned by netd to continue to have CAP_NET_ADMIN and CAP_NET_RAW. It also allows netd to access /proc and /sys files as UID=0. Change-Id: I439d22150109697213c0cc83276ddb668007b978
-
- 12 Jun, 2013 2 commits
-
-
Geremy Condra authored
-
Chad Brubaker authored
Make the netd binds for adding uid iptables mark rules consistent with the other per uid range binds. Change-Id: I97d1576f4ac11368bf6ede866229e456a2ed24da
-
- 11 Jun, 2013 2 commits
-
-
Dmitry Shmidt authored
Bug: 9372485 Change-Id: I0dfa6b1f973426d67f976a9c79be8de90e3d9c19 Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
Dmitry Shmidt authored
-
- 10 Jun, 2013 5 commits
-
-
Geremy Condra authored
-
Geremy Condra authored
-
Dmitry Shmidt authored
Bug: 9372353 Change-Id: Id85a8a41f644195519f1635e4ab73806b5e1738e Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
Chad Brubaker authored
Add resolver clearifacemapping to clear both the uidrange => interface DNS map and the pid => interface DNS map Change-Id: I144f4d092780b532633d8a956f68a6888d46797a
-
Chad Brubaker authored
Change-Id: I1029232adbd754246c75fbd97c6d720e7e60ced8
-
- 07 Jun, 2013 3 commits
-
-
Chad Brubaker authored
Add binds in netd for setting up fwmark rules to be used with the per uid marking to do per uid routing. Change-Id: Id4f315dd1aec73f074e233c2e3f70eb24b4c537a
-
Chad Brubaker authored
Add methods for add per uid mark rules to push all traffic from specific uids to specific interfaces. Allows for per uid routing for per uid VPNs. Change-Id: I8492c668e2c96010b0f74ea7e367f0b4471238ad
-
Chad Brubaker authored
If a proccess does not have an interface associated with its pid it will check if there is one associated with its uid before falling back to using the default interface. Change-Id: Ife732aa5ae6c3f79ea9ec1e3a63ef8877ad3d494
-
- 17 Apr, 2013 1 commit
-
-
Dmitry Shmidt authored
Change-Id: If4ddb6b2e14e6b20fe4fa378d0dfba4e733a58a4 Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
- 16 Apr, 2013 1 commit
-
-
Dmitry Shmidt authored
Change-Id: I7bcc43b47e3bcc208f9da81970b9ecb6ce08d778 Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
- 14 Apr, 2013 2 commits
-
-
Jeff Johnson authored
* commit 'd5b19ca2': Enable 802.11g hardware mode in hostapd.conf
-
Jeff Johnson authored
The current hostapd.conf generated by SoftapController does not contain a hw_mode setting. As a result hostapd defaults to 802.11b mode. This mode is inconsistent with the setting "ieee80211n=1" and prevents hostapd from using 802.11g/n rates. Add "hw_mode=g" to the generated hostapd.conf to allow 802.11g/n rates to be advertised and used. Change-Id: Ifd66da3f3ffdfffb7c28e751d20bc432e070b2c3
-
- 12 Apr, 2013 2 commits
-
-
Lorenzo Colitti authored
* commit '37f2e371': Set accept_ra to 2 on all interfaces
-
Lorenzo Colitti authored
Currently, we set accept_ra to 2 (accept RAs even if forwarding is on) only on wifi and ethernet, but not on other interfaces like mobile. This breaks IPv6 over mobile on Nexus 7 3G and all other devices where the IPv6 default route is configured via RA, because as soon as we start 464xlat (which enables forwarding) their default route goes away. Rather than require all manufacturers to update their RILs to set the flag themselves, set it ourselves at netd startup time. Bug: 8276725 Change-Id: If066bb1aa3ff211da0a0bbe8d58d5a7f35298580
-
- 10 Apr, 2013 2 commits
-
-
Ying Wang authored
Bug: 8580410 Change-Id: Icc2632b33153b01c0d9a15245b3f7e8c89b816ec
- 28 Mar, 2013 2 commits
-
-
Robert Greenwalt authored
* commit '855a369c': Remove Broadcom hack for BT reverse Tether
-
Robert Greenwalt authored
-
- 21 Mar, 2013 1 commit
-
-
Robert Greenwalt authored
Plumb it in through binder calls between the external BT stack and the BluetoothTetheringDataTracker. bug:8445208 Change-Id: Ice7dfb0b50c9481d359aed14a51372878185171c
-
- 18 Mar, 2013 2 commits
-
-
JP Abgrall authored
* commit '36971a68': TetherController: fix "tether blabla list" commands handling
-
JP Abgrall authored
And "interface list" doesn't accept the extra args anymore. Bug: 5327568 Change-Id: I3d2cb5d790b74a013edfc10dfe7a544e9e39f0ff
-
- 17 Mar, 2013 1 commit
-
-
JP Abgrall authored
* commit '20f95ed9': TetherController: fix "tether interface list" command handling
-